diff options
author | Vladislav Vaintroub <wlad@mariadb.com> | 2019-02-13 10:57:54 +0100 |
---|---|---|
committer | Vladislav Vaintroub <wlad@mariadb.com> | 2019-05-22 13:48:26 +0200 |
commit | 592fe954ef82be1bc08b29a8e54f7729eb1e1343 (patch) | |
tree | dd153e47c6f594b496b8ca124ddc21bccdc1aba2 | |
parent | 5e4b657dd44dce601c91bc77a41f6e382bc32000 (diff) | |
download | mariadb-git-592fe954ef82be1bc08b29a8e54f7729eb1e1343.tar.gz |
MDEV-18531 : remove yassl
187 files changed, 0 insertions, 45439 deletions
diff --git a/extra/yassl/AUTHORS b/extra/yassl/AUTHORS deleted file mode 100644 index e69de29bb2d..00000000000 --- a/extra/yassl/AUTHORS +++ /dev/null diff --git a/extra/yassl/CMakeLists.txt b/extra/yassl/CMakeLists.txt deleted file mode 100644 index 49826d54144..00000000000 --- a/extra/yassl/CMakeLists.txt +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright (c) 2006, 2014, Oracle and/or its affiliates. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335 USA - -INCLUDE_DIRECTORIES( - ${CMAKE_SOURCE_DIR}/include - ${CMAKE_SOURCE_DIR}/extra/yassl/include - ${CMAKE_SOURCE_DIR}/extra/yassl/taocrypt/include - ${CMAKE_SOURCE_DIR}/extra/yassl/taocrypt/mySTL) - -ADD_DEFINITIONS(${SSL_DEFINES}) -SET(YASSL_SOURCES src/buffer.cpp src/cert_wrapper.cpp src/crypto_wrapper.cpp src/handshake.cpp src/lock.cpp - src/log.cpp src/socket_wrapper.cpp src/ssl.cpp src/timer.cpp src/yassl_error.cpp - src/yassl_imp.cpp src/yassl_int.cpp) - -ADD_CONVENIENCE_LIBRARY(yassl ${YASSL_SOURCES}) -RESTRICT_SYMBOL_EXPORTS(yassl) - diff --git a/extra/yassl/COPYING b/extra/yassl/COPYING deleted file mode 100644 index 98861a5402d..00000000000 --- a/extra/yassl/COPYING +++ /dev/null @@ -1,340 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - <one line to give the program's name and a brief idea of what it does.> - Copyright (C) <year> <name of author> - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA - - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - <signature of Ty Coon>, 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General -Public License instead of this License. diff --git a/extra/yassl/ChangeLog b/extra/yassl/ChangeLog deleted file mode 100644 index e69de29bb2d..00000000000 --- a/extra/yassl/ChangeLog +++ /dev/null diff --git a/extra/yassl/FLOSS-EXCEPTIONS b/extra/yassl/FLOSS-EXCEPTIONS deleted file mode 100644 index 47f86ff65f2..00000000000 --- a/extra/yassl/FLOSS-EXCEPTIONS +++ /dev/null @@ -1,121 +0,0 @@ -yaSSL FLOSS License Exception -**************************************** - -Version 0.2, 31 August 2006 - -The Sawtooth Consulting Ltd. Exception for Free/Libre and Open Source -Software-only Applications Using yaSSL Libraries (the "FLOSS Exception"). - -*Exception Intent* - -We want specified Free/Libre and Open Source Software ("FLOSS") -applications to be able to use specified GPL-licensed yaSSL -libraries (the "Program") despite the fact that not all FLOSS -licenses are compatible with version 2 of the GNU General Public -License (the "GPL"). - -*Legal Terms and Conditions* - -As a special exception to the terms and conditions of version 2.0 of -the GPL: - - 1. You are free to distribute a Derivative Work that is formed - entirely from the Program and one or more works (each, a "FLOSS - Work") licensed under one or more of the licenses listed below - in section 1, as long as: - - 1. You obey the GPL in all respects for the Program and the - Derivative Work, except for identifiable sections of the - Derivative Work which are not derived from the Program, - and which can reasonably be considered independent and - separate works in themselves, - - 2. all identifiable sections of the Derivative Work which - are not derived from the Program, and which can reasonably be - considered independent and separate works in themselves, - - * i - - are distributed subject to one of the FLOSS licenses - listed below, and - - * ii - - the object code or executable form of those sections are - accompanied by the complete corresponding machine-readable - source code for those sections on the same medium and under - the same FLOSS license as the corresponding object code or - executable forms of those sections, and - - - 3. any works which are aggregated with the Program or with - a Derivative Work on a volume of a storage or distribution - medium in accordance with the GPL, can reasonably be considered - independent and separate works in themselves which are not - derivatives of either the Program, a Derivative Work or a FLOSS - Work. - - - If the above conditions are not met, then the Program may only be - copied, modified, distributed or used under the terms and - conditions of the GPL or another valid licensing option from - Sawtooth Consulting Ltd. - - 2. FLOSS License List - - *License name* *Version(s)/Copyright Date* - Academic Free License 2.0 - Apache Software License 1.0/1.1/2.0 - Apple Public Source License 2.0 - Artistic license From Perl 5.8.0 - BSD license "July 22 1999" - Common Development and Distribution License (CDDL) 1.0 - Common Public License 1.0 - GNU Library or "Lesser" General Public 2.0/2.1 - License (LGPL) - Jabber Open Source License 1.0 - MIT license - - Mozilla Public License (MPL) 1.0/1.1 - Open Software License 2.0 - PHP License 3.0 - Python license (CNRI Python License) - - Python Software Foundation License 2.1.1 - Sleepycat License "1999" - University of Illinois/NCSA Open Source License - - W3C License "2001" - X11 License "2001" - Zlib/libpng License - - Zope Public License 2.0 - - Due to the many variants of some of the above licenses, we require - that any version follow the 2003 version of the Free Software - Foundation's Free Software Definition - (http://www.gnu.org/philosophy/free-sw.html - (http://www.gnu.org/philosophy/free-sw.html)) or version 1.9 of - the Open Source Definition by the Open Source Initiative - (http://www.opensource.org/docs/definition.php - (http://www.opensource.org/docs/definition.php)). - - 3. Definitions - - 1. Terms used, but not defined, herein shall have the - meaning provided in the GPL. - - 2. Derivative Work means a derivative work under copyright - law. - - - 4. Applicability This FLOSS Exception applies to all Programs that - contain a notice placed by Sawtooth Consulting Ltd. saying that the - Program may be distributed under the terms of this FLOSS Exception. - If you create or distribute a work which is a Derivative Work of - both the Program and any other work licensed under the GPL, then - this FLOSS Exception is not available for that work; thus, you - must remove the FLOSS Exception notice from that work and - comply with the GPL in all respects, including by retaining all - GPL notices. You may choose to redistribute a copy of the - Program exclusively under the terms of the GPL by removing the - FLOSS Exception notice from that copy of the Program, provided - that the copy has never been modified by you or any third party. - - diff --git a/extra/yassl/INSTALL b/extra/yassl/INSTALL deleted file mode 100644 index 5458714e1e2..00000000000 --- a/extra/yassl/INSTALL +++ /dev/null @@ -1,234 +0,0 @@ -Installation Instructions -************************* - -Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005, -2006 Free Software Foundation, Inc. - -This file is free documentation; the Free Software Foundation gives -unlimited permission to copy, distribute and modify it. - -Basic Installation -================== - -Briefly, the shell commands `./configure; make; make install' should -configure, build, and install this package. The following -more-detailed instructions are generic; see the `README' file for -instructions specific to this package. - - The `configure' shell script attempts to guess correct values for -various system-dependent variables used during compilation. It uses -those values to create a `Makefile' in each directory of the package. -It may also create one or more `.h' files containing system-dependent -definitions. Finally, it creates a shell script `config.status' that -you can run in the future to recreate the current configuration, and a -file `config.log' containing compiler output (useful mainly for -debugging `configure'). - - It can also use an optional file (typically called `config.cache' -and enabled with `--cache-file=config.cache' or simply `-C') that saves -the results of its tests to speed up reconfiguring. Caching is -disabled by default to prevent problems with accidental use of stale -cache files. - - If you need to do unusual things to compile the package, please try -to figure out how `configure' could check whether to do them, and mail -diffs or instructions to the address given in the `README' so they can -be considered for the next release. If you are using the cache, and at -some point `config.cache' contains results you don't want to keep, you -may remove or edit it. - - The file `configure.ac' (or `configure.in') is used to create -`configure' by a program called `autoconf'. You need `configure.ac' if -you want to change it or regenerate `configure' using a newer version -of `autoconf'. - -The simplest way to compile this package is: - - 1. `cd' to the directory containing the package's source code and type - `./configure' to configure the package for your system. - - Running `configure' might take a while. While running, it prints - some messages telling which features it is checking for. - - 2. Type `make' to compile the package. - - 3. Optionally, type `make check' to run any self-tests that come with - the package. - - 4. Type `make install' to install the programs and any data files and - documentation. - - 5. You can remove the program binaries and object files from the - source code directory by typing `make clean'. To also remove the - files that `configure' created (so you can compile the package for - a different kind of computer), type `make distclean'. There is - also a `make maintainer-clean' target, but that is intended mainly - for the package's developers. If you use it, you may have to get - all sorts of other programs in order to regenerate files that came - with the distribution. - -Compilers and Options -===================== - -Some systems require unusual options for compilation or linking that the -`configure' script does not know about. Run `./configure --help' for -details on some of the pertinent environment variables. - - You can give `configure' initial values for configuration parameters -by setting variables in the command line or in the environment. Here -is an example: - - ./configure CC=c99 CFLAGS=-g LIBS=-lposix - - *Note Defining Variables::, for more details. - -Compiling For Multiple Architectures -==================================== - -You can compile the package for more than one kind of computer at the -same time, by placing the object files for each architecture in their -own directory. To do this, you can use GNU `make'. `cd' to the -directory where you want the object files and executables to go and run -the `configure' script. `configure' automatically checks for the -source code in the directory that `configure' is in and in `..'. - - With a non-GNU `make', it is safer to compile the package for one -architecture at a time in the source code directory. After you have -installed the package for one architecture, use `make distclean' before -reconfiguring for another architecture. - -Installation Names -================== - -By default, `make install' installs the package's commands under -`/usr/local/bin', include files under `/usr/local/include', etc. You -can specify an installation prefix other than `/usr/local' by giving -`configure' the option `--prefix=PREFIX'. - - You can specify separate installation prefixes for -architecture-specific files and architecture-independent files. If you -pass the option `--exec-prefix=PREFIX' to `configure', the package uses -PREFIX as the prefix for installing programs and libraries. -Documentation and other data files still use the regular prefix. - - In addition, if you use an unusual directory layout you can give -options like `--bindir=DIR' to specify different values for particular -kinds of files. Run `configure --help' for a list of the directories -you can set and what kinds of files go in them. - - If the package supports it, you can cause programs to be installed -with an extra prefix or suffix on their names by giving `configure' the -option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. - -Optional Features -================= - -Some packages pay attention to `--enable-FEATURE' options to -`configure', where FEATURE indicates an optional part of the package. -They may also pay attention to `--with-PACKAGE' options, where PACKAGE -is something like `gnu-as' or `x' (for the X Window System). The -`README' should mention any `--enable-' and `--with-' options that the -package recognizes. - - For packages that use the X Window System, `configure' can usually -find the X include and library files automatically, but if it doesn't, -you can use the `configure' options `--x-includes=DIR' and -`--x-libraries=DIR' to specify their locations. - -Specifying the System Type -========================== - -There may be some features `configure' cannot figure out automatically, -but needs to determine by the type of machine the package will run on. -Usually, assuming the package is built to be run on the _same_ -architectures, `configure' can figure that out, but if it prints a -message saying it cannot guess the machine type, give it the -`--build=TYPE' option. TYPE can either be a short name for the system -type, such as `sun4', or a canonical name which has the form: - - CPU-COMPANY-SYSTEM - -where SYSTEM can have one of these forms: - - OS KERNEL-OS - - See the file `config.sub' for the possible values of each field. If -`config.sub' isn't included in this package, then this package doesn't -need to know the machine type. - - If you are _building_ compiler tools for cross-compiling, you should -use the option `--target=TYPE' to select the type of system they will -produce code for. - - If you want to _use_ a cross compiler, that generates code for a -platform different from the build platform, you should specify the -"host" platform (i.e., that on which the generated programs will -eventually be run) with `--host=TYPE'. - -Sharing Defaults -================ - -If you want to set default values for `configure' scripts to share, you -can create a site shell script called `config.site' that gives default -values for variables like `CC', `cache_file', and `prefix'. -`configure' looks for `PREFIX/share/config.site' if it exists, then -`PREFIX/etc/config.site' if it exists. Or, you can set the -`CONFIG_SITE' environment variable to the location of the site script. -A warning: not all `configure' scripts look for a site script. - -Defining Variables -================== - -Variables not defined in a site shell script can be set in the -environment passed to `configure'. However, some packages may run -configure again during the build, and the customized values of these -variables may be lost. In order to avoid this problem, you should set -them in the `configure' command line, using `VAR=value'. For example: - - ./configure CC=/usr/local2/bin/gcc - -causes the specified `gcc' to be used as the C compiler (unless it is -overridden in the site shell script). - -Unfortunately, this technique does not work for `CONFIG_SHELL' due to -an Autoconf bug. Until the bug is fixed you can use this workaround: - - CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash - -`configure' Invocation -====================== - -`configure' recognizes the following options to control how it operates. - -`--help' -`-h' - Print a summary of the options to `configure', and exit. - -`--version' -`-V' - Print the version of Autoconf used to generate the `configure' - script, and exit. - -`--cache-file=FILE' - Enable the cache: use and save the results of the tests in FILE, - traditionally `config.cache'. FILE defaults to `/dev/null' to - disable caching. - -`--config-cache' -`-C' - Alias for `--cache-file=config.cache'. - -`--quiet' -`--silent' -`-q' - Do not print messages saying which checks are being made. To - suppress all normal output, redirect it to `/dev/null' (any error - messages will still be shown). - -`--srcdir=DIR' - Look for the package's source code in directory DIR. Usually - `configure' can determine that directory automatically. - -`configure' also accepts some other, not widely useful, options. Run -`configure --help' for more details. - diff --git a/extra/yassl/NEWS b/extra/yassl/NEWS deleted file mode 100644 index e69de29bb2d..00000000000 --- a/extra/yassl/NEWS +++ /dev/null diff --git a/extra/yassl/README b/extra/yassl/README deleted file mode 100644 index de1bf5132aa..00000000000 --- a/extra/yassl/README +++ /dev/null @@ -1,786 +0,0 @@ -*** Note, Please read *** - -yaSSL takes a different approach to certificate verification than OpenSSL does. -The default policy for the client is to verify the server, this means that if -you don't load CAs to verify the server you'll get a connect error, unable to -verify. It you want to mimic OpenSSL behavior of not verifying the server and -reducing security you can do this by calling: - -SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); - -before calling SSL_new(); - -*** end Note *** - -yaSSL Release notes, version 2.4.4 (8/8/2017) - This release of yaSSL fixes an interop issue. A fix for detecting cipher - suites with non leading zeros is included as yaSSL only supports cipher - suites with leading zeros. Thanks for the report from Security Innovation - and Oracle. - - Users interoping with other SSL stacks should update. - -yaSSL Release notes, version 2.4.2 (9/22/2016) - This release of yaSSL fixes a medium security vulnerability. A fix for - potential AES side channel leaks is included that a local user monitoring - the same CPU core cache could exploit. VM users, hyper-threading users, - and users where potential attackers have access to the CPU cache will need - to update if they utilize AES. - - DSA padding fixes for unusual sizes is included as well. Users with DSA - certficiates should update. - -yaSSL Release notes, version 2.4.0 (5/20/2016) - This release of yaSSL fixes the OpenSSL compatibility function - SSL_CTX_load_verify_locations() when using the path directory to allow - unlimited path sizes. Minor Windows build fixes are included. - No high level security fixes in this version but we always recommend - updating. - - -yaSSL Release notes, version 2.3.9b (2/03/2016) - This release of yaSSL fixes the OpenSSL compatibility function - X509_NAME_get_index_by_NID() to use the actual index of the common name - instead of searching on the format prefix. Thanks for the report from - yashwant.sahu@oracle.com . Anyone using this function should update. - -yaSSL Release notes, version 2.3.9 (12/01/2015) - This release of yaSSL fixes two client side Diffie-Hellman problems. - yaSSL was only handling the cases of zero or one leading zeros for the key - agreement instead of potentially any number. This caused about 1 in 50,000 - connections to fail when using DHE cipher suites. The second problem was - the case where a server would send a public value shorter than the prime - value, causing about 1 in 128 client connections to fail, and also - caused the yaSSL client to read off the end of memory. All client side - DHE cipher suite users should update. - Thanks to Adam Langely (agl@imperialviolet.org) for the detailed report! - -yaSSL Release notes, version 2.3.8 (9/17/2015) - This release of yaSSL fixes a high security vulnerability. All users - SHOULD update. If using yaSSL for TLS on the server side with private - RSA keys allowing ephemeral key exchange you MUST update and regenerate - the RSA private keys. This report is detailed in: - https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf - yaSSL now detects RSA signature faults and returns an error. - -yaSSL Patch notes, version 2.3.7e (6/26/2015) - This release of yaSSL includes a fix for Date less than comparison. - Previously yaSSL would return true on less than comparisons if the Dates - were equal. Reported by Oracle. No security problem, but if a cert was - generated right now, a server started using it in the same second, and a - client tried to verify it in the same second it would report not yet valid. - -yaSSL Patch notes, version 2.3.7d (6/22/2015) - This release of yaSSL includes a fix for input_buffer set_current with - index 0. SSL_peek() at front of waiting data could trigger. Robert - Golebiowski of Oracle identified and suggested a fix, thanks! - -yaSSL Patch notes, version 2.3.7c (6/12/2015) - This release of yaSSL does certificate DATE comparisons to the second - instead of to the minute, helpful when using freshly generated certs. - Though keep in mind that time sync differences could still show up. - -yaSSL Patch notes, version 2.3.7b (3/18/2015) - This release of yaSSL fixes a potential crash with corrupted private keys. - Also detects bad keys earlier for user. - -yaSSL Release notes, version 2.3.7 (12/10/2014) - This release of yaSSL fixes the potential to process duplicate handshake - messages by explicitly marking/checking received handshake messages. - -yaSSL Release notes, version 2.3.6 (11/25/2014) - - This release of yaSSL fixes some valgrind warnings/errors including - uninitialized reads and off by one index errors induced from fuzzing - the handshake. These were reported by Oracle. - -yaSSL Release notes, version 2.3.5 (9/29/2014) - - This release of yaSSL fixes an RSA Padding check vulnerability reported by - Intel Security Advanced Threat Research team - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -yaSSL Release notes, version 2.3.4 (8/15/2014) - - This release of yaSSL adds checking to the input_buffer class itself. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -yaSSL Release notes, version 2.3.2 (7/25/2014) - - This release of yaSSL updates test certs. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 2.3.0 (12/5/2013) - - This release of yaSSL updates asm for newer GCC versions. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 2.2.3 (4/23/2013) - - This release of yaSSL updates the test certificates as they were expired - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 2.2.2d (2/5/2013) - - This release of yaSSL contains countermeasuers for the Lucky 13 TLS 1.1 - CBC timing padding attack identified by Nadhem AlFardan and Kenneth Paterson - see: http://www.isg.rhul.ac.uk/tls/ - - It also adds SHA2 certificate verification and better checks for malicious - input. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 2.2.2 (7/5/2012) - - This release of yaSSL contains bug fixes and more security checks around - malicious certificates. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 2.1.2 (9/2/2011) - - This release of yaSSL contains bug fixes, better non-blocking support with - SSL_write, and OpenSSL RSA public key format support. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 2.0.0 (7/6/2010) - - This release of yaSSL contains bug fixes, new testing certs, - and a security patch for a potential heap overflow on forged application - data processing. Vulnerability discovered by Matthieu Bonetti from VUPEN - Security http://www.vupen.com. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.9.9 (1/26/2010) - - This release of yaSSL contains bug fixes, the removal of assert() s and - a security patch for a buffer overflow possibility in certificate name - processing. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.9.8 (10/14/09) - - This release of yaSSL contains bug fixes and adds new stream ciphers - Rabbit and HC-128 - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.9.6 (11/13/08) - - This release of yaSSL contains bug fixes, adds autconf shared library - support and has better server suite detection based on certficate and - private key. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.9.2 (9/24/08) - - This release of yaSSL contains bug fixes and improved certificate verify - callback support. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.8.8 (5/7/08) - - This release of yaSSL contains bug fixes, and better socket handling. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.8.6 (1/31/08) - - This release of yaSSL contains bug fixes, and fixes security problems - associated with using SSL 2.0 client hellos and improper input handling. - Please upgrade to this version if you are using a previous one. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.7.5 (10/15/07) - - This release of yaSSL contains bug fixes, adds MSVC 2005 project support, - GCC 4.2 support, IPV6 support and test, and new test certificates. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.7.2 (8/20/07) - - This release of yaSSL contains bug fixes and adds initial OpenVPN support. - Just configure at this point and beginning of build. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.6.8 (4/16/07) - - This release of yaSSL contains bug fixes and adds SHA-256, SHA-512, SHA-224, - and SHA-384. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.6.0 (2/22/07) - - This release of yaSSL contains bug fixes, portability enhancements, and - better X509 support. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - -*****************yaSSL Release notes, version 1.5.8 (1/10/07) - - This release of yaSSL contains bug fixes, portability enhancements, and - support for GCC 4.1.1 and vs2005 sp1. - - - - Since yaSSL now supports zlib, as does libcurl, the libcurl build test can - fail if yaSSL is built with zlib support since the zlib library isn't - passed. You can do two things to fix this: - - 1) build yaSSL w/o zlib --without-zlib - 2) or add flags to curl configure LDFLAGS="-lm -lz" - - - -*****************yaSSL Release notes, version 1.5.0 (11/09/06) - - This release of yaSSL contains bug fixes, portability enhancements, - and full TLS 1.1 support. Use the functions: - - SSL_METHOD *TLSv1_1_server_method(void); - SSL_METHOD *TLSv1_1_client_method(void); - - or the SSLv23 versions (even though yaSSL doesn't support SSL 2.0 the v23 - means to pick the highest of SSL 3.0, TLS 1.0, or TLS 1.1). - - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0. - - - -****************yaSSL Release notes, version 1.4.5 (10/15/06) - - - This release of yaSSL contains bug fixes, portability enhancements, - zlib compression support, removal of assembly instructions at runtime if - not supported, and initial TLS 1.1 support. - - - Compression Notes: yaSSL uses zlib for compression and the compression - should only be used if yaSSL is at both ends because the implementation - details aren't yet standard. If you'd like to turn compression on use - the SSL_set_compression() function on the client before calling - SSL_connect(). If both the client and server were built with zlib support - then the connection will use compression. If the client isn't built with - support then SSL_set_compression() will return an error (-1). - - To build yaSSL with zlib support on Unix simply have zlib support on your - system and configure will find it if it's in the standard locations. If - it's somewhere else use the option ./configure --with-zlib=DIR. If you'd - like to disable compression support in yaSSL use ./configure --without-zlib. - - To build yaSSL with zlib support on Windows: - - 1) download zlib from http://www.zlib.net/ - 2) follow the instructions in zlib from projects/visualc6/README.txt - for how to add the zlib project into the yaSSL workspace noting that - you'll need to add configuration support for "Win32 Debug" and - "Win32 Release" in note 3 under "To use:". - 3) define HAVE_LIBZ when building yaSSL - - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0. - - -********************yaSSL Release notes, version 1.4.0 (08/13/06) - - - This release of yaSSL contains bug fixes, portability enhancements, - nonblocking connect and accept, better OpenSSL error mapping, and - certificate caching for session resumption. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0. - - -********************yaSSL Release notes, version 1.3.7 (06/26/06) - - - This release of yaSSL contains bug fixes, portability enhancements, - and libcurl 7.15.4 support (any newer versions may not build). - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0. - - -********************yaSSL Release notes, version 1.3.5 (06/01/06) - - - This release of yaSSL contains bug fixes, portability enhancements, - better libcurl support, and improved non-blocking I/O. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0. - - -********************yaSSL Release notes, version 1.3.0 (04/26/06) - - - This release of yaSSL contains minor bug fixes, portability enhancements, - and libcurl support. - -See normal build instructions below under 1.0.6. - - ---To build for libcurl on Linux, Solaris, *BSD, Mac OS X, or Cygwin: - - To build for libcurl the library needs to be built without C++ globals since - the linker will be called in a C context, also libcurl configure will expect - OpenSSL library names so some symbolic links are created. - - ./configure --enable-pure-c - make - make openssl-links - - (then go to your libcurl home and tell libcurl about yaSSL build dir) - ./configure --with-ssl=/yaSSL-BuildDir LDFLAGS=-lm - make - - ---To build for libcurl on Win32: - - Simply add the yaSSL project as a dependency to libcurl, add - yaSSL-Home\include and yaSSL-Home\include\openssl to the include list, and - define USE_SSLEAY and USE_OPENSSL - - please email todd@yassl.com if you have any questions. - - -*******************yaSSL Release notes, version 1.2.2 (03/27/06) - - - This release of yaSSL contains minor bug fixes and portability enhancements. - -See build instructions below under 1.0.6: - - - -*******************yaSSL Release notes, version 1.2.0 - - - This release of yaSSL contains minor bug fixes, portability enhancements, - Diffie-Hellman compatibility fixes for other servers and client, - optimization improvements, and x86 ASM changes. - -See build instructions below under 1.0.6: - - - -*****************yaSSL Release notes, version 1.1.5 - - This release of yaSSL contains minor bug fixes, portability enhancements, - and user requested changes including the ability to add all certificates in - a directory, more robust socket handling, no new overloading unless - requested, and an SSL_VERIFY_NONE option. - - -See build instructions below under 1.0.6: - - - -******************yaSSL Release notes, version 1.0.6 - -This release of yaSSL contains minor bug fixes, portability enhancements, -x86 assembly for ARC4, SHA, MD5, and RIPEMD, --enable-ia32-asm configure -option, and a security patch for certificate chain processing. - ---To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin: - - ./configure - make - - run testsuite from yaSSL-Home/testsuite to test the build - -to make a release build: - - ./configure --disable-debug - make - - run testsuite from yaSSL-Home/testsuite to test the build - - ---To build on Win32 - -Choose (Re)Build All from the project workspace - -run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build - - - -***************** yaSSL Release notes, version 1.0.5 - -This release of yaSSL contains minor bug fixes, portability enhancements, -x86 assembly for AES, 3DES, BLOWFISH, and TWOFISH, --without-debug configure -option, and --enable-kernel-mode configure option for using TaoCrypt with -kernel modules. - ---To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin: - - ./configure - make - - run testsuite from yaSSL-Home/testsuite to test the build - -to make a release build: - - ./configure --without-debug - make - - run testsuite from yaSSL-Home/testsuite to test the build - - ---To build on Win32 - -Choose (Re)Build All from the project workspace - -run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build - - -******************yaSSL Release notes, version 1.0.1 - -This release of yaSSL contains minor bug fixes, portability enhancements, -GCC 3.4.4 support, MSVC 2003 support, and more documentation. - -Please see build instructions in the release notes for 0.9.6 below. - - -******************yaSSL Release notes, version 1.0 - -This release of yaSSL contains minor bug fixes, portability enhancements, -GCC 4.0 support, testsuite, improvements, and API additions. - -Please see build instructions in the release notes for 0.9.6 below. - - -******************yaSSL Release notes, version 0.9.9 - -This release of yaSSL contains minor bug fixes, portability enchancements, -MSVC 7 support, memory improvements, and API additions. - -Please see build instructions in the release notes for 0.9.6 below. - - -******************yaSSL Release notes, version 0.9.8 - -This release of yaSSL contains minor bug fixes and portability enchancements. - -Please see build instructions in the release notes for 0.9.6 below. - - -******************yaSSL Release notes, version 0.9.6 - -This release of yaSSL contains minor bug fixes, removal of STL support, and -removal of exceptions and rtti so that the library can be linked without the -std c++ library. - ---To build on Linux, Solaris, FreeBSD, Mac OS X, or Cygwin - -./configure -make - -run testsuite from yaSSL-Home/testsuite to test the build - - ---To build on Win32 - -Choose (Re)Build All from the project workspace - -run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build - - - -******************yaSSL Release notes, version 0.9.2 - -This release of yaSSL contains minor bug fixes, expanded certificate -verification and chaining, and improved documentation. - -Please see build instructions in release notes 0.3.0. - - - -******************yaSSL Release notes, version 0.9.0 - -This release of yaSSL contains minor bug fixes, client verification handling, -hex and base64 encoing/decoding, and an improved test suite. - -Please see build instructions in release notes 0.3.0. - - -******************yaSSL Release notes, version 0.8.0 - -This release of yaSSL contains minor bug fixes, and initial porting effort to -64bit, BigEndian, and more UNIX systems. - -Please see build instructions in release notes 0.3.0. - - -******************yaSSL Release notes, version 0.6.0 - -This release of yaSSL contains minor bug fixes, source cleanup, and binary beta -(1) of the yaSSL libraries. - -Please see build instructions in release notes 0.3.0. - - - -******************yaSSL Release notes, version 0.5.0 - -This release of yaSSL contains minor bug fixes, full session resumption -support, and initial testing suite support. - - - -Please see build instructions in release notes 0.3.0. - - - -******************yaSSL Release notes, version 0.4.0 - -This release of yaSSL contains minor bug fixes, an optional memory tracker, -an echo client and server with input/output redirection for load testing, -and initial session caching support. - - -Please see build instructions in release notes 0.3.0. - - -******************yaSSL Release notes, version 0.3.5 - -This release of yaSSL contains minor bug fixes and extensions to the crypto -library including a full test suite. - - -*******************yaSSL Release notes, version 0.3.0 - -This release of yaSSL contains minor bug fixes and extensions to the crypto -library including AES and an improved random number generator. GNU autoconf -and automake are now used to simplify the build process on Linux. - -*** Linux Build process - -./configure -make - -*** Windows Build process - -open the yassl workspace and build the project - - -*******************yaSSL Release notes, version 0.2.9 - -This release of yaSSL contains minor bug fixes and extensions to the crypto -library. - -See the notes at the bottom of this page for build instructions. - - -*******************yaSSL Release notes, version 0.2.5 - -This release of yaSSL contains minor bug fixes and a beta binary of the yaSSL -libraries for win32 and linux. - -See the notes at the bottom of this page for build instructions. - - - -*******************yaSSL Release notes, version 0.2.0 - -This release of yaSSL contains minor bug fixes and initial alternate crypto -functionality. - -*** Complete Build *** - -See the notes in Readme.txt for build instructions. - -*** Update Build *** - -If you have already done a complete build of yaSSL as described in the release -0.0.1 - 0.1.0 notes and downloaded the update to 0.2.0, place the update file -yassl-update-0.2.0.tar.gz in the yaSSL home directory and issue the command: - -gzip -cd yassl-update-0.2.0.tar.gz | tar xvf - - -to update the previous release. - -Then issue the make command on linux or rebuild the yaSSL project on Windows. - -*******************yaSSL Release notes, version 0.1.0 - -This release of yaSSL contains minor bug fixes, full client and server TLSv1 -support including full ephemeral Diffie-Hellman support, SSL type RSA and DSS -signing and verification, and initial stunnel 4.05 build support. - - - -*********************yaSSL Release notes, version 0.0.3 - -The third release of yaSSL contains minor bug fixes, client certificate -enhancements, and initial ephemeral Diffie-Hellman integration: - - - -********************* - -yaSSL Release notes, version 0.0.2 - -The second release of yaSSL contains minor bug fixes, client certificate -enhancements, session resumption, and improved TLS support including: - -- HMAC for MD5 and SHA-1 -- PRF (pseudo random function) -- Master Secret and Key derivation routines -- Record Authentication codes -- Finish verify data check - -Once ephemeral RSA and DH are added yaSSL will be fully complaint with TLS. - - - -********************** - -yassl Release notes, version 0.0.1 - -The first release of yassl supports normal RSA mode SSLv3 connections with -support for SHA-1 and MD5 digests. Ciphers include DES, 3DES, and RC4. - -yassl uses the CryptoPP library for cryptography, the source is available at -www.cryptopp.com . - -yassl uses CML (the Certificate Management Library) for x509 support. More -features will be in future versions. The CML source is available for download -from www.digitalnet.com/knowledge/cml_home.htm . - -The next release of yassl will support the 3 lesser-used SSL connection modes; -HandShake resumption, Ephemeral RSA (or DH), and Client Authentication as well -as full support for TLS. Backwards support for SSLv2 is not planned at this -time. - - -********************** - -Building yassl on linux: - -use the ./buildall script to build everything. - -buildall will configure and build CML, CryptoPP, and yassl. Testing was -preformed with gcc version 3.3.2 on kernel 2.4.22. - - -********************** - -Building yassl on Windows: - -Testing was preformed on Windows 2000 with Visual C++ 6 sp5. - -1) decompress esnacc_r16.tgz in place, see buildall for syntax if unsure - -2) decompress smp_r23.tgz in place - -3) unzip cryptopp51/crypto51.zip in place - -4) Build SNACC (part of CML) using snacc_builds.dsw in the SNACC directory - -5) Build SMP (part of CMP) using smp.dsw in the smp directory - -6) Build yassl using yassl.dsw - - -********************** - -examples, server and client: - -Please see the server and client examples in both versions to see how to link -to yassl and the support libraries. On linux do 'make server' and 'make -client' to build them. On Windows you will find the example projects in the -main workspace, yassl.dsw. - -The example server and client are compatible with openssl. - - -********************** - -Building yassl into mysql on linux: - -Testing was done using mysql version 4.0.17. - -alter openssl_libs in the configure file, line 21056. Change '-lssl -lcrypto' -to '-lyassl -lcryptopp -lcmapi -lcmlasn -lctil -lc++asn1'. - -see build/config_command for the configure command used to configure mysql -please change /home/touska/ to the relevant directory of course. - -add yassl/lib to the LD_LIBRARY_PATH because libmysql/conf_to_src does not -use the ssl lib directory though it does use the ssl libraries. - -make - -make install - - -********************* - -License: yassl is currently under the GPL, please see license information -in the source and include files. - - -********************* - -Contact: please send comments or questions to Todd A Ouska at todd@yassl.com -and/or Larry Stefonic at larry@yassl.com. - - - diff --git a/extra/yassl/certs/ca-cert.pem b/extra/yassl/certs/ca-cert.pem deleted file mode 100644 index 7e64eb47961..00000000000 --- a/extra/yassl/certs/ca-cert.pem +++ /dev/null @@ -1,87 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIJAJpBR82hFGKMMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G -A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0xNDA3MTEwMzIwMDhaFw0xNzA0MDYwMzIwMDhaMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D -mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx -i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J -XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc -/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI -/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB -+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU -J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 -aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAmkFHzaEUYowwDAYD -VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAeXgMbXmIkfw6FZz5J2IW8CEf -+n0/oqgyHvfyEal0FnRe3BjK8AAq1QMGJjDxR4P9Mm787apPfQxjYDEvfAy/mWaH -7ScIhi3EM+iYIxz+o9uaSU78WkLvccM/rdxKqNKjHQmsMwR7hvNtAFmjyNvRPHP2 -DpDWXkngvzZjCHulsI81O1aMETVJBBzQ57pWxQ0KkY3Wt2IZNBJSTNJtfMU9DxiB -VMv2POWE0tZxFewaNAvwoCF0Q8ijsN/ZZ9rirZNI+KCHvXkU4GIK3/cxLjF70TIq -Cv5dFO/ZZFDkg5G8cA3XiI3ZvIQOxRqzv2QCTlGRpKKFFYOv8FubKElfsrMD2A== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 9a:41:47:cd:a1:14:62:8c - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Jul 11 03:20:08 2014 GMT - Not After : Apr 6 03:20:08 2017 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a: - f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac: - de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98: - 21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77: - 32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1: - 8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3: - a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed: - a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95: - 82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c: - 3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db: - 76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc: - 73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98: - de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68: - cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2: - b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3: - 13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98: - ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed: - 36:79 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:9A:41:47:CD:A1:14:62:8C - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - 79:78:0c:6d:79:88:91:fc:3a:15:9c:f9:27:62:16:f0:21:1f: - fa:7d:3f:a2:a8:32:1e:f7:f2:11:a9:74:16:74:5e:dc:18:ca: - f0:00:2a:d5:03:06:26:30:f1:47:83:fd:32:6e:fc:ed:aa:4f: - 7d:0c:63:60:31:2f:7c:0c:bf:99:66:87:ed:27:08:86:2d:c4: - 33:e8:98:23:1c:fe:a3:db:9a:49:4e:fc:5a:42:ef:71:c3:3f: - ad:dc:4a:a8:d2:a3:1d:09:ac:33:04:7b:86:f3:6d:00:59:a3: - c8:db:d1:3c:73:f6:0e:90:d6:5e:49:e0:bf:36:63:08:7b:a5: - b0:8f:35:3b:56:8c:11:35:49:04:1c:d0:e7:ba:56:c5:0d:0a: - 91:8d:d6:b7:62:19:34:12:52:4c:d2:6d:7c:c5:3d:0f:18:81: - 54:cb:f6:3c:e5:84:d2:d6:71:15:ec:1a:34:0b:f0:a0:21:74: - 43:c8:a3:b0:df:d9:67:da:e2:ad:93:48:f8:a0:87:bd:79:14: - e0:62:0a:df:f7:31:2e:31:7b:d1:32:2a:0a:fe:5d:14:ef:d9: - 64:50:e4:83:91:bc:70:0d:d7:88:8d:d9:bc:84:0e:c5:1a:b3: - bf:64:02:4e:51:91:a4:a2:85:15:83:af:f0:5b:9b:28:49:5f: - b2:b3:03:d8 diff --git a/extra/yassl/certs/ca-key.pem b/extra/yassl/certs/ca-key.pem deleted file mode 100644 index 774feba0548..00000000000 --- a/extra/yassl/certs/ca-key.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAvwzKLRSyHoRCW804H0ryTXUQ8bY1n9/KfQOY06zeA2buKvHY -sH1uB1QLEJghTYDLEiDnzE/eRX3Jcncy6sqQu2lSEAMvqPOVxfGLYlYb72dvpBBB -la0Km+OlwLDScHZQMFuo6AgsfO2nonqNOCkcrMft8nyVsJWCfUlcOM13Je+9gHVT -lDw9ymNbnxW10x0TLxnRPNt2Osy4fcnlwtfaQG/YIdxzG0ItU5z+Gvx9q3o2P5je -hHwFZ85qFDiHqfGMtWjLaH9xICv1oGP1Vi+jJtK3b7FaF9c4mQj+k1hv/sMTSQgW -C6dNZwBSMWcjTpjtUUUduQTZC+zYKLNLve02eQIDAQABAoIBAD1uTmAahH+dhXzh -Swd84NaZKt6d+TY0DncOPgjqT+UGJtT2OPffDQ8cLgai9CponGNy4zXmBJGRtcGx -pFSs18b7QaDWdW+9C06/sVLoX0kmmFZHx97p6jxgAb8o3DG/SV+TSYd6gVuWS03K -XDhPt+Gy08ch2jwShwfkG9xD7OjsVGHn9u2mCy7134J/xh9hGZykgznfIYWJb3ev -hhUyCKJaCyZh+3AMypw4fbwi7uujqBYA+YqAHgCEqEpB+IQDZy8jWy+baybDBzSU -owM7ctWfcuCtzDSrvcfV9SYwhQ8wIzlS/zzLmSFNiKWr7mK5x+C7R4fBac9z8zC+ -zjkEnOUCgYEA4XZFgFm200nfCu8S1g/wt8sqN7+n+LVN9TE1reSjlKHb8ZattQVk -hYP8G1spqr74Jj92fq0c8MvXJrQbBY5Whn4IYiHBhtZHeT63XaTGOtexdCD2UJdB -BFPtPybWb5H6aCbsKtya8efc+3PweUMbIaNZBGNSB8nX5tEbXV6W+lMCgYEA2O1O -ZGFrkQxhAbUPu0RnUx7cB8Qkfp5shCORDOQSBBZNeJjMlj0gTg9Fmrb4s5MNsqIb -KfImecjF0nh+XnPy13Bhu0DOYQX+aR6CKeYUuKHnltAjPwWTAPLhTX7tt5Zs9/Dk -0c8BmE/cdFSqbV5aQTH+/5q2oAXdqRBU+GvQqoMCgYAh0wSKROtQt3xmv4cr5ihO -6oPi6TXh8hFH/6H1/J8t5TqB/AEDb1OtVCe2Uu7lVtETq+GzD3WQCoS0ocCMDNae -RrorPrUx7WO7pNUNj3LN0R4mNeu+G3L9mzm0h7cT9eqDRZOYuo/kSsy0TKh/CLpB -SahJKD1ePcHONwDL+SzdUQKBgQChV58+udavg22DP4/70NyozgMJI7GhG2PKxElW -NSvRLmVglQVVmRE1/dXfRMeliHJfsoJRqHFFkzbPXB9hUQwFgOivxXu6XiLjPHXD -hAVVbdY6LYSJkzPLONqqMQXNzmwt3VXTVwvwpTVqsK4xukOWygDHS+MZEkPTQvpv -6oDA0QKBgQC524kgNCdwYjTqXyViEvOdgb9I7poOwY0Q/2WanS0aipRayMClpYRh -ntQkue+pncl3C8dwZj26yFTf0jPh9X/5J2G+V0Xdt0UXJPUj5DgOkSfu4yDYFMiU -R3dAd0UYng3OeT9XMVYJSWe+lFhP9sSr4onj44rABVUsJMBKlwQnmg== ------END RSA PRIVATE KEY----- diff --git a/extra/yassl/certs/client-cert.der b/extra/yassl/certs/client-cert.der Binary files differdeleted file mode 100644 index 293985adb97..00000000000 --- a/extra/yassl/certs/client-cert.der +++ /dev/null diff --git a/extra/yassl/certs/client-cert.pem b/extra/yassl/certs/client-cert.pem deleted file mode 100644 index 38330d5380e..00000000000 --- a/extra/yassl/certs/client-cert.pem +++ /dev/null @@ -1,87 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - b6:63:af:8f:5d:62:57:a0 - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Programming, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Jul 11 17:39:44 2014 GMT - Not After : Apr 6 17:39:44 2017 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Programming, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b: - 2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07: - 32:8e:d0:ba:69:7b:c6:c3:44:9e:d4:81:48:fd:2d: - 68:a2:8b:67:bb:a1:75:c8:36:2c:4a:d2:1b:f7:8b: - ba:cf:0d:f9:ef:ec:f1:81:1e:7b:9b:03:47:9a:bf: - 65:cc:7f:65:24:69:a6:e8:14:89:5b:e4:34:f7:c5: - b0:14:93:f5:67:7b:3a:7a:78:e1:01:56:56:91:a6: - 13:42:8d:d2:3c:40:9c:4c:ef:d1:86:df:37:51:1b: - 0c:a1:3b:f5:f1:a3:4a:35:e4:e1:ce:96:df:1b:7e: - bf:4e:97:d0:10:e8:a8:08:30:81:af:20:0b:43:14: - c5:74:67:b4:32:82:6f:8d:86:c2:88:40:99:36:83: - ba:1e:40:72:22:17:d7:52:65:24:73:b0:ce:ef:19: - cd:ae:ff:78:6c:7b:c0:12:03:d4:4e:72:0d:50:6d: - 3b:a3:3b:a3:99:5e:9d:c8:d9:0c:85:b3:d9:8a:d9: - 54:26:db:6d:fa:ac:bb:ff:25:4c:c4:d1:79:f4:71: - d3:86:40:18:13:b0:63:b5:72:4e:30:c4:97:84:86: - 2d:56:2f:d7:15:f7:7f:c0:ae:f5:fc:5b:e5:fb:a1: - ba:d3 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0 - X509v3 Authority Key Identifier: - keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0 - DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Programming/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:B6:63:AF:8F:5D:62:57:A0 - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - 85:10:90:c5:5d:de:25:8c:f2:57:7b:2d:14:1c:05:f9:71:63: - 40:b0:e3:c1:c1:2e:13:2a:7a:b7:d6:24:58:87:eb:03:fb:0d: - af:e0:f4:d0:c8:bc:51:36:10:4f:79:cc:4f:66:7d:af:99:cb: - 7b:ce:68:94:c6:36:aa:42:6e:8c:78:5b:b2:85:ca:d1:e1:a8: - 31:d1:81:d9:f9:c1:a3:9e:34:43:ef:0a:79:7d:3e:83:61:fc: - 14:5c:d1:dd:bc:0e:d7:51:b7:71:6e:41:7e:8b:2c:5a:9a:cb: - 77:4b:6a:f5:06:ff:02:af:1e:e6:63:4f:bc:44:d9:3f:56:9e: - 09:9c:43:f9:55:21:32:46:82:09:86:a9:7b:74:1c:9e:5a:2a: - bf:03:79:91:cb:f2:29:7f:c9:15:82:89:b9:53:cd:7e:07:90: - a9:5d:76:e1:19:5e:0d:58:b8:59:d5:0d:df:23:ab:6b:63:76: - 19:9e:9c:df:b0:57:49:6c:d0:86:97:c3:6c:3c:fa:e0:56:c2: - 1b:e3:a1:42:1a:58:62:85:9d:74:19:83:08:af:59:90:f8:99: - bd:67:d3:4a:ea:0e:c9:ca:61:8a:0d:8a:42:cc:90:e9:2e:c2: - 54:73:7f:5e:af:8d:e2:32:cb:45:20:d6:19:4d:5b:77:31:cc: - 0f:2d:c0:7e ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIJALZjr49dYlegMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4G -A1UECgwHd29sZlNTTDEUMBIGA1UECwwLUHJvZ3JhbW1pbmcxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0xNDA3MTExNzM5NDRaFw0xNzA0MDYxNzM5NDRaMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4GA1UECgwHd29s -ZlNTTDEUMBIGA1UECwwLUHJvZ3JhbW1pbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAMMD0Sv+OaQyRTtTyIQrKnx0mr2qKlIHR9am -NrIHMo7Quml7xsNEntSBSP0taKKLZ7uhdcg2LErSG/eLus8N+e/s8YEee5sDR5q/ -Zcx/ZSRppugUiVvkNPfFsBST9Wd7Onp44QFWVpGmE0KN0jxAnEzv0YbfN1EbDKE7 -9fGjSjXk4c6W3xt+v06X0BDoqAgwga8gC0MUxXRntDKCb42GwohAmTaDuh5AciIX -11JlJHOwzu8Zza7/eGx7wBID1E5yDVBtO6M7o5lencjZDIWz2YrZVCbbbfqsu/8l -TMTRefRx04ZAGBOwY7VyTjDEl4SGLVYv1xX3f8Cu9fxb5fuhutMCAwEAAaOB/DCB -+TAdBgNVHQ4EFgQUM9hFZtdohxh+VA1wJ5HHJteFZcAwgckGA1UdIwSBwTCBvoAU -M9hFZtdohxh+VA1wJ5HHJteFZcChgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRAwDgYDVQQKDAd3b2xmU1NM -MRQwEgYDVQQLDAtQcm9ncmFtbWluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAtmOvj11iV6AwDAYD -VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAhRCQxV3eJYzyV3stFBwF+XFj -QLDjwcEuEyp6t9YkWIfrA/sNr+D00Mi8UTYQT3nMT2Z9r5nLe85olMY2qkJujHhb -soXK0eGoMdGB2fnBo540Q+8KeX0+g2H8FFzR3bwO11G3cW5BfossWprLd0tq9Qb/ -Aq8e5mNPvETZP1aeCZxD+VUhMkaCCYape3QcnloqvwN5kcvyKX/JFYKJuVPNfgeQ -qV124RleDVi4WdUN3yOra2N2GZ6c37BXSWzQhpfDbDz64FbCG+OhQhpYYoWddBmD -CK9ZkPiZvWfTSuoOycphig2KQsyQ6S7CVHN/Xq+N4jLLRSDWGU1bdzHMDy3Afg== ------END CERTIFICATE----- diff --git a/extra/yassl/certs/client-key.der b/extra/yassl/certs/client-key.der Binary files differdeleted file mode 100644 index 94dc253a2bd..00000000000 --- a/extra/yassl/certs/client-key.der +++ /dev/null diff --git a/extra/yassl/certs/client-key.pem b/extra/yassl/certs/client-key.pem deleted file mode 100644 index c4e7ad22c09..00000000000 --- a/extra/yassl/certs/client-key.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAwwPRK/45pDJFO1PIhCsqfHSavaoqUgdH1qY2sgcyjtC6aXvG -w0Se1IFI/S1oootnu6F1yDYsStIb94u6zw357+zxgR57mwNHmr9lzH9lJGmm6BSJ -W+Q098WwFJP1Z3s6enjhAVZWkaYTQo3SPECcTO/Rht83URsMoTv18aNKNeThzpbf -G36/TpfQEOioCDCBryALQxTFdGe0MoJvjYbCiECZNoO6HkByIhfXUmUkc7DO7xnN -rv94bHvAEgPUTnINUG07ozujmV6dyNkMhbPZitlUJttt+qy7/yVMxNF59HHThkAY -E7BjtXJOMMSXhIYtVi/XFfd/wK71/Fvl+6G60wIDAQABAoIBAQCi5thfEHFkCJ4u -bdFtHoXSCrGMR84sUWqgEp5T3pFMHW3qWXvyd6rZxtmKq9jhFuRjJv+1bBNZuOOl -yHIXLgyfb+VZP3ZvSbERwlouFikN3reO3EDVou7gHqH0vpfbhmOWFM2YCWAtMHac -PM3miO5HknkLWgDiXl8RfH35CLcgBokqXf0AqyLh8LO8JKleJg4fAC3+IZpTW23T -K6uUgmhDNtj2L8Yi/LVBXQ0zYOqkfX7oS1WRVtNcV48flBcvqt7pnqj0z4pMjqDk -VnOyz0+GxWk88yQgi1yWDPprEjuaZ8HfxpaypdWSDZsJQmgkEEXUUOQXOUjQNYuU -bRHej8pZAoGBAOokp/lpM+lx3FJ9iCEoL0neunIW6cxHeogNlFeEWBY6gbA/os+m -bB6wBikAj+d3dqzbysfZXps/JpBSrvw4kAAUu7QPWJTnL2p+HE9BIdQxWR9OihqN -p1dsItjl9H4yphDLZKVVA4emJwWMw9e2J7JNujDaR49U0z2LhI2UmFilAoGBANU4 -G8OPxZMMRwtvNZLFsI1GyJIYj/WACvfvof6AubUqusoYsF2lB9CTjdicBBzUYo6m -JoEB/86KKmM0NUCqbYDeiSNqV02ebq2TTlaQC22dc4sMric93k7wqsVseGdslFKc -N2dsLe+7r9+mkDzER8+Nlp6YqbSfxaZQ3LPw+3QXAoGAXoMJYr26fKK/QnT1fBzS -ackEDYV+Pj0kEsMYe/Mp818OdmxZdeRBhGmdMvPNIquwNbpKsjzl2Vi2Yk9d3uWe -CspTsiz3nrNrClt5ZexukU6SIPb8/Bbt03YM4ux/smkTa3gOWkZktF63JaBadTpL -78c8Pvf9JrggxJkKmnO+wxkCgYEAukSTFKw0GTtfkWCs97TWgQU2UVM96GXcry7c -YT7Jfbh/h/A7mwOCKTfOck4R1bHBDAegmZFKjX/sec/xObXphexi99p9vGRNIjwO -8tZR9YfYmcARIF0PKf1b4q7ZHNkhVm38hNBf7RAVHBgh58Q9S9fQnmqVzyLJA3ue -42AB/C8CgYAR0EvPG2e5nxB1R4ZlrjHCxjCsWQZQ2Q+1cAb38NPIYnyo2m72IT/T -f1/qiqs/2Spe81HSwjA34y2jdQ0eTSE01VdwXIm/cuxKbmjVzRh0M06MOkWP5pZA -62P5GYY6Ud2JS7Dz+Z9dKJU4vjWrylznk1M0oUVdEzllQkahn831vw== ------END RSA PRIVATE KEY----- diff --git a/extra/yassl/certs/client-keyEnc.pem b/extra/yassl/certs/client-keyEnc.pem deleted file mode 100644 index 0097c0760a5..00000000000 --- a/extra/yassl/certs/client-keyEnc.pem +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,BDE979D13CCC0ABD - -N7yz2JV13EmQ7MZPL5wamid5+G1V1gp8FKqMemAC5JDxonS/W9oViMLUcxbfPTDx -FznKdYSVTIQ7vv3ofmDG4MEyV/2C568N2kdtAw+jTfrZFN+IU9CI+W+In/nacirF -02sAcvDMofustnooKNOO7/iyb5+3vRvEt5vSSRQn5WuSQ9sUKjuzoLs/lbf7fyAt -4NeqfI3rYBZXxiUOLITOGXzGNRuFoY+o2uDCfelLAJ8uhiVG6ME3LeJEo1dT5lZ8 -CSJOLPasKg0iG4V7olM4j9FvAfZr48RRsSfUen756Jo2HpI4bad8LKhFYIdNs2Au -WwKLmjpo6QB9hBmRshR04rEXPdrgTqLBExCE08PyaGYnWU8ggWritCeBzDQFj/n4 -sI+NO0Mymuvg98e5RpO52lg3Xnqv9RIK3guLFOmI6aEHC0PS4WwOEQ== ------END RSA PRIVATE KEY----- diff --git a/extra/yassl/certs/client-keyEnc3.pem b/extra/yassl/certs/client-keyEnc3.pem deleted file mode 100644 index 0097c0760a5..00000000000 --- a/extra/yassl/certs/client-keyEnc3.pem +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,BDE979D13CCC0ABD - -N7yz2JV13EmQ7MZPL5wamid5+G1V1gp8FKqMemAC5JDxonS/W9oViMLUcxbfPTDx -FznKdYSVTIQ7vv3ofmDG4MEyV/2C568N2kdtAw+jTfrZFN+IU9CI+W+In/nacirF -02sAcvDMofustnooKNOO7/iyb5+3vRvEt5vSSRQn5WuSQ9sUKjuzoLs/lbf7fyAt -4NeqfI3rYBZXxiUOLITOGXzGNRuFoY+o2uDCfelLAJ8uhiVG6ME3LeJEo1dT5lZ8 -CSJOLPasKg0iG4V7olM4j9FvAfZr48RRsSfUen756Jo2HpI4bad8LKhFYIdNs2Au -WwKLmjpo6QB9hBmRshR04rEXPdrgTqLBExCE08PyaGYnWU8ggWritCeBzDQFj/n4 -sI+NO0Mymuvg98e5RpO52lg3Xnqv9RIK3guLFOmI6aEHC0PS4WwOEQ== ------END RSA PRIVATE KEY----- diff --git a/extra/yassl/certs/dh1024.dat b/extra/yassl/certs/dh1024.dat deleted file mode 100644 index 86a95518278..00000000000 --- a/extra/yassl/certs/dh1024.dat +++ /dev/null @@ -1 +0,0 @@ -30818702818100DA9A18547FF03B385CC16508C173A7EF4EB61CB40EF8FEF3B31F145051676166BCDC3FE6B799FC394D08C26385F9413F896E09117E46209D6923602683CEA100924A6EE695281775C619DAA94EA8CB3691B4275B0183F1D39639EBC92995FE645D6C1BC28D409E585549BBD2C5DCDD6C208B04EADD8B7A6D997F72CBAD88390F020102
\ No newline at end of file diff --git a/extra/yassl/certs/dsa-cert.pem b/extra/yassl/certs/dsa-cert.pem deleted file mode 100644 index 10794cbee73..00000000000 --- a/extra/yassl/certs/dsa-cert.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDrzCCA2+gAwIBAgIJAK1zRM7YFcNjMAkGByqGSM44BAMwgZAxCzAJBgNVBAYT -AlVTMQ8wDQYDVQQIDAZPcmVnb24xETAPBgNVBAcMCFBvcnRsYW5kMRAwDgYDVQQK -DAd3b2xmU1NMMRAwDgYDVQQLDAd0ZXN0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTYwOTIy -MjEyMzA0WhcNMjIwMzE1MjEyMzA0WjCBkDELMAkGA1UEBhMCVVMxDzANBgNVBAgM -Bk9yZWdvbjERMA8GA1UEBwwIUG9ydGxhbmQxEDAOBgNVBAoMB3dvbGZTU0wxEDAO -BgNVBAsMB3Rlc3RpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG -SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCAbgwggEsBgcqhkjOOAQBMIIBHwKB -gQC9Ue5KMuCKx+rG4epwxFFDzyoH4ccSwlglXsRdvqswDRK/oQvTNNNoWiVxTn3k -vQ8qDlhWy9KjGTrqr/ttgmh56FFpe6tz4yTgCNyR9D+eGclD7lNfdPUc4E3SA6ef -opG6+ymI55bS+9xUFTG402UCrYSKT59zI2HBfuI6dltsxQIVAJHJ7WDQ+jBn/nmM -yCQzdi+0qJx1AoGBAJJacRK36s5yGY1b6qhxWqvpoAC+SfEKylZnYWGYf2PM+Iwo -6AgPKEw6BSsX+7Nmc4Gjyr4JWhComKi6onPamO/A2CbMM0DCxb47BeLBWfqWAgXV -j0CODT4MQos5yugnviR/YpEgbzLxvrXr469lKWsAyB19/gFmGmQWcCgAwGm6A4GF -AAKBgQCdy2PPch8r0P07EOs5WG6L425P6IJ3bDKj3TVLy+Ebj04CT/3Gmgw2tFye -2pOgO0yfkIXizcDl6GT2CQuBBhUgwF6WJ4hoW1iK1UwhnupZmQ358eNFl0tJJN5v -wx2gtNxJSwIsm8VRscqqFH2092b9ScH7VjLoqhx+bgA4XV7l1aNQME4wHQYDVR0O -BBYEFCCY5ONeqOL/KqR/SwbV5Ufb/IHHMB8GA1UdIwQYMBaAFCCY5ONeqOL/KqR/ -SwbV5Ufb/IHHMAwGA1UdEwQFMAMBAf8wCQYHKoZIzjgEAwMvADAsAhQRYSCVN/Ge -agV3mffU3qNZ92fI0QIUPH7Jp+iASI7U1ocaYDc10qXGaGY= ------END CERTIFICATE----- diff --git a/extra/yassl/certs/dsa1024.der b/extra/yassl/certs/dsa1024.der Binary files differdeleted file mode 100644 index db880d51480..00000000000 --- a/extra/yassl/certs/dsa1024.der +++ /dev/null diff --git a/extra/yassl/certs/dsa1024.pem b/extra/yassl/certs/dsa1024.pem deleted file mode 100644 index 5478ebfc2b2..00000000000 --- a/extra/yassl/certs/dsa1024.pem +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -MIIBvAIBAAKBgQC9Ue5KMuCKx+rG4epwxFFDzyoH4ccSwlglXsRdvqswDRK/oQvT -NNNoWiVxTn3kvQ8qDlhWy9KjGTrqr/ttgmh56FFpe6tz4yTgCNyR9D+eGclD7lNf -dPUc4E3SA6efopG6+ymI55bS+9xUFTG402UCrYSKT59zI2HBfuI6dltsxQIVAJHJ -7WDQ+jBn/nmMyCQzdi+0qJx1AoGBAJJacRK36s5yGY1b6qhxWqvpoAC+SfEKylZn -YWGYf2PM+Iwo6AgPKEw6BSsX+7Nmc4Gjyr4JWhComKi6onPamO/A2CbMM0DCxb47 -BeLBWfqWAgXVj0CODT4MQos5yugnviR/YpEgbzLxvrXr469lKWsAyB19/gFmGmQW -cCgAwGm6AoGBAJ3LY89yHyvQ/TsQ6zlYbovjbk/ogndsMqPdNUvL4RuPTgJP/caa -DDa0XJ7ak6A7TJ+QheLNwOXoZPYJC4EGFSDAXpYniGhbWIrVTCGe6lmZDfnx40WX -S0kk3m/DHaC03ElLAiybxVGxyqoUfbT3Zv1JwftWMuiqHH5uADhdXuXVAhQ01VXa -Rr8IPem35lKghVKnq/kGQw== ------END DSA PRIVATE KEY----- diff --git a/extra/yassl/certs/server-cert.pem b/extra/yassl/certs/server-cert.pem deleted file mode 100644 index f56cba9de70..00000000000 --- a/extra/yassl/certs/server-cert.pem +++ /dev/null @@ -1,173 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Jul 11 17:20:14 2014 GMT - Not After : Apr 6 17:20:14 2017 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:9A:41:47:CD:A1:14:62:8C - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - 3d:8c:70:05:5b:62:4b:bf:6c:b6:48:61:01:10:1d:5e:05:ba: - 55:94:2c:ae:59:6f:97:80:5d:6c:86:ec:9a:eb:15:45:44:e4: - 56:f8:75:ca:8a:45:32:f4:c7:e1:fa:f2:98:1c:91:d3:3f:e8: - 0e:c9:1b:fa:e1:79:99:67:0e:0d:6b:8a:ec:1a:2c:59:c4:34: - 04:8d:39:77:cd:b5:e9:60:5b:82:bf:34:ce:ed:c6:4f:3f:b4: - 5c:4d:8a:b4:f4:0a:04:12:a0:56:c1:e1:33:37:a1:54:87:48: - e9:81:c2:0f:8f:6f:d3:52:4c:4c:32:4c:6b:9f:3a:04:8f:77: - 5d:ad:dc:3d:2b:f2:c9:df:3c:60:5d:d8:fc:86:72:7c:3d:d0: - 84:4b:8c:df:26:43:fe:c0:cc:5b:e1:36:b3:3d:32:28:a3:ef: - 0c:20:d6:b1:50:39:d6:67:a9:8b:84:bc:92:34:eb:19:23:e8: - 10:8f:ea:bd:18:8c:93:27:3c:74:75:8e:58:04:fa:2a:74:44: - 7d:fc:4d:39:df:54:17:ba:78:e1:5d:6a:70:d3:7c:a2:80:81: - e6:19:51:91:c3:44:51:ec:bb:88:a9:53:e1:d7:a9:8c:28:f4: - 21:1c:42:51:09:b4:12:6d:a0:d6:25:09:85:c6:2a:0c:af:a7: - 58:e6:52:8b ------BEGIN CERTIFICATE----- -MIIEnjCCA4agAwIBAgIBATANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh -d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTQwNzEx -MTcyMDE0WhcNMTcwNDA2MTcyMDE0WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM -B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO -BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG -SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXGRa7yvCQwuJXOL07W9hyIvHyf+6hn -f/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiVc9qsG1O5Xz/X -GQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bM -QLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq -0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ -6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOB/DCB+TAdBgNVHQ4EFgQU -sxEyyZKYhOLJ+NA7bgNCyh8OjjwwgckGA1UdIwSBwTCBvoAUJ45nEXTDJh0/7TNj -s6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5h -MRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwK -Q29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN -AQkBFhBpbmZvQHdvbGZzc2wuY29tggkAmkFHzaEUYowwDAYDVR0TBAUwAwEB/zAN -BgkqhkiG9w0BAQUFAAOCAQEAPYxwBVtiS79stkhhARAdXgW6VZQsrllvl4BdbIbs -musVRUTkVvh1yopFMvTH4frymByR0z/oDskb+uF5mWcODWuK7BosWcQ0BI05d821 -6WBbgr80zu3GTz+0XE2KtPQKBBKgVsHhMzehVIdI6YHCD49v01JMTDJMa586BI93 -Xa3cPSvyyd88YF3Y/IZyfD3QhEuM3yZD/sDMW+E2sz0yKKPvDCDWsVA51mepi4S8 -kjTrGSPoEI/qvRiMkyc8dHWOWAT6KnREffxNOd9UF7p44V1qcNN8ooCB5hlRkcNE -Uey7iKlT4depjCj0IRxCUQm0Em2g1iUJhcYqDK+nWOZSiw== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 9a:41:47:cd:a1:14:62:8c - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Jul 11 03:20:08 2014 GMT - Not After : Apr 6 03:20:08 2017 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a: - f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac: - de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98: - 21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77: - 32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1: - 8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3: - a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed: - a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95: - 82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c: - 3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db: - 76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc: - 73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98: - de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68: - cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2: - b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3: - 13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98: - ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed: - 36:79 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:9A:41:47:CD:A1:14:62:8C - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - 79:78:0c:6d:79:88:91:fc:3a:15:9c:f9:27:62:16:f0:21:1f: - fa:7d:3f:a2:a8:32:1e:f7:f2:11:a9:74:16:74:5e:dc:18:ca: - f0:00:2a:d5:03:06:26:30:f1:47:83:fd:32:6e:fc:ed:aa:4f: - 7d:0c:63:60:31:2f:7c:0c:bf:99:66:87:ed:27:08:86:2d:c4: - 33:e8:98:23:1c:fe:a3:db:9a:49:4e:fc:5a:42:ef:71:c3:3f: - ad:dc:4a:a8:d2:a3:1d:09:ac:33:04:7b:86:f3:6d:00:59:a3: - c8:db:d1:3c:73:f6:0e:90:d6:5e:49:e0:bf:36:63:08:7b:a5: - b0:8f:35:3b:56:8c:11:35:49:04:1c:d0:e7:ba:56:c5:0d:0a: - 91:8d:d6:b7:62:19:34:12:52:4c:d2:6d:7c:c5:3d:0f:18:81: - 54:cb:f6:3c:e5:84:d2:d6:71:15:ec:1a:34:0b:f0:a0:21:74: - 43:c8:a3:b0:df:d9:67:da:e2:ad:93:48:f8:a0:87:bd:79:14: - e0:62:0a:df:f7:31:2e:31:7b:d1:32:2a:0a:fe:5d:14:ef:d9: - 64:50:e4:83:91:bc:70:0d:d7:88:8d:d9:bc:84:0e:c5:1a:b3: - bf:64:02:4e:51:91:a4:a2:85:15:83:af:f0:5b:9b:28:49:5f: - b2:b3:03:d8 ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIJAJpBR82hFGKMMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G -A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0xNDA3MTEwMzIwMDhaFw0xNzA0MDYwMzIwMDhaMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D -mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx -i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J -XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc -/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI -/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB -+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU -J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 -aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAmkFHzaEUYowwDAYD -VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAeXgMbXmIkfw6FZz5J2IW8CEf -+n0/oqgyHvfyEal0FnRe3BjK8AAq1QMGJjDxR4P9Mm787apPfQxjYDEvfAy/mWaH -7ScIhi3EM+iYIxz+o9uaSU78WkLvccM/rdxKqNKjHQmsMwR7hvNtAFmjyNvRPHP2 -DpDWXkngvzZjCHulsI81O1aMETVJBBzQ57pWxQ0KkY3Wt2IZNBJSTNJtfMU9DxiB -VMv2POWE0tZxFewaNAvwoCF0Q8ijsN/ZZ9rirZNI+KCHvXkU4GIK3/cxLjF70TIq -Cv5dFO/ZZFDkg5G8cA3XiI3ZvIQOxRqzv2QCTlGRpKKFFYOv8FubKElfsrMD2A== ------END CERTIFICATE----- diff --git a/extra/yassl/certs/server-key.pem b/extra/yassl/certs/server-key.pem deleted file mode 100644 index d1627f4d4a7..00000000000 --- a/extra/yassl/certs/server-key.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4lc4vTtb2HIi8fJ/7 -qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz2qwbU7lf -P9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDj -xsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlk -wyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlC -Qgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABAoIBAQCa0DQPUmIFUAHv -n+1kbsLE2hryhNeSEEiSxOlq64t1bMZ5OPLJckqGZFSVd8vDmp231B2kAMieTuTd -x7pnFsF0vKnWlI8rMBr77d8hBSPZSjm9mGtlmrjcxH3upkMVLj2+HSJgKnMw1T7Y -oqyGQy7E9WReP4l1DxHYUSVOn9iqo85gs+KK2X4b8GTKmlsFC1uqy+XjP24yIgXz -0PrvdFKB4l90073/MYNFdfpjepcu1rYZxpIm5CgGUFAOeC6peA0Ul7QS2DFAq6EB -QcIw+AdfFuRhd9Jg8p+N6PS662PeKpeB70xs5lU0USsoNPRTHMRYCj+7r7X3SoVD -LTzxWFiBAoGBAPIsVHY5I2PJEDK3k62vvhl1loFk5rW4iUJB0W3QHBv4G6xpyzY8 -ZH3c9Bm4w2CxV0hfUk9ZOlV/MsAZQ1A/rs5vF/MOn0DKTq0VO8l56cBZOHNwnAp8 -yTpIMqfYSXUKhcLC/RVz2pkJKmmanwpxv7AEpox6Wm9IWlQ7xrFTF9/nAoGBAMuT -3ncVXbdcXHzYkKmYLdZpDmOzo9ymzItqpKISjI57SCyySzfcBhh96v52odSh6T8N -zRtfr1+elltbD6F8r7ObkNtXczrtsCNErkFPHwdCEyNMy/r0FKTV9542fFufqDzB -hV900jkt/9CE3/uzIHoumxeu5roLrl9TpFLtG8SRAoGBAOyY2rvV/vlSSn0CVUlv -VW5SL4SjK7OGYrNU0mNS2uOIdqDvixWl0xgUcndex6MEH54ZYrUbG57D8rUy+UzB -qusMJn3UX0pRXKRFBnBEp1bA1CIUdp7YY1CJkNPiv4GVkjFBhzkaQwsYpVMfORpf -H0O8h2rfbtMiAP4imHBOGhkpAoGBAIpBVihRnl/Ungs7mKNU8mxW1KrpaTOFJAza -1AwtxL9PAmk4fNTm3Ezt1xYRwz4A58MmwFEC3rt1nG9WnHrzju/PisUr0toGakTJ -c/5umYf4W77xfOZltU9s8MnF/xbKixsX4lg9ojerAby/QM5TjI7t7+5ZneBj5nxe -9Y5L8TvBAoGATUX5QIzFW/QqGoq08hysa+kMVja3TnKW1eWK0uL/8fEYEz2GCbjY -dqfJHHFSlDBD4PF4dP1hG0wJzOZoKnGtHN9DvFbbpaS+NXCkXs9P/ABVmTo9I89n -WvUi+LUp0EQR6zUuRr79jhiyX6i/GTKh9dwD5nyaHwx8qbAOITc78bA= ------END RSA PRIVATE KEY----- diff --git a/extra/yassl/certs/server-keyEnc.pem b/extra/yassl/certs/server-keyEnc.pem deleted file mode 100644 index e5ab57d4c9e..00000000000 --- a/extra/yassl/certs/server-keyEnc.pem +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-CBC,136C7D8A69656668 - -jvNTyPaztxPIoAzbdmZnD0Zw2+60tMxNc0GMHNmeOyG25aHP/dT+TWiKFpFVkkkY -uoCIhYUyw7gmpw+CnRJwWd+ans4nrvAjwy5oWJvarvsyUpjqvnPoIlAqd+d4TDKN -eESzcI76+gHdisAtCrQD+fGqgTZhli5TgDbnpasL/QnY2qDlutvakkVw7gPXe156 -2Phy8WN+efr65J6wt3K/dj7Datl9u4JeHQK81gYyWBVX+EagEjPGDzkFQCj9Z0q7 -8K3iB5GW1JAqJS0IfZPB40AnSTF/n1TL1SN3qfU3l7hTGNrx9o7580bgDEoAR7pI -F8eZlS15KHtZmh11AnU1KTKZ6kmgnNqeMTGMN6N0ct2wMKW1dV87eTDlF0oiR2ol -XwtFgKmrIjfpmzkdWjbJmWnGMjD56KdiFZga/ZyKMsPrVoYLgfJEpn36iQspfygx -HCGNTf0PjIsjEWU0WyQiF86t+c45W3wNFsv/AxVyfMl+su02yrd6u2ecuQDir3Cs -b2k8IKtQgVe/NIpEWLKuiHG5oedIPPQyDYK5uq+gHxCGeOoKnWlsWFEHZRiza4X5 -tbgTrJB8Sw0ENWrvVGGmQZN4pSImlsMwzQ2qik5CQ00N1b3+56/obn0z75I3bUSb -tC5g8DRjl6oclAenNgh/MYMT287y5W2dD4npxHcekX4O3J2CDXNfg4vV2j5GRxtg -LVJdYE2p7bpYePCDHrYng8b9ubBprx0CrEnkIvvtUjzNPf6VDL0+MBKl+XgR2/nz -iRqTuZnlGGOyM+KYDwXpgwfs/HfvFGksxTAlO/40GkGh+WGPaIoNyCK0SgQKhyb4 -JIkR0vd2/yLg3lWMJrGwh7A0Gm07Z/781oURP3uWd+PaCOgGcd5ipcAjcEyuxNly -AthipWqmQWUcbf6Z2N9j3OA22Hv2Uzk8HSfi9VOZtL9svdEEZ0NnOekJgnc6stQp -bXiknlK/T5WdrWxSyCfgUq68Vf6DFfIRAVuFdJ3WHT2wVXHrDfft6D+Ne/XCxPoE -8zGmkyusaph33UHQ1oNyUbLbwcDCDSmOo8gYoedD3IwxtMA3wJRugomqosItwV8X -vkgmcy8eSE/+gZUxJEN2gnLcfKFhCkC80J6oFhmoDD6vuUnPHcFdKZgVPw2rzPk5 -Vb1kX+gpORplYmKpq1vz/ujscL4T0TmYLz02hkIS4edpW55ncTTv7JWefpRiTB1J -RB3td3me4htqR+YIDWJ+emrOmqsCG2WvpAS+MTw2mj1jYk9LL/ZYobTjSCEWmuwT -yVK6m303irR7HQDauxhslRFgoK21w63viOyj5NKIU1gQtaAANGDxcgORC1XLjjgt -oNutSQA+7P42vfHSHK4cnTBXl6V32H/GyVpdHQOZqSrqIjgLmUZodSmRPROxosZF -a46B1O7m/rJFxkiKW4vod+/WqjoE0Hhfrb8rRrkRjzGeCqqSSnQ3vrunVkvF8hlA -b6FOv4ZBJL4piC1GKH+rscqke9NEiDqXN8C3iYz86jbck/Ha21yUS8T3X7N52sg+ -B3AmOGnLK6BebYeto9vZxQjacChJZSixSxLV+l9/nVQ0+mW42azHdzk0ru59TGAj ------END RSA PRIVATE KEY----- diff --git a/extra/yassl/certs/taoCert.txt b/extra/yassl/certs/taoCert.txt deleted file mode 100644 index f1132c0b5b8..00000000000 --- a/extra/yassl/certs/taoCert.txt +++ /dev/null @@ -1,62 +0,0 @@ - -***** Create a self signed cert ************ - -1) openssl genrsa 512 > client-key.pem - -2) openssl req -new -x509 -nodes -md5 -days 1000 -key client-key.pem > client-cert.pem - --- adding metadata to beginning - -3) openssl x509 -in client-cert.pem -text > tmp.pem - -4) mv tmp.pem client-cert.pem - - -***** Create a CA, signing authority ********** - -same as self signed, use ca prefix instead of client - - -***** Create a cert signed by CA ************** - -1) openssl req -newkey rsa:512 -md5 -days 1000 -nodes -keyout server-key.pem > server-req.pem - -2) copy ca-key.pem ca-cert.srl (why ????) - -3) openssl x509 -req -in server-req.pem -days 1000 -md5 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem - - - -***** To create a dsa cert ******************** - -1) openssl dsaparam 512 > dsa512.param # creates group params - -2) openssl gendsa dsa512.param > dsa512.pem # creates private key - -3) openssl req -new -x509 -nodes -days 1000 -key dsa512.pem > dsa-cert.pem - - - - -***** To convert from PEM to DER ************** - -a) openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER - -to convert rsa private PEM to DER : - -b) openssl rsa -in key.pem -outform DER -out key.der - - -**** To encrypt rsa key already in pem ********** - -a) openssl rsa <server-key.pem.bak -des >server-keyEnc.pem - -note location of des, pass = yassl123 - - -*** To make a public key from a private key ****** - - -openssl rsa -in 1024rsa.priv -pubout -out 1024rsa.pub - - diff --git a/extra/yassl/examples/client/client.cpp b/extra/yassl/examples/client/client.cpp deleted file mode 100644 index d2c07897f3c..00000000000 --- a/extra/yassl/examples/client/client.cpp +++ /dev/null @@ -1,179 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* client.cpp */ - -// takes an optional command line argument of cipher list to make scripting -// easier - - -#include "../../testsuite/test.hpp" - -//#define TEST_RESUME - - -void ClientError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& sockfd, const char* msg) -{ - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - err_sys(msg); -} - - -#ifdef NON_BLOCKING - void NonBlockingSSL_Connect(SSL* ssl, SSL_CTX* ctx, SOCKET_T& sockfd) - { - int ret = SSL_connect(ssl); - int err = SSL_get_error(ssl, 0); - while (ret != SSL_SUCCESS && (err == SSL_ERROR_WANT_READ || - err == SSL_ERROR_WANT_WRITE)) { - if (err == SSL_ERROR_WANT_READ) - printf("... client would read block\n"); - else - printf("... client would write block\n"); - #ifdef _WIN32 - Sleep(1000); - #else - sleep(1); - #endif - ret = SSL_connect(ssl); - err = SSL_get_error(ssl, 0); - } - if (ret != SSL_SUCCESS) - ClientError(ctx, ssl, sockfd, "SSL_connect failed"); - } -#endif - - -void client_test(void* args) -{ -#ifdef _WIN32 - WSADATA wsd; - WSAStartup(0x0002, &wsd); -#endif - - SOCKET_T sockfd = 0; - int argc = 0; - char** argv = 0; - - set_args(argc, argv, *static_cast<func_args*>(args)); - tcp_connect(sockfd); -#ifdef NON_BLOCKING - tcp_set_nonblocking(sockfd); -#endif - SSL_METHOD* method = TLSv1_client_method(); - SSL_CTX* ctx = SSL_CTX_new(method); - - set_certs(ctx); - if (argc >= 2) { - printf("setting cipher list to %s\n", argv[1]); - if (SSL_CTX_set_cipher_list(ctx, argv[1]) != SSL_SUCCESS) { - ClientError(ctx, NULL, sockfd, "set_cipher_list error\n"); - } - } - SSL* ssl = SSL_new(ctx); - - SSL_set_fd(ssl, sockfd); - - -#ifdef NON_BLOCKING - NonBlockingSSL_Connect(ssl, ctx, sockfd); -#else - // if you get an error here see note at top of README - if (SSL_connect(ssl) != SSL_SUCCESS) - ClientError(ctx, ssl, sockfd, "SSL_connect failed"); -#endif - showPeer(ssl); - - const char* cipher = 0; - int index = 0; - char list[1024]; - strncpy(list, "cipherlist", 11); - while ( (cipher = SSL_get_cipher_list(ssl, index++)) ) { - strncat(list, ":", 2); - strncat(list, cipher, strlen(cipher) + 1); - } - printf("%s\n", list); - printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl)); - - char msg[] = "hello yassl!"; - if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) - ClientError(ctx, ssl, sockfd, "SSL_write failed"); - - char reply[1024]; - int input = SSL_read(ssl, reply, sizeof(reply)); - if (input > 0) { - reply[input] = 0; - printf("Server response: %s\n", reply); - } - -#ifdef TEST_RESUME - SSL_SESSION* session = SSL_get_session(ssl); - SSL* sslResume = SSL_new(ctx); -#endif - - SSL_shutdown(ssl); - SSL_free(ssl); - tcp_close(sockfd); - -#ifdef TEST_RESUME - tcp_connect(sockfd); - SSL_set_fd(sslResume, sockfd); - SSL_set_session(sslResume, session); - - if (SSL_connect(sslResume) != SSL_SUCCESS) - ClientError(ctx, sslResume, sockfd, "SSL_resume failed"); - showPeer(sslResume); - - if (SSL_write(sslResume, msg, sizeof(msg)) != sizeof(msg)) - ClientError(ctx, sslResume, sockfd, "SSL_write failed"); - - input = SSL_read(sslResume, reply, sizeof(reply)); - if (input > 0) { - reply[input] = 0; - printf("Server response: %s\n", reply); - } - - SSL_shutdown(sslResume); - SSL_free(sslResume); - tcp_close(sockfd); -#endif // TEST_RESUME - - SSL_CTX_free(ctx); - ((func_args*)args)->return_code = 0; -} - - -#ifndef NO_MAIN_DRIVER - - int main(int argc, char** argv) - { - func_args args; - - args.argc = argc; - args.argv = argv; - - client_test(&args); - yaSSL_CleanUp(); - - return args.return_code; - } - -#endif // NO_MAIN_DRIVER - diff --git a/extra/yassl/examples/client/client.dsp b/extra/yassl/examples/client/client.dsp deleted file mode 100644 index 1caa585dadb..00000000000 --- a/extra/yassl/examples/client/client.dsp +++ /dev/null @@ -1,102 +0,0 @@ -# Microsoft Developer Studio Project File - Name="client" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Console Application" 0x0103 - -CFG=client - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "client.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "client.mak" CFG="client - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "client - Win32 Release" (based on "Win32 (x86) Console Application") -!MESSAGE "client - Win32 Debug" (based on "Win32 (x86) Console Application") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "client - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MT /W3 /O2 /I "..\..\taocrypt\include" /I "..\..\include" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386 - -!ELSEIF "$(CFG)" == "client - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c -# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept - -!ENDIF - -# Begin Target - -# Name "client - Win32 Release" -# Name "client - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=.\client.cpp -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" -# End Group -# End Target -# End Project diff --git a/extra/yassl/examples/echoclient/echoclient.cpp b/extra/yassl/examples/echoclient/echoclient.cpp deleted file mode 100644 index 99a8b4d9c88..00000000000 --- a/extra/yassl/examples/echoclient/echoclient.cpp +++ /dev/null @@ -1,120 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* echoclient.cpp */ - -#include "../../testsuite/test.hpp" - - -void EchoClientError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& sockfd, const char* msg) -{ - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - err_sys(msg); -} - - -void echoclient_test(void* args) -{ -#ifdef _WIN32 - WSADATA wsd; - WSAStartup(0x0002, &wsd); -#endif - - SOCKET_T sockfd = 0; - int argc = 0; - char** argv = 0; - - FILE* fin = stdin; - FILE* fout = stdout; - - bool inCreated = false; - bool outCreated = false; - - set_args(argc, argv, *static_cast<func_args*>(args)); - if (argc >= 2) { - fin = fopen(argv[1], "r"); - inCreated = true; - } - if (argc >= 3) { - fout = fopen(argv[2], "w"); - outCreated = true; - } - - if (!fin) err_sys("can't open input file"); - if (!fout) err_sys("can't open output file"); - - tcp_connect(sockfd); - - SSL_METHOD* method = SSLv23_client_method(); - SSL_CTX* ctx = SSL_CTX_new(method); - set_certs(ctx); - SSL* ssl = SSL_new(ctx); - - SSL_set_fd(ssl, sockfd); - - if (SSL_connect(ssl) != SSL_SUCCESS) - EchoClientError(ctx, ssl, sockfd, "SSL_connect failed"); - - char send[1024]; - char reply[1024]; - - while (fgets(send, sizeof(send), fin)) { - - int sendSz = (int)strlen(send) + 1; - if (SSL_write(ssl, send, sendSz) != sendSz) - EchoClientError(ctx, ssl, sockfd, "SSL_write failed"); - - if (strncmp(send, "quit", 4) == 0) { - fputs("sending server shutdown command: quit!\n", fout); - break; - } - - if (SSL_read(ssl, reply, sizeof(reply)) > 0) - fputs(reply, fout); - } - - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - - fflush(fout); - if (inCreated) fclose(fin); - if (outCreated) fclose(fout); - - ((func_args*)args)->return_code = 0; -} - - -#ifndef NO_MAIN_DRIVER - - int main(int argc, char** argv) - { - func_args args; - - args.argc = argc; - args.argv = argv; - - echoclient_test(&args); - yaSSL_CleanUp(); - - return args.return_code; - } - -#endif // NO_MAIN_DRIVER diff --git a/extra/yassl/examples/echoclient/echoclient.dsp b/extra/yassl/examples/echoclient/echoclient.dsp deleted file mode 100644 index 52052c6dc44..00000000000 --- a/extra/yassl/examples/echoclient/echoclient.dsp +++ /dev/null @@ -1,102 +0,0 @@ -# Microsoft Developer Studio Project File - Name="echoclient" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Console Application" 0x0103 - -CFG=echoclient - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "echoclient.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "echoclient.mak" CFG="echoclient - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "echoclient - Win32 Release" (based on "Win32 (x86) Console Application") -!MESSAGE "echoclient - Win32 Debug" (based on "Win32 (x86) Console Application") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "echoclient - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MT /W3 /O2 /I "..\..\include" /I "..\..\taocrypt\include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386 - -!ELSEIF "$(CFG)" == "echoclient - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c -# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept - -!ENDIF - -# Begin Target - -# Name "echoclient - Win32 Release" -# Name "echoclient - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=.\echoclient.cpp -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" -# End Group -# End Target -# End Project diff --git a/extra/yassl/examples/echoclient/input b/extra/yassl/examples/echoclient/input deleted file mode 100644 index 438a592852c..00000000000 --- a/extra/yassl/examples/echoclient/input +++ /dev/null @@ -1,93 +0,0 @@ -/* echoclient.cpp */ - -#include "openssl/ssl.h" /* openssl compatibility test */ -#include <stdio.h> -#include <stdlib.h> - - -#ifdef WIN32 - #include <winsock2.h> -#else - #include <string.h> - #include <unistd.h> - #include <netinet/in.h> - #include <arpa/inet.h> - #include <sys/ioctl.h> - #include <sys/time.h> - #include <sys/types.h> - #include <sys/socket.h> -#endif /* WIN32 */ - - -void err_sys(const char* msg) -{ - fputs("yassl client error: ", stderr); - fputs(msg, stderr); - exit(EXIT_FAILURE); -} - -const char* loopback = "127.0.0.1"; -const short yasslPort = 11111; - -using namespace yaSSL; - - -int main(int argc, char** argv) -{ -#ifdef WIN32 - WSADATA wsd; - WSAStartup(0x0002, &wsd); - int sockfd; -#else - unsigned int sockfd; -#endif /* WIN32 */ - - FILE* fin = stdin; - FILE* fout = stdout; - - if (argc >= 2) fin = fopen(argv[1], "r"); - if (argc >= 3) fout = fopen(argv[2], "w"); - - if (!fin) err_sys("can't open input file"); - if (!fout) err_sys("can't open output file"); - - sockfd = socket(AF_INET, SOCK_STREAM, 0); - sockaddr_in servaddr; - memset(&servaddr, 0, sizeof(servaddr)); - servaddr.sin_family = AF_INET; - - servaddr.sin_port = htons(yasslPort); - servaddr.sin_addr.s_addr = inet_addr(loopback); - if (connect(sockfd, (const sockaddr*)&servaddr, sizeof(servaddr)) != 0) - err_sys("tcp connect failed"); - - SSL_METHOD* method = TLSv1_client_method(); - SSL_CTX* ctx = SSL_CTX_new(method); - SSL* ssl = SSL_new(ctx); - - SSL_set_fd(ssl, sockfd); - if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed"); - - char send[1024]; - char reply[1024]; - - while (fgets(send, sizeof(send), fin)) { - - int sendSz = strlen(send) + 1; - if (SSL_write(ssl, send, sendSz) != sendSz) - err_sys("SSL_write failed"); - - if (strncmp(send, "quit", 4) == 0) { - fputs("sending server shutdown command: quit!", fout); - break; - } - - if (SSL_read(ssl, reply, sizeof(reply)) > 0) - fputs(reply, fout); - } - - SSL_CTX_free(ctx); - SSL_free(ssl); - - return 0; -} diff --git a/extra/yassl/examples/echoclient/quit b/extra/yassl/examples/echoclient/quit deleted file mode 100644 index 3db49b3ad12..00000000000 --- a/extra/yassl/examples/echoclient/quit +++ /dev/null @@ -1,2 +0,0 @@ -quit - diff --git a/extra/yassl/examples/echoserver/echoserver.cpp b/extra/yassl/examples/echoserver/echoserver.cpp deleted file mode 100644 index 3f639469895..00000000000 --- a/extra/yassl/examples/echoserver/echoserver.cpp +++ /dev/null @@ -1,167 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* echoserver.cpp */ - -#include "../../testsuite/test.hpp" - - -#ifndef NO_MAIN_DRIVER - #define ECHO_OUT - - THREAD_RETURN YASSL_API echoserver_test(void*); - int main(int argc, char** argv) - { - func_args args; - - args.argc = argc; - args.argv = argv; - - echoserver_test(&args); - yaSSL_CleanUp(); - - return args.return_code; - } - -#endif // NO_MAIN_DRIVER - - - -void EchoError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& s1, SOCKET_T& s2, - const char* msg) -{ - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(s1); - tcp_close(s2); - err_sys(msg); -} - - -THREAD_RETURN YASSL_API echoserver_test(void* args) -{ -#ifdef _WIN32 - WSADATA wsd; - WSAStartup(0x0002, &wsd); -#endif - - SOCKET_T sockfd = 0; - int argc = 0; - char** argv = 0; - - set_args(argc, argv, *static_cast<func_args*>(args)); - -#ifdef ECHO_OUT - FILE* fout = stdout; - if (argc >= 2) fout = fopen(argv[1], "w"); - if (!fout) err_sys("can't open output file"); -#endif - - tcp_listen(sockfd); - - SSL_METHOD* method = SSLv23_server_method(); - SSL_CTX* ctx = SSL_CTX_new(method); - - set_serverCerts(ctx); - DH* dh = set_tmpDH(ctx); - - bool shutdown(false); - -#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) - // signal ready to tcp_accept - func_args& server_args = *((func_args*)args); - tcp_ready& ready = *server_args.signal_; - pthread_mutex_lock(&ready.mutex_); - ready.ready_ = true; - pthread_cond_signal(&ready.cond_); - pthread_mutex_unlock(&ready.mutex_); -#endif - - while (!shutdown) { - SOCKADDR_IN_T client; - socklen_t client_len = sizeof(client); - SOCKET_T clientfd = accept(sockfd, (sockaddr*)&client, - (ACCEPT_THIRD_T)&client_len); - if (clientfd == (SOCKET_T) -1) { - SSL_CTX_free(ctx); - tcp_close(sockfd); - err_sys("tcp accept failed"); - } - - SSL* ssl = SSL_new(ctx); - SSL_set_fd(ssl, clientfd); - if (SSL_accept(ssl) != SSL_SUCCESS) { - printf("SSL_accept failed\n"); - SSL_free(ssl); - tcp_close(clientfd); - continue; - } - - char command[1024]; - int echoSz(0); - while ( (echoSz = SSL_read(ssl, command, sizeof(command))) > 0) { - - if ( strncmp(command, "quit", 4) == 0) { - printf("client sent quit command: shutting down!\n"); - shutdown = true; - break; - } - else if ( strncmp(command, "GET", 3) == 0) { - char type[] = "HTTP/1.0 200 ok\r\nContent-type:" - " text/html\r\n\r\n"; - char header[] = "<html><body BGCOLOR=\"#ffffff\">\n<pre>\n"; - char body[] = "greetings from yaSSL\n"; - char footer[] = "</body></html>\r\n\r\n"; - - strncpy(command, type, sizeof(type)); - echoSz = sizeof(type) - 1; - - strncpy(&command[echoSz], header, sizeof(header)); - echoSz += sizeof(header) - 1; - strncpy(&command[echoSz], body, sizeof(body)); - echoSz += sizeof(body) - 1; - strncpy(&command[echoSz], footer, sizeof(footer)); - echoSz += sizeof(footer); - - if (SSL_write(ssl, command, echoSz) != echoSz) - EchoError(ctx, ssl, sockfd, clientfd, "SSL_write failed"); - - break; - } - command[echoSz] = 0; - - #ifdef ECHO_OUT - fputs(command, fout); - #endif - - if (SSL_write(ssl, command, echoSz) != echoSz) - EchoError(ctx, ssl, sockfd, clientfd, "SSL_write failed"); - } - SSL_shutdown(ssl); - SSL_free(ssl); - tcp_close(clientfd); - } - - tcp_close(sockfd); - - DH_free(dh); - SSL_CTX_free(ctx); - - ((func_args*)args)->return_code = 0; - return 0; -} diff --git a/extra/yassl/examples/echoserver/echoserver.dsp b/extra/yassl/examples/echoserver/echoserver.dsp deleted file mode 100644 index 21a965b013c..00000000000 --- a/extra/yassl/examples/echoserver/echoserver.dsp +++ /dev/null @@ -1,102 +0,0 @@ -# Microsoft Developer Studio Project File - Name="echoserver" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Console Application" 0x0103 - -CFG=echoserver - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "echoserver.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "echoserver.mak" CFG="echoserver - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "echoserver - Win32 Release" (based on "Win32 (x86) Console Application") -!MESSAGE "echoserver - Win32 Debug" (based on "Win32 (x86) Console Application") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "echoserver - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /G6 /MT /W3 /O2 /I "..\..\include" /I "..\..\taocrypt\include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386 - -!ELSEIF "$(CFG)" == "echoserver - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c -# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept - -!ENDIF - -# Begin Target - -# Name "echoserver - Win32 Release" -# Name "echoserver - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=.\echoserver.cpp -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" -# End Group -# End Target -# End Project diff --git a/extra/yassl/examples/server/server.cpp b/extra/yassl/examples/server/server.cpp deleted file mode 100644 index 8a3a0a7db0e..00000000000 --- a/extra/yassl/examples/server/server.cpp +++ /dev/null @@ -1,155 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* server.cpp */ - -// takes 2 optional command line argument to make scripting -// if the first command line argument is 'n' client auth is disabled -// if the second command line argument is 'd' DSA certs are used instead of RSA - -#include "../../testsuite/test.hpp" - - -void ServerError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& sockfd, const char* msg) -{ - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - err_sys(msg); -} - - -#ifdef NON_BLOCKING - void NonBlockingSSL_Accept(SSL* ssl, SSL_CTX* ctx, SOCKET_T& clientfd) - { - int ret = SSL_accept(ssl); - int err = SSL_get_error(ssl, 0); - while (ret != SSL_SUCCESS && (err == SSL_ERROR_WANT_READ || - err == SSL_ERROR_WANT_WRITE)) { - if (err == SSL_ERROR_WANT_READ) - printf("... server would read block\n"); - else - printf("... server would write block\n"); - #ifdef _WIN32 - Sleep(1000); - #else - sleep(1); - #endif - ret = SSL_accept(ssl); - err = SSL_get_error(ssl, 0); - } - if (ret != SSL_SUCCESS) - ServerError(ctx, ssl, clientfd, "SSL_accept failed"); - } -#endif - - -THREAD_RETURN YASSL_API server_test(void* args) -{ -#ifdef _WIN32 - WSADATA wsd; - WSAStartup(0x0002, &wsd); -#endif - - SOCKET_T sockfd = 0; - SOCKET_T clientfd = 0; - int argc = 0; - char** argv = 0; - - set_args(argc, argv, *static_cast<func_args*>(args)); -#ifdef SERVER_READY_FILE - set_file_ready("server_ready", *static_cast<func_args*>(args)); -#endif - tcp_accept(sockfd, clientfd, *static_cast<func_args*>(args)); - - tcp_close(sockfd); - - SSL_METHOD* method = TLSv1_server_method(); - SSL_CTX* ctx = SSL_CTX_new(method); - - //SSL_CTX_set_cipher_list(ctx, "RC4-SHA:RC4-MD5"); - - // should we disable client auth - if (argc >= 2 && argv[1][0] == 'n') - printf("disabling client auth\n"); - else - SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0); - - // are we using DSA certs - if (argc >= 3 && argv[2][0] == 'd') { - printf("using DSA certs\n"); - set_dsaServerCerts(ctx); - } - else { - set_serverCerts(ctx); - } - DH* dh = set_tmpDH(ctx); - - SSL* ssl = SSL_new(ctx); - SSL_set_fd(ssl, clientfd); - -#ifdef NON_BLOCKING - NonBlockingSSL_Accept(ssl, ctx, clientfd); -#else - if (SSL_accept(ssl) != SSL_SUCCESS) - ServerError(ctx, ssl, clientfd, "SSL_accept failed"); -#endif - - showPeer(ssl); - printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl)); - - char command[1024]; - int input = SSL_read(ssl, command, sizeof(command)); - if (input > 0) { - command[input] = 0; - printf("First client command: %s\n", command); - } - - char msg[] = "I hear you, fa shizzle!"; - if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) - ServerError(ctx, ssl, clientfd, "SSL_write failed"); - - DH_free(dh); - SSL_CTX_free(ctx); - SSL_shutdown(ssl); - SSL_free(ssl); - - tcp_close(clientfd); - - ((func_args*)args)->return_code = 0; - return 0; -} - - -#ifndef NO_MAIN_DRIVER - - int main(int argc, char** argv) - { - func_args args; - - args.argc = argc; - args.argv = argv; - - server_test(&args); - yaSSL_CleanUp(); - - return args.return_code; - } - -#endif // NO_MAIN_DRIVER - diff --git a/extra/yassl/examples/server/server.dsp b/extra/yassl/examples/server/server.dsp deleted file mode 100644 index 9c797c54dfe..00000000000 --- a/extra/yassl/examples/server/server.dsp +++ /dev/null @@ -1,109 +0,0 @@ -# Microsoft Developer Studio Project File - Name="server" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Application" 0x0101 - -CFG=server - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "server.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "server.mak" CFG="server - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "server - Win32 Release" (based on "Win32 (x86) Application") -!MESSAGE "server - Win32 Debug" (based on "Win32 (x86) Application") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF "$(CFG)" == "server - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MT /W3 /O2 /I "..\..\include" /I "..\..\taocrypt\include" /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /c -# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32 -# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386 -# SUBTRACT LINK32 /pdb:none - -!ELSEIF "$(CFG)" == "server - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /GZ /c -# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /FR /YX /FD /GZ /c -# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32 -# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /debug /machine:I386 /pdbtype:sept -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# SUBTRACT LINK32 /pdb:none /nodefaultlib - -!ENDIF - -# Begin Target - -# Name "server - Win32 Release" -# Name "server - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=.\server.cpp -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" -# End Group -# End Target -# End Project diff --git a/extra/yassl/include/buffer.hpp b/extra/yassl/include/buffer.hpp deleted file mode 100644 index 71bea3c109a..00000000000 --- a/extra/yassl/include/buffer.hpp +++ /dev/null @@ -1,211 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* yaSSL buffer header defines input and output buffers to simulate streaming - * with SSL types and sockets - */ - -#ifndef yaSSL_BUFFER_HPP -#define yaSSL_BUFFER_HPP - -#include <assert.h> // assert -#include "yassl_types.hpp" // ysDelete -#include "memory.hpp" // mySTL::auto_ptr -#include STL_ALGORITHM_FILE - - -namespace STL = STL_NAMESPACE; - - -#ifdef _MSC_VER - // disable truncated debug symbols - #pragma warning(disable:4786) -#endif - - -namespace yaSSL { - -typedef unsigned char byte; -typedef unsigned int uint; -const uint AUTO = 0xFEEDBEEF; - - - -struct NoCheck { - int check(uint, uint); -}; - -struct Check { - int check(uint, uint); -}; - -/* input_buffer operates like a smart c style array with a checking option, - * meant to be read from through [] with AUTO index or read(). - * Should only write to at/near construction with assign() or raw (e.g., recv) - * followed by add_size with the number of elements added by raw write. - * - * Not using vector because need checked []access, offset, and the ability to - * write to the buffer bulk wise and have the correct size - */ - -class input_buffer : public Check { - uint size_; // number of elements in buffer - uint current_; // current offset position in buffer - byte* buffer_; // storage for buffer - byte* end_; // end of storage marker - int error_; // error number - byte zero_; // for returning const reference to zero byte -public: - input_buffer(); - - explicit input_buffer(uint s); - - // with assign - input_buffer(uint s, const byte* t, uint len); - - ~input_buffer(); - - // users can pass defualt zero length buffer and then allocate - void allocate(uint s); - - // for passing to raw writing functions at beginning, then use add_size - byte* get_buffer() const; - - // after a raw write user can set new size - // if you know the size before the write use assign() - void add_size(uint i); - - uint get_capacity() const; - - uint get_current() const; - - uint get_size() const; - - uint get_remaining() const; - - int get_error() const; - - void set_error(); - - void set_current(uint i); - - // read only access through [], advance current - // user passes in AUTO index for ease of use - const byte& operator[](uint i); - - // end of input test - bool eof(); - - // peek ahead - byte peek(); - - // write function, should use at/near construction - void assign(const byte* t, uint s); - - // use read to query input, adjusts current - void read(byte* dst, uint length); - -private: - input_buffer(const input_buffer&); // hide copy - input_buffer& operator=(const input_buffer&); // and assign -}; - - -/* output_buffer operates like a smart c style array with a checking option. - * Meant to be written to through [] with AUTO index or write(). - * Size (current) counter increases when written to. Can be constructed with - * zero length buffer but be sure to allocate before first use. - * Don't use add write for a couple bytes, use [] instead, way less overhead. - * - * Not using vector because need checked []access and the ability to - * write to the buffer bulk wise and retain correct size - */ -class output_buffer : public NoCheck { - uint current_; // current offset and elements in buffer - byte* buffer_; // storage for buffer - byte* end_; // end of storage marker -public: - // default - output_buffer(); - - // with allocate - explicit output_buffer(uint s); - - // with assign - output_buffer(uint s, const byte* t, uint len); - - ~output_buffer(); - - uint get_size() const; - - uint get_capacity() const; - - void set_current(uint c); - - // users can pass defualt zero length buffer and then allocate - void allocate(uint s); - - // for passing to reading functions when finished - const byte* get_buffer() const; - - // allow write access through [], update current - // user passes in AUTO as index for ease of use - byte& operator[](uint i); - - // end of output test - bool eof(); - - void write(const byte* t, uint s); - -private: - output_buffer(const output_buffer&); // hide copy - output_buffer& operator=(const output_buffer&); // and assign -}; - - - - -// turn delete an incomplete type into comipler error instead of warning -template <typename T> -inline void checked_delete(T* p) -{ - typedef char complete_type[sizeof(T) ? 1 : -1]; - (void)sizeof(complete_type); - ysDelete(p); -} - - -// checked delete functor increases effeciency, no indirection on function call -// sets pointer to zero so safe for std conatiners -struct del_ptr_zero -{ - template <typename T> - void operator()(T*& p) const - { - T* tmp = 0; - STL::swap(tmp, p); - checked_delete(tmp); - } -}; - - - -} // naemspace - -#endif // yaSSL_BUUFER_HPP diff --git a/extra/yassl/include/cert_wrapper.hpp b/extra/yassl/include/cert_wrapper.hpp deleted file mode 100644 index d32870fcfc1..00000000000 --- a/extra/yassl/include/cert_wrapper.hpp +++ /dev/null @@ -1,137 +0,0 @@ -/* - Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* The certificate wrapper header defines certificate management functions - * - */ - - -#ifndef yaSSL_CERT_WRAPPER_HPP -#define yaSSL_CERT_WRAPPER_HPP - -#ifdef _MSC_VER - // disable truncated debug symbols - #pragma warning(disable:4786) -#endif - - -#include "yassl_types.hpp" // SignatureAlgorithm -#include "buffer.hpp" // input_buffer -#include "asn.hpp" // SignerList -#include "openssl/ssl.h" // internal and external use -#include STL_LIST_FILE -#include STL_ALGORITHM_FILE - - -namespace STL = STL_NAMESPACE; - - -namespace yaSSL { - -typedef unsigned char opaque; -class X509; // forward openSSL type - -using TaoCrypt::SignerList; - -// an x509 version 3 certificate -class x509 { - uint length_; - opaque* buffer_; -public: - explicit x509(uint sz); - ~x509(); - - uint get_length() const; - const opaque* get_buffer() const; - opaque* use_buffer(); - - x509(const x509&); - x509& operator=(const x509&); -private: - void Swap(x509&); -}; - - -// Certificate Manager keeps a list of the cert chain and public key -class CertManager { - typedef STL::list<x509*> CertList; - - CertList list_; // self - input_buffer privateKey_; - - CertList peerList_; // peer - input_buffer peerPublicKey_; - X509* peerX509_; // peer's openSSL X509 - X509* selfX509_; // our own openSSL X509 - - SignatureAlgorithm keyType_; // self key type - SignatureAlgorithm peerKeyType_; // peer's key type - - SignerList signers_; // decoded CA keys and names - // plus verified chained certs - bool verifyPeer_; - bool verifyNone_; // no error if verify fails - bool failNoCert_; - bool sendVerify_; - bool sendBlankCert_; - VerifyCallback verifyCallback_; // user verify callback -public: - CertManager(); - ~CertManager(); - - void AddPeerCert(x509* x); // take ownership - void CopySelfCert(const x509* x); - int CopyCaCert(const x509* x); - int Validate(); - - int SetPrivateKey(const x509&); - - const x509* get_cert() const; - const opaque* get_peerKey() const; - const opaque* get_privateKey() const; - X509* get_peerX509() const; - X509* get_selfX509() const; - SignatureAlgorithm get_keyType() const; - SignatureAlgorithm get_peerKeyType() const; - - uint get_peerKeyLength() const; - uint get_privateKeyLength() const; - - bool verifyPeer() const; - bool verifyNone() const; - bool failNoCert() const; - bool sendVerify() const; - bool sendBlankCert() const; - - void setVerifyPeer(); - void setVerifyNone(); - void setFailNoCert(); - void setSendVerify(); - void setSendBlankCert(); - void setPeerX509(X509*); - void setVerifyCallback(VerifyCallback); -private: - CertManager(const CertManager&); // hide copy - CertManager& operator=(const CertManager&); // and assigin -}; - - -} // naemspace - -#endif // yaSSL_CERT_WRAPPER_HPP diff --git a/extra/yassl/include/crypto_wrapper.hpp b/extra/yassl/include/crypto_wrapper.hpp deleted file mode 100644 index 97cd989b78d..00000000000 --- a/extra/yassl/include/crypto_wrapper.hpp +++ /dev/null @@ -1,429 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* The crypto wrapper header is used to define policies for the cipher - * components used by SSL. There are 3 policies to consider: - * - * 1) MAC, the Message Authentication Code used for each Message - * 2) Bulk Cipher, the Cipher used to encrypt/decrypt each Message - * 3) Atuhentication, the Digitial Signing/Verifiaction scheme used - * - * This header doesn't rely on a specific crypto libraries internals, - * only the implementation should. - */ - - -#ifndef yaSSL_CRYPTO_WRAPPER_HPP -#define yaSSL_CRYPTO_WRAPPER_HPP - -#include "yassl_types.hpp" -#include <stdio.h> // FILE - - -namespace yaSSL { - - -// Digest policy should implement a get_digest, update, and get sizes for pad -// and digest -struct Digest : public virtual_base { - virtual void get_digest(byte*) = 0; - virtual void get_digest(byte*, const byte*, unsigned int) = 0; - virtual void update(const byte*, unsigned int) = 0; - virtual uint get_digestSize() const = 0; - virtual uint get_padSize() const = 0; - virtual ~Digest() {} -}; - - -// For use with NULL Digests -struct NO_MAC : public Digest { - void get_digest(byte*); - void get_digest(byte*, const byte*, unsigned int); - void update(const byte*, unsigned int); - uint get_digestSize() const; - uint get_padSize() const; -}; - - -// MD5 Digest -class MD5 : public Digest { -public: - void get_digest(byte*); - void get_digest(byte*, const byte*, unsigned int); - void update(const byte*, unsigned int); - uint get_digestSize() const; - uint get_padSize() const; - MD5(); - ~MD5(); - MD5(const MD5&); - MD5& operator=(const MD5&); -private: - struct MD5Impl; - MD5Impl* pimpl_; -}; - - -// SHA-1 Digest -class SHA : public Digest { -public: - void get_digest(byte*); - void get_digest(byte*, const byte*, unsigned int); - void update(const byte*, unsigned int); - uint get_digestSize() const; - uint get_padSize() const; - SHA(); - ~SHA(); - SHA(const SHA&); - SHA& operator=(const SHA&); -private: - struct SHAImpl; - SHAImpl* pimpl_; - -}; - - -// RIPEMD-160 Digest -class RMD : public Digest { -public: - void get_digest(byte*); - void get_digest(byte*, const byte*, unsigned int); - void update(const byte*, unsigned int); - uint get_digestSize() const; - uint get_padSize() const; - RMD(); - ~RMD(); - RMD(const RMD&); - RMD& operator=(const RMD&); -private: - struct RMDImpl; - RMDImpl* pimpl_; - -}; - - -// HMAC_MD5 -class HMAC_MD5 : public Digest { -public: - void get_digest(byte*); - void get_digest(byte*, const byte*, unsigned int); - void update(const byte*, unsigned int); - uint get_digestSize() const; - uint get_padSize() const; - HMAC_MD5(const byte*, unsigned int); - ~HMAC_MD5(); -private: - struct HMAC_MD5Impl; - HMAC_MD5Impl* pimpl_; - - HMAC_MD5(const HMAC_MD5&); - HMAC_MD5& operator=(const HMAC_MD5&); -}; - - -// HMAC_SHA-1 -class HMAC_SHA : public Digest { -public: - void get_digest(byte*); - void get_digest(byte*, const byte*, unsigned int); - void update(const byte*, unsigned int); - uint get_digestSize() const; - uint get_padSize() const; - HMAC_SHA(const byte*, unsigned int); - ~HMAC_SHA(); -private: - struct HMAC_SHAImpl; - HMAC_SHAImpl* pimpl_; - - HMAC_SHA(const HMAC_SHA&); - HMAC_SHA& operator=(const HMAC_SHA&); -}; - - -// HMAC_RMD -class HMAC_RMD : public Digest { -public: - void get_digest(byte*); - void get_digest(byte*, const byte*, unsigned int); - void update(const byte*, unsigned int); - uint get_digestSize() const; - uint get_padSize() const; - HMAC_RMD(const byte*, unsigned int); - ~HMAC_RMD(); -private: - struct HMAC_RMDImpl; - HMAC_RMDImpl* pimpl_; - - HMAC_RMD(const HMAC_RMD&); - HMAC_RMD& operator=(const HMAC_RMD&); -}; - - -// BulkCipher policy should implement encrypt, decrypt, get block size, -// and set keys for encrypt and decrypt -struct BulkCipher : public virtual_base { - virtual void encrypt(byte*, const byte*, unsigned int) = 0; - virtual void decrypt(byte*, const byte*, unsigned int) = 0; - virtual void set_encryptKey(const byte*, const byte* = 0) = 0; - virtual void set_decryptKey(const byte*, const byte* = 0) = 0; - virtual uint get_blockSize() const = 0; - virtual int get_keySize() const = 0; - virtual int get_ivSize() const = 0; - virtual ~BulkCipher() {} -}; - - -// For use with NULL Ciphers -struct NO_Cipher : public BulkCipher { - void encrypt(byte*, const byte*, unsigned int) {} - void decrypt(byte*, const byte*, unsigned int) {} - void set_encryptKey(const byte*, const byte*) {} - void set_decryptKey(const byte*, const byte*) {} - uint get_blockSize() const { return 0; } - int get_keySize() const { return 0; } - int get_ivSize() const { return 0; } -}; - - -// SSLv3 and TLSv1 always use DES in CBC mode so IV is required -class DES : public BulkCipher { -public: - void encrypt(byte*, const byte*, unsigned int); - void decrypt(byte*, const byte*, unsigned int); - void set_encryptKey(const byte*, const byte*); - void set_decryptKey(const byte*, const byte*); - uint get_blockSize() const { return DES_BLOCK; } - int get_keySize() const { return DES_KEY_SZ; } - int get_ivSize() const { return DES_IV_SZ; } - DES(); - ~DES(); -private: - struct DESImpl; - DESImpl* pimpl_; - - DES(const DES&); // hide copy - DES& operator=(const DES&); // & assign -}; - - -// 3DES Encrypt-Decrypt-Encrypt in CBC mode -class DES_EDE : public BulkCipher { -public: - void encrypt(byte*, const byte*, unsigned int); - void decrypt(byte*, const byte*, unsigned int); - void set_encryptKey(const byte*, const byte*); - void set_decryptKey(const byte*, const byte*); - uint get_blockSize() const { return DES_BLOCK; } - int get_keySize() const { return DES_EDE_KEY_SZ; } - int get_ivSize() const { return DES_IV_SZ; } - DES_EDE(); - ~DES_EDE(); -private: - struct DES_EDEImpl; - DES_EDEImpl* pimpl_; - - DES_EDE(const DES_EDE&); // hide copy - DES_EDE& operator=(const DES_EDE&); // & assign -}; - - -// Alledged RC4 -class RC4 : public BulkCipher { -public: - void encrypt(byte*, const byte*, unsigned int); - void decrypt(byte*, const byte*, unsigned int); - void set_encryptKey(const byte*, const byte*); - void set_decryptKey(const byte*, const byte*); - uint get_blockSize() const { return 0; } - int get_keySize() const { return RC4_KEY_SZ; } - int get_ivSize() const { return 0; } - RC4(); - ~RC4(); -private: - struct RC4Impl; - RC4Impl* pimpl_; - - RC4(const RC4&); // hide copy - RC4& operator=(const RC4&); // & assign -}; - - -// AES -class AES : public BulkCipher { -public: - void encrypt(byte*, const byte*, unsigned int); - void decrypt(byte*, const byte*, unsigned int); - void set_encryptKey(const byte*, const byte*); - void set_decryptKey(const byte*, const byte*); - uint get_blockSize() const { return AES_BLOCK_SZ; } - int get_keySize() const; - int get_ivSize() const { return AES_IV_SZ; } - explicit AES(unsigned int = AES_128_KEY_SZ); - ~AES(); -private: - struct AESImpl; - AESImpl* pimpl_; - - AES(const AES&); // hide copy - AES& operator=(const AES&); // & assign -}; - - -// Random number generator -class RandomPool { -public: - void Fill(opaque* dst, uint sz) const; - RandomPool(); - ~RandomPool(); - - int GetError() const; - - friend class RSA; - friend class DSS; - friend class DiffieHellman; -private: - struct RandomImpl; - RandomImpl* pimpl_; - - RandomPool(const RandomPool&); // hide copy - RandomPool& operator=(const RandomPool&); // & assign -}; - - -// Authentication policy should implement sign, and verify -struct Auth : public virtual_base { - virtual void sign(byte*, const byte*, unsigned int, const RandomPool&) = 0; - virtual bool verify(const byte*, unsigned int, const byte*, - unsigned int) = 0; - virtual uint get_signatureLength() const = 0; - virtual ~Auth() {} -}; - - -// For use with NULL Authentication schemes -struct NO_Auth : public Auth { - void sign(byte*, const byte*, unsigned int, const RandomPool&) {} - bool verify(const byte*, unsigned int, const byte*, unsigned int) - { return true; } -}; - - -// Digitial Signature Standard scheme -class DSS : public Auth { -public: - void sign(byte*, const byte*, unsigned int, const RandomPool&); - bool verify(const byte*, unsigned int, const byte*, unsigned int); - uint get_signatureLength() const; - DSS(const byte*, unsigned int, bool publicKey = true); - ~DSS(); -private: - struct DSSImpl; - DSSImpl* pimpl_; - - DSS(const DSS&); - DSS& operator=(const DSS&); -}; - - -// RSA Authentication and exchange -class RSA : public Auth { -public: - void sign(byte*, const byte*, unsigned int, const RandomPool&); - bool verify(const byte*, unsigned int, const byte*, unsigned int); - void encrypt(byte*, const byte*, unsigned int, const RandomPool&); - void decrypt(byte*, const byte*, unsigned int, const RandomPool&); - uint get_signatureLength() const; - uint get_cipherLength() const; - RSA(const byte*, unsigned int, bool publicKey = true); - ~RSA(); -private: - struct RSAImpl; - RSAImpl* pimpl_; - - RSA(const RSA&); // hide copy - RSA& operator=(const RSA&); // & assing -}; - - -class Integer; - -// Diffie-Hellman agreement -// hide for now TODO: figure out a way to give access to C clients p and g args -class DiffieHellman { -public: - DiffieHellman(const byte*, unsigned int, const byte*, unsigned int, - const byte*, unsigned int, const RandomPool& random); - //DiffieHellman(const char*, const RandomPool&); - DiffieHellman(const Integer&, const Integer&, const RandomPool&); - ~DiffieHellman(); - - DiffieHellman(const DiffieHellman&); - DiffieHellman& operator=(const DiffieHellman&); - - uint get_agreedKeyLength() const; - const byte* get_agreedKey() const; - uint get_publicKeyLength() const; - const byte* get_publicKey() const; - void makeAgreement(const byte*, unsigned int); - - void set_sizes(int&, int&, int&) const; - void get_parms(byte*, byte*, byte*) const; -private: - struct DHImpl; - DHImpl* pimpl_; -}; - - -// Lagrge Integer -class Integer { -public: - Integer(); - ~Integer(); - - Integer(const Integer&); - Integer& operator=(const Integer&); - - void assign(const byte*, unsigned int); - - friend class DiffieHellman; -private: - struct IntegerImpl; - IntegerImpl* pimpl_; -}; - - -class x509; - - -struct EncryptedInfo { - enum { IV_SZ = 32, NAME_SZ = 80 }; - char name[NAME_SZ]; // max one line - byte iv[IV_SZ]; // in base16 rep - uint ivSz; - bool set; - - EncryptedInfo() : ivSz(0), set(false) {} -}; - -x509* PemToDer(FILE*, CertType, EncryptedInfo* info = 0); - - -} // naemspace - -#endif // yaSSL_CRYPTO_WRAPPER_HPP diff --git a/extra/yassl/include/factory.hpp b/extra/yassl/include/factory.hpp deleted file mode 100644 index e0f420844fb..00000000000 --- a/extra/yassl/include/factory.hpp +++ /dev/null @@ -1,102 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* The factory header defines an Object Factory, used by SSL message and - * handshake types. - * - * See Desgin Pattern in GoF and Alexandrescu's chapter in Modern C++ Design, - * page 208 - */ - - - -#ifndef yaSSL_FACTORY_HPP -#define yaSSL_FACTORY_HPP - -#include STL_VECTOR_FILE -#include STL_PAIR_FILE - - -namespace STL = STL_NAMESPACE; - - - - - -namespace yaSSL { - - -// Factory uses its callback map to create objects by id, -// returning an abstract base pointer -template<class AbstractProduct, - typename IdentifierType = int, - typename ProductCreator = AbstractProduct* (*)() - > -class Factory { - typedef STL::pair<IdentifierType, ProductCreator> CallBack; - typedef STL::vector<CallBack> CallBackVector; - - CallBackVector callbacks_; -public: - // pass function pointer to register all callbacks upon creation - explicit Factory(void (*init)(Factory<AbstractProduct, IdentifierType, - ProductCreator>&)) - { - init(*this); - } - - // reserve place in vector before registering, used by init funcion - void Reserve(size_t sz) - { - callbacks_.reserve(sz); - } - - // register callback - void Register(const IdentifierType& id, ProductCreator pc) - { - callbacks_.push_back(STL::make_pair(id, pc)); - } - - // THE Creator, returns a new object of the proper type or 0 - AbstractProduct* CreateObject(const IdentifierType& id) const - { - typedef typename STL::vector<CallBack>::const_iterator cIter; - - cIter first = callbacks_.begin(); - cIter last = callbacks_.end(); - - while (first != last) { - if (first->first == id) - break; - ++first; - } - - if (first == callbacks_.end()) - return 0; - return (first->second)(); - } -private: - Factory(const Factory&); // hide copy - Factory& operator=(const Factory&); // and assign -}; - - -} // naemspace - -#endif // yaSSL_FACTORY_HPP diff --git a/extra/yassl/include/handshake.hpp b/extra/yassl/include/handshake.hpp deleted file mode 100644 index dc472690c73..00000000000 --- a/extra/yassl/include/handshake.hpp +++ /dev/null @@ -1,70 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* The handshake header declares function prototypes for creating and reading - * the various handshake messages. - */ - - - -#ifndef yaSSL_HANDSHAKE_HPP -#define yaSSL_HANDSHAKE_HPP - -#include "yassl_types.hpp" - - -namespace yaSSL { - -// forward decls -class SSL; -class Finished; -class Data; -class Alert; -struct Hashes; - -enum BufferOutput { buffered, unbuffered }; - -void sendClientHello(SSL&); -void sendServerHello(SSL&, BufferOutput = buffered); -void sendServerHelloDone(SSL&, BufferOutput = buffered); -void sendClientKeyExchange(SSL&, BufferOutput = buffered); -void sendServerKeyExchange(SSL&, BufferOutput = buffered); -void sendChangeCipher(SSL&, BufferOutput = buffered); -void sendFinished(SSL&, ConnectionEnd, BufferOutput = buffered); -void sendCertificate(SSL&, BufferOutput = buffered); -void sendCertificateRequest(SSL&, BufferOutput = buffered); -void sendCertificateVerify(SSL&, BufferOutput = buffered); -int sendData(SSL&, const void*, int); -int sendAlert(SSL& ssl, const Alert& alert); - -int receiveData(SSL&, Data&, bool peek = false); -void processReply(SSL&); - -void buildFinished(SSL&, Finished&, const opaque*); -void build_certHashes(SSL&, Hashes&); - -void hmac(SSL&, byte*, const byte*, uint, ContentType, bool verify = false); -void TLS_hmac(SSL&, byte*, const byte*, uint, ContentType, - bool verify = false); -void PRF(byte* digest, uint digLen, const byte* secret, uint secLen, - const byte* label, uint labLen, const byte* seed, uint seedLen); - -} // naemspace - -#endif // yaSSL_HANDSHAKE_HPP diff --git a/extra/yassl/include/lock.hpp b/extra/yassl/include/lock.hpp deleted file mode 100644 index 3f66ea145bf..00000000000 --- a/extra/yassl/include/lock.hpp +++ /dev/null @@ -1,96 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* lock.hpp provides an os specific Lock, locks mutex on entry and unlocks - * automatically upon exit, no-ops provided for Single Threaded -*/ - -#ifndef yaSSL_LOCK_HPP -#define yaSSL_LOCK_HPP - -/* - Visual Studio Source Annotations header (sourceannotations.h) fails - to compile if outside of the global namespace. -*/ -#ifdef MULTI_THREADED -#ifdef _WIN32 -#include <windows.h> -#endif -#endif - -namespace yaSSL { - - -#ifdef MULTI_THREADED - #ifdef _WIN32 - #include <windows.h> - - class Mutex { - CRITICAL_SECTION cs_; - public: - Mutex(); - ~Mutex(); - - class Lock; - friend class Lock; - - class Lock { - Mutex& mutex_; - public: - explicit Lock(Mutex& lm); - ~Lock(); - }; - }; - #else // _WIN32 - #include <pthread.h> - - class Mutex { - pthread_mutex_t mutex_; - public: - - Mutex(); - ~Mutex(); - - class Lock; - friend class Lock; - - class Lock { - Mutex& mutex_; - public: - explicit Lock(Mutex& lm); - ~Lock(); - }; - }; - - #endif // _WIN32 -#else // MULTI_THREADED (WE'RE SINGLE) - - class Mutex { - public: - class Lock { - public: - explicit Lock(Mutex&) {} - }; - }; - -#endif // MULTI_THREADED - - - -} // namespace -#endif // yaSSL_LOCK_HPP diff --git a/extra/yassl/include/log.hpp b/extra/yassl/include/log.hpp deleted file mode 100644 index 8dc33684a43..00000000000 --- a/extra/yassl/include/log.hpp +++ /dev/null @@ -1,56 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* yaSSL log interface - * - */ - -#ifndef yaSSL_LOG_HPP -#define yaSSL_LOG_HPP - -#include "socket_wrapper.hpp" - -#ifdef YASSL_LOG -#include <stdio.h> -#endif - -namespace yaSSL { - -typedef unsigned int uint; - - -// Debug logger -class Log { -#ifdef YASSL_LOG - FILE* log_; -#endif -public: - explicit Log(const char* str = "yaSSL.log"); - ~Log(); - - void Trace(const char*); - void ShowTCP(socket_t, bool ended = false); - void ShowData(uint, bool sent = false); -}; - - -} // naemspace - -#endif // yaSSL_LOG_HPP diff --git a/extra/yassl/include/openssl/crypto.h b/extra/yassl/include/openssl/crypto.h deleted file mode 100644 index f229f8b612c..00000000000 --- a/extra/yassl/include/openssl/crypto.h +++ /dev/null @@ -1,37 +0,0 @@ -/* - Copyright (C) 2005, 2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* crypto.h for openSSL */ - -#ifndef yaSSL_crypto_h__ -#define yaSSL_crypto_h__ - -#ifdef YASSL_PREFIX -#include "prefix_crypto.h" -#endif - -const char* SSLeay_version(int type); - -#define SSLEAY_NUMBER_DEFINED -#define SSLEAY_VERSION 0x0900L -#define SSLEAY_VERSION_NUMBER SSLEAY_VERSION - - -#endif /* yaSSL_crypto_h__ */ - diff --git a/extra/yassl/include/openssl/des.h b/extra/yassl/include/openssl/des.h deleted file mode 100644 index 71cd7e9b1a9..00000000000 --- a/extra/yassl/include/openssl/des.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - Copyright (C) 2005 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* des.h for openssl */ diff --git a/extra/yassl/include/openssl/des_old.h b/extra/yassl/include/openssl/des_old.h deleted file mode 100644 index b2467185445..00000000000 --- a/extra/yassl/include/openssl/des_old.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - Copyright (C) 2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* des_old.h for openvn */ diff --git a/extra/yassl/include/openssl/engine.h b/extra/yassl/include/openssl/engine.h deleted file mode 100644 index 52c43f08010..00000000000 --- a/extra/yassl/include/openssl/engine.h +++ /dev/null @@ -1,24 +0,0 @@ -/* - Copyright (C) 2006 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* engine.h for libcurl */ - -#undef HAVE_OPENSSL_ENGINE_H - - diff --git a/extra/yassl/include/openssl/err.h b/extra/yassl/include/openssl/err.h deleted file mode 100644 index fc96330e90e..00000000000 --- a/extra/yassl/include/openssl/err.h +++ /dev/null @@ -1,27 +0,0 @@ -/* - Copyright (C) 2005, 2006 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* err.h for openssl */ - -#ifndef yaSSL_err_h__ -#define yaSSL_err_h__ - - - -#endif /* yaSSL_err_h__ */ diff --git a/extra/yassl/include/openssl/evp.h b/extra/yassl/include/openssl/evp.h deleted file mode 100644 index a57c4a9088b..00000000000 --- a/extra/yassl/include/openssl/evp.h +++ /dev/null @@ -1,29 +0,0 @@ -/* - Copyright (C) 2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* evp.h for openSSL */ - -#ifndef SSLEAY_NUMBER_DEFINED -#define SSLEAY_NUMBER_DEFINED - -/* for OpenVPN */ -#define SSLEAY_VERSION_NUMBER 0x0090700f - - -#endif /* SSLEAY_NUMBER_DEFINED */ diff --git a/extra/yassl/include/openssl/generate_prefix_files.pl b/extra/yassl/include/openssl/generate_prefix_files.pl deleted file mode 100755 index d7609aebaf3..00000000000 --- a/extra/yassl/include/openssl/generate_prefix_files.pl +++ /dev/null @@ -1,62 +0,0 @@ -#!/usr/bin/perl - -# Copyright (C) 2006 MySQL AB -# Use is subject to license terms -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA - -# -# This script generates defines for all functions -# in yassl/include/openssl/ so they are renamed to -# ya<old_function_name>. Hopefully that is unique enough. -# -# The script is to be run manually when we import -# a new version of yaSSL -# - - - -# Find all functions in "input" and add macros -# to prefix/rename them into "output -sub generate_prefix($$) -{ - my $input= shift; - my $output= shift; - open(IN, $input) - or die("Can't open input file $input: $!"); - open(OUT, ">", $output) - or mtr_error("Can't open output file $output: $!"); - - while (<IN>) - { - chomp; - - if ( /typedef/ ) - { - next; - } - - if ( /^\s*[a-zA-Z0-9*_ ]+\s+\*?([_a-zA-Z0-9]+)\s*\(/ ) - { - print OUT "#define $1 ya$1\n"; - } - } - - close OUT; - close IN; -} - -generate_prefix("ssl.h", "prefix_ssl.h"); -generate_prefix("crypto.h", "prefix_crypto.h"); - diff --git a/extra/yassl/include/openssl/hmac.h b/extra/yassl/include/openssl/hmac.h deleted file mode 100644 index 0a3861c0937..00000000000 --- a/extra/yassl/include/openssl/hmac.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - Copyright (C) 2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* hmac.h for openvpn */ diff --git a/extra/yassl/include/openssl/lhash.h b/extra/yassl/include/openssl/lhash.h deleted file mode 100644 index bde2d3742b3..00000000000 --- a/extra/yassl/include/openssl/lhash.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - Copyright (C) 2005 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* lhash.h for openSSL */ - diff --git a/extra/yassl/include/openssl/md4.h b/extra/yassl/include/openssl/md4.h deleted file mode 100644 index 360499018cb..00000000000 --- a/extra/yassl/include/openssl/md4.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - Copyright (C) 2006 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* md4.h for libcurl */ diff --git a/extra/yassl/include/openssl/md5.h b/extra/yassl/include/openssl/md5.h deleted file mode 100644 index abe6200a4cc..00000000000 --- a/extra/yassl/include/openssl/md5.h +++ /dev/null @@ -1,23 +0,0 @@ -/* - Copyright (C) 2005, 2006 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* md5.h for openssl */ - -#include "ssl.h" /* in there for now */ - diff --git a/extra/yassl/include/openssl/objects.h b/extra/yassl/include/openssl/objects.h deleted file mode 100644 index fb9a265a19c..00000000000 --- a/extra/yassl/include/openssl/objects.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - Copyright (C) 2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* objects.h for openvpn */ diff --git a/extra/yassl/include/openssl/opensslv.h b/extra/yassl/include/openssl/opensslv.h deleted file mode 100644 index 477d2656650..00000000000 --- a/extra/yassl/include/openssl/opensslv.h +++ /dev/null @@ -1,31 +0,0 @@ -/* - Copyright (C) 2005 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* opensslv.h compatibility */ - -#ifndef yaSSL_opensslv_h__ -#define yaSSL_opensslv_h__ - - -/* api version compatibility */ -#define OPENSSL_VERSION_NUMBER 0x0090700f - - -#endif /* yaSSLopensslv_h__ */ - diff --git a/extra/yassl/include/openssl/pem.h b/extra/yassl/include/openssl/pem.h deleted file mode 100644 index 4b308a58ad8..00000000000 --- a/extra/yassl/include/openssl/pem.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - Copyright (C) 2006 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* pem.h for libcurl */ diff --git a/extra/yassl/include/openssl/pkcs12.h b/extra/yassl/include/openssl/pkcs12.h deleted file mode 100644 index 4f848209cdb..00000000000 --- a/extra/yassl/include/openssl/pkcs12.h +++ /dev/null @@ -1,24 +0,0 @@ -/* - Copyright (C) 2006 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* pkcs12.h for libcurl */ - - -#undef HAVE_OPENSSL_PKCS12_H - diff --git a/extra/yassl/include/openssl/prefix_crypto.h b/extra/yassl/include/openssl/prefix_crypto.h deleted file mode 100644 index acf3e7bd7d3..00000000000 --- a/extra/yassl/include/openssl/prefix_crypto.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - Copyright (C) 2006 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -#define SSLeay_version yaSSLeay_version diff --git a/extra/yassl/include/openssl/prefix_ssl.h b/extra/yassl/include/openssl/prefix_ssl.h deleted file mode 100644 index 7698dcf73b5..00000000000 --- a/extra/yassl/include/openssl/prefix_ssl.h +++ /dev/null @@ -1,188 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -#define Copyright yaCopyright -#define yaSSL_CleanUp yayaSSL_CleanUp -#define BN_bin2bn yaBN_bin2bn -#define DH_new yaDH_new -#define DH_free yaDH_free -#define RSA_free yaRSA_free -#define RSA_generate_key yaRSA_generate_key -#define X509_free yaX509_free -#define X509_STORE_CTX_get_current_cert yaX509_STORE_CTX_get_current_cert -#define X509_STORE_CTX_get_error yaX509_STORE_CTX_get_error -#define X509_STORE_CTX_get_error_depth yaX509_STORE_CTX_get_error_depth -#define X509_NAME_oneline yaX509_NAME_oneline -#define X509_get_issuer_name yaX509_get_issuer_name -#define X509_get_subject_name yaX509_get_subject_name -#define X509_verify_cert_error_string yaX509_verify_cert_error_string -#define X509_LOOKUP_add_dir yaX509_LOOKUP_add_dir -#define X509_LOOKUP_load_file yaX509_LOOKUP_load_file -#define X509_LOOKUP_hash_dir yaX509_LOOKUP_hash_dir -#define X509_LOOKUP_file yaX509_LOOKUP_file -#define X509_STORE_add_lookup yaX509_STORE_add_lookup -#define X509_STORE_new yaX509_STORE_new -#define X509_STORE_get_by_subject yaX509_STORE_get_by_subject -#define ERR_get_error_line_data yaERR_get_error_line_data -#define ERR_print_errors_fp yaERR_print_errors_fp -#define ERR_error_string yaERR_error_string -#define ERR_remove_state yaERR_remove_state -#define ERR_get_error yaERR_get_error -#define ERR_peek_error yaERR_peek_error -#define ERR_GET_REASON yaERR_GET_REASON -#define SSL_CTX_new yaSSL_CTX_new -#define SSL_new yaSSL_new -#define SSL_set_fd yaSSL_set_fd -#define SSL_get_fd yaSSL_get_fd -#define SSL_connect yaSSL_connect -#define SSL_write yaSSL_write -#define SSL_read yaSSL_read -#define SSL_accept yaSSL_accept -#define SSL_CTX_free yaSSL_CTX_free -#define SSL_free yaSSL_free -#define SSL_clear yaSSL_clear -#define SSL_shutdown yaSSL_shutdown -#define SSL_set_connect_state yaSSL_set_connect_state -#define SSL_set_accept_state yaSSL_set_accept_state -#define SSL_do_handshake yaSSL_do_handshake -#define SSL_get_cipher yaSSL_get_cipher -#define SSL_get_cipher_name yaSSL_get_cipher_name -#define SSL_get_shared_ciphers yaSSL_get_shared_ciphers -#define SSL_get_cipher_list yaSSL_get_cipher_list -#define SSL_get_version yaSSL_get_version -#define SSLeay_version yaSSLeay_version -#define SSL_get_error yaSSL_get_error -#define SSL_load_error_strings yaSSL_load_error_strings -#define SSL_set_session yaSSL_set_session -#define SSL_get_session yaSSL_get_session -#define SSL_flush_sessions yaSSL_flush_sessions -#define SSL_SESSION_set_timeout yaSSL_SESSION_set_timeout -#define SSL_CTX_set_session_cache_mode yaSSL_CTX_set_session_cache_mode -#define SSL_get_peer_certificate yaSSL_get_peer_certificate -#define SSL_get_verify_result yaSSL_get_verify_result -#define SSL_CTX_set_verify yaSSL_CTX_set_verify -#define SSL_CTX_load_verify_locations yaSSL_CTX_load_verify_locations -#define SSL_CTX_set_default_verify_paths yaSSL_CTX_set_default_verify_paths -#define SSL_CTX_check_private_key yaSSL_CTX_check_private_key -#define SSL_CTX_set_session_id_context yaSSL_CTX_set_session_id_context -#define SSL_CTX_set_tmp_rsa_callback yaSSL_CTX_set_tmp_rsa_callback -#define SSL_CTX_set_options yaSSL_CTX_set_options -#define SSL_CTX_set_session_cache_mode yaSSL_CTX_set_session_cache_mode -#define SSL_CTX_set_timeout yaSSL_CTX_set_timeout -#define SSL_CTX_use_certificate_chain_file yaSSL_CTX_use_certificate_chain_file -#define SSL_CTX_set_default_passwd_cb yaSSL_CTX_set_default_passwd_cb -#define SSL_CTX_use_RSAPrivateKey_file yaSSL_CTX_use_RSAPrivateKey_file -#define SSL_CTX_set_info_callback yaSSL_CTX_set_info_callback -#define SSL_CTX_sess_accept yaSSL_CTX_sess_accept -#define SSL_CTX_sess_connect yaSSL_CTX_sess_connect -#define SSL_CTX_sess_accept_good yaSSL_CTX_sess_accept_good -#define SSL_CTX_sess_connect_good yaSSL_CTX_sess_connect_good -#define SSL_CTX_sess_accept_renegotiate yaSSL_CTX_sess_accept_renegotiate -#define SSL_CTX_sess_connect_renegotiate yaSSL_CTX_sess_connect_renegotiate -#define SSL_CTX_sess_hits yaSSL_CTX_sess_hits -#define SSL_CTX_sess_cb_hits yaSSL_CTX_sess_cb_hits -#define SSL_CTX_sess_cache_full yaSSL_CTX_sess_cache_full -#define SSL_CTX_sess_misses yaSSL_CTX_sess_misses -#define SSL_CTX_sess_timeouts yaSSL_CTX_sess_timeouts -#define SSL_CTX_sess_number yaSSL_CTX_sess_number -#define SSL_CTX_sess_get_cache_size yaSSL_CTX_sess_get_cache_size -#define SSL_CTX_get_verify_mode yaSSL_CTX_get_verify_mode -#define SSL_get_verify_mode yaSSL_get_verify_mode -#define SSL_CTX_get_verify_depth yaSSL_CTX_get_verify_depth -#define SSL_get_verify_depth yaSSL_get_verify_depth -#define SSL_get_default_timeout yaSSL_get_default_timeout -#define SSL_CTX_get_session_cache_mode yaSSL_CTX_get_session_cache_mode -#define SSL_session_reused yaSSL_session_reused -#define SSL_set_rfd yaSSL_set_rfd -#define SSL_set_wfd yaSSL_set_wfd -#define SSL_set_shutdown yaSSL_set_shutdown -#define SSL_set_quiet_shutdown yaSSL_set_quiet_shutdown -#define SSL_get_quiet_shutdown yaSSL_get_quiet_shutdown -#define SSL_want_read yaSSL_want_read -#define SSL_want_write yaSSL_want_write -#define SSL_pending yaSSL_pending -#define SSLv3_method yaSSLv3_method -#define SSLv3_server_method yaSSLv3_server_method -#define SSLv3_client_method yaSSLv3_client_method -#define TLSv1_server_method yaTLSv1_server_method -#define TLSv1_client_method yaTLSv1_client_method -#define TLSv1_1_server_method yaTLSv1_1_server_method -#define TLSv1_1_client_method yaTLSv1_1_client_method -#define SSLv23_server_method yaSSLv23_server_method -#define SSL_CTX_use_certificate_file yaSSL_CTX_use_certificate_file -#define SSL_CTX_use_PrivateKey_file yaSSL_CTX_use_PrivateKey_file -#define SSL_CTX_set_cipher_list yaSSL_CTX_set_cipher_list -#define SSL_CTX_sess_set_cache_size yaSSL_CTX_sess_set_cache_size -#define SSL_CTX_set_tmp_dh yaSSL_CTX_set_tmp_dh -#define OpenSSL_add_all_algorithms yaOpenSSL_add_all_algorithms -#define SSL_library_init yaSSL_library_init -#define SSLeay_add_ssl_algorithms yaSSLeay_add_ssl_algorithms -#define SSL_get_current_cipher yaSSL_get_current_cipher -#define SSL_CIPHER_description yaSSL_CIPHER_description -#define SSL_alert_type_string_long yaSSL_alert_type_string_long -#define SSL_alert_desc_string_long yaSSL_alert_desc_string_long -#define SSL_state_string_long yaSSL_state_string_long -#define EVP_md5 yaEVP_md5 -#define EVP_des_ede3_cbc yaEVP_des_ede3_cbc -#define EVP_BytesToKey yaEVP_BytesToKey -#define DES_set_key_unchecked yaDES_set_key_unchecked -#define DES_ede3_cbc_encrypt yaDES_ede3_cbc_encrypt -#define RAND_screen yaRAND_screen -#define RAND_file_name yaRAND_file_name -#define RAND_write_file yaRAND_write_file -#define RAND_load_file yaRAND_load_file -#define RAND_status yaRAND_status -#define RAND_bytes yaRAND_bytes -#define DES_set_key yaDES_set_key -#define DES_set_odd_parity yaDES_set_odd_parity -#define DES_ecb_encrypt yaDES_ecb_encrypt -#define SSL_CTX_set_default_passwd_cb_userdata yaSSL_CTX_set_default_passwd_cb_userdata -#define SSL_SESSION_free yaSSL_SESSION_free -#define SSL_peek yaSSL_peek -#define SSL_get_certificate yaSSL_get_certificate -#define SSL_get_privatekey yaSSL_get_privatekey -#define X509_get_pubkey yaX509_get_pubkey -#define EVP_PKEY_copy_parameters yaEVP_PKEY_copy_parameters -#define EVP_PKEY_free yaEVP_PKEY_free -#define ERR_error_string_n yaERR_error_string_n -#define ERR_free_strings yaERR_free_strings -#define EVP_cleanup yaEVP_cleanup -#define X509_get_ext_d2i yaX509_get_ext_d2i -#define GENERAL_NAMES_free yaGENERAL_NAMES_free -#define sk_GENERAL_NAME_num yask_GENERAL_NAME_num -#define sk_GENERAL_NAME_value yask_GENERAL_NAME_value -#define ASN1_STRING_data yaASN1_STRING_data -#define ASN1_STRING_length yaASN1_STRING_length -#define ASN1_STRING_type yaASN1_STRING_type -#define X509_NAME_get_index_by_NID yaX509_NAME_get_index_by_NID -#define X509_NAME_ENTRY_get_data yaX509_NAME_ENTRY_get_data -#define X509_NAME_get_entry yaX509_NAME_get_entry -#define ASN1_STRING_to_UTF8 yaASN1_STRING_to_UTF8 -#define SSLv23_client_method yaSSLv23_client_method -#define SSLv2_client_method yaSSLv2_client_method -#define SSL_get1_session yaSSL_get1_session -#define X509_get_notBefore yaX509_get_notBefore -#define X509_get_notAfter yaX509_get_notAfter -#define yaSSL_ASN1_TIME_to_string ya_SSL_ASN1_TIME_to_string -#define MD4_Init yaMD4_Init -#define MD4_Update yaMD4_Update -#define MD4_Final yaMD4_Final -#define MD5_Init yaMD5_Init -#define MD5_Update yaMD5_Update -#define MD5_Final yaMD5_Final -#define SSL_set_compression yaSSL_set_compression diff --git a/extra/yassl/include/openssl/rand.h b/extra/yassl/include/openssl/rand.h deleted file mode 100644 index 7f605915efd..00000000000 --- a/extra/yassl/include/openssl/rand.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - Copyright (C) 2005 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* rand.h for openSSL */ - diff --git a/extra/yassl/include/openssl/rsa.h b/extra/yassl/include/openssl/rsa.h deleted file mode 100644 index 453161a7c21..00000000000 --- a/extra/yassl/include/openssl/rsa.h +++ /dev/null @@ -1,29 +0,0 @@ -/* - Copyright (C) 2005, 2006 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* rsa.h for openSSL */ - - -#ifndef yaSSL_rsa_h__ -#define yaSSL_rsa_h__ - -enum { RSA_F4 = 1 }; - - -#endif /* yaSSL_rsa_h__ */ diff --git a/extra/yassl/include/openssl/sha.h b/extra/yassl/include/openssl/sha.h deleted file mode 100644 index af097309846..00000000000 --- a/extra/yassl/include/openssl/sha.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - Copyright (C) 2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* sha.h for openvpn */ diff --git a/extra/yassl/include/openssl/ssl.h b/extra/yassl/include/openssl/ssl.h deleted file mode 100644 index fe9beb1356d..00000000000 --- a/extra/yassl/include/openssl/ssl.h +++ /dev/null @@ -1,566 +0,0 @@ -/* - Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved. - Use is subject to license terms. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* ssl.h defines openssl compatibility layer - * - */ - - - -#ifndef yaSSL_openssl_h__ -#define yaSSL_openssl_h__ - -#ifdef YASSL_PREFIX -#include "prefix_ssl.h" -#endif - -#include <stdio.h> /* ERR_print fp */ -#include "opensslv.h" /* for version number */ -#include "rsa.h" - - -#define YASSL_VERSION "2.4.4" - - -#if defined(__cplusplus) -extern "C" { -#endif - - void yaSSL_CleanUp(); /* call once at end of application use to - free static singleton memory holders, - not a leak per se, but helpful when - looking for them */ - -#if defined(__cplusplus) -} // extern -#endif - -#if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE) -namespace yaSSL { -extern "C" { -#endif - -#undef X509_NAME /* wincrypt.h clash */ - -#if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE) - class SSL; - class SSL_SESSION; - class SSL_METHOD; - class SSL_CTX; - class SSL_CIPHER; - - class RSA; - - class X509; - class X509_NAME; -#else - typedef struct SSL SSL; - typedef struct SSL_SESSION SSL_SESSION; - typedef struct SSL_METHOD SSL_METHOD; - typedef struct SSL_CTX SSL_CTX; - typedef struct SSL_CIPHER SSL_CIPHER; - - typedef struct RSA RSA; - - typedef struct X509 X509; - typedef struct X509_NAME X509_NAME; -#endif - - -/* Big Number stuff, different file? */ -typedef struct BIGNUM BIGNUM; - -BIGNUM *BN_bin2bn(const unsigned char*, int, BIGNUM*); - - -/* Diffie-Hellman stuff, different file? */ -/* mySQL deferences to set group parameters */ -typedef struct DH { - BIGNUM* p; - BIGNUM* g; -} DH; - -DH* DH_new(void); -void DH_free(DH*); - -/* RSA stuff */ - -void RSA_free(RSA*); -RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*); - - -/* X509 stuff, different file? */ - -/* because mySQL dereferences to use error and current_cert, even after calling - * get functions for local references */ -typedef struct X509_STORE_CTX { - int error; - int error_depth; - X509* current_cert; -} X509_STORE_CTX; - - -typedef struct X509_STORE X509_STORE; -typedef struct X509_LOOKUP X509_LOOKUP; -typedef struct X509_OBJECT { char c; } X509_OBJECT; -typedef struct X509_CRL X509_CRL; -typedef struct X509_REVOKED X509_REVOKED; -typedef struct X509_LOOKUP_METHOD X509_LOOKUP_METHOD; - - -void X509_free(X509*); - - -/* bio stuff */ -typedef struct BIO BIO; - -/* ASN stuff */ - - - -X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*); -int X509_STORE_CTX_get_error(X509_STORE_CTX*); -int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*); - -char* X509_NAME_oneline(X509_NAME*, char*, int); -X509_NAME* X509_get_issuer_name(X509*); -X509_NAME* X509_get_subject_name(X509*); -const char* X509_verify_cert_error_string(long); - -int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long); -int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long); -X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void); -X509_LOOKUP_METHOD* X509_LOOKUP_file(void); - -X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*); -X509_STORE* X509_STORE_new(void); -int X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*, - X509_OBJECT*); - - - - -enum { /* X509 Constants */ - X509_V_OK = 0, - X509_V_ERR_CERT_CHAIN_TOO_LONG = 1, - X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 2, - X509_V_ERR_CERT_NOT_YET_VALID = 3, - X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 4, - X509_V_ERR_CERT_HAS_EXPIRED = 5, - X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 6, - X509_FILETYPE_PEM = 7, - X509_LU_X509 = 8, - X509_LU_CRL = 9, - X509_V_ERR_CRL_SIGNATURE_FAILURE = 10, - X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 11, - X509_V_ERR_CRL_HAS_EXPIRED = 12, - X509_V_ERR_CERT_REVOKED = 13, - X509_V_FLAG_CRL_CHECK = 14, - X509_V_FLAG_CRL_CHECK_ALL = 15 -}; - - -/* Error stuff, could move to yassl_error */ -unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *); -void ERR_print_errors_fp(FILE*); -char* ERR_error_string(unsigned long,char*); -void ERR_remove_state(unsigned long); -unsigned long ERR_get_error(void); -unsigned long ERR_peek_error(void); -int ERR_GET_REASON(int); - - -enum { /* ERR Constants */ - ERR_TXT_STRING = 1, - EVP_R_BAD_DECRYPT = 2 -}; - -/* - Allow type used by SSL_set_fd to be changed, default to int - in order to be compatible with OpenSSL - */ -#ifndef YASSL_SOCKET_T_DEFINED -typedef int YASSL_SOCKET_T; -#endif - -SSL_CTX* SSL_CTX_new(SSL_METHOD*); -SSL* SSL_new(SSL_CTX*); -int SSL_set_fd (SSL*, YASSL_SOCKET_T); -YASSL_SOCKET_T SSL_get_fd(const SSL*); -int SSL_connect(SSL*); /* if you get an error from connect - see note at top of README */ -int SSL_write(SSL*, const void*, int); -int SSL_read(SSL*, void*, int); -int SSL_accept(SSL*); -void SSL_CTX_free(SSL_CTX*); -void SSL_free(SSL*); -int SSL_clear(SSL*); -int SSL_shutdown(SSL*); - -void SSL_set_connect_state(SSL*); -void SSL_set_accept_state(SSL*); -int SSL_do_handshake(SSL*); - -const char* SSL_get_cipher(SSL*); -const char* SSL_get_cipher_name(SSL*); /* uses SSL_get_cipher */ -char* SSL_get_shared_ciphers(SSL*, char*, int); -const char* SSL_get_cipher_list(SSL*, int); -const char* SSL_get_version(SSL*); -const char* SSLeay_version(int); - -int SSL_get_error(SSL*, int); -void SSL_load_error_strings(void); - -int SSL_set_session(SSL *ssl, SSL_SESSION *session); -SSL_SESSION* SSL_get_session(SSL* ssl); -void SSL_flush_sessions(SSL_CTX *ctx, long tm); -long SSL_SESSION_set_timeout(SSL_SESSION*, long); -long SSL_CTX_set_session_cache_mode(SSL_CTX* ctx, long mode); -X509* SSL_get_peer_certificate(SSL*); -long SSL_get_verify_result(SSL*); - - -typedef int (*VerifyCallback)(int, X509_STORE_CTX*); -typedef int (*pem_password_cb)(char*, int, int, void*); - -void SSL_CTX_set_verify(SSL_CTX*, int, VerifyCallback verify_callback); -int SSL_CTX_load_verify_locations(SSL_CTX*, const char*, const char*); -int SSL_CTX_set_default_verify_paths(SSL_CTX*); -int SSL_CTX_check_private_key(SSL_CTX*); -int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*, - unsigned int); - -void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int)); -long SSL_CTX_set_options(SSL_CTX*, long); -long SSL_CTX_set_session_cache_mode(SSL_CTX*, long); -long SSL_CTX_set_timeout(SSL_CTX*, long); -int SSL_CTX_use_certificate_chain_file(SSL_CTX*, const char*); -void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb); -int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int); -void SSL_CTX_set_info_callback(SSL_CTX*, void (*)()); - -long SSL_CTX_sess_accept(SSL_CTX*); -long SSL_CTX_sess_connect(SSL_CTX*); -long SSL_CTX_sess_accept_good(SSL_CTX*); -long SSL_CTX_sess_connect_good(SSL_CTX*); -long SSL_CTX_sess_accept_renegotiate(SSL_CTX*); -long SSL_CTX_sess_connect_renegotiate(SSL_CTX*); -long SSL_CTX_sess_hits(SSL_CTX*); -long SSL_CTX_sess_cb_hits(SSL_CTX*); -long SSL_CTX_sess_cache_full(SSL_CTX*); -long SSL_CTX_sess_misses(SSL_CTX*); -long SSL_CTX_sess_timeouts(SSL_CTX*); -long SSL_CTX_sess_number(SSL_CTX*); -long SSL_CTX_sess_get_cache_size(SSL_CTX*); - -int SSL_CTX_get_verify_mode(SSL_CTX*); -int SSL_get_verify_mode(SSL*); -int SSL_CTX_get_verify_depth(SSL_CTX*); -int SSL_get_verify_depth(SSL*); - -long SSL_get_default_timeout(SSL*); -long SSL_CTX_get_session_cache_mode(SSL_CTX*); -int SSL_session_reused(SSL*); - -int SSL_set_rfd(SSL*, int); -int SSL_set_wfd(SSL*, int); -void SSL_set_shutdown(SSL*, int); -void SSL_set_quiet_shutdown(SSL *ssl,int mode); -int SSL_get_quiet_shutdown(SSL *ssl); - -int SSL_want_read(SSL*); -int SSL_want_write(SSL*); - -int SSL_pending(SSL*); - - -enum { /* ssl Constants */ - SSL_WOULD_BLOCK = -8, - SSL_BAD_STAT = -7, - SSL_BAD_PATH = -6, - SSL_BAD_FILETYPE = -5, - SSL_BAD_FILE = -4, - SSL_NOT_IMPLEMENTED = -3, - SSL_UNKNOWN = -2, - SSL_FATAL_ERROR = -1, - SSL_NORMAL_SHUTDOWN = 0, - SSL_ERROR_NONE = 0, /* for most functions */ - SSL_FAILURE = 0, /* for some functions */ - SSL_SUCCESS = 1, - - SSL_FILETYPE_ASN1 = 10, - SSL_FILETYPE_PEM = 11, - SSL_FILETYPE_DEFAULT = 10, /* ASN1 */ - - SSL_VERIFY_NONE = 0, - SSL_VERIFY_PEER = 1, - SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2, - SSL_VERIFY_CLIENT_ONCE = 4, - - SSL_SESS_CACHE_OFF = 30, - SSL_SESS_CACHE_CLIENT = 31, - SSL_SESS_CACHE_SERVER = 32, - SSL_SESS_CACHE_BOTH = 33, - SSL_SESS_CACHE_NO_AUTO_CLEAR = 34, - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35, - - SSL_OP_MICROSOFT_SESS_ID_BUG = 50, - SSL_OP_NETSCAPE_CHALLENGE_BUG = 51, - SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 52, - SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 53, - SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 54, - SSL_OP_MSIE_SSLV2_RSA_PADDING = 55, - SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 56, - SSL_OP_TLS_D5_BUG = 57, - SSL_OP_TLS_BLOCK_PADDING_BUG = 58, - SSL_OP_TLS_ROLLBACK_BUG = 59, - SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 60, - SSL_OP_ALL = 61, - SSL_OP_SINGLE_DH_USE = 62, - SSL_OP_EPHEMERAL_RSA = 63, - SSL_OP_NO_SSLv2 = 64, - SSL_OP_NO_SSLv3 = 65, - SSL_OP_NO_TLSv1 = 66, - SSL_OP_PKCS1_CHECK_1 = 67, - SSL_OP_PKCS1_CHECK_2 = 68, - SSL_OP_NETSCAPE_CA_DN_BUG = 69, - SSL_OP_NON_EXPORT_FIRST = 70, - SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 71, - - SSL_ERROR_WANT_READ = 80, - SSL_ERROR_WANT_WRITE = 81, - SSL_ERROR_SYSCALL = 82, - SSL_ERROR_WANT_X509_LOOKUP = 83, - SSL_ERROR_ZERO_RETURN = 84, - SSL_ERROR_SSL = 85, - - SSL_ST_CONNECT = 90, - SSL_ST_ACCEPT = 91, - SSL_CB_LOOP = 92, - SSL_SENT_SHUTDOWN = 93, - SSL_RECEIVED_SHUTDOWN = 94, - SSL_CB_ALERT = 95, - SSL_CB_READ = 96, - SSL_CB_HANDSHAKE_DONE = 97 - -}; - - -SSL_METHOD *SSLv3_method(void); -SSL_METHOD *SSLv3_server_method(void); -SSL_METHOD *SSLv3_client_method(void); -SSL_METHOD *TLSv1_server_method(void); -SSL_METHOD *TLSv1_client_method(void); -SSL_METHOD *TLSv1_1_server_method(void); -SSL_METHOD *TLSv1_1_client_method(void); -SSL_METHOD *SSLv23_server_method(void); - -int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int); -int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int); -int SSL_CTX_set_cipher_list(SSL_CTX*, const char*); - -long SSL_CTX_sess_set_cache_size(SSL_CTX*, long); -long SSL_CTX_set_tmp_dh(SSL_CTX*, DH*); - -void OpenSSL_add_all_algorithms(void); -int SSL_library_init(); -int SSLeay_add_ssl_algorithms(void); - - -SSL_CIPHER* SSL_get_current_cipher(SSL*); -char* SSL_CIPHER_description(SSL_CIPHER*, char*, int); - - -char* SSL_alert_type_string_long(int); -char* SSL_alert_desc_string_long(int); -char* SSL_state_string_long(SSL*); - - -/* EVP stuff, des and md5, different file? */ -typedef char EVP_MD; - -typedef char EVP_CIPHER; - -typedef struct EVP_PKEY EVP_PKEY; - -typedef unsigned char DES_cblock[8]; -typedef const DES_cblock const_DES_cblock; -typedef DES_cblock DES_key_schedule; - -enum { - DES_ENCRYPT = 1, - DES_DECRYPT = 0 -}; - -const EVP_MD* EVP_md5(void); -const EVP_CIPHER* EVP_des_ede3_cbc(void); - -typedef unsigned char opaque; - -int EVP_BytesToKey(const EVP_CIPHER*, const EVP_MD*, const opaque*, - const opaque*, int, int, opaque*, opaque*); - -void DES_set_key_unchecked(const_DES_cblock*, DES_key_schedule*); -void DES_ede3_cbc_encrypt(const opaque*, opaque*, long, DES_key_schedule*, - DES_key_schedule*, DES_key_schedule*, DES_cblock*, int); - - -/* RAND stuff */ -void RAND_screen(void); -const char* RAND_file_name(char*, size_t); -int RAND_write_file(const char*); -int RAND_load_file(const char*, long); - - -/* for libcurl */ -int RAND_status(void); -int RAND_bytes(unsigned char* buf, int num); - -int DES_set_key(const_DES_cblock*, DES_key_schedule*); -void DES_set_odd_parity(DES_cblock*); -void DES_ecb_encrypt(DES_cblock*, DES_cblock*, DES_key_schedule*, int); - -void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata); -void SSL_SESSION_free(SSL_SESSION* session); -int SSL_peek(SSL* ssl, void* buf, int num); - -X509* SSL_get_certificate(SSL* ssl); -EVP_PKEY* SSL_get_privatekey(SSL* ssl); -EVP_PKEY* X509_get_pubkey(X509* x); - -int EVP_PKEY_copy_parameters(EVP_PKEY* to, const EVP_PKEY* from); -void EVP_PKEY_free(EVP_PKEY* pkey); -void ERR_error_string_n(unsigned long e, char *buf, size_t len); -void ERR_free_strings(void); -void EVP_cleanup(void); - -void* X509_get_ext_d2i(X509* x, int nid, int* crit, int* idx); - -#define GEN_IPADD 7 -#define NID_subject_alt_name 85 -#define STACK_OF(x) x - - -/* defined here because libcurl dereferences */ -typedef struct ASN1_STRING { - int type; - int length; - unsigned char* data; -} ASN1_STRING; - - -typedef struct GENERAL_NAME { - int type; - union { - ASN1_STRING* ia5; - } d; -} GENERAL_NAME; - -void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *x); - -int sk_GENERAL_NAME_num(STACK_OF(GENERAL_NAME) *x); -GENERAL_NAME* sk_GENERAL_NAME_value(STACK_OF(GENERAL_NAME) *x, int i); - - -unsigned char* ASN1_STRING_data(ASN1_STRING* x); -int ASN1_STRING_length(ASN1_STRING* x); -int ASN1_STRING_type(ASN1_STRING *x); - -typedef ASN1_STRING X509_NAME_ENTRY; - -int X509_NAME_get_index_by_NID(X509_NAME* name,int nid, int lastpos); - -ASN1_STRING* X509_NAME_ENTRY_get_data(X509_NAME_ENTRY* ne); -X509_NAME_ENTRY* X509_NAME_get_entry(X509_NAME* name, int loc); - -#define OPENSSL_malloc(x) malloc(x) -#define OPENSSL_free(x) free(x) - -int ASN1_STRING_to_UTF8(unsigned char** out, ASN1_STRING* in); - -SSL_METHOD* SSLv23_client_method(void); /* doesn't actually roll back */ -SSL_METHOD* SSLv2_client_method(void); /* will never work, no v 2 */ - - -SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */ - - -#define CRYPTO_free(x) free(x) -#define ASN1_TIME ASN1_STRING - -ASN1_TIME* X509_get_notBefore(X509* x); -ASN1_TIME* X509_get_notAfter(X509* x); - - -#define ASN1_UTCTIME ASN1_STRING -#define NID_commonName 13 -#define V_ASN1_UTF8STRING 12 -#define GEN_DNS 2 - -#define CERTFICATE_ERROR 0x14090086 /* SSLv3 error */ - - -typedef struct MD4_CTX { - int buffer[32]; /* big enough to hold, check size in Init */ -} MD4_CTX; - -void MD4_Init(MD4_CTX*); -void MD4_Update(MD4_CTX*, const void*, unsigned long); -void MD4_Final(unsigned char*, MD4_CTX*); - - -typedef struct MD5_CTX { - int buffer[32]; /* big enough to hold, check size in Init */ -} MD5_CTX; - -void MD5_Init(MD5_CTX*); -void MD5_Update(MD5_CTX*, const void*, unsigned long); -void MD5_Final(unsigned char*, MD5_CTX*); - -#define MD5_DIGEST_LENGTH 16 - - -#define SSL_DEFAULT_CIPHER_LIST "" /* default all */ - - -/* yaSSL extensions */ -int SSL_set_compression(SSL*); /* turn on yaSSL zlib compression */ -char *yaSSL_ASN1_TIME_to_string(const ASN1_TIME *time, char *buf, size_t len); - -#include "transport_types.h" - -/* - Set functions for yaSSL to use in order to send and receive data. - - These hooks are offered in order to enable non-blocking I/O. If - not set, yaSSL defaults to using send() and recv(). - - @todo Remove hooks and accompanying code when yaSSL is fixed. -*/ -void yaSSL_transport_set_ptr(SSL *, void *); -void yaSSL_transport_set_recv_function(SSL *, yaSSL_recv_func_t); -void yaSSL_transport_set_send_function(SSL *, yaSSL_send_func_t); - -#if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE) -} /* namespace */ -} /* extern "C" */ -#endif - - -#endif /* yaSSL_openssl_h__ */ diff --git a/extra/yassl/include/openssl/transport_types.h b/extra/yassl/include/openssl/transport_types.h deleted file mode 100644 index 3c31eb3d822..00000000000 --- a/extra/yassl/include/openssl/transport_types.h +++ /dev/null @@ -1,26 +0,0 @@ -/* - Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -#ifndef yaSSL_transport_types_h__ -#define yaSSL_transport_types_h__ - -/* Type of transport functions used for sending and receiving data. */ -typedef long (*yaSSL_recv_func_t) (void *, void *, size_t, int); -typedef long (*yaSSL_send_func_t) (void *, const void *, size_t, int); - -#endif diff --git a/extra/yassl/include/openssl/x509.h b/extra/yassl/include/openssl/x509.h deleted file mode 100644 index dd79e6833ec..00000000000 --- a/extra/yassl/include/openssl/x509.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - Copyright (C) 2006 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* x509.h for libcurl */ diff --git a/extra/yassl/include/openssl/x509v3.h b/extra/yassl/include/openssl/x509v3.h deleted file mode 100644 index 4a7a2175ebe..00000000000 --- a/extra/yassl/include/openssl/x509v3.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - Copyright (C) 2006 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* x509v3.h for libcurl */ diff --git a/extra/yassl/include/socket_wrapper.hpp b/extra/yassl/include/socket_wrapper.hpp deleted file mode 100644 index 3fc9c7ee95a..00000000000 --- a/extra/yassl/include/socket_wrapper.hpp +++ /dev/null @@ -1,105 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* The socket wrapper header defines a Socket class that hides the differences - * between Berkely style sockets and Windows sockets, allowing transparent TCP - * access. - */ - - -#ifndef yaSSL_SOCKET_WRAPPER_HPP -#define yaSSL_SOCKET_WRAPPER_HPP - - -#ifdef _WIN32 - #include <winsock2.h> -#else - #include <sys/time.h> - #include <sys/types.h> - #include <sys/socket.h> - #include <unistd.h> - #include <netinet/in.h> - #include <arpa/inet.h> -#endif - - -namespace yaSSL { - -typedef unsigned int uint; - -#ifdef _WIN32 - typedef SOCKET socket_t; -#else - typedef int socket_t; - const socket_t INVALID_SOCKET = -1; - const int SD_RECEIVE = 0; - const int SD_SEND = 1; - const int SD_BOTH = 2; - const int SOCKET_ERROR = -1; -#endif - - extern "C" { - #include "openssl/transport_types.h" - } - -typedef unsigned char byte; - - -// Wraps Windows Sockets and BSD Sockets -class Socket { - socket_t socket_; // underlying socket descriptor - bool wouldBlock_; // if non-blocking data, for last read - bool nonBlocking_; // is option set - void *ptr_; // Argument to transport function - yaSSL_send_func_t send_func_; // Function to send data - yaSSL_recv_func_t recv_func_; // Function to receive data -public: - explicit Socket(socket_t s = INVALID_SOCKET); - ~Socket(); - - void set_fd(socket_t s); - uint get_ready() const; - socket_t get_fd() const; - - void set_transport_ptr(void *ptr); - void set_transport_recv_function(yaSSL_recv_func_t recv_func); - void set_transport_send_function(yaSSL_send_func_t send_func); - - uint send(const byte* buf, unsigned int len, unsigned int& sent, - int flags = 0); - uint receive(byte* buf, unsigned int len, int flags = 0); - bool wait(); - - bool WouldBlock() const; - bool IsNonBlocking() const; - - void closeSocket(); - void shutDown(int how = SD_SEND); - - static int get_lastError(); - static void set_lastError(int error); -private: - Socket(const Socket&); // hide copy - Socket& operator= (const Socket&); // and assign -}; - - -} // naemspace - -#endif // yaSSL_SOCKET_WRAPPER_HPP diff --git a/extra/yassl/include/timer.hpp b/extra/yassl/include/timer.hpp deleted file mode 100644 index 57b4022484b..00000000000 --- a/extra/yassl/include/timer.hpp +++ /dev/null @@ -1,41 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* timer.hpp provides a high res and low res timers - * -*/ - - -#ifndef yaSSL_TIMER_HPP -#define yaSSL_TIMER_HPP - -namespace yaSSL { - -typedef double timer_d; -typedef unsigned int uint; - - - -timer_d timer(); -uint lowResTimer(); - - - -} // namespace -#endif // yaSSL_TIMER_HPP diff --git a/extra/yassl/include/yassl.hpp b/extra/yassl/include/yassl.hpp deleted file mode 100644 index ff6869a3ec4..00000000000 --- a/extra/yassl/include/yassl.hpp +++ /dev/null @@ -1,86 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* yaSSL externel header defines yaSSL API - */ - - -#ifndef yaSSL_EXT_HPP -#define yaSSL_EXT_HPP - - -namespace yaSSL { - - -#ifdef _WIN32 - typedef unsigned int SOCKET_T; -#else - typedef int SOCKET_T; -#endif - - -class Client { -public: - Client(); - ~Client(); - - // basics - int Connect(SOCKET_T); - int Write(const void*, int); - int Read(void*, int); - - // options - void SetCA(const char*); - void SetCert(const char*); - void SetKey(const char*); -private: - struct ClientImpl; - ClientImpl* pimpl_; - - Client(const Client&); // hide copy - Client& operator=(const Client&); // and assign -}; - - -class Server { -public: - Server(); - ~Server(); - - // basics - int Accept(SOCKET_T); - int Write(const void*, int); - int Read(void*, int); - - // options - void SetCA(const char*); - void SetCert(const char*); - void SetKey(const char*); -private: - struct ServerImpl; - ServerImpl* pimpl_; - - Server(const Server&); // hide copy - Server& operator=(const Server&); // and assign -}; - - -} // namespace yaSSL -#endif // yaSSL_EXT_HPP diff --git a/extra/yassl/include/yassl_error.hpp b/extra/yassl/include/yassl_error.hpp deleted file mode 100644 index bc97058d881..00000000000 --- a/extra/yassl/include/yassl_error.hpp +++ /dev/null @@ -1,88 +0,0 @@ -/* - Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* yaSSL error header defines error codes and an exception class - */ - -#ifndef yaSSL_ERROR_HPP -#define yaSSL_ERROR_HPP - - - -namespace yaSSL { - - -enum YasslError { - no_error = 0, - - // 10 - 47 from AlertDescription, 0 also close_notify - - range_error = 101, - realloc_error = 102, - factory_error = 103, - unknown_cipher = 104, - prefix_error = 105, - record_layer = 106, - handshake_layer = 107, - out_of_order = 108, - bad_input = 109, - match_error = 110, - no_key_file = 111, - verify_error = 112, - send_error = 113, - receive_error = 114, - certificate_error = 115, - privateKey_error = 116, - badVersion_error = 117, - compress_error = 118, - decompress_error = 119, - pms_version_error = 120, - sanityCipher_error = 121, - rsaSignFault_error = 122 - - // !!!! add error message to .cpp !!!! - - // 1000+ from TaoCrypt error.hpp - -}; - - -enum Library { yaSSL_Lib = 0, CryptoLib, SocketLib }; -enum { MAX_ERROR_SZ = 80 }; - -void SetErrorString(YasslError, char*); - -/* remove for now, if go back to exceptions use this wrapper -// Base class for all yaSSL exceptions -class Error : public mySTL::runtime_error { - YasslError error_; - Library lib_; -public: - explicit Error(const char* s = "", YasslError e = no_error, - Library l = yaSSL_Lib); - - YasslError get_number() const; - Library get_lib() const; -}; -*/ - - -} // naemspace - -#endif // yaSSL_ERROR_HPP diff --git a/extra/yassl/include/yassl_imp.hpp b/extra/yassl/include/yassl_imp.hpp deleted file mode 100644 index fbd2ebb93a7..00000000000 --- a/extra/yassl/include/yassl_imp.hpp +++ /dev/null @@ -1,748 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* yaSSL implementation header defines all strucutres from the SSL.v3 - * specification "draft-freier-ssl-version3-02.txt" - * all page citations refer to this document unless otherwise noted. - */ - - -#ifndef yaSSL_IMP_HPP -#define yaSSL_IMP_HPP - -#ifdef _MSC_VER - // disable truncated debug symbols - #pragma warning(disable:4786) -#endif - -#include "yassl_types.hpp" -#include "factory.hpp" -#include STL_LIST_FILE - - -namespace STL = STL_NAMESPACE; - - -namespace yaSSL { - - -class SSL; // forward decls -class input_buffer; -class output_buffer; - - -struct ProtocolVersion { - uint8 major_; - uint8 minor_; // major and minor SSL/TLS version numbers - - ProtocolVersion(uint8 maj = 3, uint8 min = 0); -}; - - -// Record Layer Header for PlainText, Compressed, and CipherText -struct RecordLayerHeader { - ContentType type_; - ProtocolVersion version_; - uint16 length_; // should not exceed 2^14 -}; - - -// base for all messages -struct Message : public virtual_base { - virtual input_buffer& set(input_buffer&) =0; - virtual output_buffer& get(output_buffer&) const =0; - - virtual void Process(input_buffer&, SSL&) =0; - virtual ContentType get_type() const =0; - virtual uint16 get_length() const =0; - - virtual ~Message() {} -}; - - -class ChangeCipherSpec : public Message { - CipherChoice type_; -public: - ChangeCipherSpec(); - - friend input_buffer& operator>>(input_buffer&, ChangeCipherSpec&); - friend output_buffer& operator<<(output_buffer&, const ChangeCipherSpec&); - - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; - - ContentType get_type() const; - uint16 get_length() const; - void Process(input_buffer&, SSL&); -private: - ChangeCipherSpec(const ChangeCipherSpec&); // hide copy - ChangeCipherSpec& operator=(const ChangeCipherSpec&); // and assign -}; - - - -class Alert : public Message { - AlertLevel level_; - AlertDescription description_; -public: - Alert() {} - Alert(AlertLevel al, AlertDescription ad); - - ContentType get_type() const; - uint16 get_length() const; - void Process(input_buffer&, SSL&); - - friend input_buffer& operator>>(input_buffer&, Alert&); - friend output_buffer& operator<<(output_buffer&, const Alert&); - - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; -private: - Alert(const Alert&); // hide copy - Alert& operator=(const Alert&); // and assign -}; - - -class Data : public Message { - uint16 length_; - opaque* buffer_; // read buffer used by fillData input - const opaque* write_buffer_; // write buffer used by output operator -public: - Data(); - Data(uint16 len, opaque* b); - - friend output_buffer& operator<<(output_buffer&, const Data&); - - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; - - ContentType get_type() const; - uint16 get_length() const; - void set_length(uint16 l); - opaque* set_buffer(); - void SetData(uint16, const opaque*); - void Process(input_buffer&, SSL&); -private: - Data(const Data&); // hide copy - Data& operator=(const Data&); // and assign -}; - - -uint32 c24to32(const uint24); // forward form internal header -void c32to24(uint32, uint24&); - - -// HandShake header, same for each message type from page 20/21 -class HandShakeHeader : public Message { - HandShakeType type_; - uint24 length_; // length of message -public: - HandShakeHeader() {} - - ContentType get_type() const; - uint16 get_length() const; - HandShakeType get_handshakeType() const; - void Process(input_buffer&, SSL&); - - void set_type(HandShakeType hst); - void set_length(uint32 u32); - - friend input_buffer& operator>>(input_buffer&, HandShakeHeader&); - friend output_buffer& operator<<(output_buffer&, const HandShakeHeader&); - - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; -private: - HandShakeHeader(const HandShakeHeader&); // hide copy - HandShakeHeader& operator=(const HandShakeHeader&); // and assign -}; - - -// Base Class for all handshake messages -class HandShakeBase : public virtual_base { - int length_; -public: - int get_length() const; - void set_length(int); - - // for building buffer's type field - virtual HandShakeType get_type() const =0; - - // handles dispactch of proper >> - virtual input_buffer& set(input_buffer& in) =0; - virtual output_buffer& get(output_buffer& out) const =0; - - virtual void Process(input_buffer&, SSL&) =0; - - virtual ~HandShakeBase() {} -}; - - -struct HelloRequest : public HandShakeBase { - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; - - void Process(input_buffer&, SSL&); - - HandShakeType get_type() const; -}; - - -// The Client's Hello Message from page 23 -class ClientHello : public HandShakeBase { - ProtocolVersion client_version_; - Random random_; - uint8 id_len_; // session id length - opaque session_id_[ID_LEN]; - uint16 suite_len_; // cipher suite length - opaque cipher_suites_[MAX_SUITE_SZ]; - uint8 comp_len_; // compression length - CompressionMethod compression_methods_; -public: - friend input_buffer& operator>>(input_buffer&, ClientHello&); - friend output_buffer& operator<<(output_buffer&, const ClientHello&); - - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; - - HandShakeType get_type() const; - void Process(input_buffer&, SSL&); - - const opaque* get_random() const; - friend void buildClientHello(SSL&, ClientHello&); - friend void ProcessOldClientHello(input_buffer& input, SSL& ssl); - - ClientHello(); - ClientHello(ProtocolVersion pv, bool useCompression); -private: - ClientHello(const ClientHello&); // hide copy - ClientHello& operator=(const ClientHello&); // and assign -}; - - - -// The Server's Hello Message from page 24 -class ServerHello : public HandShakeBase { - ProtocolVersion server_version_; - Random random_; - uint8 id_len_; // session id length - opaque session_id_[ID_LEN]; - opaque cipher_suite_[SUITE_LEN]; - CompressionMethod compression_method_; -public: - ServerHello(ProtocolVersion pv, bool useCompression); - ServerHello(); - - friend input_buffer& operator>>(input_buffer&, ServerHello&); - friend output_buffer& operator<<(output_buffer&, const ServerHello&); - - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; - - HandShakeType get_type() const; - void Process(input_buffer&, SSL&); - - const opaque* get_random() const; - friend void buildServerHello(SSL&, ServerHello&); -private: - ServerHello(const ServerHello&); // hide copy - ServerHello& operator=(const ServerHello&); // and assign -}; - - -class x509; - -// Certificate could be a chain -class Certificate : public HandShakeBase { - const x509* cert_; -public: - Certificate(); - explicit Certificate(const x509* cert); - friend output_buffer& operator<<(output_buffer&, const Certificate&); - - const opaque* get_buffer() const; - - // Process handles input, needs SSL - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; - - HandShakeType get_type() const; - void Process(input_buffer&, SSL&); -private: - Certificate(const Certificate&); // hide copy - Certificate& operator=(const Certificate&); // and assign -}; - - - -// RSA Public Key -struct ServerRSAParams { - opaque* rsa_modulus_; - opaque* rsa_exponent_; -}; - - -// Ephemeral Diffie-Hellman Parameters -class ServerDHParams { - int pSz_; - int gSz_; - int pubSz_; - opaque* p_; - opaque* g_; - opaque* Ys_; -public: - ServerDHParams(); - ~ServerDHParams(); - - int get_pSize() const; - int get_gSize() const; - int get_pubSize() const; - - const opaque* get_p() const; - const opaque* get_g() const; - const opaque* get_pub() const; - - opaque* alloc_p(int sz); - opaque* alloc_g(int sz); - opaque* alloc_pub(int sz); -private: - ServerDHParams(const ServerDHParams&); // hide copy - ServerDHParams& operator=(const ServerDHParams&); // and assign -}; - - -struct ServerKeyBase : public virtual_base { - virtual ~ServerKeyBase() {} - virtual void build(SSL&) {} - virtual void read(SSL&, input_buffer&) {} - virtual int get_length() const; - virtual opaque* get_serverKey() const; -}; - - -// Server random number for FORTEZZA KEA -struct Fortezza_Server : public ServerKeyBase { - opaque r_s_[FORTEZZA_MAX]; -}; - - -struct SignatureBase : public virtual_base { - virtual ~SignatureBase() {} -}; - -struct anonymous_sa : public SignatureBase {}; - - -struct Hashes { - uint8 md5_[MD5_LEN]; - uint8 sha_[SHA_LEN]; -}; - - -struct rsa_sa : public SignatureBase { - Hashes hashes_; -}; - - -struct dsa_sa : public SignatureBase { - uint8 sha_[SHA_LEN]; -}; - - -// Server's Diffie-Hellman exchange -class DH_Server : public ServerKeyBase { - ServerDHParams parms_; - opaque* signature_; - - int length_; // total length of message - opaque* keyMessage_; // total exchange message -public: - DH_Server(); - ~DH_Server(); - - void build(SSL&); - void read(SSL&, input_buffer&); - int get_length() const; - opaque* get_serverKey() const; -private: - DH_Server(const DH_Server&); // hide copy - DH_Server& operator=(const DH_Server&); // and assign -}; - - -// Server's RSA exchange -struct RSA_Server : public ServerKeyBase { - ServerRSAParams params_; - opaque* signature_; // signed rsa_sa hashes -}; - - -class ServerKeyExchange : public HandShakeBase { - ServerKeyBase* server_key_; -public: - explicit ServerKeyExchange(SSL&); - ServerKeyExchange(); - ~ServerKeyExchange(); - - void createKey(SSL&); - void build(SSL& ssl); - - const opaque* getKey() const; - int getKeyLength() const; - - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; - - friend output_buffer& operator<<(output_buffer&, const ServerKeyExchange&); - - void Process(input_buffer&, SSL&); - HandShakeType get_type() const; -private: - ServerKeyExchange(const ServerKeyExchange&); // hide copy - ServerKeyExchange& operator=(const ServerKeyExchange&); // and assign -}; - - - -class CertificateRequest : public HandShakeBase { - ClientCertificateType certificate_types_[CERT_TYPES]; - int typeTotal_; - STL::list<DistinguishedName> certificate_authorities_; -public: - CertificateRequest(); - ~CertificateRequest(); - - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; - - friend input_buffer& operator>>(input_buffer&, CertificateRequest&); - friend output_buffer& operator<<(output_buffer&, - const CertificateRequest&); - - void Process(input_buffer&, SSL&); - HandShakeType get_type() const; - - void Build(); -private: - CertificateRequest(const CertificateRequest&); // hide copy - CertificateRequest& operator=(const CertificateRequest&); // and assign -}; - - -struct ServerHelloDone : public HandShakeBase { - ServerHelloDone(); - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; - - void Process(input_buffer& input, SSL& ssl); - - HandShakeType get_type() const; -}; - - -struct PreMasterSecret { - opaque random_[SECRET_LEN]; // first two bytes Protocol Version -}; - - -struct ClientKeyBase : public virtual_base { - virtual ~ClientKeyBase() {} - virtual void build(SSL&) {} - virtual void read(SSL&, input_buffer&) {} - virtual int get_length() const; - virtual opaque* get_clientKey() const; -}; - - -class EncryptedPreMasterSecret : public ClientKeyBase { - opaque* secret_; - int length_; -public: - EncryptedPreMasterSecret(); - ~EncryptedPreMasterSecret(); - - void build(SSL&); - void read(SSL&, input_buffer&); - int get_length() const; - opaque* get_clientKey() const; - void alloc(int sz); -private: - // hide copy and assign - EncryptedPreMasterSecret(const EncryptedPreMasterSecret&); - EncryptedPreMasterSecret& operator=(const EncryptedPreMasterSecret&); -}; - - -// Fortezza Key Parameters from page 29 -// hard code lengths cause only used here -struct FortezzaKeys : public ClientKeyBase { - opaque y_c_ [128]; // client's Yc, public value - opaque r_c_ [128]; // client's Rc - opaque y_signature_ [40]; // DSS signed public key - opaque wrapped_client_write_key_ [12]; // wrapped by the TEK - opaque wrapped_server_write_key_ [12]; // wrapped by the TEK - opaque client_write_iv_ [24]; - opaque server_write_iv_ [24]; - opaque master_secret_iv_ [24]; // IV used to encrypt preMaster - opaque encrypted_preMasterSecret_[48]; // random & crypted by the TEK -}; - - - -// Diffie-Hellman public key from page 40/41 -class ClientDiffieHellmanPublic : public ClientKeyBase { - PublicValueEncoding public_value_encoding_; - int length_; // includes two byte length for message - opaque* Yc_; // length + Yc_ - // dh_Yc only if explicit, otherwise sent in certificate - enum { KEY_OFFSET = 2 }; -public: - ClientDiffieHellmanPublic(); - ~ClientDiffieHellmanPublic(); - - void build(SSL&); - void read(SSL&, input_buffer&); - int get_length() const; - opaque* get_clientKey() const; - void alloc(int sz, bool offset = false); -private: - // hide copy and assign - ClientDiffieHellmanPublic(const ClientDiffieHellmanPublic&); - ClientDiffieHellmanPublic& operator=(const ClientDiffieHellmanPublic&); -}; - - -class ClientKeyExchange : public HandShakeBase { - ClientKeyBase* client_key_; -public: - explicit ClientKeyExchange(SSL& ssl); - ClientKeyExchange(); - ~ClientKeyExchange(); - - void createKey(SSL&); - void build(SSL& ssl); - - const opaque* getKey() const; - int getKeyLength() const; - - friend output_buffer& operator<<(output_buffer&, const ClientKeyExchange&); - - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; - - HandShakeType get_type() const; - void Process(input_buffer&, SSL&); -private: - ClientKeyExchange(const ClientKeyExchange&); // hide copy - ClientKeyExchange& operator=(const ClientKeyExchange&); // and assign -}; - - -class CertificateVerify : public HandShakeBase { - Hashes hashes_; - byte* signature_; // owns -public: - CertificateVerify(); - ~CertificateVerify(); - - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; - - friend input_buffer& operator>>(input_buffer&, CertificateVerify&); - friend output_buffer& operator<<(output_buffer&, const CertificateVerify&); - - void Process(input_buffer&, SSL&); - HandShakeType get_type() const; - - void Build(SSL&); -private: - CertificateVerify(const CertificateVerify&); // hide copy - CertificateVerify& operator=(const CertificateVerify&); // and assign -}; - - -class Finished : public HandShakeBase { - Hashes hashes_; -public: - Finished(); - - uint8* set_md5(); - uint8* set_sha(); - - friend input_buffer& operator>>(input_buffer&, Finished&); - friend output_buffer& operator<<(output_buffer&, const Finished&); - - input_buffer& set(input_buffer& in); - output_buffer& get(output_buffer& out) const; - - void Process(input_buffer&, SSL&); - - HandShakeType get_type() const; -private: - Finished(const Finished&); // hide copy - Finished& operator=(const Finished&); // and assign -}; - - -class RandomPool; // forward for connection - - -// SSL Connection defined on page 11 -struct Connection { - opaque *pre_master_secret_; - opaque master_secret_[SECRET_LEN]; - opaque client_random_[RAN_LEN]; - opaque server_random_[RAN_LEN]; - opaque sessionID_[ID_LEN]; - opaque client_write_MAC_secret_[SHA_LEN]; // sha is max size - opaque server_write_MAC_secret_[SHA_LEN]; - opaque client_write_key_[AES_256_KEY_SZ]; // aes 256bit is max sz - opaque server_write_key_[AES_256_KEY_SZ]; - opaque client_write_IV_[AES_IV_SZ]; // aes is max size - opaque server_write_IV_[AES_IV_SZ]; - uint32 sequence_number_; - uint32 peer_sequence_number_; - uint32 pre_secret_len_; // pre master length - bool send_server_key_; // server key exchange? - bool master_clean_; // master secret clean? - bool TLS_; // TLSv1 or greater - bool TLSv1_1_; // TLSv1.1 or greater - bool sessionID_Set_; // do we have a session - bool compression_; // zlib compression? - ProtocolVersion version_; // negotiated version - ProtocolVersion chVersion_; // client hello version - RandomPool& random_; - - Connection(ProtocolVersion v, RandomPool& ran); - ~Connection(); - - void AllocPreSecret(uint sz); - void CleanPreMaster(); - void CleanMaster(); - void TurnOffTLS(); - void TurnOffTLS1_1(); -private: - Connection(const Connection&); // hide copy - Connection& operator=(const Connection&); // and assign -}; - - -struct Ciphers; // forward - - -// TLSv1 Security Spec, defined on page 56 of RFC 2246 -struct Parameters { - ConnectionEnd entity_; - BulkCipherAlgorithm bulk_cipher_algorithm_; - CipherType cipher_type_; - uint8 key_size_; - uint8 iv_size_; - IsExportable is_exportable_; - MACAlgorithm mac_algorithm_; - uint8 hash_size_; - CompressionMethod compression_algorithm_; - KeyExchangeAlgorithm kea_; // yassl additions - SignatureAlgorithm sig_algo_; // signature auth type - SignatureAlgorithm verify_algo_; // cert verify auth type - bool pending_; - bool resumable_; // new conns by session - uint16 encrypt_size_; // current msg encrypt sz - Cipher suite_[SUITE_LEN]; // choosen suite - uint8 suites_size_; - Cipher suites_[MAX_SUITE_SZ]; - char cipher_name_[MAX_SUITE_NAME]; - char cipher_list_[MAX_CIPHERS][MAX_SUITE_NAME]; - bool removeDH_; // for server's later use - - Parameters(ConnectionEnd, const Ciphers&, ProtocolVersion, bool haveDH); - - void SetSuites(ProtocolVersion pv, bool removeDH = false, - bool removeRSA = false, bool removeDSA = false); - void SetCipherNames(); -private: - Parameters(const Parameters&); // hide copy - Parameters& operator=(const Parameters&); // and assing -}; - - -input_buffer& operator>>(input_buffer&, RecordLayerHeader&); -output_buffer& operator<<(output_buffer&, const RecordLayerHeader&); - -input_buffer& operator>>(input_buffer&, Message&); -output_buffer& operator<<(output_buffer&, const Message&); - -input_buffer& operator>>(input_buffer&, HandShakeBase&); -output_buffer& operator<<(output_buffer&, const HandShakeBase&); - - -// Message Factory definition -// uses the ContentType enumeration for unique id -typedef Factory<Message> MessageFactory; -void InitMessageFactory(MessageFactory&); // registers derived classes - -// HandShake Factory definition -// uses the HandShakeType enumeration for unique id -typedef Factory<HandShakeBase> HandShakeFactory; -void InitHandShakeFactory(HandShakeFactory&); // registers derived classes - -// ServerKey Factory definition -// uses KeyExchangeAlgorithm enumeration for unique id -typedef Factory<ServerKeyBase> ServerKeyFactory; -void InitServerKeyFactory(ServerKeyFactory&); - -// ClientKey Factory definition -// uses KeyExchangeAlgorithm enumeration for unique id -typedef Factory<ClientKeyBase> ClientKeyFactory; -void InitClientKeyFactory(ClientKeyFactory&); - - -// Message Creators -Message* CreateHandShake(); -Message* CreateCipherSpec(); -Message* CreateAlert(); -Message* CreateData(); - - -// HandShake Creators -HandShakeBase* CreateCertificate(); -HandShakeBase* CreateHelloRequest(); -HandShakeBase* CreateClientHello(); -HandShakeBase* CreateServerHello(); -HandShakeBase* CreateServerKeyExchange(); -HandShakeBase* CreateCertificateRequest(); -HandShakeBase* CreateServerHelloDone(); -HandShakeBase* CreateClientKeyExchange(); -HandShakeBase* CreateCertificateVerify(); -HandShakeBase* CreateFinished(); - - -// ServerKey Exchange Creators -ServerKeyBase* CreateRSAServerKEA(); -ServerKeyBase* CreateDHServerKEA(); -ServerKeyBase* CreateFortezzaServerKEA(); - -// ClientKey Exchange Creators -ClientKeyBase* CreateRSAClient(); -ClientKeyBase* CreateDHClient(); -ClientKeyBase* CreateFortezzaClient(); - - - -} // naemspace - -#endif // yaSSL_IMP_HPP diff --git a/extra/yassl/include/yassl_int.hpp b/extra/yassl/include/yassl_int.hpp deleted file mode 100644 index b029f6af5f9..00000000000 --- a/extra/yassl/include/yassl_int.hpp +++ /dev/null @@ -1,724 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* yaSSL internal header defines SSL supporting types not specified in the - * draft along with type conversion functions and openssl compatibility - */ - - -#ifndef yaSSL_INT_HPP -#define yaSSL_INT_HPP - -#include "yassl_imp.hpp" -#include "yassl_error.hpp" -#include "crypto_wrapper.hpp" -#include "cert_wrapper.hpp" -#include "log.hpp" -#include "lock.hpp" -#include "openssl/ssl.h" // ASN1_STRING and DH - -// Check if _POSIX_THREADS should be forced -#if !defined(_POSIX_THREADS) && defined(__hpux) -// HPUX does not define _POSIX_THREADS as it's not _fully_ implemented -#define _POSIX_THREADS -#endif - -#ifdef _POSIX_THREADS - #include <pthread.h> -#endif - - -namespace STL = STL_NAMESPACE; - - -namespace yaSSL { - - -// State Machine for Record Layer Protocol -enum RecordLayerState { - recordNotReady = 0, // fatal error, no more processing - recordReady -}; - - -// State Machine for HandShake Protocol -enum HandShakeState { - handShakeNotReady = 0, // fatal error, no more processing - preHandshake, // initial state - inHandshake, // handshake started - handShakeReady // handshake done -}; - - -// client input HandShake state, use if HandShakeState == inHandShake -enum ClientState { - serverNull = 0, - serverHelloComplete, - serverCertComplete, - serverKeyExchangeComplete, - serverHelloDoneComplete, - serverFinishedComplete -}; - - -// server input HandShake state, use if HandShakeState == inHandShake -enum ServerState { - clientNull = 0, - clientHelloComplete, - clientKeyExchangeComplete, - clientFinishedComplete -}; - - -// client connect state for nonblocking restart -enum ConnectState { - CONNECT_BEGIN = 0, - CLIENT_HELLO_SENT, - FIRST_REPLY_DONE, - FINISHED_DONE, - SECOND_REPLY_DONE -}; - - -// server accpet state for nonblocking restart -enum AcceptState { - ACCEPT_BEGIN = 0, - ACCEPT_FIRST_REPLY_DONE, - SERVER_HELLO_DONE, - ACCEPT_SECOND_REPLY_DONE, - ACCEPT_FINISHED_DONE, - ACCEPT_THIRD_REPLY_DONE -}; - - -// track received messages to explicitly disallow duplicate messages -struct RecvdMessages { - uint8 gotClientHello_; - uint8 gotServerHello_; - uint8 gotCert_; - uint8 gotServerKeyExchange_; - uint8 gotCertRequest_; - uint8 gotServerHelloDone_; - uint8 gotCertVerify_; - uint8 gotClientKeyExchange_; - uint8 gotFinished_; - RecvdMessages() : gotClientHello_(0), gotServerHello_(0), gotCert_(0), - gotServerKeyExchange_(0), gotCertRequest_(0), - gotServerHelloDone_(0), gotCertVerify_(0), - gotClientKeyExchange_(0), gotFinished_(0) - {} -}; - - -// combines all states -class States { - RecordLayerState recordLayer_; - HandShakeState handshakeLayer_; - ClientState clientState_; - ServerState serverState_; - ConnectState connectState_; - AcceptState acceptState_; - RecvdMessages recvdMessages_; - char errorString_[MAX_ERROR_SZ]; - YasslError what_; -public: - States(); - - const RecordLayerState& getRecord() const; - const HandShakeState& getHandShake() const; - const ClientState& getClient() const; - const ServerState& getServer() const; - const ConnectState& GetConnect() const; - const AcceptState& GetAccept() const; - const char* getString() const; - YasslError What() const; - - RecordLayerState& useRecord(); - HandShakeState& useHandShake(); - ClientState& useClient(); - ServerState& useServer(); - ConnectState& UseConnect(); - AcceptState& UseAccept(); - char* useString(); - void SetError(YasslError); - int SetMessageRecvd(HandShakeType); -private: - States(const States&); // hide copy - States& operator=(const States&); // and assign -}; - - -// holds all factories -class sslFactory { - MessageFactory messageFactory_; // creates new messages by type - HandShakeFactory handShakeFactory_; // creates new handshake types - ServerKeyFactory serverKeyFactory_; // creates new server key types - ClientKeyFactory clientKeyFactory_; // creates new client key types - - sslFactory(); // only GetSSL_Factory creates -public: - const MessageFactory& getMessage() const; - const HandShakeFactory& getHandShake() const; - const ServerKeyFactory& getServerKey() const; - const ClientKeyFactory& getClientKey() const; - - friend sslFactory& GetSSL_Factory(); // singleton creator -private: - sslFactory(const sslFactory&); // hide copy - sslFactory& operator=(const sslFactory&); // and assign -}; - - -#undef X509_NAME // wincrypt.h clash - -// openSSL X509 names -class X509_NAME { - char* name_; - size_t sz_; - int cnPosition_; // start of common name, -1 is none - int cnLen_; // length of above - ASN1_STRING entry_; -public: - X509_NAME(const char*, size_t sz, int pos, int len); - ~X509_NAME(); - - const char* GetName() const; - ASN1_STRING* GetEntry(int i); - size_t GetLength() const; - int GetCnPosition() const { return cnPosition_; } - int GetCnLength() const { return cnLen_; } -private: - X509_NAME(const X509_NAME&); // hide copy - X509_NAME& operator=(const X509_NAME&); // and assign -}; - - -class StringHolder { - ASN1_STRING asnString_; -public: - StringHolder(const char* str, int sz, byte type= 0); - ~StringHolder(); - - ASN1_STRING* GetString(); -private: - StringHolder(const StringHolder&); // hide copy - StringHolder& operator=(const StringHolder&); // and assign -}; - - -// openSSL X509 -class X509 { - X509_NAME issuer_; - X509_NAME subject_; - StringHolder beforeDate_; // not valid before - StringHolder afterDate_; // not valid after -public: - X509(const char* i, size_t, const char* s, size_t, - ASN1_STRING *b, ASN1_STRING *a, int, int, int, int); - ~X509() {} - - X509_NAME* GetIssuer(); - X509_NAME* GetSubject(); - - ASN1_STRING* GetBefore(); - ASN1_STRING* GetAfter(); - -private: - X509(const X509&); // hide copy - X509& operator=(const X509&); // and assign -}; - - -// openSSL bignum -struct BIGNUM { - /* - gcc 2.96 fix: because of two Integer classes (yaSSL::Integer and - TaoCrypt::Integer), we need to explicitly state the namespace - here to let gcc 2.96 deduce the correct type. - */ - yaSSL::Integer int_; - void assign(const byte* b, uint s) { int_.assign(b,s); } -}; - - -// openSSL session -class SSL_SESSION { - opaque sessionID_[ID_LEN]; - opaque master_secret_[SECRET_LEN]; - Cipher suite_[SUITE_LEN]; - uint bornOn_; // create time in seconds - uint timeout_; // timeout in seconds - RandomPool& random_; // will clean master secret - X509* peerX509_; -public: - explicit SSL_SESSION(RandomPool&); - SSL_SESSION(const SSL&, RandomPool&); - ~SSL_SESSION(); - - const opaque* GetID() const; - const opaque* GetSecret() const; - const Cipher* GetSuite() const; - uint GetBornOn() const; - uint GetTimeOut() const; - X509* GetPeerX509() const; - void SetTimeOut(uint); - - SSL_SESSION& operator=(const SSL_SESSION&); // allow assign for resumption -private: - SSL_SESSION(const SSL_SESSION&); // hide copy - - void CopyX509(X509*); -}; - - -// holds all sessions -class Sessions { - STL::list<SSL_SESSION*> list_; - RandomPool random_; // for session cleaning - Mutex mutex_; // no-op for single threaded - int count_; // flush counter - - Sessions() : count_(0) {} // only GetSessions can create -public: - SSL_SESSION* lookup(const opaque*, SSL_SESSION* copy = 0); - void add(const SSL&); - void remove(const opaque*); - void Flush(); - - ~Sessions(); - - friend Sessions& GetSessions(); // singleton creator -private: - Sessions(const Sessions&); // hide copy - Sessions& operator=(const Sessions&); // and assign -}; - - -#ifdef _POSIX_THREADS - typedef pthread_t THREAD_ID_T; -#else - typedef DWORD THREAD_ID_T; -#endif - -// thread error data -struct ThreadError { - THREAD_ID_T threadID_; - int errorID_; -}; - - -// holds all errors -class Errors { - STL::list<ThreadError> list_; - Mutex mutex_; - - Errors() {} // only GetErrors can create -public: - int Lookup(bool peek); // self lookup - void Add(int); - void Remove(); // remove self - - ~Errors() {} - - friend Errors& GetErrors(); // singleton creator -private: - Errors(const Errors&); // hide copy - Errors& operator=(const Errors); // and assign -}; - - -Sessions& GetSessions(); // forward singletons -sslFactory& GetSSL_Factory(); -Errors& GetErrors(); -bool HasErrors(); - - -// openSSL method and context types -class SSL_METHOD { - ProtocolVersion version_; - ConnectionEnd side_; - bool verifyPeer_; // request or send certificate - bool verifyNone_; // whether to verify certificate - bool failNoCert_; - bool multipleProtocol_; // for SSLv23 compatibility -public: - SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv, - bool multipleProtocol = false); - - ProtocolVersion getVersion() const; - ConnectionEnd getSide() const; - - void setVerifyPeer(); - void setVerifyNone(); - void setFailNoCert(); - - bool verifyPeer() const; - bool verifyNone() const; - bool failNoCert() const; - bool multipleProtocol() const; -private: - SSL_METHOD(const SSL_METHOD&); // hide copy - SSL_METHOD& operator=(const SSL_METHOD&); // and assign -}; - - -struct Ciphers { - bool setSuites_; // user set suites from default - byte suites_[MAX_SUITE_SZ]; // new suites - int suiteSz_; // suite length in bytes - - Ciphers() : setSuites_(false), suiteSz_(0) {} -}; - - -struct DH; // forward - - -// save for SSL construction -struct DH_Parms { - Integer p_; - Integer g_; - bool set_; // if set by user - - DH_Parms() : set_(false) {} -}; - - -enum StatsField { - Accept, Connect, AcceptGood, ConnectGood, AcceptRenegotiate, - ConnectRenegotiate, Hits, CbHits, CacheFull, Misses, Timeouts, Number, - GetCacheSize, VerifyMode, VerifyDepth -}; - - -// SSL stats -struct Stats { - long accept_; - long connect_; - long acceptGood_; - long connectGood_; - long acceptRenegotiate_; - long connectRenegotiate_; - - long hits_; - long cbHits_; - long cacheFull_; - long misses_; - long timeouts_; - long number_; - long getCacheSize_; - - int verifyMode_; - int verifyDepth_; -public: - Stats() : accept_(0), connect_(0), acceptGood_(0), connectGood_(0), - acceptRenegotiate_(0), connectRenegotiate_(0), hits_(0), cbHits_(0), - cacheFull_(0), misses_(0), timeouts_(0), number_(0), getCacheSize_(0), - verifyMode_(0), verifyDepth_(0) - {} -private: - Stats(const Stats&); // hide copy - Stats& operator=(const Stats&); // and assign -}; - - -// the SSL context -class SSL_CTX { -public: - typedef STL::list<x509*> CertList; -private: - SSL_METHOD* method_; - x509* certificate_; - x509* privateKey_; - CertList caList_; - Ciphers ciphers_; - DH_Parms dhParms_; - pem_password_cb passwordCb_; - void* userData_; - bool sessionCacheOff_; - bool sessionCacheFlushOff_; - Stats stats_; - Mutex mutex_; // for Stats - VerifyCallback verifyCallback_; -public: - explicit SSL_CTX(SSL_METHOD* meth); - ~SSL_CTX(); - - const x509* getCert() const; - const x509* getKey() const; - const SSL_METHOD* getMethod() const; - const Ciphers& GetCiphers() const; - const DH_Parms& GetDH_Parms() const; - const Stats& GetStats() const; - VerifyCallback getVerifyCallback() const; - pem_password_cb GetPasswordCb() const; - void* GetUserData() const; - bool GetSessionCacheOff() const; - bool GetSessionCacheFlushOff() const; - - void setVerifyPeer(); - void setVerifyNone(); - void setFailNoCert(); - void setVerifyCallback(VerifyCallback); - bool SetCipherList(const char*); - bool SetDH(const DH&); - void SetPasswordCb(pem_password_cb cb); - void SetUserData(void*); - void SetSessionCacheOff(); - void SetSessionCacheFlushOff(); - - void IncrementStats(StatsField); - void AddCA(x509* ca); - const CertList& GetCA_List() const; - - friend int read_file(SSL_CTX*, const char*, int, CertType); -private: - SSL_CTX(const SSL_CTX&); // hide copy - SSL_CTX& operator=(const SSL_CTX&); // and assign -}; - - -// holds all cryptographic types -class Crypto { - Digest* digest_; // agreed upon digest - BulkCipher* cipher_; // agreed upon cipher - DiffieHellman* dh_; // dh parms - RandomPool random_; // random number generator - CertManager cert_; // manages certificates -public: - explicit Crypto(); - ~Crypto(); - - const Digest& get_digest() const; - const BulkCipher& get_cipher() const; - const DiffieHellman& get_dh() const; - const RandomPool& get_random() const; - const CertManager& get_certManager() const; - - Digest& use_digest(); - BulkCipher& use_cipher(); - DiffieHellman& use_dh(); - RandomPool& use_random(); - CertManager& use_certManager(); - - void SetDH(DiffieHellman*); - void SetDH(const DH_Parms&); - void setDigest(Digest*); - void setCipher(BulkCipher*); - - bool DhSet(); -private: - Crypto(const Crypto&); // hide copy - Crypto& operator=(const Crypto&); // and assign -}; - - -// holds all handshake and verify hashes -class sslHashes { - MD5 md5HandShake_; // md5 handshake hash - SHA shaHandShake_; // sha handshake hash - Finished verify_; // peer's verify hash - Hashes certVerify_; // peer's cert verify hash -public: - sslHashes() {} - - const MD5& get_MD5() const; - const SHA& get_SHA() const; - const Finished& get_verify() const; - const Hashes& get_certVerify() const; - - MD5& use_MD5(); - SHA& use_SHA(); - Finished& use_verify(); - Hashes& use_certVerify(); -private: - sslHashes(const sslHashes&); // hide copy - sslHashes& operator=(const sslHashes&); // and assign -}; - - -// holds input and output buffers -class Buffers { -public: - typedef STL::list<input_buffer*> inputList; - typedef STL::list<output_buffer*> outputList; - int prevSent; // previous plain text bytes sent when got WANT_WRITE - int plainSz; // plain text bytes in buffer to send when got WANT_WRITE -private: - inputList dataList_; // list of users app data / handshake - outputList handShakeList_; // buffered handshake msgs - input_buffer* rawInput_; // buffered raw input yet to process - output_buffer* output_; // WANT_WRITE buffered output -public: - Buffers(); - ~Buffers(); - - const inputList& getData() const; - const outputList& getHandShake() const; - - inputList& useData(); - outputList& useHandShake(); - - void SetRawInput(input_buffer*); // takes ownership - input_buffer* TakeRawInput(); // takes ownership - void SetOutput(output_buffer*); // takes ownership - output_buffer* TakeOutput(); // takes ownership -private: - Buffers(const Buffers&); // hide copy - Buffers& operator=(const Buffers&); // and assign -}; - - -// wraps security parameters -class Security { - Connection conn_; // connection information - Parameters parms_; // may be pending - SSL_SESSION resumeSession_; // if resuming - SSL_CTX* ctx_; // context used to init - bool resuming_; // trying to resume -public: - Security(ProtocolVersion, RandomPool&, ConnectionEnd, const Ciphers&, - SSL_CTX*, bool); - - const SSL_CTX* GetContext() const; - const Connection& get_connection() const; - const Parameters& get_parms() const; - const SSL_SESSION& get_resume() const; - bool get_resuming() const; - - Connection& use_connection(); - Parameters& use_parms(); - SSL_SESSION& use_resume(); - - void set_resuming(bool b); -private: - Security(const Security&); // hide copy - Security& operator=(const Security&); // and assign -}; - - -// THE SSL type -class SSL { - Crypto crypto_; // agreed crypto agents - Security secure_; // Connection and Session parms - States states_; // Record and HandShake states - sslHashes hashes_; // handshake, finished hashes - Socket socket_; // socket wrapper - Buffers buffers_; // buffered handshakes and data - Log log_; // logger - bool quietShutdown_; - - // optimization variables - bool has_data_; // buffered data ready? -public: - SSL(SSL_CTX* ctx); - - // gets and uses - const Crypto& getCrypto() const; - const Security& getSecurity() const; - const States& getStates() const; - const sslHashes& getHashes() const; - const sslFactory& getFactory() const; - const Socket& getSocket() const; - YasslError GetError() const; - bool GetMultiProtocol() const; - bool CompressionOn() const; - - Crypto& useCrypto(); - Security& useSecurity(); - States& useStates(); - sslHashes& useHashes(); - Socket& useSocket(); - Log& useLog(); - Buffers& useBuffers(); - - bool HasData() const; - bool GetQuietShutdown() const; - - // sets - void set_pending(Cipher suite); - void set_random(const opaque*, ConnectionEnd); - void set_sessionID(const opaque*); - void set_session(SSL_SESSION*); - void set_preMaster(const opaque*, uint); - void set_masterSecret(const opaque*); - void SetError(YasslError); - int SetCompression(); - void UnSetCompression(); - void SetQuietShutdown(bool mode); - - // helpers - bool isTLS() const; - bool isTLSv1_1() const; - void order_error(); - void makeMasterSecret(); - void makeTLSMasterSecret(); - void addData(input_buffer* data); - void fillData(Data&); - void PeekData(Data&); - void addBuffer(output_buffer* b); - void flushBuffer(); - void verifyState(const RecordLayerHeader&); - void verifyState(const HandShakeHeader&); - void verifyState(ClientState); - void verifyState(ServerState); - void verfiyHandShakeComplete(); - void matchSuite(const opaque*, uint length); - void deriveKeys(); - void deriveTLSKeys(); - void Send(const byte*, uint); - void SendWriteBuffered(); - - uint bufferedData(); - uint get_SEQIncrement(bool); - - const byte* get_macSecret(bool); -private: - void storeKeys(const opaque*); - void setKeys(); - void verifyClientState(HandShakeType); - void verifyServerState(HandShakeType); - - SSL(const SSL&); // hide copy - const SSL& operator=(const SSL&); // and assign -}; - - -// compression -int Compress(const byte*, int, input_buffer&); -int DeCompress(input_buffer&, int, input_buffer&); - - -// conversion functions -void c32to24(uint32, uint24&); -void c24to32(const uint24, uint32&); - -uint32 c24to32(const uint24); - -void ato16(const opaque*, uint16&); -void ato24(const opaque*, uint24&); - -void c16toa(uint16, opaque*); -void c24toa(const uint24, opaque*); -void c32toa(uint32 u32, opaque*); - - -} // naemspace - -#endif // yaSSL_INT_HPP diff --git a/extra/yassl/include/yassl_types.hpp b/extra/yassl/include/yassl_types.hpp deleted file mode 100644 index 3132d75a6ff..00000000000 --- a/extra/yassl/include/yassl_types.hpp +++ /dev/null @@ -1,540 +0,0 @@ -/* - Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* yaSSL types header defines all constants, enums, and typedefs - * from the SSL.v3 specification "draft-freier-ssl-version3-02.txt" - */ - - -#ifndef yaSSL_TYPES_HPP -#define yaSSL_TYPES_HPP - -#include <stddef.h> -#include "type_traits.hpp" - - -#ifdef _MSC_VER - // disable conversion warning - // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy - #pragma warning(disable:4244 4996) -#endif - - -#ifdef _MSC_VER - // disable conversion warning - // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy - #pragma warning(disable:4244 4996) -#endif - - -namespace yaSSL { - -#define YASSL_LIB - - -#ifdef YASSL_PURE_C - - // library allocation - struct new_t {}; // yaSSL New type - extern new_t ys; // pass in parameter - - } // namespace yaSSL - - void* operator new (size_t, yaSSL::new_t); - void* operator new[](size_t, yaSSL::new_t); - - void operator delete (void*, yaSSL::new_t); - void operator delete[](void*, yaSSL::new_t); - - - namespace yaSSL { - - - template<typename T> - void ysDelete(T* ptr) - { - if (ptr) ptr->~T(); - ::operator delete(ptr, yaSSL::ys); - } - - template<typename T> - void ysArrayDelete(T* ptr) - { - // can't do array placement destruction since not tracking size in - // allocation, only allow builtins to use array placement since they - // don't need destructors called - typedef char builtin[TaoCrypt::IsFundamentalType<T>::Yes ? 1 : -1]; - (void)sizeof(builtin); - - ::operator delete[](ptr, yaSSL::ys); - } - - #define NEW_YS new (yaSSL::ys) - - // to resolve compiler generated operator delete on base classes with - // virtual destructors (when on stack) - class virtual_base { - public: - static void operator delete(void*) { } - }; - - -#else // YASSL_PURE_C - - - template<typename T> - void ysDelete(T* ptr) - { - delete ptr; - } - - template<typename T> - void ysArrayDelete(T* ptr) - { - delete[] ptr; - } - - #define NEW_YS new - - class virtual_base {}; - - - -#endif // YASSL_PURE_C - - -typedef unsigned char uint8; -typedef unsigned short uint16; -typedef unsigned int uint32; -typedef uint8 uint24[3]; -typedef uint32 uint64[2]; - -typedef uint8 opaque; -typedef opaque byte; - -typedef unsigned int uint; - - -#ifdef USE_SYS_STL - // use system STL - #define STL_VECTOR_FILE <vector> - #define STL_LIST_FILE <list> - #define STL_ALGORITHM_FILE <algorithm> - #define STL_MEMORY_FILE <memory> - #define STL_PAIR_FILE <utility> - - #define STL_NAMESPACE std -#else - // use mySTL - #define STL_VECTOR_FILE "vector.hpp" - #define STL_LIST_FILE "list.hpp" - #define STL_ALGORITHM_FILE "algorithm.hpp" - #define STL_MEMORY_FILE "memory.hpp" - #define STL_PAIR_FILE "pair.hpp" - - #define STL_NAMESPACE mySTL -#endif - - -#ifdef min - #undef min -#endif - -template <typename T> -T min(T a, T b) -{ - return a < b ? a : b; -} - - - -// all length constants in bytes -const int ID_LEN = 32; // session id length -const int SUITE_LEN = 2; // cipher suite length -const int SECRET_LEN = 48; // pre RSA and all master secret length -const int MASTER_ROUNDS = 3; // master secret derivation rounds -const int RAN_LEN = 32; // client and server random length -const int MAC_BLOCK_SZ = 64; // MAC block size, & padding -const int MD5_LEN = 16; // MD5 digest length -const int SHA_LEN = 20; // SHA digest length -const int RMD_LEN = 20; // RIPEMD-160 digest length -const int PREFIX = 3; // up to 3 prefix letters for secret rounds -const int KEY_PREFIX = 7; // up to 7 prefix letters for key rounds -const int FORTEZZA_MAX = 128; // Maximum Fortezza Key length -const int MAX_SUITE_SZ = 128; // 64 max suites * sizeof(suite) -const int MAX_SUITE_NAME = 48; // max length of suite name -const int MAX_CIPHERS = 32; // max supported ciphers for cipher list -const int SIZEOF_ENUM = 1; // SSL considers an enum 1 byte, not 4 -const int SIZEOF_SENDER = 4; // Sender constant, for finished generation -const int PAD_MD5 = 48; // pad length 1 and 2 for md5 finished -const int PAD_SHA = 40; // should be 44, specd wrong by netscape -const int PAD_RMD = 44; // pad length for RIPEMD-160, some use 40?? -const int CERT_HEADER = 3; // always use 3 bytes for certificate -const int CERT_TYPES = 7; // certificate request types -const int REQUEST_HEADER = 2; // request uses 2 bytes -const int VERIFY_HEADER = 2; // verify length field -const int MIN_CERT_TYPES = 1; // minimum certificate request types -const int MIN_DIS_NAMES = 3; // minimum distinguished names -const int MIN_DIS_SIZE = 1; // minimum distinguished name size -const int RECORD_HEADER = 5; // type + version + length(2) -const int HANDSHAKE_HEADER = 4; // type + length(3) -const int FINISHED_SZ = MD5_LEN + SHA_LEN; // sizeof finished data -const int TLS_FINISHED_SZ = 12; // TLS verify data size -const int SEQ_SZ = 8; // 64 bit sequence number -const int LENGTH_SZ = 2; // length field for HMAC, data only -const int VERSION_SZ = SIZEOF_ENUM * 2; // SSL/TLS length of version -const int DES_KEY_SZ = 8; // DES Key length -const int DES_EDE_KEY_SZ = 24; // DES EDE Key length -const int DES_BLOCK = 8; // DES is always fixed block size 8 -const int DES_IV_SZ = DES_BLOCK; // Init Vector length for DES -const int RC4_KEY_SZ = 16; // RC4 Key length -const int AES_128_KEY_SZ = 16; // AES 128bit Key length -const int AES_192_KEY_SZ = 24; // AES 192bit Key length -const int AES_256_KEY_SZ = 32; // AES 256bit Key length -const int AES_BLOCK_SZ = 16; // AES 128bit block size, rfc 3268 -const int AES_IV_SZ = AES_BLOCK_SZ; // AES Init Vector length -const int DSS_SIG_SZ = 40; // two 20 byte high byte first Integers -const int DSS_ENCODED_EXTRA = 6; // seqID + len(1) + (intID + len(1)) * 2 -const int EVP_SALT_SZ = 8; -const int MASTER_LABEL_SZ = 13; // TLS master secret label size -const int KEY_LABEL_SZ = 13; // TLS key block expansion size -const int FINISHED_LABEL_SZ = 15; // TLS finished lable length -const int SEED_LEN = RAN_LEN * 2; // TLS seed, client + server random -const int DEFAULT_TIMEOUT = 500; // Default Session timeout in seconds -const int MAX_RECORD_SIZE = 16384; // 2^14, max size by standard -const int COMPRESS_EXTRA = 1024; // extra compression possible addition -const int SESSION_FLUSH_COUNT = 256; // when to flush session cache -const int MAX_PAD_SIZE = 256; // max TLS padding size -const int COMPRESS_CONSTANT = 13; // compression calculation constant -const int COMPRESS_UPPER = 55; // compression calculation numerator -const int COMPRESS_LOWER = 64; // compression calculation denominator -const int COMPRESS_DUMMY_SIZE = 64; // compression dummy round size - -typedef uint8 Cipher; // first byte is always 0x00 for SSLv3 & TLS - -typedef opaque Random[RAN_LEN]; - -typedef opaque* DistinguishedName; - -typedef bool IsExportable; - - -enum CompressionMethod { no_compression = 0, zlib = 221 }; - -enum CipherType { stream, block }; - -enum CipherChoice { change_cipher_spec_choice = 1 }; - -enum PublicValueEncoding { implicit_encoding, explicit_encoding }; - -enum ConnectionEnd { server_end, client_end }; - -enum AlertLevel { warning = 1, fatal = 2 }; - - - -// Record Layer Header identifier from page 12 -enum ContentType { - no_type = 0, - change_cipher_spec = 20, - alert = 21, - handshake = 22, - application_data = 23 -}; - - -// HandShake Layer Header identifier from page 20 -enum HandShakeType { - no_shake = -1, - hello_request = 0, - client_hello = 1, - server_hello = 2, - certificate = 11, - server_key_exchange = 12, - certificate_request = 13, - server_hello_done = 14, - certificate_verify = 15, - client_key_exchange = 16, - finished = 20 -}; - - -// Valid Alert types from page 16/17 -enum AlertDescription { - close_notify = 0, - unexpected_message = 10, - bad_record_mac = 20, - decompression_failure = 30, - handshake_failure = 40, - no_certificate = 41, - bad_certificate = 42, - unsupported_certificate = 43, - certificate_revoked = 44, - certificate_expired = 45, - certificate_unknown = 46, - illegal_parameter = 47 -}; - - -// Supported Key Exchange Protocols -enum KeyExchangeAlgorithm { - no_kea = 0, - rsa_kea, - diffie_hellman_kea, - fortezza_kea -}; - - -// Supported Authentication Schemes -enum SignatureAlgorithm { - anonymous_sa_algo = 0, - rsa_sa_algo, - dsa_sa_algo -}; - - -// Valid client certificate request types from page 27 -enum ClientCertificateType { - rsa_sign = 1, - dss_sign = 2, - rsa_fixed_dh = 3, - dss_fixed_dh = 4, - rsa_ephemeral_dh = 5, - dss_ephemeral_dh = 6, - fortezza_kea_cert = 20 -}; - - -// Supported Ciphers from page 43 -enum BulkCipherAlgorithm { - cipher_null, - rc4, - rc2, - des, - triple_des, // leading 3 (3des) not valid identifier - des40, - idea, - aes -}; - - -// Supported Message Authentication Codes from page 43 -enum MACAlgorithm { - no_mac, - md5, - sha, - rmd -}; - - -// Certificate file Type -enum CertType { Cert = 0, PrivateKey, CA }; - - -// all Cipher Suites from pages 41/42 -const Cipher SSL_NULL_WITH_NULL_NULL = 0; // { 0x00, 0x00 } -const Cipher SSL_RSA_WITH_NULL_MD5 = 1; // { 0x00, 0x01 } -const Cipher SSL_RSA_WITH_NULL_SHA = 2; // { 0x00, 0x02 } -const Cipher SSL_RSA_EXPORT_WITH_RC4_40_MD5 = 3; // { 0x00, 0x03 } -const Cipher SSL_RSA_WITH_RC4_128_MD5 = 4; // { 0x00, 0x04 } -const Cipher SSL_RSA_WITH_RC4_128_SHA = 5; // { 0x00, 0x05 } -const Cipher SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 6; // { 0x00, 0x06 } -const Cipher SSL_RSA_WITH_IDEA_CBC_SHA = 7; // { 0x00, 0x07 } -const Cipher SSL_RSA_EXPORT_WITH_DES40_CBC_SHA = 8; // { 0x00, 0x08 } -const Cipher SSL_RSA_WITH_DES_CBC_SHA = 9; // { 0x00, 0x09 } -const Cipher SSL_RSA_WITH_3DES_EDE_CBC_SHA = 10; // { 0x00, 0x0A } -const Cipher SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 11; // { 0x00, 0x0B } -const Cipher SSL_DH_DSS_WITH_DES_CBC_SHA = 12; // { 0x00, 0x0C } -const Cipher SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA = 13; // { 0x00, 0x0D } -const Cipher SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 14; // { 0x00, 0x0E } -const Cipher SSL_DH_RSA_WITH_DES_CBC_SHA = 15; // { 0x00, 0x0F } -const Cipher SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA = 16; // { 0x00, 0x10 } -const Cipher SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 17; // { 0x00, 0x11 } -const Cipher SSL_DHE_DSS_WITH_DES_CBC_SHA = 18; // { 0x00, 0x12 } -const Cipher SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 19; // { 0x00, 0x13 } -const Cipher SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 20; // { 0x00, 0x14 } -const Cipher SSL_DHE_RSA_WITH_DES_CBC_SHA = 21; // { 0x00, 0x15 } -const Cipher SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 22; // { 0x00, 0x16 } -const Cipher SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 = 23; // { 0x00, 0x17 } -const Cipher SSL_DH_anon_WITH_RC4_128_MD5 = 24; // { 0x00, 0x18 } -const Cipher SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 25; // { 0x00, 0x19 } -const Cipher SSL_DH_anon_WITH_DES_CBC_SHA = 26; // { 0x00, 0x1A } -const Cipher SSL_DH_anon_WITH_3DES_EDE_CBC_SHA = 27; // { 0x00, 0x1B } -const Cipher SSL_FORTEZZA_KEA_WITH_NULL_SHA = 28; // { 0x00, 0x1C } -const Cipher SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 29; // { 0x00, 0x1D } -const Cipher SSL_FORTEZZA_KEA_WITH_RC4_128_SHA = 30; // { 0x00, 0x1E } - -// .. to 0x2B uses Kerberos Authentication - - -// TLS AES extensions -const Cipher TLS_RSA_WITH_AES_128_CBC_SHA = 47; // { 0x00, 0x2F } -const Cipher TLS_DH_DSS_WITH_AES_128_CBC_SHA = 48; // { 0x00, 0x30 } -const Cipher TLS_DH_RSA_WITH_AES_128_CBC_SHA = 49; // { 0x00, 0x31 } -const Cipher TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 50; // { 0x00, 0x32 } -const Cipher TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 51; // { 0x00, 0x33 } -const Cipher TLS_DH_anon_WITH_AES_128_CBC_SHA = 52; // { 0x00, 0x34 } - -const Cipher TLS_RSA_WITH_AES_256_CBC_SHA = 53; // { 0x00, 0x35 } -const Cipher TLS_DH_DSS_WITH_AES_256_CBC_SHA = 54; // { 0x00, 0x36 } -const Cipher TLS_DH_RSA_WITH_AES_256_CBC_SHA = 55; // { 0x00, 0x37 } -const Cipher TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 56; // { 0x00, 0x38 } -const Cipher TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 57; // { 0x00, 0x39 } -const Cipher TLS_DH_anon_WITH_AES_256_CBC_SHA = 58; // { 0x00, 0x3A } - - -// OpenPGP extensions - -const Cipher TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160 = 114; // { 0x00, 0x72 }; -const Cipher TLS_DHE_DSS_WITH_AES_128_CBC_RMD160 = 115; // { 0x00, 0x73 }; -const Cipher TLS_DHE_DSS_WITH_AES_256_CBC_RMD160 = 116; // { 0x00, 0x74 }; -const Cipher TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160 = 119; // { 0x00, 0x77 }; -const Cipher TLS_DHE_RSA_WITH_AES_128_CBC_RMD160 = 120; // { 0x00, 0x78 }; -const Cipher TLS_DHE_RSA_WITH_AES_256_CBC_RMD160 = 121; // { 0x00, 0x79 }; -const Cipher TLS_RSA_WITH_3DES_EDE_CBC_RMD160 = 124; // { 0x00, 0x7C }; -const Cipher TLS_RSA_WITH_AES_128_CBC_RMD160 = 125; // { 0x00, 0x7D }; -const Cipher TLS_RSA_WITH_AES_256_CBC_RMD160 = 126; // { 0x00, 0x7E }; - - -const char* const null_str = ""; - -const char* const cipher_names[128] = -{ - null_str, // SSL_NULL_WITH_NULL_NULL = 0 - null_str, // SSL_RSA_WITH_NULL_MD5 = 1 - null_str, // SSL_RSA_WITH_NULL_SHA = 2 - null_str, // SSL_RSA_EXPORT_WITH_RC4_40_MD5 = 3 - "RC4-MD5", // SSL_RSA_WITH_RC4_128_MD5 = 4 - "RC4-SHA", // SSL_RSA_WITH_RC4_128_SHA = 5 - null_str, // SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 6 - null_str, // SSL_RSA_WITH_IDEA_CBC_SHA = 7 - null_str, // SSL_RSA_EXPORT_WITH_DES40_CBC_SHA = 8 - "DES-CBC-SHA", // SSL_RSA_WITH_DES_CBC_SHA = 9 - "DES-CBC3-SHA", // SSL_RSA_WITH_3DES_EDE_CBC_SHA = 10 - - null_str, // SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 11 - null_str, // SSL_DH_DSS_WITH_DES_CBC_SHA = 12 - null_str, // SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA = 13 - null_str, // SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 14 - null_str, // SSL_DH_RSA_WITH_DES_CBC_SHA = 15 - null_str, // SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA = 16 - null_str, // SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 17 - "EDH-DSS-DES-CBC-SHA", // SSL_DHE_DSS_WITH_DES_CBC_SHA = 18 - "EDH-DSS-DES-CBC3-SHA", // SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 19 - null_str, // SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 20 - - "EDH-RSA-DES-CBC-SHA", // SSL_DHE_RSA_WITH_DES_CBC_SHA = 21 - "EDH-RSA-DES-CBC3-SHA", // SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 22 - null_str, // SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 = 23 - null_str, // SSL_DH_anon_WITH_RC4_128_MD5 = 24 - null_str, // SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 25 - null_str, // SSL_DH_anon_WITH_DES_CBC_SHA = 26 - null_str, // SSL_DH_anon_WITH_3DES_EDE_CBC_SHA = 27 - null_str, // SSL_FORTEZZA_KEA_WITH_NULL_SHA = 28 - null_str, // SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 29 - null_str, // SSL_FORTEZZA_KEA_WITH_RC4_128_SHA = 30 - - null_str, null_str, null_str, null_str, null_str, // 31 - 35 - null_str, null_str, null_str, null_str, null_str, // 36 - 40 - null_str, null_str, null_str, null_str, null_str, // 41 - 45 - null_str, // 46 - - // TLS AES extensions - "AES128-SHA", // TLS_RSA_WITH_AES_128_CBC_SHA = 47 - null_str, // TLS_DH_DSS_WITH_AES_128_CBC_SHA = 48 - null_str, // TLS_DH_RSA_WITH_AES_128_CBC_SHA = 49 - "DHE-DSS-AES128-SHA", // TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 50 - "DHE-RSA-AES128-SHA", // TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 51 - null_str, // TLS_DH_anon_WITH_AES_128_CBC_SHA = 52 - - "AES256-SHA", // TLS_RSA_WITH_AES_256_CBC_SHA = 53 - null_str, // TLS_DH_DSS_WITH_AES_256_CBC_SHA = 54 - null_str, // TLS_DH_RSA_WITH_AES_256_CBC_SHA = 55 - "DHE-DSS-AES256-SHA", // TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 56 - "DHE-RSA-AES256-SHA", // TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 57 - null_str, // TLS_DH_anon_WITH_AES_256_CBC_SHA = 58 - - null_str, // 59 - null_str, // 60 - null_str, null_str, null_str, null_str, null_str, // 61 - 65 - null_str, null_str, null_str, null_str, null_str, // 66 - 70 - null_str, null_str, null_str, null_str, null_str, // 71 - 75 - null_str, null_str, null_str, null_str, null_str, // 76 - 80 - null_str, null_str, null_str, null_str, null_str, // 81 - 85 - null_str, null_str, null_str, null_str, null_str, // 86 - 90 - null_str, null_str, null_str, null_str, null_str, // 91 - 95 - null_str, null_str, null_str, null_str, null_str, // 96 - 100 - null_str, null_str, null_str, null_str, null_str, // 101 - 105 - null_str, null_str, null_str, null_str, null_str, // 106 - 110 - null_str, null_str, null_str, // 111 - 113 - - "DHE-DSS-DES-CBC3-RMD", // TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160 = 114 - "DHE-DSS-AES128-RMD", // TLS_DHE_DSS_WITH_AES_128_CBC_RMD160 = 115 - "DHE-DSS-AES256-RMD", // TLS_DHE_DSS_WITH_AES_256_CBC_RMD160 = 116 - null_str, // 117 - null_str, // 118 - "DHE-RSA-DES-CBC3-RMD", // TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160 = 119 - "DHE-RSA-AES128-RMD", // TLS_DHE_RSA_WITH_AES_128_CBC_RMD160 = 120 - "DHE-RSA-AES256-RMD", // TLS_DHE_RSA_WITH_AES_256_CBC_RMD160 = 121 - null_str, // 122 - null_str, // 123 - "DES-CBC3-RMD", // TLS_RSA_WITH_3DES_EDE_CBC_RMD160 = 124 - "AES128-RMD", // TLS_RSA_WITH_AES_128_CBC_RMD160 = 125 - "AES256-RMD", // TLS_RSA_WITH_AES_256_CBC_RMD160 = 126 - null_str // 127 -}; - -// fill with MD5 pad size since biggest required -const opaque PAD1[PAD_MD5] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 - }; -const opaque PAD2[PAD_MD5] = { 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c - }; - -const opaque client[SIZEOF_SENDER] = { 0x43, 0x4C, 0x4E, 0x54 }; -const opaque server[SIZEOF_SENDER] = { 0x53, 0x52, 0x56, 0x52 }; - -const opaque tls_client[FINISHED_LABEL_SZ + 1] = "client finished"; -const opaque tls_server[FINISHED_LABEL_SZ + 1] = "server finished"; - -const opaque master_label[MASTER_LABEL_SZ + 1] = "master secret"; -const opaque key_label [KEY_LABEL_SZ + 1] = "key expansion"; - - -} // naemspace - -#if __GNUC__ == 2 && __GNUC_MINOR__ <= 96 -/* - gcc 2.96 bails out because of two declarations of byte: yaSSL::byte and - TaoCrypt::byte. TODO: define global types.hpp and move the declaration of - 'byte' there. -*/ -using yaSSL::byte; -#endif - - -#endif // yaSSL_TYPES_HPP diff --git a/extra/yassl/lib/dummy b/extra/yassl/lib/dummy deleted file mode 100644 index 85c1efd587f..00000000000 --- a/extra/yassl/lib/dummy +++ /dev/null @@ -1 +0,0 @@ -// this is a dummy file diff --git a/extra/yassl/src/buffer.cpp b/extra/yassl/src/buffer.cpp deleted file mode 100644 index 919aa9c7436..00000000000 --- a/extra/yassl/src/buffer.cpp +++ /dev/null @@ -1,331 +0,0 @@ -/* - Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* yaSSL buffer header implements input/output buffers to simulate streaming - * with SSL types and sockets - */ - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#include <string.h> // memcpy -#include "runtime.hpp" -#include "buffer.hpp" -#include "yassl_types.hpp" - -namespace yaSSL { - - - - -/* return 0 on check success, always true for NoCheck policy */ -int NoCheck::check(uint, uint) -{ - return 0; -} - -/* return 0 on check success */ -int Check::check(uint i, uint max) -{ - if (i < max) - return 0; - - return -1; -} - - -/* input_buffer operates like a smart c style array with a checking option, - * meant to be read from through [] with AUTO index or read(). - * Should only write to at/near construction with assign() or raw (e.g., recv) - * followed by add_size with the number of elements added by raw write. - * - * Not using vector because need checked []access, offset, and the ability to - * write to the buffer bulk wise and have the correct size - */ - - -input_buffer::input_buffer() - : size_(0), current_(0), buffer_(0), end_(0), error_(0), zero_(0) -{} - - -input_buffer::input_buffer(uint s) - : size_(0), current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s), - error_(0), zero_(0) -{} - - -// with assign -input_buffer::input_buffer(uint s, const byte* t, uint len) - : size_(0), current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s), - error_(0), zero_(0) -{ - assign(t, len); -} - - -input_buffer::~input_buffer() -{ - ysArrayDelete(buffer_); -} - - -// users can pass defualt zero length buffer and then allocate -void input_buffer::allocate(uint s) -{ - if (error_ == 0) { - buffer_ = NEW_YS byte[s]; - end_ = buffer_ + s; - } -} - - -// for passing to raw writing functions at beginning, then use add_size -byte* input_buffer::get_buffer() const -{ - return buffer_; -} - - -// after a raw write user can set NEW_YS size -// if you know the size before the write use assign() -void input_buffer::add_size(uint i) -{ - if (error_ == 0 && check(size_ + i-1, get_capacity()) == 0) - size_ += i; - else - error_ = -1; -} - - -uint input_buffer::get_capacity() const -{ - if (error_ == 0) - return end_ - buffer_; - - return 0; -} - - -uint input_buffer::get_current() const -{ - if (error_ == 0) - return current_; - - return 0; -} - - -uint input_buffer::get_size() const -{ - if (error_ == 0) - return size_; - - return 0; -} - - -uint input_buffer::get_remaining() const -{ - if (error_ == 0) - return size_ - current_; - - return 0; -} - - -int input_buffer::get_error() const -{ - return error_; -} - - -void input_buffer::set_error() -{ - error_ = -1; -} - - -void input_buffer::set_current(uint i) -{ - if (error_ == 0 && check(i ? i - 1 : 0, size_) == 0) - current_ = i; - else - error_ = -1; -} - - -// read only access through [], advance current -// user passes in AUTO index for ease of use -const byte& input_buffer::operator[](uint i) -{ - if (error_ == 0 && check(current_, size_) == 0) - return buffer_[current_++]; - - error_ = -1; - return zero_; -} - - -// end of input test -bool input_buffer::eof() -{ - if (error_ != 0) - return true; - - return current_ >= size_; -} - - -// peek ahead -byte input_buffer::peek() -{ - if (error_ == 0 && check(current_, size_) == 0) - return buffer_[current_]; - - error_ = -1; - return 0; -} - - -// write function, should use at/near construction -void input_buffer::assign(const byte* t, uint s) -{ - if (t && error_ == 0 && check(current_, get_capacity()) == 0) { - add_size(s); - if (error_ == 0) { - memcpy(&buffer_[current_], t, s); - return; // success - } - } - - error_ = -1; -} - - -// use read to query input, adjusts current -void input_buffer::read(byte* dst, uint length) -{ - if (dst && error_ == 0 && check(current_ + length - 1, size_) == 0) { - memcpy(dst, &buffer_[current_], length); - current_ += length; - } else { - error_ = -1; - } -} - - - -/* output_buffer operates like a smart c style array with a checking option. - * Meant to be written to through [] with AUTO index or write(). - * Size (current) counter increases when written to. Can be constructed with - * zero length buffer but be sure to allocate before first use. - * Don't use add write for a couple bytes, use [] instead, way less overhead. - * - * Not using vector because need checked []access and the ability to - * write to the buffer bulk wise and retain correct size - */ - - -output_buffer::output_buffer() - : current_(0), buffer_(0), end_(0) -{} - - -// with allocate -output_buffer::output_buffer(uint s) - : current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s) -{} - - -// with assign -output_buffer::output_buffer(uint s, const byte* t, uint len) - : current_(0), buffer_(NEW_YS byte[s]), end_(buffer_+ s) -{ - write(t, len); -} - - -output_buffer::~output_buffer() -{ - ysArrayDelete(buffer_); -} - - -uint output_buffer::get_size() const -{ - return current_; -} - - -uint output_buffer::get_capacity() const -{ - return (uint) (end_ - buffer_); -} - - -void output_buffer::set_current(uint c) -{ - check(c, get_capacity()); - current_ = c; -} - - -// users can pass defualt zero length buffer and then allocate -void output_buffer::allocate(uint s) -{ - buffer_ = NEW_YS byte[s]; end_ = buffer_ + s; -} - - -// for passing to reading functions when finished -const byte* output_buffer::get_buffer() const -{ - return buffer_; -} - - -// allow write access through [], update current -// user passes in AUTO as index for ease of use -byte& output_buffer::operator[](uint i) -{ - check(current_, get_capacity()); - return buffer_[current_++]; -} - - -// end of output test -bool output_buffer::eof() -{ - return current_ >= get_capacity(); -} - - -void output_buffer::write(const byte* t, uint s) -{ - check(current_ + s - 1, get_capacity()); - memcpy(&buffer_[current_], t, s); - current_ += s; -} - - - -} // naemspace - diff --git a/extra/yassl/src/cert_wrapper.cpp b/extra/yassl/src/cert_wrapper.cpp deleted file mode 100644 index 7e2c179f964..00000000000 --- a/extra/yassl/src/cert_wrapper.cpp +++ /dev/null @@ -1,408 +0,0 @@ -/* - Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* The certificate wrapper source implements certificate management functions - * - */ - -#include "runtime.hpp" -#include "cert_wrapper.hpp" -#include "yassl_int.hpp" -#include "error.hpp" - -#if defined(USE_CML_LIB) - #include "cmapi_cpp.h" -#else - #include "asn.hpp" - #include "file.hpp" -#endif // USE_CML_LIB - - -namespace yaSSL { - - -x509::x509(uint sz) : length_(sz), buffer_(NEW_YS opaque[sz]) -{ -} - - -x509::~x509() -{ - ysArrayDelete(buffer_); -} - - -x509::x509(const x509& that) : length_(that.length_), - buffer_(NEW_YS opaque[length_]) -{ - memcpy(buffer_, that.buffer_, length_); -} - - -void x509::Swap(x509& that) -{ - STL::swap(length_, that.length_); - STL::swap(buffer_, that.buffer_); -} - - -x509& x509::operator=(const x509& that) -{ - x509 temp(that); - Swap(temp); - return *this; -} - - -uint x509::get_length() const -{ - return length_; -} - - -const opaque* x509::get_buffer() const -{ - return buffer_; -} - - -opaque* x509::use_buffer() -{ - return buffer_; -} - - -//CertManager -CertManager::CertManager() - : peerX509_(0), selfX509_(0), verifyPeer_(false), verifyNone_(false), failNoCert_(false), - sendVerify_(false), sendBlankCert_(false), verifyCallback_(0) -{} - - -CertManager::~CertManager() -{ - ysDelete(peerX509_); - ysDelete(selfX509_); - - STL::for_each(signers_.begin(), signers_.end(), del_ptr_zero()) ; - - STL::for_each(peerList_.begin(), peerList_.end(), del_ptr_zero()) ; - - STL::for_each(list_.begin(), list_.end(), del_ptr_zero()) ; -} - - -bool CertManager::verifyPeer() const -{ - return verifyPeer_; -} - - -bool CertManager::verifyNone() const -{ - return verifyNone_; -} - - -bool CertManager::failNoCert() const -{ - return failNoCert_; -} - - -bool CertManager::sendVerify() const -{ - return sendVerify_; -} - - -void CertManager::setVerifyPeer() -{ - verifyPeer_ = true; -} - - -void CertManager::setVerifyNone() -{ - verifyNone_ = true; -} - -bool CertManager::sendBlankCert() const -{ - return sendBlankCert_; -} - - -void CertManager::setFailNoCert() -{ - failNoCert_ = true; -} - - -void CertManager::setSendVerify() -{ - sendVerify_ = true; -} - -void CertManager::setSendBlankCert() -{ - sendBlankCert_ = true; -} - - -void CertManager::setVerifyCallback(VerifyCallback vc) -{ - verifyCallback_ = vc; -} - - -void CertManager::AddPeerCert(x509* x) -{ - peerList_.push_back(x); // take ownership -} - - -void CertManager::CopySelfCert(const x509* x) -{ - if (x) - list_.push_back(NEW_YS x509(*x)); -} - - -// add to signers -int CertManager::CopyCaCert(const x509* x) -{ - TaoCrypt::Source source(x->get_buffer(), x->get_length()); - TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_, - TaoCrypt::CertDecoder::CA); - - if (!cert.GetError().What()) { - const TaoCrypt::PublicKey& key = cert.GetPublicKey(); - signers_.push_back(NEW_YS TaoCrypt::Signer(key.GetKey(), key.size(), - cert.GetCommonName(), cert.GetHash())); - } - // just don't add, not an error return cert.GetError().What(); - return 0; -} - - -const x509* CertManager::get_cert() const -{ - return list_.front(); -} - - -const opaque* CertManager::get_peerKey() const -{ - return peerPublicKey_.get_buffer(); -} - - -X509* CertManager::get_peerX509() const -{ - return peerX509_; -} - - -X509* CertManager::get_selfX509() const -{ - return selfX509_; -} - - -SignatureAlgorithm CertManager::get_peerKeyType() const -{ - return peerKeyType_; -} - - -SignatureAlgorithm CertManager::get_keyType() const -{ - return keyType_; -} - - -uint CertManager::get_peerKeyLength() const -{ - return peerPublicKey_.get_size(); -} - - -const opaque* CertManager::get_privateKey() const -{ - return privateKey_.get_buffer(); -} - - -uint CertManager::get_privateKeyLength() const -{ - return privateKey_.get_size(); -} - - -// Validate the peer's certificate list, from root to peer (last to first) -int CertManager::Validate() -{ - CertList::reverse_iterator last = peerList_.rbegin(); - size_t count = peerList_.size(); - - while ( count > 1 ) { - TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length()); - TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_); - - if (int err = cert.GetError().What()) - return err; - - const TaoCrypt::PublicKey& key = cert.GetPublicKey(); - signers_.push_back(NEW_YS TaoCrypt::Signer(key.GetKey(), key.size(), - cert.GetCommonName(), cert.GetHash())); - ++last; - --count; - } - - if (count) { - // peer's is at the front - TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length()); - TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_); - - int err = cert.GetError().What(); - if ( err && err != TaoCrypt::SIG_OTHER_E) - return err; - - uint sz = cert.GetPublicKey().size(); - peerPublicKey_.allocate(sz); - peerPublicKey_.assign(cert.GetPublicKey().GetKey(), sz); - - if (cert.GetKeyType() == TaoCrypt::RSAk) - peerKeyType_ = rsa_sa_algo; - else - peerKeyType_ = dsa_sa_algo; - - size_t iSz = strlen(cert.GetIssuer()) + 1; - size_t sSz = strlen(cert.GetCommonName()) + 1; - ASN1_STRING beforeDate, afterDate; - beforeDate.data= (unsigned char *) cert.GetBeforeDate(); - beforeDate.type= cert.GetBeforeDateType(); - beforeDate.length= (int)strlen((char *) beforeDate.data) + 1; - afterDate.data= (unsigned char *) cert.GetAfterDate(); - afterDate.type= cert.GetAfterDateType(); - afterDate.length= (int)strlen((char *) afterDate.data) + 1; - peerX509_ = NEW_YS X509(cert.GetIssuer(), iSz, cert.GetCommonName(), - sSz, &beforeDate, &afterDate, - cert.GetIssuerCnStart(), cert.GetIssuerCnLength(), - cert.GetSubjectCnStart(), cert.GetSubjectCnLength() - ); - - if (err == TaoCrypt::SIG_OTHER_E && verifyCallback_) { - X509_STORE_CTX store; - store.error = err; - store.error_depth = static_cast<int>(count) - 1; - store.current_cert = peerX509_; - - int ok = verifyCallback_(0, &store); - if (ok) return 0; - } - - if (err == TaoCrypt::SIG_OTHER_E) return err; - } - return 0; -} - - -// Set the private key -int CertManager::SetPrivateKey(const x509& key) -{ - privateKey_.allocate(key.get_length()); - privateKey_.assign(key.get_buffer(), key.get_length()); - - // set key type - if (x509* cert = list_.front()) { - TaoCrypt::Source source(cert->get_buffer(), cert->get_length()); - TaoCrypt::CertDecoder cd(source, false); - cd.DecodeToKey(); - if (int err = cd.GetError().What()) - return err; - if (cd.GetKeyType() == TaoCrypt::RSAk) - keyType_ = rsa_sa_algo; - else - keyType_ = dsa_sa_algo; - - size_t iSz = strlen(cd.GetIssuer()) + 1; - size_t sSz = strlen(cd.GetCommonName()) + 1; - ASN1_STRING beforeDate, afterDate; - beforeDate.data= (unsigned char *) cd.GetBeforeDate(); - beforeDate.type= cd.GetBeforeDateType(); - beforeDate.length= (int)strlen((char *) beforeDate.data) + 1; - afterDate.data= (unsigned char *) cd.GetAfterDate(); - afterDate.type= cd.GetAfterDateType(); - afterDate.length= (int)strlen((char *) afterDate.data) + 1; - selfX509_ = NEW_YS X509(cd.GetIssuer(), iSz, cd.GetCommonName(), - sSz, &beforeDate, &afterDate, - cd.GetIssuerCnStart(), cd.GetIssuerCnLength(), - cd.GetSubjectCnStart(), cd.GetSubjectCnLength()); - } - return 0; -} - - -// Store OpenSSL type peer's cert -void CertManager::setPeerX509(X509* x) -{ - if (x == 0) return; - - X509_NAME* issuer = x->GetIssuer(); - X509_NAME* subject = x->GetSubject(); - ASN1_STRING* before = x->GetBefore(); - ASN1_STRING* after = x->GetAfter(); - - peerX509_ = NEW_YS X509(issuer->GetName(), issuer->GetLength(), - subject->GetName(), subject->GetLength(), before, after, - issuer->GetCnPosition(), issuer->GetCnLength(), - subject->GetCnPosition(), subject->GetCnLength()); -} - - -#if defined(USE_CML_LIB) - -// Get the peer's certificate, extract and save public key -void CertManager::SetPeerKey() -{ - // first cert is the peer's - x509* main = peerList_.front(); - - Bytes_struct cert; - cert.num = main->get_length(); - cert.data = main->set_buffer(); - - CML::Certificate cm(cert); - const CML::ASN::Cert& raw = cm.base(); - CTIL::CSM_Buffer key = raw.pubKeyInfo.key; - - uint sz; - opaque* key_buffer = reinterpret_cast<opaque*>(key.Get(sz)); - peerPublicKey_.allocate(sz); - peerPublicKey_.assign(key_buffer, sz); -} - - -#endif // USE_CML_LIB - - - -} // namespace diff --git a/extra/yassl/src/crypto_wrapper.cpp b/extra/yassl/src/crypto_wrapper.cpp deleted file mode 100644 index acafea5005e..00000000000 --- a/extra/yassl/src/crypto_wrapper.cpp +++ /dev/null @@ -1,998 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* The crypto wrapper source implements the policies for the cipher - * components used by SSL. - * - * The implementation relies on a specfic library, taoCrypt. - */ - -#if !defined(USE_CRYPTOPP_LIB) - -#include "runtime.hpp" -#include "crypto_wrapper.hpp" -#include "cert_wrapper.hpp" - -#include "md5.hpp" -#include "sha.hpp" -#include "ripemd.hpp" -#include "hmac.hpp" -#include "modes.hpp" -#include "des.hpp" -#include "arc4.hpp" -#include "aes.hpp" -#include "rsa.hpp" -#include "dsa.hpp" -#include "dh.hpp" -#include "random.hpp" -#include "file.hpp" -#include "coding.hpp" - - -namespace yaSSL { - - -// MD5 Implementation -struct MD5::MD5Impl { - TaoCrypt::MD5 md5_; - MD5Impl() {} - explicit MD5Impl(const TaoCrypt::MD5& md5) : md5_(md5) {} -}; - - -MD5::MD5() : pimpl_(NEW_YS MD5Impl) {} - - -MD5::~MD5() { ysDelete(pimpl_); } - - -MD5::MD5(const MD5& that) : Digest(), pimpl_(NEW_YS - MD5Impl(that.pimpl_->md5_)) {} - - -MD5& MD5::operator=(const MD5& that) -{ - pimpl_->md5_ = that.pimpl_->md5_; - return *this; -} - - -uint MD5::get_digestSize() const -{ - return MD5_LEN; -} - - -uint MD5::get_padSize() const -{ - return PAD_MD5; -} - - -// Fill out with MD5 digest from in that is sz bytes, out must be >= digest sz -void MD5::get_digest(byte* out, const byte* in, unsigned int sz) -{ - pimpl_->md5_.Update(in, sz); - pimpl_->md5_.Final(out); -} - -// Fill out with MD5 digest from previous updates -void MD5::get_digest(byte* out) -{ - pimpl_->md5_.Final(out); -} - - -// Update the current digest -void MD5::update(const byte* in, unsigned int sz) -{ - pimpl_->md5_.Update(in, sz); -} - - -// SHA Implementation -struct SHA::SHAImpl { - TaoCrypt::SHA sha_; - SHAImpl() {} - explicit SHAImpl(const TaoCrypt::SHA& sha) : sha_(sha) {} -}; - - -SHA::SHA() : pimpl_(NEW_YS SHAImpl) {} - - -SHA::~SHA() { ysDelete(pimpl_); } - - -SHA::SHA(const SHA& that) : Digest(), pimpl_(NEW_YS SHAImpl(that.pimpl_->sha_)) {} - -SHA& SHA::operator=(const SHA& that) -{ - pimpl_->sha_ = that.pimpl_->sha_; - return *this; -} - - -uint SHA::get_digestSize() const -{ - return SHA_LEN; -} - - -uint SHA::get_padSize() const -{ - return PAD_SHA; -} - - -// Fill out with SHA digest from in that is sz bytes, out must be >= digest sz -void SHA::get_digest(byte* out, const byte* in, unsigned int sz) -{ - pimpl_->sha_.Update(in, sz); - pimpl_->sha_.Final(out); -} - - -// Fill out with SHA digest from previous updates -void SHA::get_digest(byte* out) -{ - pimpl_->sha_.Final(out); -} - - -// Update the current digest -void SHA::update(const byte* in, unsigned int sz) -{ - pimpl_->sha_.Update(in, sz); -} - - -// RMD-160 Implementation -struct RMD::RMDImpl { - TaoCrypt::RIPEMD160 rmd_; - RMDImpl() {} - explicit RMDImpl(const TaoCrypt::RIPEMD160& rmd) : rmd_(rmd) {} -}; - - -RMD::RMD() : pimpl_(NEW_YS RMDImpl) {} - - -RMD::~RMD() { ysDelete(pimpl_); } - - -RMD::RMD(const RMD& that) : Digest(), pimpl_(NEW_YS RMDImpl(that.pimpl_->rmd_)) {} - -RMD& RMD::operator=(const RMD& that) -{ - pimpl_->rmd_ = that.pimpl_->rmd_; - return *this; -} - - -uint RMD::get_digestSize() const -{ - return RMD_LEN; -} - - -uint RMD::get_padSize() const -{ - return PAD_RMD; -} - - -// Fill out with RMD digest from in that is sz bytes, out must be >= digest sz -void RMD::get_digest(byte* out, const byte* in, unsigned int sz) -{ - pimpl_->rmd_.Update(in, sz); - pimpl_->rmd_.Final(out); -} - - -// Fill out with RMD digest from previous updates -void RMD::get_digest(byte* out) -{ - pimpl_->rmd_.Final(out); -} - - -// Update the current digest -void RMD::update(const byte* in, unsigned int sz) -{ - pimpl_->rmd_.Update(in, sz); -} - - -// HMAC_MD5 Implementation -struct HMAC_MD5::HMAC_MD5Impl { - TaoCrypt::HMAC<TaoCrypt::MD5> mac_; - HMAC_MD5Impl() {} -}; - - -HMAC_MD5::HMAC_MD5(const byte* secret, unsigned int len) - : pimpl_(NEW_YS HMAC_MD5Impl) -{ - pimpl_->mac_.SetKey(secret, len); -} - - -HMAC_MD5::~HMAC_MD5() { ysDelete(pimpl_); } - - -uint HMAC_MD5::get_digestSize() const -{ - return MD5_LEN; -} - - -uint HMAC_MD5::get_padSize() const -{ - return PAD_MD5; -} - - -// Fill out with MD5 digest from in that is sz bytes, out must be >= digest sz -void HMAC_MD5::get_digest(byte* out, const byte* in, unsigned int sz) -{ - pimpl_->mac_.Update(in, sz); - pimpl_->mac_.Final(out); -} - -// Fill out with MD5 digest from previous updates -void HMAC_MD5::get_digest(byte* out) -{ - pimpl_->mac_.Final(out); -} - - -// Update the current digest -void HMAC_MD5::update(const byte* in, unsigned int sz) -{ - pimpl_->mac_.Update(in, sz); -} - - -// HMAC_SHA Implementation -struct HMAC_SHA::HMAC_SHAImpl { - TaoCrypt::HMAC<TaoCrypt::SHA> mac_; - HMAC_SHAImpl() {} -}; - - -HMAC_SHA::HMAC_SHA(const byte* secret, unsigned int len) - : pimpl_(NEW_YS HMAC_SHAImpl) -{ - pimpl_->mac_.SetKey(secret, len); -} - - -HMAC_SHA::~HMAC_SHA() { ysDelete(pimpl_); } - - -uint HMAC_SHA::get_digestSize() const -{ - return SHA_LEN; -} - - -uint HMAC_SHA::get_padSize() const -{ - return PAD_SHA; -} - - -// Fill out with SHA digest from in that is sz bytes, out must be >= digest sz -void HMAC_SHA::get_digest(byte* out, const byte* in, unsigned int sz) -{ - pimpl_->mac_.Update(in, sz); - pimpl_->mac_.Final(out); -} - -// Fill out with SHA digest from previous updates -void HMAC_SHA::get_digest(byte* out) -{ - pimpl_->mac_.Final(out); -} - - -// Update the current digest -void HMAC_SHA::update(const byte* in, unsigned int sz) -{ - pimpl_->mac_.Update(in, sz); -} - - - -// HMAC_RMD Implementation -struct HMAC_RMD::HMAC_RMDImpl { - TaoCrypt::HMAC<TaoCrypt::RIPEMD160> mac_; - HMAC_RMDImpl() {} -}; - - -HMAC_RMD::HMAC_RMD(const byte* secret, unsigned int len) - : pimpl_(NEW_YS HMAC_RMDImpl) -{ - pimpl_->mac_.SetKey(secret, len); -} - - -HMAC_RMD::~HMAC_RMD() { ysDelete(pimpl_); } - - -uint HMAC_RMD::get_digestSize() const -{ - return RMD_LEN; -} - - -uint HMAC_RMD::get_padSize() const -{ - return PAD_RMD; -} - - -// Fill out with RMD digest from in that is sz bytes, out must be >= digest sz -void HMAC_RMD::get_digest(byte* out, const byte* in, unsigned int sz) -{ - pimpl_->mac_.Update(in, sz); - pimpl_->mac_.Final(out); -} - -// Fill out with RMD digest from previous updates -void HMAC_RMD::get_digest(byte* out) -{ - pimpl_->mac_.Final(out); -} - - -// Update the current digest -void HMAC_RMD::update(const byte* in, unsigned int sz) -{ - pimpl_->mac_.Update(in, sz); -} - - -struct DES::DESImpl { - TaoCrypt::DES_CBC_Encryption encryption; - TaoCrypt::DES_CBC_Decryption decryption; -}; - - -DES::DES() : pimpl_(NEW_YS DESImpl) {} - -DES::~DES() { ysDelete(pimpl_); } - - -void DES::set_encryptKey(const byte* k, const byte* iv) -{ - pimpl_->encryption.SetKey(k, DES_KEY_SZ, iv); -} - - -void DES::set_decryptKey(const byte* k, const byte* iv) -{ - pimpl_->decryption.SetKey(k, DES_KEY_SZ, iv); -} - -// DES encrypt plain of length sz into cipher -void DES::encrypt(byte* cipher, const byte* plain, unsigned int sz) -{ - pimpl_->encryption.Process(cipher, plain, sz); -} - - -// DES decrypt cipher of length sz into plain -void DES::decrypt(byte* plain, const byte* cipher, unsigned int sz) -{ - pimpl_->decryption.Process(plain, cipher, sz); -} - - -struct DES_EDE::DES_EDEImpl { - TaoCrypt::DES_EDE3_CBC_Encryption encryption; - TaoCrypt::DES_EDE3_CBC_Decryption decryption; -}; - - -DES_EDE::DES_EDE() : pimpl_(NEW_YS DES_EDEImpl) {} - -DES_EDE::~DES_EDE() { ysDelete(pimpl_); } - - -void DES_EDE::set_encryptKey(const byte* k, const byte* iv) -{ - pimpl_->encryption.SetKey(k, DES_EDE_KEY_SZ, iv); -} - - -void DES_EDE::set_decryptKey(const byte* k, const byte* iv) -{ - pimpl_->decryption.SetKey(k, DES_EDE_KEY_SZ, iv); -} - - -// 3DES encrypt plain of length sz into cipher -void DES_EDE::encrypt(byte* cipher, const byte* plain, unsigned int sz) -{ - pimpl_->encryption.Process(cipher, plain, sz); -} - - -// 3DES decrypt cipher of length sz into plain -void DES_EDE::decrypt(byte* plain, const byte* cipher, unsigned int sz) -{ - pimpl_->decryption.Process(plain, cipher, sz); -} - - -// Implementation of alledged RC4 -struct RC4::RC4Impl { - TaoCrypt::ARC4::Encryption encryption; - TaoCrypt::ARC4::Decryption decryption; -}; - - -RC4::RC4() : pimpl_(NEW_YS RC4Impl) {} - -RC4::~RC4() { ysDelete(pimpl_); } - - -void RC4::set_encryptKey(const byte* k, const byte*) -{ - pimpl_->encryption.SetKey(k, RC4_KEY_SZ); -} - - -void RC4::set_decryptKey(const byte* k, const byte*) -{ - pimpl_->decryption.SetKey(k, RC4_KEY_SZ); -} - - -// RC4 encrypt plain of length sz into cipher -void RC4::encrypt(byte* cipher, const byte* plain, unsigned int sz) -{ - pimpl_->encryption.Process(cipher, plain, sz); -} - - -// RC4 decrypt cipher of length sz into plain -void RC4::decrypt(byte* plain, const byte* cipher, unsigned int sz) -{ - pimpl_->decryption.Process(plain, cipher, sz); -} - - - -// Implementation of AES -struct AES::AESImpl { - TaoCrypt::AES_CBC_Encryption encryption; - TaoCrypt::AES_CBC_Decryption decryption; - unsigned int keySz_; - - AESImpl(unsigned int ks) : keySz_(ks) {} -}; - - -AES::AES(unsigned int ks) : pimpl_(NEW_YS AESImpl(ks)) {} - -AES::~AES() { ysDelete(pimpl_); } - - -int AES::get_keySize() const -{ - return pimpl_->keySz_; -} - - -void AES::set_encryptKey(const byte* k, const byte* iv) -{ - pimpl_->encryption.SetKey(k, pimpl_->keySz_, iv); -} - - -void AES::set_decryptKey(const byte* k, const byte* iv) -{ - pimpl_->decryption.SetKey(k, pimpl_->keySz_, iv); -} - - -// AES encrypt plain of length sz into cipher -void AES::encrypt(byte* cipher, const byte* plain, unsigned int sz) -{ - pimpl_->encryption.Process(cipher, plain, sz); -} - - -// AES decrypt cipher of length sz into plain -void AES::decrypt(byte* plain, const byte* cipher, unsigned int sz) -{ - pimpl_->decryption.Process(plain, cipher, sz); -} - - -struct RandomPool::RandomImpl { - TaoCrypt::RandomNumberGenerator RNG_; -}; - -RandomPool::RandomPool() : pimpl_(NEW_YS RandomImpl) {} - -RandomPool::~RandomPool() { ysDelete(pimpl_); } - -int RandomPool::GetError() const -{ - return pimpl_->RNG_.GetError(); -} - -void RandomPool::Fill(opaque* dst, uint sz) const -{ - pimpl_->RNG_.GenerateBlock(dst, sz); -} - - -// Implementation of DSS Authentication -struct DSS::DSSImpl { - void SetPublic (const byte*, unsigned int); - void SetPrivate(const byte*, unsigned int); - TaoCrypt::DSA_PublicKey publicKey_; - TaoCrypt::DSA_PrivateKey privateKey_; -}; - - -// Decode and store the public key -void DSS::DSSImpl::SetPublic(const byte* key, unsigned int sz) -{ - TaoCrypt::Source source(key, sz); - publicKey_.Initialize(source); -} - - -// Decode and store the public key -void DSS::DSSImpl::SetPrivate(const byte* key, unsigned int sz) -{ - TaoCrypt::Source source(key, sz); - privateKey_.Initialize(source); - publicKey_ = TaoCrypt::DSA_PublicKey(privateKey_); - -} - - -// Set public or private key -DSS::DSS(const byte* key, unsigned int sz, bool publicKey) - : pimpl_(NEW_YS DSSImpl) -{ - if (publicKey) - pimpl_->SetPublic(key, sz); - else - pimpl_->SetPrivate(key, sz); -} - - -DSS::~DSS() -{ - ysDelete(pimpl_); -} - - -uint DSS::get_signatureLength() const -{ - return pimpl_->publicKey_.SignatureLength(); -} - - -// DSS Sign message of length sz into sig -void DSS::sign(byte* sig, const byte* sha_digest, unsigned int /* shaSz */, - const RandomPool& random) -{ - using namespace TaoCrypt; - - DSA_Signer signer(pimpl_->privateKey_); - signer.Sign(sha_digest, sig, random.pimpl_->RNG_); -} - - -// DSS Verify message of length sz against sig, is it correct? -bool DSS::verify(const byte* sha_digest, unsigned int /* shaSz */, - const byte* sig, unsigned int /* sigSz */) -{ - using namespace TaoCrypt; - - DSA_Verifier ver(pimpl_->publicKey_); - return ver.Verify(sha_digest, sig); -} - - -// Implementation of RSA key interface -struct RSA::RSAImpl { - void SetPublic (const byte*, unsigned int); - void SetPrivate(const byte*, unsigned int); - TaoCrypt::RSA_PublicKey publicKey_; - TaoCrypt::RSA_PrivateKey privateKey_; -}; - - -// Decode and store the public key -void RSA::RSAImpl::SetPublic(const byte* key, unsigned int sz) -{ - TaoCrypt::Source source(key, sz); - publicKey_.Initialize(source); -} - - -// Decode and store the private key -void RSA::RSAImpl::SetPrivate(const byte* key, unsigned int sz) -{ - TaoCrypt::Source source(key, sz); - privateKey_.Initialize(source); - publicKey_ = TaoCrypt::RSA_PublicKey(privateKey_); -} - - -// Set public or private key -RSA::RSA(const byte* key, unsigned int sz, bool publicKey) - : pimpl_(NEW_YS RSAImpl) -{ - if (publicKey) - pimpl_->SetPublic(key, sz); - else - pimpl_->SetPrivate(key, sz); -} - -RSA::~RSA() -{ - ysDelete(pimpl_); -} - - -// get cipher text length, varies on key size -unsigned int RSA::get_cipherLength() const -{ - return pimpl_->publicKey_.FixedCiphertextLength(); -} - - -// get signautre length, varies on key size -unsigned int RSA::get_signatureLength() const -{ - return get_cipherLength(); -} - - -// RSA Sign message of length sz into sig -void RSA::sign(byte* sig, const byte* message, unsigned int sz, - const RandomPool& random) -{ - TaoCrypt::RSAES_Decryptor dec(pimpl_->privateKey_); - dec.SSL_Sign(message, sz, sig, random.pimpl_->RNG_); -} - - -// RSA Verify message of length sz against sig -bool RSA::verify(const byte* message, unsigned int sz, const byte* sig, - unsigned int) -{ - TaoCrypt::RSAES_Encryptor enc(pimpl_->publicKey_); - return enc.SSL_Verify(message, sz, sig); -} - - -// RSA public encrypt plain of length sz into cipher -void RSA::encrypt(byte* cipher, const byte* plain, unsigned int sz, - const RandomPool& random) -{ - - TaoCrypt::RSAES_Encryptor enc(pimpl_->publicKey_); - enc.Encrypt(plain, sz, cipher, random.pimpl_->RNG_); -} - - -// RSA private decrypt cipher of length sz into plain -void RSA::decrypt(byte* plain, const byte* cipher, unsigned int sz, - const RandomPool& random) -{ - TaoCrypt::RSAES_Decryptor dec(pimpl_->privateKey_); - dec.Decrypt(cipher, sz, plain, random.pimpl_->RNG_); -} - - -struct Integer::IntegerImpl { - TaoCrypt::Integer int_; - - IntegerImpl() {} - explicit IntegerImpl(const TaoCrypt::Integer& i) : int_(i) {} -}; - -Integer::Integer() : pimpl_(NEW_YS IntegerImpl) {} - -Integer::~Integer() { ysDelete(pimpl_); } - - - -Integer::Integer(const Integer& other) : pimpl_(NEW_YS - IntegerImpl(other.pimpl_->int_)) -{} - - -Integer& Integer::operator=(const Integer& that) -{ - pimpl_->int_ = that.pimpl_->int_; - - return *this; -} - - -void Integer::assign(const byte* num, unsigned int sz) -{ - pimpl_->int_ = TaoCrypt::Integer(num, sz); -} - - -struct DiffieHellman::DHImpl { - TaoCrypt::DH dh_; - TaoCrypt::RandomNumberGenerator& ranPool_; - byte* publicKey_; - byte* privateKey_; - byte* agreedKey_; - uint pubKeyLength_; - - DHImpl(TaoCrypt::RandomNumberGenerator& r) : ranPool_(r), publicKey_(0), - privateKey_(0), agreedKey_(0), pubKeyLength_(0) {} - ~DHImpl() - { - ysArrayDelete(agreedKey_); - ysArrayDelete(privateKey_); - ysArrayDelete(publicKey_); - } - - DHImpl(const DHImpl& that) : dh_(that.dh_), ranPool_(that.ranPool_), - publicKey_(0), privateKey_(0), agreedKey_(0), pubKeyLength_(0) - { - uint length = dh_.GetByteLength(); - AllocKeys(length, length, length); - } - - void AllocKeys(unsigned int pubSz, unsigned int privSz, unsigned int agrSz) - { - publicKey_ = NEW_YS byte[pubSz]; - privateKey_ = NEW_YS byte[privSz]; - agreedKey_ = NEW_YS byte[agrSz]; - } -}; - - - -/* -// server Side DH, server's view -DiffieHellman::DiffieHellman(const char* file, const RandomPool& random) - : pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_)) -{ - using namespace TaoCrypt; - Source source; - FileSource(file, source); - if (source.size() == 0) - return; // TODO add error state, and force check - HexDecoder hd(source); - - pimpl_->dh_.Initialize(source); - - uint length = pimpl_->dh_.GetByteLength(); - - pimpl_->AllocKeys(length, length, length); - pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_, - pimpl_->publicKey_); -} -*/ - - -// server Side DH, client's view -DiffieHellman::DiffieHellman(const byte* p, unsigned int pSz, const byte* g, - unsigned int gSz, const byte* pub, - unsigned int pubSz, const RandomPool& random) - : pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_)) -{ - using TaoCrypt::Integer; - - pimpl_->dh_.Initialize(Integer(p, pSz).Ref(), Integer(g, gSz).Ref()); - pimpl_->publicKey_ = NEW_YS opaque[pimpl_->pubKeyLength_ = pubSz]; - memcpy(pimpl_->publicKey_, pub, pubSz); -} - - -// Server Side DH, server's view -DiffieHellman::DiffieHellman(const Integer& p, const Integer& g, - const RandomPool& random) -: pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_)) -{ - using TaoCrypt::Integer; - - pimpl_->dh_.Initialize(p.pimpl_->int_, g.pimpl_->int_); - - uint length = pimpl_->dh_.GetByteLength(); - - pimpl_->AllocKeys(length, length, length); - pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_, - pimpl_->publicKey_); -} - -DiffieHellman::~DiffieHellman() { ysDelete(pimpl_); } - - -// Client side and view, use server that for p and g -DiffieHellman::DiffieHellman(const DiffieHellman& that) - : pimpl_(NEW_YS DHImpl(*that.pimpl_)) -{ - pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_, - pimpl_->publicKey_); -} - - -DiffieHellman& DiffieHellman::operator=(const DiffieHellman& that) -{ - pimpl_->dh_ = that.pimpl_->dh_; - pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_, - pimpl_->publicKey_); - return *this; -} - - -void DiffieHellman::makeAgreement(const byte* other, unsigned int otherSz) -{ - pimpl_->dh_.Agree(pimpl_->agreedKey_, pimpl_->privateKey_, other, otherSz); -} - - -uint DiffieHellman::get_agreedKeyLength() const -{ - return pimpl_->dh_.GetByteLength(); -} - - -const byte* DiffieHellman::get_agreedKey() const -{ - return pimpl_->agreedKey_; -} - -uint DiffieHellman::get_publicKeyLength() const -{ - return pimpl_->pubKeyLength_; -} - -const byte* DiffieHellman::get_publicKey() const -{ - return pimpl_->publicKey_; -} - - -void DiffieHellman::set_sizes(int& pSz, int& gSz, int& pubSz) const -{ - using TaoCrypt::Integer; - Integer p = pimpl_->dh_.GetP(); - Integer g = pimpl_->dh_.GetG(); - - pSz = p.ByteCount(); - gSz = g.ByteCount(); - pubSz = pimpl_->dh_.GetByteLength(); -} - - -void DiffieHellman::get_parms(byte* bp, byte* bg, byte* bpub) const -{ - using TaoCrypt::Integer; - Integer p = pimpl_->dh_.GetP(); - Integer g = pimpl_->dh_.GetG(); - - p.Encode(bp, p.ByteCount()); - g.Encode(bg, g.ByteCount()); - memcpy(bpub, pimpl_->publicKey_, pimpl_->dh_.GetByteLength()); -} - - -// convert PEM file to DER x509 type -x509* PemToDer(FILE* file, CertType type, EncryptedInfo* info) -{ - using namespace TaoCrypt; - - char header[80]; - char footer[80]; - - if (type == Cert) { - strncpy(header, "-----BEGIN CERTIFICATE-----", sizeof(header)); - strncpy(footer, "-----END CERTIFICATE-----", sizeof(footer)); - } else { - strncpy(header, "-----BEGIN RSA PRIVATE KEY-----", sizeof(header)); - strncpy(footer, "-----END RSA PRIVATE KEY-----", sizeof(header)); - } - - long begin = -1; - long end = 0; - bool foundEnd = false; - - char line[80]; - - while(fgets(line, sizeof(line), file)) - if (strncmp(header, line, strlen(header)) == 0) { - begin = ftell(file); - break; - } - - // remove encrypted header if there - if (fgets(line, sizeof(line), file)) { - char encHeader[] = "Proc-Type"; - if (strncmp(encHeader, line, strlen(encHeader)) == 0 && - fgets(line,sizeof(line), file)) { - - char* start = strstr(line, "DES"); - char* finish = strstr(line, ","); - if (!start) - start = strstr(line, "AES"); - - if (!info) return 0; - - if ( start && finish && (start < finish)) { - memcpy(info->name, start, finish - start); - info->name[finish - start] = 0; - memcpy(info->iv, finish + 1, sizeof(info->iv)); - - char* newline = strstr(line, "\r"); - if (!newline) newline = strstr(line, "\n"); - if (newline && (newline > finish)) { - info->ivSz = newline - (finish + 1); - info->set = true; - } - } - begin = ftell(file); - if (fgets(line,sizeof(line), file)) // get blank line - begin = ftell(file); - } - - } - - while(fgets(line, sizeof(line), file)) - if (strncmp(footer, line, strlen(footer)) == 0) { - foundEnd = true; - break; - } - else - end = ftell(file); - - if (begin == -1 || !foundEnd) - return 0; - - input_buffer tmp(end - begin); - fseek(file, begin, SEEK_SET); - size_t bytes = fread(tmp.get_buffer(), end - begin, 1, file); - if (bytes != 1) - return 0; - - Source der(tmp.get_buffer(), end - begin); - Base64Decoder b64Dec(der); - - uint sz = der.size(); - mySTL::auto_ptr<x509> x(NEW_YS x509(sz)); - memcpy(x->use_buffer(), der.get_buffer(), sz); - - return x.release(); -} - - -} // namespace - -#endif // !USE_CRYPTOPP_LIB diff --git a/extra/yassl/src/dummy.cpp b/extra/yassl/src/dummy.cpp deleted file mode 100644 index 19b7fe887cd..00000000000 --- a/extra/yassl/src/dummy.cpp +++ /dev/null @@ -1,4 +0,0 @@ -/* - To make libtool always use a C++ linker when compiling with yaSSL we need - to add a dummy C++ file to the source list. -*/ diff --git a/extra/yassl/src/handshake.cpp b/extra/yassl/src/handshake.cpp deleted file mode 100644 index 91d3d6b5914..00000000000 --- a/extra/yassl/src/handshake.cpp +++ /dev/null @@ -1,1203 +0,0 @@ -/* - Copyright (c) 2005, 2014, Oracle and/or its affiliates. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* The handshake source implements functions for creating and reading - * the various handshake messages. - */ - - - -#include "runtime.hpp" -#include "handshake.hpp" -#include "yassl_int.hpp" - - -namespace yaSSL { - - - -// Build a client hello message from cipher suites and compression method -void buildClientHello(SSL& ssl, ClientHello& hello) -{ - // store for pre master secret - ssl.useSecurity().use_connection().chVersion_ = hello.client_version_; - - ssl.getCrypto().get_random().Fill(hello.random_, RAN_LEN); - if (ssl.getSecurity().get_resuming()) { - hello.id_len_ = ID_LEN; - memcpy(hello.session_id_, ssl.getSecurity().get_resume().GetID(), - ID_LEN); - } - else - hello.id_len_ = 0; - hello.suite_len_ = ssl.getSecurity().get_parms().suites_size_; - memcpy(hello.cipher_suites_, ssl.getSecurity().get_parms().suites_, - hello.suite_len_); - hello.comp_len_ = 1; - - hello.set_length(sizeof(ProtocolVersion) + - RAN_LEN + - hello.id_len_ + sizeof(hello.id_len_) + - hello.suite_len_ + sizeof(hello.suite_len_) + - hello.comp_len_ + sizeof(hello.comp_len_)); -} - - -// Build a server hello message -void buildServerHello(SSL& ssl, ServerHello& hello) -{ - if (ssl.getSecurity().get_resuming()) { - memcpy(hello.random_,ssl.getSecurity().get_connection().server_random_, - RAN_LEN); - memcpy(hello.session_id_, ssl.getSecurity().get_resume().GetID(), - ID_LEN); - } - else { - ssl.getCrypto().get_random().Fill(hello.random_, RAN_LEN); - ssl.getCrypto().get_random().Fill(hello.session_id_, ID_LEN); - } - hello.id_len_ = ID_LEN; - ssl.set_sessionID(hello.session_id_); - - hello.cipher_suite_[0] = ssl.getSecurity().get_parms().suite_[0]; - hello.cipher_suite_[1] = ssl.getSecurity().get_parms().suite_[1]; - hello.compression_method_ = hello.compression_method_; - - hello.set_length(sizeof(ProtocolVersion) + RAN_LEN + ID_LEN + - sizeof(hello.id_len_) + SUITE_LEN + SIZEOF_ENUM); -} - - -// add handshake from buffer into md5 and sha hashes, use handshake header -void hashHandShake(SSL& ssl, const input_buffer& input, uint sz) -{ - const opaque* buffer = input.get_buffer() + input.get_current() - - HANDSHAKE_HEADER; - sz += HANDSHAKE_HEADER; - ssl.useHashes().use_MD5().update(buffer, sz); - ssl.useHashes().use_SHA().update(buffer, sz); -} - - -// locals -namespace { - -// Write a plaintext record to buffer -void buildOutput(output_buffer& buffer, const RecordLayerHeader& rlHdr, - const Message& msg) -{ - buffer.allocate(RECORD_HEADER + rlHdr.length_); - buffer << rlHdr << msg; -} - - -// Write a plaintext record to buffer -void buildOutput(output_buffer& buffer, const RecordLayerHeader& rlHdr, - const HandShakeHeader& hsHdr, const HandShakeBase& shake) -{ - buffer.allocate(RECORD_HEADER + rlHdr.length_); - buffer << rlHdr << hsHdr << shake; -} - - -// Build Record Layer header for Message without handshake header -void buildHeader(SSL& ssl, RecordLayerHeader& rlHeader, const Message& msg) -{ - ProtocolVersion pv = ssl.getSecurity().get_connection().version_; - rlHeader.type_ = msg.get_type(); - rlHeader.version_.major_ = pv.major_; - rlHeader.version_.minor_ = pv.minor_; - rlHeader.length_ = msg.get_length(); -} - - -// Build HandShake and RecordLayer Headers for handshake output -void buildHeaders(SSL& ssl, HandShakeHeader& hsHeader, - RecordLayerHeader& rlHeader, const HandShakeBase& shake) -{ - int sz = shake.get_length(); - - hsHeader.set_type(shake.get_type()); - hsHeader.set_length(sz); - - ProtocolVersion pv = ssl.getSecurity().get_connection().version_; - rlHeader.type_ = handshake; - rlHeader.version_.major_ = pv.major_; - rlHeader.version_.minor_ = pv.minor_; - rlHeader.length_ = sz + HANDSHAKE_HEADER; -} - - -// add handshake from buffer into md5 and sha hashes, exclude record header -void hashHandShake(SSL& ssl, const output_buffer& output, bool removeIV = false) -{ - uint sz = output.get_size() - RECORD_HEADER; - - const opaque* buffer = output.get_buffer() + RECORD_HEADER; - - if (removeIV) { // TLSv1_1 IV - uint blockSz = ssl.getCrypto().get_cipher().get_blockSize(); - sz -= blockSz; - buffer += blockSz; - } - - ssl.useHashes().use_MD5().update(buffer, sz); - ssl.useHashes().use_SHA().update(buffer, sz); -} - - -// calculate MD5 hash for finished -void buildMD5(SSL& ssl, Finished& fin, const opaque* sender) -{ - - opaque md5_result[MD5_LEN]; - opaque md5_inner[SIZEOF_SENDER + SECRET_LEN + PAD_MD5]; - opaque md5_outer[SECRET_LEN + PAD_MD5 + MD5_LEN]; - - const opaque* master_secret = - ssl.getSecurity().get_connection().master_secret_; - - // make md5 inner - memcpy(md5_inner, sender, SIZEOF_SENDER); - memcpy(&md5_inner[SIZEOF_SENDER], master_secret, SECRET_LEN); - memcpy(&md5_inner[SIZEOF_SENDER + SECRET_LEN], PAD1, PAD_MD5); - - ssl.useHashes().use_MD5().get_digest(md5_result, md5_inner, - sizeof(md5_inner)); - - // make md5 outer - memcpy(md5_outer, master_secret, SECRET_LEN); - memcpy(&md5_outer[SECRET_LEN], PAD2, PAD_MD5); - memcpy(&md5_outer[SECRET_LEN + PAD_MD5], md5_result, MD5_LEN); - - ssl.useHashes().use_MD5().get_digest(fin.set_md5(), md5_outer, - sizeof(md5_outer)); -} - - -// calculate SHA hash for finished -void buildSHA(SSL& ssl, Finished& fin, const opaque* sender) -{ - - opaque sha_result[SHA_LEN]; - opaque sha_inner[SIZEOF_SENDER + SECRET_LEN + PAD_SHA]; - opaque sha_outer[SECRET_LEN + PAD_SHA + SHA_LEN]; - - const opaque* master_secret = - ssl.getSecurity().get_connection().master_secret_; - - // make sha inner - memcpy(sha_inner, sender, SIZEOF_SENDER); - memcpy(&sha_inner[SIZEOF_SENDER], master_secret, SECRET_LEN); - memcpy(&sha_inner[SIZEOF_SENDER + SECRET_LEN], PAD1, PAD_SHA); - - ssl.useHashes().use_SHA().get_digest(sha_result, sha_inner, - sizeof(sha_inner)); - - // make sha outer - memcpy(sha_outer, master_secret, SECRET_LEN); - memcpy(&sha_outer[SECRET_LEN], PAD2, PAD_SHA); - memcpy(&sha_outer[SECRET_LEN + PAD_SHA], sha_result, SHA_LEN); - - ssl.useHashes().use_SHA().get_digest(fin.set_sha(), sha_outer, - sizeof(sha_outer)); -} - - -// sanity checks on encrypted message size -static int sanity_check_message(SSL& ssl, uint msgSz) -{ - uint minSz = 0; - - if (ssl.getSecurity().get_parms().cipher_type_ == block) { - uint blockSz = ssl.getCrypto().get_cipher().get_blockSize(); - if (msgSz % blockSz) - return -1; - - minSz = ssl.getSecurity().get_parms().hash_size_ + 1; // pad byte too - if (blockSz > minSz) - minSz = blockSz; - - if (ssl.isTLSv1_1()) - minSz += blockSz; // explicit IV - } - else { // stream - minSz = ssl.getSecurity().get_parms().hash_size_; - } - - if (msgSz < minSz) - return -1; - - return 0; -} - - -// decrypt input message in place, store size in case needed later -void decrypt_message(SSL& ssl, input_buffer& input, uint sz) -{ - input_buffer plain(sz); - opaque* cipher = input.get_buffer() + input.get_current(); - - if (sanity_check_message(ssl, sz) != 0) { - ssl.SetError(sanityCipher_error); - return; - } - - ssl.useCrypto().use_cipher().decrypt(plain.get_buffer(), cipher, sz); - memcpy(cipher, plain.get_buffer(), sz); - ssl.useSecurity().use_parms().encrypt_size_ = sz; - - if (ssl.isTLSv1_1()) // IV - input.set_current(input.get_current() + - ssl.getCrypto().get_cipher().get_blockSize()); -} - - -// output operator for input_buffer -output_buffer& operator<<(output_buffer& output, const input_buffer& input) -{ - output.write(input.get_buffer(), input.get_size()); - return output; -} - - -// write headers, handshake hash, mac, pad, and encrypt -void cipherFinished(SSL& ssl, Finished& fin, output_buffer& output) -{ - uint digestSz = ssl.getCrypto().get_digest().get_digestSize(); - uint finishedSz = ssl.isTLS() ? TLS_FINISHED_SZ : FINISHED_SZ; - uint sz = RECORD_HEADER + HANDSHAKE_HEADER + finishedSz + digestSz; - uint pad = 0; - uint blockSz = ssl.getCrypto().get_cipher().get_blockSize(); - - if (ssl.getSecurity().get_parms().cipher_type_ == block) { - if (ssl.isTLSv1_1()) - sz += blockSz; // IV - sz += 1; // pad byte - pad = (sz - RECORD_HEADER) % blockSz; - pad = blockSz - pad; - sz += pad; - } - - RecordLayerHeader rlHeader; - HandShakeHeader hsHeader; - buildHeaders(ssl, hsHeader, rlHeader, fin); - rlHeader.length_ = sz - RECORD_HEADER; // record header includes mac - // and pad, hanshake doesn't - input_buffer iv; - if (ssl.isTLSv1_1() && ssl.getSecurity().get_parms().cipher_type_== block){ - iv.allocate(blockSz); - ssl.getCrypto().get_random().Fill(iv.get_buffer(), blockSz); - iv.add_size(blockSz); - } - uint ivSz = iv.get_size(); - output.allocate(sz); - output << rlHeader << iv << hsHeader << fin; - - hashHandShake(ssl, output, ssl.isTLSv1_1() ? true : false); - opaque digest[SHA_LEN]; // max size - if (ssl.isTLS()) - TLS_hmac(ssl, digest, output.get_buffer() + RECORD_HEADER + ivSz, - output.get_size() - RECORD_HEADER - ivSz, handshake); - else - hmac(ssl, digest, output.get_buffer() + RECORD_HEADER, - output.get_size() - RECORD_HEADER, handshake); - output.write(digest, digestSz); - - if (ssl.getSecurity().get_parms().cipher_type_ == block) - for (uint i = 0; i <= pad; i++) output[AUTO] = pad; // pad byte gets - // pad value too - input_buffer cipher(rlHeader.length_); - ssl.useCrypto().use_cipher().encrypt(cipher.get_buffer(), - output.get_buffer() + RECORD_HEADER, output.get_size() - RECORD_HEADER); - output.set_current(RECORD_HEADER); - output.write(cipher.get_buffer(), cipher.get_capacity()); -} - - -// build an encrypted data or alert message for output -void buildMessage(SSL& ssl, output_buffer& output, const Message& msg) -{ - uint digestSz = ssl.getCrypto().get_digest().get_digestSize(); - uint sz = RECORD_HEADER + msg.get_length() + digestSz; - uint pad = 0; - uint blockSz = ssl.getCrypto().get_cipher().get_blockSize(); - - if (ssl.getSecurity().get_parms().cipher_type_ == block) { - if (ssl.isTLSv1_1()) // IV - sz += blockSz; - sz += 1; // pad byte - pad = (sz - RECORD_HEADER) % blockSz; - pad = blockSz - pad; - sz += pad; - } - - RecordLayerHeader rlHeader; - buildHeader(ssl, rlHeader, msg); - rlHeader.length_ = sz - RECORD_HEADER; // record header includes mac - // and pad, hanshake doesn't - input_buffer iv; - if (ssl.isTLSv1_1() && ssl.getSecurity().get_parms().cipher_type_== block){ - iv.allocate(blockSz); - ssl.getCrypto().get_random().Fill(iv.get_buffer(), blockSz); - iv.add_size(blockSz); - } - - uint ivSz = iv.get_size(); - output.allocate(sz); - output << rlHeader << iv << msg; - - opaque digest[SHA_LEN]; // max size - if (ssl.isTLS()) - TLS_hmac(ssl, digest, output.get_buffer() + RECORD_HEADER + ivSz, - output.get_size() - RECORD_HEADER - ivSz, msg.get_type()); - else - hmac(ssl, digest, output.get_buffer() + RECORD_HEADER, - output.get_size() - RECORD_HEADER, msg.get_type()); - output.write(digest, digestSz); - - if (ssl.getSecurity().get_parms().cipher_type_ == block) - for (uint i = 0; i <= pad; i++) output[AUTO] = pad; // pad byte gets - // pad value too - input_buffer cipher(rlHeader.length_); - ssl.useCrypto().use_cipher().encrypt(cipher.get_buffer(), - output.get_buffer() + RECORD_HEADER, output.get_size() - RECORD_HEADER); - output.set_current(RECORD_HEADER); - output.write(cipher.get_buffer(), cipher.get_capacity()); -} - - -// build alert message -void buildAlert(SSL& ssl, output_buffer& output, const Alert& alert) -{ - if (ssl.getSecurity().get_parms().pending_ == false) // encrypted - buildMessage(ssl, output, alert); - else { - RecordLayerHeader rlHeader; - buildHeader(ssl, rlHeader, alert); - buildOutput(output, rlHeader, alert); - } -} - - -// build TLS finished message -void buildFinishedTLS(SSL& ssl, Finished& fin, const opaque* sender) -{ - opaque handshake_hash[FINISHED_SZ]; - - ssl.useHashes().use_MD5().get_digest(handshake_hash); - ssl.useHashes().use_SHA().get_digest(&handshake_hash[MD5_LEN]); - - const opaque* side; - if ( strncmp((const char*)sender, (const char*)client, SIZEOF_SENDER) == 0) - side = tls_client; - else - side = tls_server; - - PRF(fin.set_md5(), TLS_FINISHED_SZ, - ssl.getSecurity().get_connection().master_secret_, SECRET_LEN, - side, FINISHED_LABEL_SZ, - handshake_hash, FINISHED_SZ); - - fin.set_length(TLS_FINISHED_SZ); // shorter length for TLS -} - - -// compute p_hash for MD5 or SHA-1 for TLSv1 PRF -void p_hash(output_buffer& result, const output_buffer& secret, - const output_buffer& seed, MACAlgorithm hash) -{ - uint len = hash == md5 ? MD5_LEN : SHA_LEN; - uint times = result.get_capacity() / len; - uint lastLen = result.get_capacity() % len; - opaque previous[SHA_LEN]; // max size - opaque current[SHA_LEN]; // max size - mySTL::auto_ptr<Digest> hmac; - - if (lastLen) times += 1; - - if (hash == md5) - hmac.reset(NEW_YS HMAC_MD5(secret.get_buffer(), secret.get_size())); - else - hmac.reset(NEW_YS HMAC_SHA(secret.get_buffer(), secret.get_size())); - // A0 = seed - hmac->get_digest(previous, seed.get_buffer(), seed.get_size());// A1 - uint lastTime = times - 1; - - for (uint i = 0; i < times; i++) { - hmac->update(previous, len); - hmac->get_digest(current, seed.get_buffer(), seed.get_size()); - - if (lastLen && (i == lastTime)) - result.write(current, lastLen); - else { - result.write(current, len); - //memcpy(previous, current, len); - hmac->get_digest(previous, previous, len); - } - } -} - - -// calculate XOR for TLSv1 PRF -void get_xor(byte *digest, uint digLen, output_buffer& md5, - output_buffer& sha) -{ - for (uint i = 0; i < digLen; i++) - digest[i] = md5[AUTO] ^ sha[AUTO]; -} - - -// build MD5 part of certificate verify -void buildMD5_CertVerify(SSL& ssl, byte* digest) -{ - opaque md5_result[MD5_LEN]; - opaque md5_inner[SECRET_LEN + PAD_MD5]; - opaque md5_outer[SECRET_LEN + PAD_MD5 + MD5_LEN]; - - const opaque* master_secret = - ssl.getSecurity().get_connection().master_secret_; - - // make md5 inner - memcpy(md5_inner, master_secret, SECRET_LEN); - memcpy(&md5_inner[SECRET_LEN], PAD1, PAD_MD5); - - ssl.useHashes().use_MD5().get_digest(md5_result, md5_inner, - sizeof(md5_inner)); - - // make md5 outer - memcpy(md5_outer, master_secret, SECRET_LEN); - memcpy(&md5_outer[SECRET_LEN], PAD2, PAD_MD5); - memcpy(&md5_outer[SECRET_LEN + PAD_MD5], md5_result, MD5_LEN); - - ssl.useHashes().use_MD5().get_digest(digest, md5_outer, sizeof(md5_outer)); -} - - -// build SHA part of certificate verify -void buildSHA_CertVerify(SSL& ssl, byte* digest) -{ - opaque sha_result[SHA_LEN]; - opaque sha_inner[SECRET_LEN + PAD_SHA]; - opaque sha_outer[SECRET_LEN + PAD_SHA + SHA_LEN]; - - const opaque* master_secret = - ssl.getSecurity().get_connection().master_secret_; - - // make sha inner - memcpy(sha_inner, master_secret, SECRET_LEN); - memcpy(&sha_inner[SECRET_LEN], PAD1, PAD_SHA); - - ssl.useHashes().use_SHA().get_digest(sha_result, sha_inner, - sizeof(sha_inner)); - - // make sha outer - memcpy(sha_outer, master_secret, SECRET_LEN); - memcpy(&sha_outer[SECRET_LEN], PAD2, PAD_SHA); - memcpy(&sha_outer[SECRET_LEN + PAD_SHA], sha_result, SHA_LEN); - - ssl.useHashes().use_SHA().get_digest(digest, sha_outer, sizeof(sha_outer)); -} - - -} // namespace for locals - - -// some clients still send sslv2 client hello -void ProcessOldClientHello(input_buffer& input, SSL& ssl) -{ - if (input.get_error() || input.get_remaining() < 2) { - ssl.SetError(bad_input); - return; - } - byte b0 = input[AUTO]; - byte b1 = input[AUTO]; - - uint16 sz = ((b0 & 0x7f) << 8) | b1; - - if (sz > input.get_remaining()) { - ssl.SetError(bad_input); - return; - } - - // hashHandShake manually - const opaque* buffer = input.get_buffer() + input.get_current(); - ssl.useHashes().use_MD5().update(buffer, sz); - ssl.useHashes().use_SHA().update(buffer, sz); - - b1 = input[AUTO]; // does this value mean client_hello? - - ClientHello ch; - ch.client_version_.major_ = input[AUTO]; - ch.client_version_.minor_ = input[AUTO]; - - byte len[2]; - - len[0] = input[AUTO]; - len[1] = input[AUTO]; - ato16(len, ch.suite_len_); - - len[0] = input[AUTO]; - len[1] = input[AUTO]; - uint16 sessionLen; - ato16(len, sessionLen); - ch.id_len_ = sessionLen; - - len[0] = input[AUTO]; - len[1] = input[AUTO]; - uint16 randomLen; - ato16(len, randomLen); - - if (input.get_error() || ch.suite_len_ > MAX_SUITE_SZ || - ch.suite_len_ > input.get_remaining() || - sessionLen > ID_LEN || randomLen > RAN_LEN) { - ssl.SetError(bad_input); - return; - } - - int j = 0; - for (uint16 i = 0; i < ch.suite_len_; i += 3) { - byte first = input[AUTO]; - if (first) // sslv2 type - input.read(len, SUITE_LEN); // skip - else { - input.read(&ch.cipher_suites_[j], SUITE_LEN); - j += SUITE_LEN; - } - } - ch.suite_len_ = j; - - if (ch.id_len_) - input.read(ch.session_id_, ch.id_len_); // id_len_ from sessionLen - - if (randomLen < RAN_LEN) - memset(ch.random_, 0, RAN_LEN - randomLen); - input.read(&ch.random_[RAN_LEN - randomLen], randomLen); - - ch.Process(input, ssl); -} - - -// Build a finished message, see 7.6.9 -void buildFinished(SSL& ssl, Finished& fin, const opaque* sender) -{ - // store current states, building requires get_digest which resets state - MD5 md5(ssl.getHashes().get_MD5()); - SHA sha(ssl.getHashes().get_SHA()); - - if (ssl.isTLS()) - buildFinishedTLS(ssl, fin, sender); - else { - buildMD5(ssl, fin, sender); - buildSHA(ssl, fin, sender); - } - - // restore - ssl.useHashes().use_MD5() = md5; - ssl.useHashes().use_SHA() = sha; -} - - -/* compute SSLv3 HMAC into digest see - * buffer is of sz size and includes HandShake Header but not a Record Header - * verify means to check peers hmac -*/ -void hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz, - ContentType content, bool verify) -{ - Digest& mac = ssl.useCrypto().use_digest(); - opaque inner[SHA_LEN + PAD_MD5 + SEQ_SZ + SIZEOF_ENUM + LENGTH_SZ]; - opaque outer[SHA_LEN + PAD_MD5 + SHA_LEN]; - opaque result[SHA_LEN]; // max possible sizes - uint digestSz = mac.get_digestSize(); // actual sizes - uint padSz = mac.get_padSize(); - uint innerSz = digestSz + padSz + SEQ_SZ + SIZEOF_ENUM + LENGTH_SZ; - uint outerSz = digestSz + padSz + digestSz; - - // data - const opaque* mac_secret = ssl.get_macSecret(verify); - opaque seq[SEQ_SZ] = { 0x00, 0x00, 0x00, 0x00 }; - opaque length[LENGTH_SZ]; - c16toa(sz, length); - c32toa(ssl.get_SEQIncrement(verify), &seq[sizeof(uint32)]); - - // make inner - memcpy(inner, mac_secret, digestSz); - memcpy(&inner[digestSz], PAD1, padSz); - memcpy(&inner[digestSz + padSz], seq, SEQ_SZ); - inner[digestSz + padSz + SEQ_SZ] = content; - memcpy(&inner[digestSz + padSz + SEQ_SZ + SIZEOF_ENUM], length, LENGTH_SZ); - - mac.update(inner, innerSz); - mac.get_digest(result, buffer, sz); // append content buffer - - // make outer - memcpy(outer, mac_secret, digestSz); - memcpy(&outer[digestSz], PAD2, padSz); - memcpy(&outer[digestSz + padSz], result, digestSz); - - mac.get_digest(digest, outer, outerSz); -} - - -// TLS type HAMC -void TLS_hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz, - ContentType content, bool verify) -{ - mySTL::auto_ptr<Digest> hmac; - opaque seq[SEQ_SZ] = { 0x00, 0x00, 0x00, 0x00 }; - opaque length[LENGTH_SZ]; - opaque inner[SIZEOF_ENUM + VERSION_SZ + LENGTH_SZ]; // type + version + len - - c16toa(sz, length); - c32toa(ssl.get_SEQIncrement(verify), &seq[sizeof(uint32)]); - - MACAlgorithm algo = ssl.getSecurity().get_parms().mac_algorithm_; - - if (algo == sha) - hmac.reset(NEW_YS HMAC_SHA(ssl.get_macSecret(verify), SHA_LEN)); - else if (algo == rmd) - hmac.reset(NEW_YS HMAC_RMD(ssl.get_macSecret(verify), RMD_LEN)); - else - hmac.reset(NEW_YS HMAC_MD5(ssl.get_macSecret(verify), MD5_LEN)); - - hmac->update(seq, SEQ_SZ); // seq_num - inner[0] = content; // type - inner[SIZEOF_ENUM] = ssl.getSecurity().get_connection().version_.major_; - inner[SIZEOF_ENUM + SIZEOF_ENUM] = - ssl.getSecurity().get_connection().version_.minor_; // version - memcpy(&inner[SIZEOF_ENUM + VERSION_SZ], length, LENGTH_SZ); // length - hmac->update(inner, sizeof(inner)); - hmac->get_digest(digest, buffer, sz); // content -} - - -// compute TLSv1 PRF (pseudo random function using HMAC) -void PRF(byte* digest, uint digLen, const byte* secret, uint secLen, - const byte* label, uint labLen, const byte* seed, uint seedLen) -{ - uint half = (secLen + 1) / 2; - - output_buffer md5_half(half); - output_buffer sha_half(half); - output_buffer labelSeed(labLen + seedLen); - - md5_half.write(secret, half); - sha_half.write(secret + half - secLen % 2, half); - labelSeed.write(label, labLen); - labelSeed.write(seed, seedLen); - - output_buffer md5_result(digLen); - output_buffer sha_result(digLen); - - p_hash(md5_result, md5_half, labelSeed, md5); - p_hash(sha_result, sha_half, labelSeed, sha); - - md5_result.set_current(0); - sha_result.set_current(0); - get_xor(digest, digLen, md5_result, sha_result); -} - - -// build certificate hashes -void build_certHashes(SSL& ssl, Hashes& hashes) -{ - // store current states, building requires get_digest which resets state - MD5 md5(ssl.getHashes().get_MD5()); - SHA sha(ssl.getHashes().get_SHA()); - - if (ssl.isTLS()) { - ssl.useHashes().use_MD5().get_digest(hashes.md5_); - ssl.useHashes().use_SHA().get_digest(hashes.sha_); - } - else { - buildMD5_CertVerify(ssl, hashes.md5_); - buildSHA_CertVerify(ssl, hashes.sha_); - } - - // restore - ssl.useHashes().use_MD5() = md5; - ssl.useHashes().use_SHA() = sha; -} - - - -// do process input requests, return 0 is done, 1 is call again to complete -int DoProcessReply(SSL& ssl) -{ - // wait for input if blocking - if (!ssl.useSocket().wait()) { - ssl.SetError(receive_error); - return 0; - } - uint ready = ssl.getSocket().get_ready(); - if (!ready) - ready= 64; - - // add buffered data if its there - input_buffer* buffered = ssl.useBuffers().TakeRawInput(); - uint buffSz = buffered ? buffered->get_size() : 0; - input_buffer buffer(buffSz + ready); - if (buffSz) { - buffer.assign(buffered->get_buffer(), buffSz); - ysDelete(buffered); - buffered = 0; - } - - // add new data - uint read = ssl.useSocket().receive(buffer.get_buffer() + buffSz, ready); - if (read == static_cast<uint>(-1)) { - ssl.SetError(receive_error); - return 0; - } - buffer.add_size(read); - uint offset = 0; - const MessageFactory& mf = ssl.getFactory().getMessage(); - - // old style sslv2 client hello? - if (ssl.getSecurity().get_parms().entity_ == server_end && - ssl.getStates().getServer() == clientNull) - if (buffer.peek() != handshake) { - ProcessOldClientHello(buffer, ssl); - if (ssl.GetError()) - return 0; - } - - while(!buffer.eof()) { - // each record - RecordLayerHeader hdr; - bool needHdr = false; - - if (static_cast<uint>(RECORD_HEADER) > buffer.get_remaining()) - needHdr = true; - else { - buffer >> hdr; - /* - According to RFC 4346 (see "7.4.1.3. Server Hello"), the Server Hello - packet needs to specify the highest supported TLS version, but not - higher than what client requests. YaSSL highest supported version is - TLSv1.1 (=3.2) - if the client requests a higher version, downgrade it - here to 3.2. - See also Appendix E of RFC 5246 (TLS 1.2) - */ - if (hdr.version_.major_ == 3 && hdr.version_.minor_ > 2) - hdr.version_.minor_ = 2; - ssl.verifyState(hdr); - } - - if (ssl.GetError()) - return 0; - - // make sure we have enough input in buffer to process this record - if (needHdr || hdr.length_ > buffer.get_remaining()) { - // put header in front for next time processing - uint extra = needHdr ? 0 : RECORD_HEADER; - uint sz = buffer.get_remaining() + extra; - ssl.useBuffers().SetRawInput(NEW_YS input_buffer(sz, - buffer.get_buffer() + buffer.get_current() - extra, sz)); - return 1; - } - - while (buffer.get_current() < hdr.length_ + RECORD_HEADER + offset) { - // each message in record, can be more than 1 if not encrypted - if (ssl.GetError()) - return 0; - - if (ssl.getSecurity().get_parms().pending_ == false) { // cipher on - // sanity check for malicious/corrupted/illegal input - if (buffer.get_remaining() < hdr.length_) { - ssl.SetError(bad_input); - return 0; - } - decrypt_message(ssl, buffer, hdr.length_); - if (ssl.GetError()) - return 0; - } - - mySTL::auto_ptr<Message> msg(mf.CreateObject(hdr.type_)); - if (!msg.get()) { - ssl.SetError(factory_error); - return 0; - } - buffer >> *msg; - msg->Process(buffer, ssl); - if (ssl.GetError()) - return 0; - } - offset += hdr.length_ + RECORD_HEADER; - } - return 0; -} - - -// process input requests -void processReply(SSL& ssl) -{ - if (ssl.GetError()) return; - - if (DoProcessReply(ssl)) { - // didn't complete process - if (!ssl.getSocket().IsNonBlocking()) { - // keep trying now, blocking ok - while (!ssl.GetError()) - if (DoProcessReply(ssl) == 0) break; - } - else - // user will have try again later, non blocking - ssl.SetError(YasslError(SSL_ERROR_WANT_READ)); - } -} - - -// send client_hello, no buffering -void sendClientHello(SSL& ssl) -{ - ssl.verifyState(serverNull); - if (ssl.GetError()) return; - - ClientHello ch(ssl.getSecurity().get_connection().version_, - ssl.getSecurity().get_connection().compression_); - RecordLayerHeader rlHeader; - HandShakeHeader hsHeader; - output_buffer out; - - buildClientHello(ssl, ch); - ssl.set_random(ch.get_random(), client_end); - buildHeaders(ssl, hsHeader, rlHeader, ch); - buildOutput(out, rlHeader, hsHeader, ch); - hashHandShake(ssl, out); - - ssl.Send(out.get_buffer(), out.get_size()); -} - - -// send client key exchange -void sendClientKeyExchange(SSL& ssl, BufferOutput buffer) -{ - ssl.verifyState(serverHelloDoneComplete); - if (ssl.GetError()) return; - - ClientKeyExchange ck(ssl); - ck.build(ssl); - ssl.makeMasterSecret(); - - RecordLayerHeader rlHeader; - HandShakeHeader hsHeader; - mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer); - buildHeaders(ssl, hsHeader, rlHeader, ck); - buildOutput(*out.get(), rlHeader, hsHeader, ck); - hashHandShake(ssl, *out.get()); - - if (buffer == buffered) - ssl.addBuffer(out.release()); - else - ssl.Send(out->get_buffer(), out->get_size()); -} - - -// send server key exchange -void sendServerKeyExchange(SSL& ssl, BufferOutput buffer) -{ - if (ssl.GetError()) return; - ServerKeyExchange sk(ssl); - sk.build(ssl); - if (ssl.GetError()) return; - - RecordLayerHeader rlHeader; - HandShakeHeader hsHeader; - mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer); - buildHeaders(ssl, hsHeader, rlHeader, sk); - buildOutput(*out.get(), rlHeader, hsHeader, sk); - hashHandShake(ssl, *out.get()); - - if (buffer == buffered) - ssl.addBuffer(out.release()); - else - ssl.Send(out->get_buffer(), out->get_size()); -} - - -// send change cipher -void sendChangeCipher(SSL& ssl, BufferOutput buffer) -{ - if (ssl.getSecurity().get_parms().entity_ == server_end) { - if (ssl.getSecurity().get_resuming()) - ssl.verifyState(clientKeyExchangeComplete); - else - ssl.verifyState(clientFinishedComplete); - } - if (ssl.GetError()) return; - - ChangeCipherSpec ccs; - RecordLayerHeader rlHeader; - buildHeader(ssl, rlHeader, ccs); - mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer); - buildOutput(*out.get(), rlHeader, ccs); - - if (buffer == buffered) - ssl.addBuffer(out.release()); - else - ssl.Send(out->get_buffer(), out->get_size()); -} - - -// send finished -void sendFinished(SSL& ssl, ConnectionEnd side, BufferOutput buffer) -{ - if (ssl.GetError()) return; - - Finished fin; - buildFinished(ssl, fin, side == client_end ? client : server); - mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer); - cipherFinished(ssl, fin, *out.get()); // hashes handshake - - if (ssl.getSecurity().get_resuming()) { - if (side == server_end) - buildFinished(ssl, ssl.useHashes().use_verify(), client); // client - } - else { - if (!ssl.getSecurity().GetContext()->GetSessionCacheOff()) - GetSessions().add(ssl); // store session - if (side == client_end) - buildFinished(ssl, ssl.useHashes().use_verify(), server); // server - } - ssl.useSecurity().use_connection().CleanMaster(); - - if (buffer == buffered) - ssl.addBuffer(out.release()); - else - ssl.Send(out->get_buffer(), out->get_size()); -} - - -// send data -int sendData(SSL& ssl, const void* buffer, int sz) -{ - int sent = 0; - - if (ssl.GetError() == YasslError(SSL_ERROR_WANT_READ)) - ssl.SetError(no_error); - - if (ssl.GetError() == YasslError(SSL_ERROR_WANT_WRITE)) { - ssl.SetError(no_error); - ssl.SendWriteBuffered(); - if (!ssl.GetError()) { - // advance sent to prvevious sent + plain size just sent - sent = ssl.useBuffers().prevSent + ssl.useBuffers().plainSz; - } - } - - ssl.verfiyHandShakeComplete(); - if (ssl.GetError()) return -1; - - for (;;) { - int len = min(sz - sent, MAX_RECORD_SIZE); - output_buffer out; - input_buffer tmp; - - Data data; - - if (sent == sz) break; - - if (ssl.CompressionOn()) { - if (Compress(static_cast<const opaque*>(buffer) + sent, len, - tmp) == -1) { - ssl.SetError(compress_error); - return -1; - } - data.SetData(tmp.get_size(), tmp.get_buffer()); - } - else - data.SetData(len, static_cast<const opaque*>(buffer) + sent); - - buildMessage(ssl, out, data); - ssl.Send(out.get_buffer(), out.get_size()); - - if (ssl.GetError()) { - if (ssl.GetError() == YasslError(SSL_ERROR_WANT_WRITE)) { - ssl.useBuffers().plainSz = len; - ssl.useBuffers().prevSent = sent; - } - return -1; - } - sent += len; - } - ssl.useLog().ShowData(sent, true); - return sent; -} - - -// send alert -int sendAlert(SSL& ssl, const Alert& alert) -{ - output_buffer out; - buildAlert(ssl, out, alert); - ssl.Send(out.get_buffer(), out.get_size()); - - return alert.get_length(); -} - - -// process input data -int receiveData(SSL& ssl, Data& data, bool peek) -{ - if (ssl.GetError() == YasslError(SSL_ERROR_WANT_READ)) - ssl.SetError(no_error); - - ssl.verfiyHandShakeComplete(); - if (ssl.GetError()) return -1; - - if (!ssl.HasData()) - processReply(ssl); - - if (peek) - ssl.PeekData(data); - else - ssl.fillData(data); - - ssl.useLog().ShowData(data.get_length()); - if (ssl.GetError()) return -1; - - if (data.get_length() == 0 && ssl.getSocket().WouldBlock()) { - ssl.SetError(YasslError(SSL_ERROR_WANT_READ)); - return SSL_WOULD_BLOCK; - } - return data.get_length(); -} - - -// send server hello -void sendServerHello(SSL& ssl, BufferOutput buffer) -{ - if (ssl.getSecurity().get_resuming()) - ssl.verifyState(clientKeyExchangeComplete); - else - ssl.verifyState(clientHelloComplete); - if (ssl.GetError()) return; - - ServerHello sh(ssl.getSecurity().get_connection().version_, - ssl.getSecurity().get_connection().compression_); - RecordLayerHeader rlHeader; - HandShakeHeader hsHeader; - mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer); - - buildServerHello(ssl, sh); - ssl.set_random(sh.get_random(), server_end); - buildHeaders(ssl, hsHeader, rlHeader, sh); - buildOutput(*out.get(), rlHeader, hsHeader, sh); - hashHandShake(ssl, *out.get()); - - if (buffer == buffered) - ssl.addBuffer(out.release()); - else - ssl.Send(out->get_buffer(), out->get_size()); -} - - -// send server hello done -void sendServerHelloDone(SSL& ssl, BufferOutput buffer) -{ - if (ssl.GetError()) return; - - ServerHelloDone shd; - RecordLayerHeader rlHeader; - HandShakeHeader hsHeader; - mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer); - - buildHeaders(ssl, hsHeader, rlHeader, shd); - buildOutput(*out.get(), rlHeader, hsHeader, shd); - hashHandShake(ssl, *out.get()); - - if (buffer == buffered) - ssl.addBuffer(out.release()); - else - ssl.Send(out->get_buffer(), out->get_size()); -} - - -// send certificate -void sendCertificate(SSL& ssl, BufferOutput buffer) -{ - if (ssl.GetError()) return; - - Certificate cert(ssl.getCrypto().get_certManager().get_cert()); - RecordLayerHeader rlHeader; - HandShakeHeader hsHeader; - mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer); - - buildHeaders(ssl, hsHeader, rlHeader, cert); - buildOutput(*out.get(), rlHeader, hsHeader, cert); - hashHandShake(ssl, *out.get()); - - if (buffer == buffered) - ssl.addBuffer(out.release()); - else - ssl.Send(out->get_buffer(), out->get_size()); -} - - -// send certificate request -void sendCertificateRequest(SSL& ssl, BufferOutput buffer) -{ - if (ssl.GetError()) return; - - CertificateRequest request; - request.Build(); - RecordLayerHeader rlHeader; - HandShakeHeader hsHeader; - mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer); - - buildHeaders(ssl, hsHeader, rlHeader, request); - buildOutput(*out.get(), rlHeader, hsHeader, request); - hashHandShake(ssl, *out.get()); - - if (buffer == buffered) - ssl.addBuffer(out.release()); - else - ssl.Send(out->get_buffer(), out->get_size()); -} - - -// send certificate verify -void sendCertificateVerify(SSL& ssl, BufferOutput buffer) -{ - if (ssl.GetError()) return; - - if(ssl.getCrypto().get_certManager().sendBlankCert()) return; - - CertificateVerify verify; - verify.Build(ssl); - if (ssl.GetError()) return; - - RecordLayerHeader rlHeader; - HandShakeHeader hsHeader; - mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer); - - buildHeaders(ssl, hsHeader, rlHeader, verify); - buildOutput(*out.get(), rlHeader, hsHeader, verify); - hashHandShake(ssl, *out.get()); - - if (buffer == buffered) - ssl.addBuffer(out.release()); - else - ssl.Send(out->get_buffer(), out->get_size()); -} - - -} // namespace diff --git a/extra/yassl/src/lock.cpp b/extra/yassl/src/lock.cpp deleted file mode 100644 index 44cbcc1151f..00000000000 --- a/extra/yassl/src/lock.cpp +++ /dev/null @@ -1,87 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* Locking functions - */ - -#include "runtime.hpp" -#include "lock.hpp" - - -namespace yaSSL { - - -#ifdef MULTI_THREADED - #ifdef _WIN32 - - Mutex::Mutex() - { - InitializeCriticalSection(&cs_); - } - - - Mutex::~Mutex() - { - DeleteCriticalSection(&cs_); - } - - - Mutex::Lock::Lock(Mutex& lm) : mutex_(lm) - { - EnterCriticalSection(&mutex_.cs_); - } - - - Mutex::Lock::~Lock() - { - LeaveCriticalSection(&mutex_.cs_); - } - - #else // _WIN32 - - Mutex::Mutex() - { - pthread_mutex_init(&mutex_, 0); - } - - - Mutex::~Mutex() - { - pthread_mutex_destroy(&mutex_); - } - - - Mutex::Lock::Lock(Mutex& lm) : mutex_(lm) - { - pthread_mutex_lock(&mutex_.mutex_); - } - - - Mutex::Lock::~Lock() - { - pthread_mutex_unlock(&mutex_.mutex_); - } - - - #endif // _WIN32 -#endif // MULTI_THREADED - - - -} // namespace yaSSL - diff --git a/extra/yassl/src/log.cpp b/extra/yassl/src/log.cpp deleted file mode 100644 index 5adbe401d7a..00000000000 --- a/extra/yassl/src/log.cpp +++ /dev/null @@ -1,146 +0,0 @@ -/* - Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* Debug logging functions - */ - - -#include "runtime.hpp" -#include "log.hpp" - -#ifdef YASSL_LOG - #include <time.h> - #include <stdio.h> - #include <string.h> -#endif - - - -namespace yaSSL { - - -#ifdef YASSL_LOG - - enum { MAX_MSG = 81 }; - - Log::Log(const char* str) - { - log_ = fopen(str, "w"); - Trace("********** Logger Attached **********"); - } - - - Log::~Log() - { - Trace("********** Logger Detached **********"); - fclose(log_); - } - - - // Trace a message - void Log::Trace(const char* str) - { - if (!log_) return; - - time_t clicks = time(0); - char timeStr[32]; - - // get rid of newline - strncpy(timeStr, ctime(&clicks), sizeof(timeStr)); - unsigned int len = strlen(timeStr); - timeStr[len - 1] = 0; - - char msg[MAX_MSG]; - - strncpy(msg, timeStr, sizeof(timeStr)); - strncat(msg, ":", 1); - strncat(msg, str, MAX_MSG - sizeof(timeStr) - 2); - strncat(msg, "\n", 1); - msg[MAX_MSG - 1] = 0; - - fputs(msg, log_); - } - - - #if defined(_WIN32) || defined(__MACH__) || defined(__hpux__) - typedef int socklen_t; - #endif - - - // write tcp address - void Log::ShowTCP(socket_t fd, bool ended) - { - sockaddr_in peeraddr; - socklen_t len = sizeof(peeraddr); - if (getpeername(fd, (sockaddr*)&peeraddr, &len) != 0) - return; - - const char* p = reinterpret_cast<const char*>(&peeraddr.sin_addr); - char msg[MAX_MSG]; - char number[16]; - - if (ended) - strncpy(msg, "yaSSL conn DONE w/ peer ", 26); - else - strncpy(msg, "yaSSL conn BEGUN w/ peer ", 26); - for (int i = 0; i < 4; ++i) { - sprintf(number, "%u", static_cast<unsigned short>(p[i])); - strncat(msg, number, 8); - if (i < 3) - strncat(msg, ".", 1); - } - strncat(msg, " port ", 8); - sprintf(number, "%d", htons(peeraddr.sin_port)); - strncat(msg, number, 8); - - msg[MAX_MSG - 1] = 0; - Trace(msg); - } - - - // log processed data - void Log::ShowData(uint bytes, bool sent) - { - char msg[MAX_MSG]; - char number[16]; - - if (sent) - strncpy(msg, "Sent ", 10); - else - strncpy(msg, "Received ", 10); - sprintf(number, "%u", bytes); - strncat(msg, number, 8); - strncat(msg, " bytes of application data", 27); - - msg[MAX_MSG - 1] = 0; - Trace(msg); - } - - -#else // no YASSL_LOG - - - Log::Log(const char*) {} - Log::~Log() {} - void Log::Trace(const char*) {} - void Log::ShowTCP(socket_t, bool) {} - void Log::ShowData(uint, bool) {} - - -#endif // YASSL_LOG -} // namespace diff --git a/extra/yassl/src/make.bat b/extra/yassl/src/make.bat deleted file mode 100755 index da7cc315382..00000000000 --- a/extra/yassl/src/make.bat +++ /dev/null @@ -1,42 +0,0 @@ -REM Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. -REM -REM This program is free software; you can redistribute it and/or modify -REM it under the terms of the GNU General Public License as published by -REM the Free Software Foundation; version 2 of the License. -REM -REM This program is distributed in the hope that it will be useful, -REM but WITHOUT ANY WARRANTY; without even the implied warranty of -REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -REM GNU General Public License for more details. -REM -REM You should have received a copy of the GNU General Public License -REM along with this program; if not, write to the Free Software -REM Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA - -REM quick and dirty build file for testing different MSDEVs -setlocal - -set myFLAGS= /I../include /I../taocrypt/mySTL /I../taocrypt/include /W3 /c /ZI - -cl %myFLAGS% buffer.cpp -cl %myFLAGS% cert_wrapper.cpp -cl %myFLAGS% crypto_wrapper.cpp -cl %myFLAGS% handshake.cpp - -cl %myFLAGS% lock.cpp -cl %myFLAGS% log.cpp -cl %myFLAGS% socket_wrapper.cpp -cl %myFLAGS% ssl.cpp - -cl %myFLAGS% template_instnt.cpp -cl %myFLAGS% timer.cpp -cl %myFLAGS% yassl.cpp -cl %myFLAGS% yassl_error.cpp - -cl %myFLAGS% yassl_imp.cpp -cl %myFLAGS% yassl_int.cpp - -link.exe -lib /out:yassl.lib buffer.obj cert_wrapper.obj crypto_wrapper.obj handshake.obj lock.obj log.obj socket_wrapper.obj ssl.obj template_instnt.obj timer.obj yassl.obj yassl_error.obj yassl_imp.obj yassl_int.obj - - - diff --git a/extra/yassl/src/socket_wrapper.cpp b/extra/yassl/src/socket_wrapper.cpp deleted file mode 100644 index a9db842d01b..00000000000 --- a/extra/yassl/src/socket_wrapper.cpp +++ /dev/null @@ -1,261 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* The socket wrapper source implements a Socket class that hides the - * differences between Berkely style sockets and Windows sockets, allowing - * transparent TCP access. - */ - - -#include "runtime.hpp" -#include "socket_wrapper.hpp" - -#ifndef _WIN32 - #include <errno.h> - #include <netdb.h> - #include <unistd.h> - #include <arpa/inet.h> - #include <netinet/in.h> - #include <sys/ioctl.h> - #include <string.h> - #include <fcntl.h> -#endif // _WIN32 - -#if defined(__sun) || defined(__SCO_VERSION__) - #include <sys/filio.h> -#endif - -#ifdef _WIN32 - const int SOCKET_EWOULDBLOCK = WSAEWOULDBLOCK; - const int SOCKET_EAGAIN = WSAEWOULDBLOCK; -#else - const int SOCKET_EINVAL = EINVAL; - const int SOCKET_EWOULDBLOCK = EWOULDBLOCK; - const int SOCKET_EAGAIN = EAGAIN; -#endif // _WIN32 - - -namespace { - - -extern "C" long system_recv(void *ptr, void *buf, size_t count, int flags) -{ - yaSSL::socket_t *socket = (yaSSL::socket_t *) ptr; - return ::recv(*socket, reinterpret_cast<char *>(buf), (int)count, flags); -} - - -extern "C" long system_send(void *ptr, const void *buf, size_t count, - int flags) -{ - yaSSL::socket_t *socket = (yaSSL::socket_t *) ptr; - return ::send(*socket, reinterpret_cast<const char *>(buf), (int)count, flags); -} - - -} - - -namespace yaSSL { - - -Socket::Socket(socket_t s) - : socket_(s), wouldBlock_(false), nonBlocking_(false), - ptr_(&socket_), send_func_(system_send), recv_func_(system_recv) -{} - - -void Socket::set_fd(socket_t s) -{ - socket_ = s; -} - - -socket_t Socket::get_fd() const -{ - return socket_; -} - - -Socket::~Socket() -{ - // don't close automatically now -} - - -void Socket::closeSocket() -{ - if (socket_ != INVALID_SOCKET) { -#ifdef _WIN32 - closesocket(socket_); -#else - close(socket_); -#endif - socket_ = INVALID_SOCKET; - } -} - - -uint Socket::get_ready() const -{ -#ifdef _WIN32 - unsigned long ready = 0; - ioctlsocket(socket_, FIONREAD, &ready); -#else - /* - 64-bit Solaris requires the variable passed to - FIONREAD be a 32-bit value. - */ - unsigned int ready = 0; - ioctl(socket_, FIONREAD, &ready); -#endif - - return ready; -} - -void Socket::set_transport_ptr(void *ptr) -{ - ptr_ = ptr; -} - - -void Socket::set_transport_recv_function(yaSSL_recv_func_t recv_func) -{ - recv_func_ = recv_func; -} - - -void Socket::set_transport_send_function(yaSSL_send_func_t send_func) -{ - send_func_ = send_func; -} - - -uint Socket::send(const byte* buf, unsigned int sz, unsigned int &written, - int flags) -{ - const byte* pos = buf; - const byte* end = pos + sz; - - wouldBlock_ = false; - - while (pos != end) - { - int sent = send_func_(ptr_, pos, static_cast<int>(end - pos), flags); - if (sent == -1) - { - if (get_lastError() == SOCKET_EWOULDBLOCK || - get_lastError() == SOCKET_EAGAIN) - { - wouldBlock_ = true; // would have blocked this time only - nonBlocking_ = true; // nonblocking, win32 only way to tell - return 0; - } - return static_cast<uint>(-1); - } - pos += sent; - written += sent; - } - return sz; -} - - -uint Socket::receive(byte* buf, unsigned int sz, int flags) -{ - wouldBlock_ = false; - - int recvd = recv_func_(ptr_, buf, sz, flags); - - // idea to seperate error from would block by arnetheduck@gmail.com - if (recvd == -1) { - if (get_lastError() == SOCKET_EWOULDBLOCK || - get_lastError() == SOCKET_EAGAIN) { - wouldBlock_ = true; // would have blocked this time only - nonBlocking_ = true; // socket nonblocking, win32 only way to tell - return 0; - } - } - else if (recvd == 0) - return static_cast<uint>(-1); - - return recvd; -} - - -// wait if blocking for input, return false for error -bool Socket::wait() -{ - char b; - int recvd = ::recv(socket_, &b, 1, MSG_PEEK); - - if (recvd == -1) { - if (get_lastError() == SOCKET_EWOULDBLOCK || - get_lastError() == SOCKET_EAGAIN) { - wouldBlock_ = true; // would have blocked this time only - nonBlocking_ = true; // socket nonblocking, win32 only way to tell - return 1; - } - } - else if (recvd == 0) - return 0; // Non blocking & no data - - return 1; // Data can be read - -} - - -void Socket::shutDown(int how) -{ - shutdown(socket_, how); -} - - -int Socket::get_lastError() -{ -#ifdef _WIN32 - return WSAGetLastError(); -#else - return errno; -#endif -} - - -bool Socket::WouldBlock() const -{ - return wouldBlock_; -} - - -bool Socket::IsNonBlocking() const -{ - return nonBlocking_; -} - - -void Socket::set_lastError(int errorCode) -{ -#ifdef _WIN32 - WSASetLastError(errorCode); -#else - errno = errorCode; -#endif -} - - -} // namespace diff --git a/extra/yassl/src/ssl.cpp b/extra/yassl/src/ssl.cpp deleted file mode 100644 index 03f52863153..00000000000 --- a/extra/yassl/src/ssl.cpp +++ /dev/null @@ -1,1782 +0,0 @@ -/* - Copyright (c) 2005, 2014, Oracle and/or its affiliates. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* SSL source implements all openssl compatibility API functions - * - * TODO: notes are mostly api additions to allow compilation with mysql - * they don't affect normal modes but should be provided for completeness - - * stunnel functions at end of file - */ - - - -/* see man pages for function descriptions */ - -#include "runtime.hpp" -#include "openssl/ssl.h" -#include "handshake.hpp" -#include "yassl_int.hpp" -#include "md5.hpp" // for TaoCrypt MD5 size assert -#include "md4.hpp" // for TaoCrypt MD4 size assert -#include "file.hpp" // for TaoCrypt Source -#include "coding.hpp" // HexDecoder -#include "helpers.hpp" // for placement new hack -#include "rsa.hpp" // for TaoCrypt RSA key decode -#include "dsa.hpp" // for TaoCrypt DSA key decode -#include <stdio.h> -#include <time.h> - -#ifdef _WIN32 - #include <windows.h> // FindFirstFile etc.. -#else - #include <sys/types.h> // file helper - #include <sys/stat.h> // stat - #include <dirent.h> // opendir -#endif - - -namespace yaSSL { - - - -int read_file(SSL_CTX* ctx, const char* file, int format, CertType type) -{ - int ret = SSL_SUCCESS; - - if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM) - return SSL_BAD_FILETYPE; - - if (file == NULL || !file[0]) - return SSL_BAD_FILE; - - FILE* input = fopen(file, "rb"); - if (!input) - return SSL_BAD_FILE; - - if (type == CA) { - // may have a bunch of CAs - x509* ptr; - while ( (ptr = PemToDer(input, Cert)) ) - ctx->AddCA(ptr); - - if (!feof(input)) { - fclose(input); - return SSL_BAD_FILE; - } - } - else { - x509*& x = (type == Cert) ? ctx->certificate_ : ctx->privateKey_; - - if (format == SSL_FILETYPE_ASN1) { - fseek(input, 0, SEEK_END); - long sz = ftell(input); - rewind(input); - x = NEW_YS x509(sz); // takes ownership - size_t bytes = fread(x->use_buffer(), sz, 1, input); - if (bytes != 1) { - fclose(input); - return SSL_BAD_FILE; - } - } - else { - EncryptedInfo info; - x = PemToDer(input, type, &info); - if (!x) { - fclose(input); - return SSL_BAD_FILE; - } - if (info.set) { - // decrypt - char password[80]; - pem_password_cb cb = ctx->GetPasswordCb(); - if (!cb) { - fclose(input); - return SSL_BAD_FILE; - } - int passwordSz = cb(password, sizeof(password), 0, - ctx->GetUserData()); - byte key[AES_256_KEY_SZ]; // max sizes - byte iv[AES_IV_SZ]; - - // use file's salt for key derivation, but not real iv - TaoCrypt::Source source(info.iv, info.ivSz); - TaoCrypt::HexDecoder dec(source); - memcpy(info.iv, source.get_buffer(), min((uint)sizeof(info.iv), - source.size())); - EVP_BytesToKey(info.name, "MD5", info.iv, (byte*)password, - passwordSz, 1, key, iv); - - mySTL::auto_ptr<BulkCipher> cipher; - if (strncmp(info.name, "DES-CBC", 7) == 0) - cipher.reset(NEW_YS DES); - else if (strncmp(info.name, "DES-EDE3-CBC", 13) == 0) - cipher.reset(NEW_YS DES_EDE); - else if (strncmp(info.name, "AES-128-CBC", 13) == 0) - cipher.reset(NEW_YS AES(AES_128_KEY_SZ)); - else if (strncmp(info.name, "AES-192-CBC", 13) == 0) - cipher.reset(NEW_YS AES(AES_192_KEY_SZ)); - else if (strncmp(info.name, "AES-256-CBC", 13) == 0) - cipher.reset(NEW_YS AES(AES_256_KEY_SZ)); - else { - fclose(input); - return SSL_BAD_FILE; - } - cipher->set_decryptKey(key, info.iv); - mySTL::auto_ptr<x509> newx(NEW_YS x509(x->get_length())); - cipher->decrypt(newx->use_buffer(), x->get_buffer(), - x->get_length()); - ysDelete(x); - x = newx.release(); - } - } - } - - if (type == PrivateKey && ctx->privateKey_) { - // see if key is valid early - TaoCrypt::Source rsaSource(ctx->privateKey_->get_buffer(), - ctx->privateKey_->get_length()); - TaoCrypt::RSA_PrivateKey rsaKey; - rsaKey.Initialize(rsaSource); - - if (rsaSource.GetError().What()) { - // rsa failed see if DSA works - - TaoCrypt::Source dsaSource(ctx->privateKey_->get_buffer(), - ctx->privateKey_->get_length()); - TaoCrypt::DSA_PrivateKey dsaKey; - dsaKey.Initialize(dsaSource); - - if (dsaSource.GetError().What()) { - // neither worked - ret = SSL_FAILURE; - } - } - } - - fclose(input); - return ret; -} - - -extern "C" { - - -SSL_METHOD* SSLv3_method() -{ - return SSLv3_client_method(); -} - - -SSL_METHOD* SSLv3_server_method() -{ - return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,0)); -} - - -SSL_METHOD* SSLv3_client_method() -{ - return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,0)); -} - - -SSL_METHOD* TLSv1_server_method() -{ - return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,1)); -} - - -SSL_METHOD* TLSv1_client_method() -{ - return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,1)); -} - - -SSL_METHOD* TLSv1_1_server_method() -{ - return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,2)); -} - - -SSL_METHOD* TLSv1_1_client_method() -{ - return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,2)); -} - - -SSL_METHOD* SSLv23_server_method() -{ - // compatibility only, no version 2 support, but does SSL 3 and TLS 1 - return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,2), true); -} - - -SSL_METHOD* SSLv23_client_method() -{ - // compatibility only, no version 2 support, but does SSL 3 and TLS 1 - // though it sends TLS1 hello not SSLv2 so SSLv3 only servers will decline - // TODO: maybe add support to send SSLv2 hello ??? - return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,2), true); -} - - -SSL_CTX* SSL_CTX_new(SSL_METHOD* method) -{ - return NEW_YS SSL_CTX(method); -} - - -void SSL_CTX_free(SSL_CTX* ctx) -{ - ysDelete(ctx); -} - - -SSL* SSL_new(SSL_CTX* ctx) -{ - return NEW_YS SSL(ctx); -} - - -void SSL_free(SSL* ssl) -{ - ysDelete(ssl); -} - - -int SSL_set_fd(SSL* ssl, YASSL_SOCKET_T fd) -{ - ssl->useSocket().set_fd(fd); - return SSL_SUCCESS; -} - - -YASSL_SOCKET_T SSL_get_fd(const SSL* ssl) -{ - return ssl->getSocket().get_fd(); -} - - -// if you get an error from connect see note at top of README -int SSL_connect(SSL* ssl) -{ - if (ssl->GetError() == YasslError(SSL_ERROR_WANT_READ)) - ssl->SetError(no_error); - - if (ssl->GetError() == YasslError(SSL_ERROR_WANT_WRITE)) { - - ssl->SetError(no_error); - ssl->SendWriteBuffered(); - if (!ssl->GetError()) - ssl->useStates().UseConnect() = - ConnectState(ssl->getStates().GetConnect() + 1); - } - - ClientState neededState; - - switch (ssl->getStates().GetConnect()) { - - case CONNECT_BEGIN : - sendClientHello(*ssl); - if (!ssl->GetError()) - ssl->useStates().UseConnect() = CLIENT_HELLO_SENT; - /* fall through */ - - case CLIENT_HELLO_SENT : - neededState = ssl->getSecurity().get_resuming() ? - serverFinishedComplete : serverHelloDoneComplete; - while (ssl->getStates().getClient() < neededState) { - if (ssl->GetError()) break; - processReply(*ssl); - // if resumption failed, reset needed state - if (neededState == serverFinishedComplete) - if (!ssl->getSecurity().get_resuming()) - neededState = serverHelloDoneComplete; - } - if (!ssl->GetError()) - ssl->useStates().UseConnect() = FIRST_REPLY_DONE; - /* fall through */ - - case FIRST_REPLY_DONE : - if(ssl->getCrypto().get_certManager().sendVerify()) - sendCertificate(*ssl); - - if (!ssl->getSecurity().get_resuming()) - sendClientKeyExchange(*ssl); - - if(ssl->getCrypto().get_certManager().sendVerify()) - sendCertificateVerify(*ssl); - - sendChangeCipher(*ssl); - sendFinished(*ssl, client_end); - ssl->flushBuffer(); - - if (!ssl->GetError()) - ssl->useStates().UseConnect() = FINISHED_DONE; - /* fall through */ - - case FINISHED_DONE : - if (!ssl->getSecurity().get_resuming()) - while (ssl->getStates().getClient() < serverFinishedComplete) { - if (ssl->GetError()) break; - processReply(*ssl); - } - if (!ssl->GetError()) - ssl->useStates().UseConnect() = SECOND_REPLY_DONE; - /* fall through */ - - case SECOND_REPLY_DONE : - ssl->verifyState(serverFinishedComplete); - ssl->useLog().ShowTCP(ssl->getSocket().get_fd()); - - if (ssl->GetError()) { - GetErrors().Add(ssl->GetError()); - return SSL_FATAL_ERROR; - } - return SSL_SUCCESS; - - default : - return SSL_FATAL_ERROR; // unkown state - } -} - - -int SSL_write(SSL* ssl, const void* buffer, int sz) -{ - return sendData(*ssl, buffer, sz); -} - - -int SSL_read(SSL* ssl, void* buffer, int sz) -{ - Data data(min(sz, MAX_RECORD_SIZE), static_cast<opaque*>(buffer)); - return receiveData(*ssl, data); -} - - -int SSL_accept(SSL* ssl) -{ - if (ssl->GetError() == YasslError(SSL_ERROR_WANT_READ)) - ssl->SetError(no_error); - - if (ssl->GetError() == YasslError(SSL_ERROR_WANT_WRITE)) { - ssl->SetError(no_error); - ssl->SendWriteBuffered(); - if (!ssl->GetError()) - ssl->useStates().UseAccept() = - AcceptState(ssl->getStates().GetAccept() + 1); - } - - switch (ssl->getStates().GetAccept()) { - - case ACCEPT_BEGIN : - processReply(*ssl); - if (!ssl->GetError()) - ssl->useStates().UseAccept() = ACCEPT_FIRST_REPLY_DONE; - /* fall through */ - - case ACCEPT_FIRST_REPLY_DONE : - sendServerHello(*ssl); - - if (!ssl->getSecurity().get_resuming()) { - sendCertificate(*ssl); - - if (ssl->getSecurity().get_connection().send_server_key_) - sendServerKeyExchange(*ssl); - - if(ssl->getCrypto().get_certManager().verifyPeer()) - sendCertificateRequest(*ssl); - - sendServerHelloDone(*ssl); - ssl->flushBuffer(); - } - - if (!ssl->GetError()) - ssl->useStates().UseAccept() = SERVER_HELLO_DONE; - /* fall through */ - - case SERVER_HELLO_DONE : - if (!ssl->getSecurity().get_resuming()) { - while (ssl->getStates().getServer() < clientFinishedComplete) { - if (ssl->GetError()) break; - processReply(*ssl); - } - } - if (!ssl->GetError()) - ssl->useStates().UseAccept() = ACCEPT_SECOND_REPLY_DONE; - /* fall through */ - - case ACCEPT_SECOND_REPLY_DONE : - sendChangeCipher(*ssl); - sendFinished(*ssl, server_end); - ssl->flushBuffer(); - - if (!ssl->GetError()) - ssl->useStates().UseAccept() = ACCEPT_FINISHED_DONE; - /* fall through */ - - case ACCEPT_FINISHED_DONE : - if (ssl->getSecurity().get_resuming()) { - while (ssl->getStates().getServer() < clientFinishedComplete) { - if (ssl->GetError()) break; - processReply(*ssl); - } - } - if (!ssl->GetError()) - ssl->useStates().UseAccept() = ACCEPT_THIRD_REPLY_DONE; - /* fall through */ - - case ACCEPT_THIRD_REPLY_DONE : - ssl->useLog().ShowTCP(ssl->getSocket().get_fd()); - - if (ssl->GetError()) { - GetErrors().Add(ssl->GetError()); - return SSL_FATAL_ERROR; - } - return SSL_SUCCESS; - - default: - return SSL_FATAL_ERROR; // unknown state - } -} - - -int SSL_do_handshake(SSL* ssl) -{ - if (ssl->getSecurity().get_parms().entity_ == client_end) - return SSL_connect(ssl); - else - return SSL_accept(ssl); -} - - -int SSL_clear(SSL* ssl) -{ - GetErrors().Remove(); - - return SSL_SUCCESS; -} - - -int SSL_shutdown(SSL* ssl) -{ - if (!ssl->GetQuietShutdown()) { - Alert alert(warning, close_notify); - sendAlert(*ssl, alert); - } - ssl->useLog().ShowTCP(ssl->getSocket().get_fd(), true); - - GetErrors().Remove(); - - return SSL_SUCCESS; -} - - -void SSL_set_quiet_shutdown(SSL *ssl,int mode) -{ - ssl->SetQuietShutdown(mode != 0); -} - - -int SSL_get_quiet_shutdown(SSL *ssl) -{ - return ssl->GetQuietShutdown(); -} - - -/* on by default but allow user to turn off */ -long SSL_CTX_set_session_cache_mode(SSL_CTX* ctx, long mode) -{ - if (mode == SSL_SESS_CACHE_OFF) - ctx->SetSessionCacheOff(); - - if (mode == SSL_SESS_CACHE_NO_AUTO_CLEAR) - ctx->SetSessionCacheFlushOff(); - - return SSL_SUCCESS; -} - - -SSL_SESSION* SSL_get_session(SSL* ssl) -{ - if (ssl->getSecurity().GetContext()->GetSessionCacheOff()) - return 0; - - return GetSessions().lookup( - ssl->getSecurity().get_connection().sessionID_); -} - - -int SSL_set_session(SSL* ssl, SSL_SESSION* session) -{ - if (ssl->getSecurity().GetContext()->GetSessionCacheOff()) - return SSL_FAILURE; - - ssl->set_session(session); - return SSL_SUCCESS; -} - - -int SSL_session_reused(SSL* ssl) -{ - return ssl->getSecurity().get_resuming(); -} - - -long SSL_SESSION_set_timeout(SSL_SESSION* sess, long t) -{ - if (!sess) - return SSL_ERROR_NONE; - - sess->SetTimeOut(t); - return SSL_SUCCESS; -} - - -long SSL_get_default_timeout(SSL* /*ssl*/) -{ - return DEFAULT_TIMEOUT; -} - - -void SSL_flush_sessions(SSL_CTX *ctx, long /* tm */) -{ - if (ctx->GetSessionCacheOff()) - return; - - GetSessions().Flush(); -} - - -const char* SSL_get_cipher_name(SSL* ssl) -{ - return SSL_get_cipher(ssl); -} - - -const char* SSL_get_cipher(SSL* ssl) -{ - return ssl->getSecurity().get_parms().cipher_name_; -} - - -// SSLv2 only, not implemented -char* SSL_get_shared_ciphers(SSL* /*ssl*/, char* buf, int len) -{ - return strncpy(buf, "Not Implemented, SSLv2 only", len); -} - - -const char* SSL_get_cipher_list(SSL* ssl, int priority) -{ - if (priority < 0 || priority >= MAX_CIPHERS) - return 0; - - if (ssl->getSecurity().get_parms().cipher_list_[priority][0]) - return ssl->getSecurity().get_parms().cipher_list_[priority]; - - return 0; -} - - -int SSL_CTX_set_cipher_list(SSL_CTX* ctx, const char* list) -{ - if (ctx->SetCipherList(list)) - return SSL_SUCCESS; - else - return SSL_FAILURE; -} - - -const char* SSL_get_version(SSL* ssl) -{ - static const char* version3 = "SSLv3"; - static const char* version31 = "TLSv1"; - - return ssl->isTLS() ? version31 : version3; -} - -const char* SSLeay_version(int) -{ - static const char* version = "SSLeay yaSSL compatibility"; - return version; -} - - -int SSL_get_error(SSL* ssl, int /*previous*/) -{ - return ssl->getStates().What(); -} - - - -/* turn on yaSSL zlib compression - returns 0 for success, else error (not built in) - only need to turn on for client, becuase server on by default if built in - but calling for server will tell you whether it's available or not -*/ -int SSL_set_compression(SSL* ssl) /* Chad didn't rename to ya~ because it is prob. bug. */ -{ - return ssl->SetCompression(); -} - - - -X509* SSL_get_peer_certificate(SSL* ssl) -{ - return ssl->getCrypto().get_certManager().get_peerX509(); -} - - -void X509_free(X509* /*x*/) -{ - // peer cert set for deletion during destruction - // no need to delete now -} - - -X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX* ctx) -{ - return ctx->current_cert; -} - - -int X509_STORE_CTX_get_error(X509_STORE_CTX* ctx) -{ - return ctx->error; -} - - -int X509_STORE_CTX_get_error_depth(X509_STORE_CTX* ctx) -{ - return ctx->error_depth; -} - - -// copy name into buffer, at most sz bytes, if buffer is null -// will malloc buffer, caller responsible for freeing -char* X509_NAME_oneline(X509_NAME* name, char* buffer, int sz) -{ - if (!name->GetName()) return buffer; - - int len = (int)strlen(name->GetName()) + 1; - int copySz = min(len, sz); - - if (!buffer) { - buffer = (char*)malloc(len); - if (!buffer) return buffer; - copySz = len; - } - - if (copySz == 0) - return buffer; - - memcpy(buffer, name->GetName(), copySz - 1); - buffer[copySz - 1] = 0; - - return buffer; -} - - -X509_NAME* X509_get_issuer_name(X509* x) -{ - return x->GetIssuer(); -} - - -X509_NAME* X509_get_subject_name(X509* x) -{ - return x->GetSubject(); -} - - -void SSL_load_error_strings() // compatibility only -{} - - -void SSL_set_connect_state(SSL*) -{ - // already a client by default -} - - -void SSL_set_accept_state(SSL* ssl) -{ - ssl->useSecurity().use_parms().entity_ = server_end; -} - - -long SSL_get_verify_result(SSL*) -{ - // won't get here if not OK - return X509_V_OK; -} - - -long SSL_CTX_sess_set_cache_size(SSL_CTX* /*ctx*/, long /*sz*/) -{ - // unlimited size, can't set for now - return 0; -} - - -long SSL_CTX_get_session_cache_mode(SSL_CTX*) -{ - // always 0, unlimited size for now - return 0; -} - - -long SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH* dh) -{ - if (ctx->SetDH(*dh)) - return SSL_SUCCESS; - else - return SSL_FAILURE; -} - - -int SSL_CTX_use_certificate_file(SSL_CTX* ctx, const char* file, int format) -{ - return read_file(ctx, file, format, Cert); -} - - -int SSL_CTX_use_PrivateKey_file(SSL_CTX* ctx, const char* file, int format) -{ - return read_file(ctx, file, format, PrivateKey); -} - - -void SSL_CTX_set_verify(SSL_CTX* ctx, int mode, VerifyCallback vc) -{ - if (mode & SSL_VERIFY_PEER) - ctx->setVerifyPeer(); - - if (mode == SSL_VERIFY_NONE) - ctx->setVerifyNone(); - - if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) - ctx->setFailNoCert(); - - ctx->setVerifyCallback(vc); -} - - -int SSL_CTX_load_verify_locations(SSL_CTX* ctx, const char* file, - const char* path) -{ - int ret = SSL_FAILURE; - - if (file) ret = read_file(ctx, file, SSL_FILETYPE_PEM, CA); - - if (ret == SSL_SUCCESS && path) { - // call read_file for each reqular file in path -#ifdef _WIN32 - - WIN32_FIND_DATA FindFileData; - HANDLE hFind; - - const int DELIMITER_SZ = 2; - const int DELIMITER_STAR_SZ = 3; - int pathSz = (int)strlen(path); - int nameSz = pathSz + DELIMITER_STAR_SZ + 1; // plus 1 for terminator - char* name = NEW_YS char[nameSz]; // directory specification - memset(name, 0, nameSz); - strncpy(name, path, nameSz - DELIMITER_STAR_SZ - 1); - strncat(name, "\\*", DELIMITER_STAR_SZ); - - hFind = FindFirstFile(name, &FindFileData); - if (hFind == INVALID_HANDLE_VALUE) { - ysArrayDelete(name); - return SSL_BAD_PATH; - } - - do { - if (!(FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)) { - int curSz = (int)strlen(FindFileData.cFileName); - if (pathSz + curSz + DELIMITER_SZ + 1 > nameSz) { - ysArrayDelete(name); - // plus 1 for terminator - nameSz = pathSz + curSz + DELIMITER_SZ + 1; - name = NEW_YS char[nameSz]; - } - memset(name, 0, nameSz); - strncpy(name, path, nameSz - curSz - DELIMITER_SZ - 1); - strncat(name, "\\", DELIMITER_SZ); - strncat(name, FindFileData.cFileName, - nameSz - pathSz - DELIMITER_SZ - 1); - ret = read_file(ctx, name, SSL_FILETYPE_PEM, CA); - } - } while (ret == SSL_SUCCESS && FindNextFile(hFind, &FindFileData)); - - ysArrayDelete(name); - FindClose(hFind); - -#else // _WIN32 - DIR* dir = opendir(path); - if (!dir) return SSL_BAD_PATH; - - struct dirent* entry; - struct stat buf; - const int DELIMITER_SZ = 1; - int pathSz = (int)strlen(path); - int nameSz = pathSz + DELIMITER_SZ + 1; //plus 1 for null terminator - char* name = NEW_YS char[nameSz]; // directory specification - - while (ret == SSL_SUCCESS && (entry = readdir(dir))) { - int curSz = (int)strlen(entry->d_name); - if (pathSz + curSz + DELIMITER_SZ + 1 > nameSz) { - ysArrayDelete(name); - nameSz = pathSz + DELIMITER_SZ + curSz + 1; - name = NEW_YS char[nameSz]; - } - memset(name, 0, nameSz); - strncpy(name, path, nameSz - curSz - 1); - strncat(name, "/", DELIMITER_SZ); - strncat(name, entry->d_name, nameSz - pathSz - DELIMITER_SZ - 1); - - if (stat(name, &buf) < 0) { - ysArrayDelete(name); - closedir(dir); - return SSL_BAD_STAT; - } - - if (S_ISREG(buf.st_mode)) - ret = read_file(ctx, name, SSL_FILETYPE_PEM, CA); - } - - ysArrayDelete(name); - closedir(dir); - -#endif - } - - return ret; -} - - -int SSL_CTX_set_default_verify_paths(SSL_CTX* /*ctx*/) -{ - // TODO: figure out way to set/store default path, then call load_verify - return SSL_NOT_IMPLEMENTED; -} - - -int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*, - unsigned int) -{ - // No application specific context needed for yaSSL - return SSL_SUCCESS; -} - - -int SSL_CTX_check_private_key(SSL_CTX* /*ctx*/) -{ - // TODO: check private against public for RSA match - return SSL_NOT_IMPLEMENTED; -} - - -// TODO: all session stats -long SSL_CTX_sess_accept(SSL_CTX* ctx) -{ - return ctx->GetStats().accept_; -} - - -long SSL_CTX_sess_connect(SSL_CTX* ctx) -{ - return ctx->GetStats().connect_; -} - - -long SSL_CTX_sess_accept_good(SSL_CTX* ctx) -{ - return ctx->GetStats().acceptGood_; -} - - -long SSL_CTX_sess_connect_good(SSL_CTX* ctx) -{ - return ctx->GetStats().connectGood_; -} - - -long SSL_CTX_sess_accept_renegotiate(SSL_CTX* ctx) -{ - return ctx->GetStats().acceptRenegotiate_; -} - - -long SSL_CTX_sess_connect_renegotiate(SSL_CTX* ctx) -{ - return ctx->GetStats().connectRenegotiate_; -} - - -long SSL_CTX_sess_hits(SSL_CTX* ctx) -{ - return ctx->GetStats().hits_; -} - - -long SSL_CTX_sess_cb_hits(SSL_CTX* ctx) -{ - return ctx->GetStats().cbHits_; -} - - -long SSL_CTX_sess_cache_full(SSL_CTX* ctx) -{ - return ctx->GetStats().cacheFull_; -} - - -long SSL_CTX_sess_misses(SSL_CTX* ctx) -{ - return ctx->GetStats().misses_; -} - - -long SSL_CTX_sess_timeouts(SSL_CTX* ctx) -{ - return ctx->GetStats().timeouts_; -} - - -long SSL_CTX_sess_number(SSL_CTX* ctx) -{ - return ctx->GetStats().number_; -} - - -long SSL_CTX_sess_get_cache_size(SSL_CTX* ctx) -{ - return ctx->GetStats().getCacheSize_; -} -// end session stats TODO: - - -int SSL_CTX_get_verify_mode(SSL_CTX* ctx) -{ - return ctx->GetStats().verifyMode_; -} - - -int SSL_get_verify_mode(SSL* ssl) -{ - return ssl->getSecurity().GetContext()->GetStats().verifyMode_; -} - - -int SSL_CTX_get_verify_depth(SSL_CTX* ctx) -{ - return ctx->GetStats().verifyDepth_; -} - - -int SSL_get_verify_depth(SSL* ssl) -{ - return ssl->getSecurity().GetContext()->GetStats().verifyDepth_; -} - - -long SSL_CTX_set_options(SSL_CTX*, long) -{ - // TDOD: - return SSL_SUCCESS; -} - - -void SSL_CTX_set_info_callback(SSL_CTX*, void (*)()) -{ - // TDOD: -} - - -void OpenSSL_add_all_algorithms() // compatibility only -{} - - -int SSL_library_init() // compatibility only -{ - return 1; -} - - -DH* DH_new(void) -{ - DH* dh = NEW_YS DH; - if (dh) - dh->p = dh->g = 0; - return dh; -} - - -void DH_free(DH* dh) -{ - ysDelete(dh->g); - ysDelete(dh->p); - ysDelete(dh); -} - - -// convert positive big-endian num of length sz into retVal, which may need to -// be created -BIGNUM* BN_bin2bn(const unsigned char* num, int sz, BIGNUM* retVal) -{ - bool created = false; - mySTL::auto_ptr<BIGNUM> bn; - - if (!retVal) { - created = true; - bn.reset(NEW_YS BIGNUM); - retVal = bn.get(); - } - - retVal->assign(num, sz); - - if (created) - return bn.release(); - else - return retVal; -} - - -unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *) -{ - //return SSL_NOT_IMPLEMENTED; - return 0; -} - - -void ERR_print_errors_fp(FILE* /*fp*/) -{ - // need ssl access to implement TODO: - //fprintf(fp, "%s", ssl.get_states().errorString_.c_str()); -} - - -char* ERR_error_string(unsigned long errNumber, char* buffer) -{ - static char* msg = (char*)"Please supply a buffer for error string"; - - if (buffer) { - SetErrorString(YasslError(errNumber), buffer); - return buffer; - } - - return msg; -} - - -const char* X509_verify_cert_error_string(long /* error */) -{ - // TODO: - static const char* msg = "Not Implemented"; - return msg; -} - - -const EVP_MD* EVP_md5(void) -{ - static const char* type = "MD5"; - return type; -} - - -const EVP_CIPHER* EVP_des_ede3_cbc(void) -{ - static const char* type = "DES-EDE3-CBC"; - return type; -} - - -int EVP_BytesToKey(const EVP_CIPHER* type, const EVP_MD* md, const byte* salt, - const byte* data, int sz, int count, byte* key, byte* iv) -{ - // only support MD5 for now - if (strncmp(md, "MD5", 3)) return 0; - - int keyLen = 0; - int ivLen = 0; - - // only support CBC DES and AES for now - if (strncmp(type, "DES-CBC", 7) == 0) { - keyLen = DES_KEY_SZ; - ivLen = DES_IV_SZ; - } - else if (strncmp(type, "DES-EDE3-CBC", 12) == 0) { - keyLen = DES_EDE_KEY_SZ; - ivLen = DES_IV_SZ; - } - else if (strncmp(type, "AES-128-CBC", 11) == 0) { - keyLen = AES_128_KEY_SZ; - ivLen = AES_IV_SZ; - } - else if (strncmp(type, "AES-192-CBC", 11) == 0) { - keyLen = AES_192_KEY_SZ; - ivLen = AES_IV_SZ; - } - else if (strncmp(type, "AES-256-CBC", 11) == 0) { - keyLen = AES_256_KEY_SZ; - ivLen = AES_IV_SZ; - } - else - return 0; - - yaSSL::MD5 myMD; - uint digestSz = myMD.get_digestSize(); - byte digest[SHA_LEN]; // max size - - int keyLeft = keyLen; - int ivLeft = ivLen; - int keyOutput = 0; - - while (keyOutput < (keyLen + ivLen)) { - int digestLeft = digestSz; - // D_(i - 1) - if (keyOutput) // first time D_0 is empty - myMD.update(digest, digestSz); - // data - myMD.update(data, sz); - // salt - if (salt) - myMD.update(salt, EVP_SALT_SZ); - myMD.get_digest(digest); - // count - for (int j = 1; j < count; j++) { - myMD.update(digest, digestSz); - myMD.get_digest(digest); - } - - if (keyLeft) { - int store = min(keyLeft, static_cast<int>(digestSz)); - memcpy(&key[keyLen - keyLeft], digest, store); - - keyOutput += store; - keyLeft -= store; - digestLeft -= store; - } - - if (ivLeft && digestLeft) { - int store = min(ivLeft, digestLeft); - memcpy(&iv[ivLen - ivLeft], &digest[digestSz - digestLeft], store); - - keyOutput += store; - ivLeft -= store; - } - } - return keyOutput; -} - - - -void DES_set_key_unchecked(const_DES_cblock* key, DES_key_schedule* schedule) -{ - memcpy(schedule, key, sizeof(const_DES_cblock)); -} - - -void DES_ede3_cbc_encrypt(const byte* input, byte* output, long sz, - DES_key_schedule* ks1, DES_key_schedule* ks2, - DES_key_schedule* ks3, DES_cblock* ivec, int enc) -{ - DES_EDE des; - byte key[DES_EDE_KEY_SZ]; - - memcpy(key, *ks1, DES_BLOCK); - memcpy(&key[DES_BLOCK], *ks2, DES_BLOCK); - memcpy(&key[DES_BLOCK * 2], *ks3, DES_BLOCK); - - if (enc) { - des.set_encryptKey(key, *ivec); - des.encrypt(output, input, sz); - } - else { - des.set_decryptKey(key, *ivec); - des.decrypt(output, input, sz); - } -} - - -// functions for libcurl -int RAND_status() -{ - return 1; /* TaoCrypt provides enough seed */ -} - - -int DES_set_key(const_DES_cblock* key, DES_key_schedule* schedule) -{ - memcpy(schedule, key, sizeof(const_DES_cblock)); - return 1; -} - - -void DES_set_odd_parity(DES_cblock* key) -{ - // not needed now for TaoCrypt -} - - -void DES_ecb_encrypt(DES_cblock* input, DES_cblock* output, - DES_key_schedule* key, int enc) -{ - DES des; - - if (enc) { - des.set_encryptKey(*key, 0); - des.encrypt(*output, *input, DES_BLOCK); - } - else { - des.set_decryptKey(*key, 0); - des.decrypt(*output, *input, DES_BLOCK); - } -} - - -void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX* ctx, void* userdata) -{ - ctx->SetUserData(userdata); -} - - -X509* SSL_get_certificate(SSL* ssl) -{ - return ssl->getCrypto().get_certManager().get_selfX509(); -} - - -EVP_PKEY* SSL_get_privatekey(SSL* ssl) -{ - // only called, not used - return 0; -} - - -void SSL_SESSION_free(SSL_SESSION* session) -{ - // managed by singleton -} - - - -EVP_PKEY* X509_get_pubkey(X509* x) -{ - // called, not used though - return 0; -} - - -int EVP_PKEY_copy_parameters(EVP_PKEY* to, const EVP_PKEY* from) -{ - // called, not used though - return 0; -} - - -void EVP_PKEY_free(EVP_PKEY* pkey) -{ - // never allocated from above -} - - -void ERR_error_string_n(unsigned long e, char *buf, size_t len) -{ - if (len) ERR_error_string(e, buf); -} - - -void ERR_free_strings(void) -{ - // handled internally -} - - -void EVP_cleanup(void) -{ - // nothing to do yet -} - - -ASN1_TIME* X509_get_notBefore(X509* x) -{ - if (x) return x->GetBefore(); - return 0; -} - - -ASN1_TIME* X509_get_notAfter(X509* x) -{ - if (x) return x->GetAfter(); - return 0; -} - - -SSL_METHOD* SSLv2_client_method(void) /* will never work, no v 2 */ -{ - return 0; -} - - -SSL_SESSION* SSL_get1_session(SSL* ssl) /* what's ref count */ -{ - return SSL_get_session(ssl); -} - - -void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *x) -{ - // no extension names supported yet -} - - -int sk_GENERAL_NAME_num(STACK_OF(GENERAL_NAME) *x) -{ - // no extension names supported yet - return 0; -} - - -GENERAL_NAME* sk_GENERAL_NAME_value(STACK_OF(GENERAL_NAME) *x, int i) -{ - // no extension names supported yet - return 0; -} - - -unsigned char* ASN1_STRING_data(ASN1_STRING* x) -{ - if (x) return x->data; - return 0; -} - - -int ASN1_STRING_length(ASN1_STRING* x) -{ - if (x) return x->length; - return 0; -} - - -int ASN1_STRING_type(ASN1_STRING *x) -{ - if (x) return x->type; - return 0; -} - - -int X509_NAME_get_index_by_NID(X509_NAME* name,int nid, int lastpos) -{ - int idx = -1; // not found - int cnPos = -1; - - switch (nid) { - case NID_commonName: - cnPos = name->GetCnPosition(); - if (lastpos < cnPos) - idx = cnPos; - break; - } - - return idx; -} - - -ASN1_STRING* X509_NAME_ENTRY_get_data(X509_NAME_ENTRY* ne) -{ - // the same in yaSSL - return ne; -} - - -X509_NAME_ENTRY* X509_NAME_get_entry(X509_NAME* name, int loc) -{ - return name->GetEntry(loc); -} - - -// already formatted, caller responsible for freeing *out -int ASN1_STRING_to_UTF8(unsigned char** out, ASN1_STRING* in) -{ - if (!in) return 0; - - *out = (unsigned char*)malloc(in->length + 1); - if (*out) { - memcpy(*out, in->data, in->length); - (*out)[in->length] = 0; - } - return in->length; -} - - -void* X509_get_ext_d2i(X509* x, int nid, int* crit, int* idx) -{ - // no extensions supported yet - return 0; -} - - -void MD4_Init(MD4_CTX* md4) -{ - // make sure we have a big enough buffer - typedef char ok[sizeof(md4->buffer) >= sizeof(TaoCrypt::MD4) ? 1 : -1]; - (void) sizeof(ok); - - // using TaoCrypt since no dynamic memory allocated - // and no destructor will be called - new (reinterpret_cast<yassl_pointer>(md4->buffer)) TaoCrypt::MD4(); -} - - -void MD4_Update(MD4_CTX* md4, const void* data, unsigned long sz) -{ - reinterpret_cast<TaoCrypt::MD4*>(md4->buffer)->Update( - static_cast<const byte*>(data), static_cast<unsigned int>(sz)); -} - - -void MD4_Final(unsigned char* hash, MD4_CTX* md4) -{ - reinterpret_cast<TaoCrypt::MD4*>(md4->buffer)->Final(hash); -} - - -void MD5_Init(MD5_CTX* md5) -{ - // make sure we have a big enough buffer - typedef char ok[sizeof(md5->buffer) >= sizeof(TaoCrypt::MD5) ? 1 : -1]; - (void) sizeof(ok); - - // using TaoCrypt since no dynamic memory allocated - // and no destructor will be called - new (reinterpret_cast<yassl_pointer>(md5->buffer)) TaoCrypt::MD5(); -} - - -void MD5_Update(MD5_CTX* md5, const void* data, unsigned long sz) -{ - reinterpret_cast<TaoCrypt::MD5*>(md5->buffer)->Update( - static_cast<const byte*>(data), static_cast<unsigned int>(sz)); -} - - -void MD5_Final(unsigned char* hash, MD5_CTX* md5) -{ - reinterpret_cast<TaoCrypt::MD5*>(md5->buffer)->Final(hash); -} - - -int RAND_bytes(unsigned char* buf, int num) -{ - RandomPool ran; - - if (ran.GetError()) return 0; - - ran.Fill(buf, num); - return 1; -} - - -int SSL_peek(SSL* ssl, void* buffer, int sz) -{ - Data data(min(sz, MAX_RECORD_SIZE), static_cast<opaque*>(buffer)); - return receiveData(*ssl, data, true); -} - - -int SSL_pending(SSL* ssl) -{ - return ssl->bufferedData(); -} - - -void SSL_CTX_set_default_passwd_cb(SSL_CTX* ctx, pem_password_cb cb) -{ - ctx->SetPasswordCb(cb); -} - - -int SSLeay_add_ssl_algorithms() // compatibility only -{ - return 1; -} - - -void ERR_remove_state(unsigned long) -{ - if (HasErrors()) - GetErrors().Remove(); -} - - -int ERR_GET_REASON(int l) -{ - return l & 0xfff; -} - - -unsigned long err_helper(bool peek = false) -{ - int ysError = GetErrors().Lookup(peek); - - // translate cert error for libcurl, it uses OpenSSL hex code - switch (ysError) { - case TaoCrypt::SIG_OTHER_E: - return CERTFICATE_ERROR; - break; - default : - return 0; - } - - return 0; // shut up compiler -} - - -unsigned long ERR_peek_error() -{ - return err_helper(true); -} - - -unsigned long ERR_get_error() -{ - return err_helper(); -} - - - // functions for stunnel - - void RAND_screen() - { - // TODO: - } - - - const char* RAND_file_name(char*, size_t) - { - // TODO: - return 0; - } - - - int RAND_write_file(const char*) - { - // TODO: - return 0; - } - - - int RAND_load_file(const char*, long) - { - // TODO: - return 0; - } - - - void RSA_free(RSA*) - { - // TODO: - } - - - RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*) - { - // TODO: - return 0; - } - - - int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long) - { - // TODO: - return SSL_SUCCESS; - } - - - int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long) - { - // TODO: - return SSL_SUCCESS; - } - - - X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void) - { - // TODO: - return 0; - } - - - X509_LOOKUP_METHOD* X509_LOOKUP_file(void) - { - // TODO: - return 0; - } - - - X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*) - { - // TODO: - return 0; - } - - - int X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*, X509_OBJECT*) - { - // TODO: - return SSL_SUCCESS; - } - - - X509_STORE* X509_STORE_new(void) - { - // TODO: - return 0; - } - - char* SSL_alert_type_string_long(int) - { - // TODO: - return 0; - } - - - char* SSL_alert_desc_string_long(int) - { - // TODO: - return 0; - } - - - char* SSL_state_string_long(SSL*) - { - // TODO: - return 0; - } - - - void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int)) - { - // TDOD: - } - - - long SSL_CTX_set_timeout(SSL_CTX*, long) - { - // TDOD: - return SSL_SUCCESS; - } - - - int SSL_CTX_use_certificate_chain_file(SSL_CTX* ctx, const char* file) - { - // For the moment, treat like use_certificate_file - return read_file(ctx, file, SSL_FILETYPE_PEM, Cert); - } - - - int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int) - { - // TDOD: - return SSL_SUCCESS; - } - - - int SSL_set_rfd(SSL*, int) - { - return SSL_SUCCESS; // TODO: - } - - - int SSL_set_wfd(SSL*, int) - { - return SSL_SUCCESS; // TODO: - } - - - int SSL_want_read(SSL*) - { - return 0; // TODO: - } - - - int SSL_want_write(SSL*) - { - return 0; // TODO: - } - - - void SSL_set_shutdown(SSL*, int) - { - // TODO: - } - - SSL_CIPHER* SSL_get_current_cipher(SSL*) - { - // TODO: - return 0; - } - - - char* SSL_CIPHER_description(SSL_CIPHER*, char*, int) - { - // TODO: - return 0; - } - - // end stunnel needs - - char *yaSSL_ASN1_TIME_to_string(const ASN1_TIME *time, char *buf, size_t len) - { - tm t; - static const char *month_names[12]= - { - "Jan","Feb","Mar","Apr","May","Jun", - "Jul","Aug","Sep","Oct","Nov","Dec" - }; - - TaoCrypt::ASN1_TIME_extract(time->data, time->type, &t); - snprintf(buf, len, "%s %2d %02d:%02d:%02d %d GMT", - month_names[t.tm_mon], t.tm_mday, t.tm_hour, t.tm_min, - t.tm_sec, t.tm_year + 1900); - return buf; - } - - - void yaSSL_transport_set_ptr(SSL *ssl, void *ptr) - { - ssl->useSocket().set_transport_ptr(ptr); - } - - - void yaSSL_transport_set_recv_function(SSL *ssl, yaSSL_recv_func_t func) - { - ssl->useSocket().set_transport_recv_function(func); - } - - - void yaSSL_transport_set_send_function(SSL *ssl, yaSSL_send_func_t func) - { - ssl->useSocket().set_transport_send_function(func); - } - -} // extern "C" -} // namespace diff --git a/extra/yassl/src/timer.cpp b/extra/yassl/src/timer.cpp deleted file mode 100644 index dadb3ebf378..00000000000 --- a/extra/yassl/src/timer.cpp +++ /dev/null @@ -1,82 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* timer.cpp implements a high res and low res timer - * -*/ - -#include "runtime.hpp" -#include "timer.hpp" - -#ifdef _WIN32 -#define WIN32_LEAN_AND_MEAN 1 -#include <windows.h> -#else -#include <sys/time.h> -#endif - -namespace yaSSL { - -#ifdef _WIN32 - - timer_d timer() - { - static bool init(false); - static LARGE_INTEGER freq; - - if (!init) { - QueryPerformanceFrequency(&freq); - init = true; - } - - LARGE_INTEGER count; - QueryPerformanceCounter(&count); - - return static_cast<double>(count.QuadPart) / freq.QuadPart; - } - - - uint lowResTimer() - { - return static_cast<uint>(timer()); - } - -#else // _WIN32 - - timer_d timer() - { - struct timeval tv; - gettimeofday(&tv, 0); - - return static_cast<double>(tv.tv_sec) - + static_cast<double>(tv.tv_usec) / 1000000; - } - - - uint lowResTimer() - { - struct timeval tv; - gettimeofday(&tv, 0); - - return tv.tv_sec; - } - - -#endif // _WIN32 -} // namespace yaSSL diff --git a/extra/yassl/src/yassl.cpp b/extra/yassl/src/yassl.cpp deleted file mode 100644 index 89600359401..00000000000 --- a/extra/yassl/src/yassl.cpp +++ /dev/null @@ -1,229 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* yaSSL implements external API - */ - -#include "runtime.hpp" -#include "yassl.hpp" -#include "yassl_int.hpp" -#include "handshake.hpp" -#include <stdio.h> - -#include "openssl/ssl.h" // get rid of this - - - -namespace yaSSL { - - - -struct Base { - SSL_METHOD* method_; - SSL_CTX* ctx_; - SSL* ssl_; - - char* ca_; - char* cert_; - char* key_; - - DH* dh_; - - Base() : method_(0), ctx_(0), ssl_(0), ca_(0), cert_(0), key_(0), dh_(0) - {} - - ~Base() - { - if (dh_) DH_free(dh_); - delete[] key_; - delete[] cert_; - delete[] ca_; - SSL_CTX_free(ctx_); // frees method_ too - SSL_free(ssl_); - } -}; - - -void SetDH(Base&); - -void SetUpBase(Base& base, ConnectionEnd end, SOCKET_T s) -{ - base.method_ = new SSL_METHOD(end, ProtocolVersion(3,1)); - base.ctx_ = new SSL_CTX(base.method_); - - if (base.ca_) - if (SSL_CTX_load_verify_locations(base.ctx_, - base.ca_, 0) != SSL_SUCCESS) throw(0); - if (base.cert_) - if (SSL_CTX_use_certificate_file(base.ctx_, - base.cert_, SSL_FILETYPE_PEM) != SSL_SUCCESS) throw(0); - if (base.key_) - if (SSL_CTX_use_PrivateKey_file(base.ctx_, base.key_, - SSL_FILETYPE_PEM) != SSL_SUCCESS) throw(0); - - if (end == server_end) SetDH(base); - - base.ssl_ = new SSL(base.ctx_); - base.ssl_->useSocket().set_fd(s); -} - - -void SetDH(Base& base) -{ - static unsigned char dh512_p[] = - { - 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75, - 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F, - 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3, - 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12, - 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C, - 0x47,0x74,0xE8,0x33, - }; - - static unsigned char dh512_g[] = - { - 0x02, - }; - - if ( (base.dh_ = DH_new()) ) { - base.dh_->p = BN_bin2bn(dh512_p, sizeof(dh512_p), 0); - base.dh_->g = BN_bin2bn(dh512_g, sizeof(dh512_g), 0); - } - if (!base.dh_->p || !base.dh_->g) { - DH_free(base.dh_); - base.dh_ = 0; - } - SSL_CTX_set_tmp_dh(base.ctx_, base.dh_); -} - - -void NewCopy(char*& dst, const char* src) -{ - size_t len = strlen(src) + 1; - dst = new char[len]; - - strncpy(dst, src, len); -} - - -// Client Implementation -struct Client::ClientImpl { - Base base_; -}; - - -Client::Client() : pimpl_(new ClientImpl) -{} - - -Client::~Client() { delete pimpl_; } - - -int Client::Connect(SOCKET_T s) -{ - SetUpBase(pimpl_->base_, client_end, s); - return SSL_connect(pimpl_->base_.ssl_); -} - - -int Client::Write(const void* buffer, int sz) -{ - return sendData(*pimpl_->base_.ssl_, buffer, sz); -} - - -int Client::Read(void* buffer, int sz) -{ - Data data(min(sz, MAX_RECORD_SIZE), static_cast<opaque*>(buffer)); - return receiveData(*pimpl_->base_.ssl_, data); -} - - -void Client::SetCA(const char* name) -{ - NewCopy(pimpl_->base_.ca_, name); -} - - -void Client::SetCert(const char* name) -{ - NewCopy(pimpl_->base_.cert_, name); -} - - -void Client::SetKey(const char* name) -{ - NewCopy(pimpl_->base_.key_, name); -} - - - -// Server Implementation -struct Server::ServerImpl { - Base base_; -}; - - -Server::Server() : pimpl_(new ServerImpl) -{} - - -Server::~Server() { delete pimpl_; } - - -int Server::Accept(SOCKET_T s) -{ - SetUpBase(pimpl_->base_, server_end, s); - return SSL_accept(pimpl_->base_.ssl_); -} - - -int Server::Write(const void* buffer, int sz) -{ - return sendData(*pimpl_->base_.ssl_, buffer, sz); -} - - -int Server::Read(void* buffer, int sz) -{ - Data data(min(sz, MAX_RECORD_SIZE), static_cast<opaque*>(buffer)); - return receiveData(*pimpl_->base_.ssl_, data); -} - - -void Server::SetCA(const char* name) -{ - NewCopy(pimpl_->base_.ca_, name); -} - - -void Server::SetCert(const char* name) -{ - NewCopy(pimpl_->base_.cert_, name); -} - - -void Server::SetKey(const char* name) -{ - NewCopy(pimpl_->base_.key_, name); -} - - - -} // namespace yaSSL diff --git a/extra/yassl/src/yassl_error.cpp b/extra/yassl/src/yassl_error.cpp deleted file mode 100644 index bb3825ca972..00000000000 --- a/extra/yassl/src/yassl_error.cpp +++ /dev/null @@ -1,288 +0,0 @@ -/* - Copyright (c) 2005, 2013, Oracle and/or its affiliates - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* yaSSL error implements and an exception class - */ - -#include "runtime.hpp" -#include "yassl_error.hpp" -#include "error.hpp" // TaoCrypt error numbers -#include "openssl/ssl.h" // SSL_ERROR_WANT_READ -#include <string.h> // strncpy - -#ifdef _MSC_VER - // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy - #pragma warning(disable: 4996) -#endif - -namespace yaSSL { - - -/* may bring back in future -Error::Error(const char* s, YasslError e, Library l) - : mySTL::runtime_error(s), error_(e), lib_(l) -{ -} - - -YasslError Error::get_number() const -{ - return error_; -} - - -Library Error::get_lib() const -{ - - return lib_; -} -*/ - - -void SetErrorString(YasslError error, char* buffer) -{ - using namespace TaoCrypt; - const int max = MAX_ERROR_SZ; // shorthand - int localError = error; // errors from a few enums - - switch (localError) { - - // yaSSL proper errors - case range_error : - strncpy(buffer, "buffer index error, out of range", max); - break; - - case realloc_error : - strncpy(buffer, "trying to realloc a fixed buffer", max); - break; - - case factory_error : - strncpy(buffer, "unknown factory create request", max); - break; - - case unknown_cipher : - strncpy(buffer, "trying to use an unknown cipher", max); - break; - - case prefix_error : - strncpy(buffer, "bad master secret derivation, prefix too big", max); - break; - - case record_layer : - strncpy(buffer, "record layer not ready yet", max); - break; - - case handshake_layer : - strncpy(buffer, "handshake layer not ready yet", max); - break; - - case out_of_order : - strncpy(buffer, "handshake message received in wrong order", max); - break; - - case bad_input : - strncpy(buffer, "bad cipher suite input", max); - break; - - case match_error : - strncpy(buffer, "unable to match a supported cipher suite", max); - break; - - case no_key_file : - strncpy(buffer, "the server needs a private key file", max); - break; - - case verify_error : - strncpy(buffer, "unable to verify peer checksum", max); - break; - - case send_error : - strncpy(buffer, "socket layer send error", max); - break; - - case receive_error : - strncpy(buffer, "socket layer receive error", max); - break; - - case certificate_error : - strncpy(buffer, "unable to process cerificate", max); - break; - - case privateKey_error : - strncpy(buffer, "unable to process private key, bad format", max); - break; - - case badVersion_error : - strncpy(buffer, "protocol version mismatch", max); - break; - - case compress_error : - strncpy(buffer, "compression error", max); - break; - - case decompress_error : - strncpy(buffer, "decompression error", max); - break; - - case pms_version_error : - strncpy(buffer, "bad PreMasterSecret version error", max); - break; - - case sanityCipher_error : - strncpy(buffer, "sanity check on cipher text size error", max); - break; - - case rsaSignFault_error: - strncpy(buffer, "rsa signature fault error", max); - break; - - // openssl errors - case SSL_ERROR_WANT_READ : - strncpy(buffer, "the read operation would block", max); - break; - - case SSL_ERROR_WANT_WRITE : - strncpy(buffer, "the write operation would block", max); - break; - - case CERTFICATE_ERROR : - strncpy(buffer, "Unable to verify certificate", max); - break; - - // TaoCrypt errors - case NO_ERROR_E : - strncpy(buffer, "not in error state", max); - break; - - case WINCRYPT_E : - strncpy(buffer, "bad wincrypt acquire", max); - break; - - case CRYPTGEN_E : - strncpy(buffer, "CryptGenRandom error", max); - break; - - case OPEN_RAN_E : - strncpy(buffer, "unable to use random device", max); - break; - - case READ_RAN_E : - strncpy(buffer, "unable to use random device", max); - break; - - case INTEGER_E : - strncpy(buffer, "ASN: bad DER Integer Header", max); - break; - - case SEQUENCE_E : - strncpy(buffer, "ASN: bad Sequence Header", max); - break; - - case SET_E : - strncpy(buffer, "ASN: bad Set Header", max); - break; - - case VERSION_E : - strncpy(buffer, "ASN: version length not 1", max); - break; - - case SIG_OID_E : - strncpy(buffer, "ASN: signature OID mismatch", max); - break; - - case BIT_STR_E : - strncpy(buffer, "ASN: bad BitString Header", max); - break; - - case UNKNOWN_OID_E : - strncpy(buffer, "ASN: unknown key OID type", max); - break; - - case OBJECT_ID_E : - strncpy(buffer, "ASN: bad Ojbect ID Header", max); - break; - - case TAG_NULL_E : - strncpy(buffer, "ASN: expected TAG NULL", max); - break; - - case EXPECT_0_E : - strncpy(buffer, "ASN: expected 0", max); - break; - - case OCTET_STR_E : - strncpy(buffer, "ASN: bad Octet String Header", max); - break; - - case TIME_E : - strncpy(buffer, "ASN: bad TIME", max); - break; - - case DATE_SZ_E : - strncpy(buffer, "ASN: bad Date Size", max); - break; - - case SIG_LEN_E : - strncpy(buffer, "ASN: bad Signature Length", max); - break; - - case UNKOWN_SIG_E : - strncpy(buffer, "ASN: unknown signature OID", max); - break; - - case UNKOWN_HASH_E : - strncpy(buffer, "ASN: unknown hash OID", max); - break; - - case DSA_SZ_E : - strncpy(buffer, "ASN: bad DSA r or s size", max); - break; - - case BEFORE_DATE_E : - strncpy(buffer, "ASN: before date in the future", max); - break; - - case AFTER_DATE_E : - strncpy(buffer, "ASN: after date in the past", max); - break; - - case SIG_CONFIRM_E : - strncpy(buffer, "ASN: bad self signature confirmation", max); - break; - - case SIG_OTHER_E : - strncpy(buffer, "ASN: bad other signature confirmation", max); - break; - - case CONTENT_E : - strncpy(buffer, "bad content processing", max); - break; - - case PEM_E : - strncpy(buffer, "bad PEM format processing", max); - break; - - default : - strncpy(buffer, "unknown error number", max); - } -} - - - -} // namespace yaSSL diff --git a/extra/yassl/src/yassl_imp.cpp b/extra/yassl/src/yassl_imp.cpp deleted file mode 100644 index a4b1b50e10f..00000000000 --- a/extra/yassl/src/yassl_imp.cpp +++ /dev/null @@ -1,2636 +0,0 @@ -/* - Copyright (c) 2005, 2017, Oracle and/or its affiliates. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* yaSSL source implements all SSL.v3 secification structures. - */ - -#include "runtime.hpp" -#include "yassl_int.hpp" -#include "handshake.hpp" - -#include "asn.hpp" // provide crypto wrapper?? -#include <my_attribute.h> - - -namespace yaSSL { - - -namespace { // locals - -bool isTLS(ProtocolVersion pv) -{ - if (pv.major_ >= 3 && pv.minor_ >= 1) - return true; - - return false; -} - - -} // namespace (locals) - - -void hashHandShake(SSL&, const input_buffer&, uint); - - -ProtocolVersion::ProtocolVersion(uint8 maj, uint8 min) - : major_(maj), minor_(min) -{} - - -// construct key exchange with known ssl parms -void ClientKeyExchange::createKey(SSL& ssl) -{ - const ClientKeyFactory& ckf = ssl.getFactory().getClientKey(); - client_key_ = ckf.CreateObject(ssl.getSecurity().get_parms().kea_); - - if (!client_key_) - ssl.SetError(factory_error); -} - - -// construct key exchange with known ssl parms -void ServerKeyExchange::createKey(SSL& ssl) -{ - const ServerKeyFactory& skf = ssl.getFactory().getServerKey(); - server_key_ = skf.CreateObject(ssl.getSecurity().get_parms().kea_); - - if (!server_key_) - ssl.SetError(factory_error); -} - - -// build/set PreMaster secret and encrypt, client side -void EncryptedPreMasterSecret::build(SSL& ssl) -{ - opaque tmp[SECRET_LEN]; - memset(tmp, 0, sizeof(tmp)); - ssl.getCrypto().get_random().Fill(tmp, SECRET_LEN); - ProtocolVersion pv = ssl.getSecurity().get_connection().chVersion_; - tmp[0] = pv.major_; - tmp[1] = pv.minor_; - ssl.set_preMaster(tmp, SECRET_LEN); - - const CertManager& cert = ssl.getCrypto().get_certManager(); - RSA rsa(cert.get_peerKey(), cert.get_peerKeyLength()); - bool tls = ssl.isTLS(); // if TLS, put length for encrypted data - alloc(rsa.get_cipherLength() + (tls ? 2 : 0)); - byte* holder = secret_; - if (tls) { - byte len[2]; - c16toa(rsa.get_cipherLength(), len); - memcpy(secret_, len, sizeof(len)); - holder += 2; - } - rsa.encrypt(holder, tmp, SECRET_LEN, ssl.getCrypto().get_random()); -} - - -// build/set premaster and Client Public key, client side -void ClientDiffieHellmanPublic::build(SSL& ssl) -{ - DiffieHellman& dhServer = ssl.useCrypto().use_dh(); - DiffieHellman dhClient(dhServer); - - uint keyLength = dhClient.get_agreedKeyLength(); // pub and agree same - - alloc(keyLength, true); - dhClient.makeAgreement(dhServer.get_publicKey(), - dhServer.get_publicKeyLength()); - c16toa(keyLength, Yc_); - memcpy(Yc_ + KEY_OFFSET, dhClient.get_publicKey(), keyLength); - - ssl.set_preMaster(dhClient.get_agreedKey(), keyLength); -} - - -// build server exhange, server side -void DH_Server::build(SSL& ssl) -{ - DiffieHellman& dhServer = ssl.useCrypto().use_dh(); - - int pSz, gSz, pubSz; - dhServer.set_sizes(pSz, gSz, pubSz); - dhServer.get_parms(parms_.alloc_p(pSz), parms_.alloc_g(gSz), - parms_.alloc_pub(pubSz)); - - short sigSz = 0; - mySTL::auto_ptr<Auth> auth; - const CertManager& cert = ssl.getCrypto().get_certManager(); - - if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) { - if (cert.get_keyType() != rsa_sa_algo) { - ssl.SetError(privateKey_error); - return; - } - auth.reset(NEW_YS RSA(cert.get_privateKey(), - cert.get_privateKeyLength(), false)); - } - else { - if (cert.get_keyType() != dsa_sa_algo) { - ssl.SetError(privateKey_error); - return; - } - auth.reset(NEW_YS DSS(cert.get_privateKey(), - cert.get_privateKeyLength(), false)); - sigSz += DSS_ENCODED_EXTRA; - } - - sigSz += auth->get_signatureLength(); - if (!sigSz) { - ssl.SetError(privateKey_error); - return; - } - - length_ = 8; // pLen + gLen + YsLen + SigLen - length_ += pSz + gSz + pubSz + sigSz; - - output_buffer tmp(length_); - byte len[2]; - // P - c16toa(pSz, len); - tmp.write(len, sizeof(len)); - tmp.write(parms_.get_p(), pSz); - // G - c16toa(gSz, len); - tmp.write(len, sizeof(len)); - tmp.write(parms_.get_g(), gSz); - // Ys - c16toa(pubSz, len); - tmp.write(len, sizeof(len)); - tmp.write(parms_.get_pub(), pubSz); - - // Sig - byte hash[FINISHED_SZ]; - MD5 md5; - SHA sha; - signature_ = NEW_YS byte[sigSz]; - - const Connection& conn = ssl.getSecurity().get_connection(); - // md5 - md5.update(conn.client_random_, RAN_LEN); - md5.update(conn.server_random_, RAN_LEN); - md5.update(tmp.get_buffer(), tmp.get_size()); - md5.get_digest(hash); - - // sha - sha.update(conn.client_random_, RAN_LEN); - sha.update(conn.server_random_, RAN_LEN); - sha.update(tmp.get_buffer(), tmp.get_size()); - sha.get_digest(&hash[MD5_LEN]); - - if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) { - auth->sign(signature_, hash, sizeof(hash), - ssl.getCrypto().get_random()); - // check for rsa signautre fault - if (!auth->verify(hash, sizeof(hash), signature_, - auth->get_signatureLength())) { - ssl.SetError(rsaSignFault_error); - return; - } - } - else { - auth->sign(signature_, &hash[MD5_LEN], SHA_LEN, - ssl.getCrypto().get_random()); - byte encoded[DSS_SIG_SZ + DSS_ENCODED_EXTRA]; - TaoCrypt::EncodeDSA_Signature(signature_, encoded); - memcpy(signature_, encoded, sizeof(encoded)); - } - - c16toa(sigSz, len); - tmp.write(len, sizeof(len)); - tmp.write(signature_, sigSz); - - // key message - keyMessage_ = NEW_YS opaque[length_]; - memcpy(keyMessage_, tmp.get_buffer(), tmp.get_size()); -} - - -// read PreMaster secret and decrypt, server side -void EncryptedPreMasterSecret::read(SSL& ssl, input_buffer& input) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - const CertManager& cert = ssl.getCrypto().get_certManager(); - RSA rsa(cert.get_privateKey(), cert.get_privateKeyLength(), false); - uint16 cipherLen = rsa.get_cipherLength(); - if (ssl.isTLS()) { - byte len[2]; - len[0] = input[AUTO]; - len[1] = input[AUTO]; - ato16(len, cipherLen); - } - alloc(cipherLen); - input.read(secret_, length_); - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - opaque preMasterSecret[SECRET_LEN]; - memset(preMasterSecret, 0, sizeof(preMasterSecret)); - rsa.decrypt(preMasterSecret, secret_, length_, - ssl.getCrypto().get_random()); - - ProtocolVersion pv = ssl.getSecurity().get_connection().chVersion_; - if (pv.major_ != preMasterSecret[0] || pv.minor_ != preMasterSecret[1]) - ssl.SetError(pms_version_error); // continue deriving for timing attack - - ssl.set_preMaster(preMasterSecret, SECRET_LEN); - ssl.makeMasterSecret(); -} - - -EncryptedPreMasterSecret::EncryptedPreMasterSecret() - : secret_(0), length_(0) -{} - - -EncryptedPreMasterSecret::~EncryptedPreMasterSecret() -{ - ysArrayDelete(secret_); -} - - -int EncryptedPreMasterSecret::get_length() const -{ - return length_; -} - - -opaque* EncryptedPreMasterSecret::get_clientKey() const -{ - return secret_; -} - - -void EncryptedPreMasterSecret::alloc(int sz) -{ - length_ = sz; - secret_ = NEW_YS opaque[sz]; -} - - -// read client's public key, server side -void ClientDiffieHellmanPublic::read(SSL& ssl, input_buffer& input) -{ - if (input.get_error() || input.get_remaining() < (uint)LENGTH_SZ) { - ssl.SetError(bad_input); - return; - } - - DiffieHellman& dh = ssl.useCrypto().use_dh(); - - uint16 keyLength; - byte tmp[2]; - tmp[0] = input[AUTO]; - tmp[1] = input[AUTO]; - ato16(tmp, keyLength); - - if (keyLength < dh.get_agreedKeyLength()/2) { - ssl.SetError(bad_input); - return; - } - - alloc(keyLength); - input.read(Yc_, keyLength); - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - dh.makeAgreement(Yc_, keyLength); - - ssl.set_preMaster(dh.get_agreedKey(), dh.get_agreedKeyLength()); - ssl.makeMasterSecret(); -} - - -ClientDiffieHellmanPublic::ClientDiffieHellmanPublic() - : length_(0), Yc_(0) -{} - - -ClientDiffieHellmanPublic::~ClientDiffieHellmanPublic() -{ - ysArrayDelete(Yc_); -} - - -int ClientDiffieHellmanPublic::get_length() const -{ - return length_; -} - - -opaque* ClientDiffieHellmanPublic::get_clientKey() const -{ - return Yc_; -} - - -void ClientDiffieHellmanPublic::alloc(int sz, bool offset) -{ - length_ = sz + (offset ? KEY_OFFSET : 0); - Yc_ = NEW_YS opaque[length_]; -} - - -// read server's p, g, public key and sig, client side -void DH_Server::read(SSL& ssl, input_buffer& input) -{ - if (input.get_error() || input.get_remaining() < (uint)LENGTH_SZ) { - ssl.SetError(bad_input); - return; - } - uint16 length, messageTotal = 6; // pSz + gSz + pubSz - byte tmp[2]; - - // p - tmp[0] = input[AUTO]; - tmp[1] = input[AUTO]; - ato16(tmp, length); - messageTotal += length; - - input.read(parms_.alloc_p(length), length); - if (input.get_error() || input.get_remaining() < (uint)LENGTH_SZ) { - ssl.SetError(bad_input); - return; - } - - // g - tmp[0] = input[AUTO]; - tmp[1] = input[AUTO]; - ato16(tmp, length); - messageTotal += length; - - input.read(parms_.alloc_g(length), length); - if (input.get_error() || input.get_remaining() < (uint)LENGTH_SZ) { - ssl.SetError(bad_input); - return; - } - - // pub - tmp[0] = input[AUTO]; - tmp[1] = input[AUTO]; - ato16(tmp, length); - messageTotal += length; - - input.read(parms_.alloc_pub(length), length); - if (input.get_error() || input.get_remaining() < (uint)LENGTH_SZ) { - ssl.SetError(bad_input); - return; - } - - // save message for hash verify - input_buffer message(messageTotal); - input.set_current(input.get_current() - messageTotal); - input.read(message.get_buffer(), messageTotal); - message.add_size(messageTotal); - if (input.get_error() || input.get_remaining() < (uint)LENGTH_SZ) { - ssl.SetError(bad_input); - return; - } - - // signature - tmp[0] = input[AUTO]; - tmp[1] = input[AUTO]; - ato16(tmp, length); - - if (length == 0) { - ssl.SetError(bad_input); - return; - } - signature_ = NEW_YS byte[length]; - input.read(signature_, length); - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - // verify signature - byte hash[FINISHED_SZ]; - MD5 md5; - SHA sha; - - const Connection& conn = ssl.getSecurity().get_connection(); - // md5 - md5.update(conn.client_random_, RAN_LEN); - md5.update(conn.server_random_, RAN_LEN); - md5.update(message.get_buffer(), message.get_size()); - md5.get_digest(hash); - - // sha - sha.update(conn.client_random_, RAN_LEN); - sha.update(conn.server_random_, RAN_LEN); - sha.update(message.get_buffer(), message.get_size()); - sha.get_digest(&hash[MD5_LEN]); - - const CertManager& cert = ssl.getCrypto().get_certManager(); - - if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) { - RSA rsa(cert.get_peerKey(), cert.get_peerKeyLength()); - if (!rsa.verify(hash, sizeof(hash), signature_, length)) - ssl.SetError(verify_error); - } - else { - byte decodedSig[DSS_SIG_SZ]; - length = TaoCrypt::DecodeDSA_Signature(decodedSig, signature_, length); - - DSS dss(cert.get_peerKey(), cert.get_peerKeyLength()); - if (!dss.verify(&hash[MD5_LEN], SHA_LEN, decodedSig, length)) - ssl.SetError(verify_error); - } - - // save input - ssl.useCrypto().SetDH(NEW_YS DiffieHellman(parms_.get_p(), - parms_.get_pSize(), parms_.get_g(), parms_.get_gSize(), - parms_.get_pub(), parms_.get_pubSize(), - ssl.getCrypto().get_random())); -} - - -DH_Server::DH_Server() - : signature_(0), length_(0), keyMessage_(0) -{} - - -DH_Server::~DH_Server() -{ - ysArrayDelete(keyMessage_); - ysArrayDelete(signature_); -} - - -int DH_Server::get_length() const -{ - return length_; -} - - -opaque* DH_Server::get_serverKey() const -{ - return keyMessage_; -} - - -// set available suites -Parameters::Parameters(ConnectionEnd ce, const Ciphers& ciphers, - ProtocolVersion pv, bool haveDH) : entity_(ce) -{ - pending_ = true; // suite not set yet - strncpy(cipher_name_, "NONE", 5); - - removeDH_ = !haveDH; // only use on server side for set suites - - if (ciphers.setSuites_) { // use user set list - suites_size_ = ciphers.suiteSz_; - memcpy(suites_, ciphers.suites_, ciphers.suiteSz_); - SetCipherNames(); - } - else - SetSuites(pv, ce == server_end && removeDH_); // defaults - -} - - -void Parameters::SetSuites(ProtocolVersion pv, bool removeDH, bool removeRSA, - bool removeDSA) -{ - int i = 0; - // available suites, best first - // when adding more, make sure cipher_names is updated and - // MAX_CIPHERS is big enough - - if (isTLS(pv)) { - if (!removeDH) { - if (!removeRSA) { - suites_[i++] = 0x00; - suites_[i++] = TLS_DHE_RSA_WITH_AES_256_CBC_SHA; - } - if (!removeDSA) { - suites_[i++] = 0x00; - suites_[i++] = TLS_DHE_DSS_WITH_AES_256_CBC_SHA; - } - } - if (!removeRSA) { - suites_[i++] = 0x00; - suites_[i++] = TLS_RSA_WITH_AES_256_CBC_SHA; - } - if (!removeDH) { - if (!removeRSA) { - suites_[i++] = 0x00; - suites_[i++] = TLS_DHE_RSA_WITH_AES_128_CBC_SHA; - } - if (!removeDSA) { - suites_[i++] = 0x00; - suites_[i++] = TLS_DHE_DSS_WITH_AES_128_CBC_SHA; - } - } - if (!removeRSA) { - suites_[i++] = 0x00; - suites_[i++] = TLS_RSA_WITH_AES_128_CBC_SHA; - suites_[i++] = 0x00; - suites_[i++] = TLS_RSA_WITH_AES_256_CBC_RMD160; - suites_[i++] = 0x00; - suites_[i++] = TLS_RSA_WITH_AES_128_CBC_RMD160; - suites_[i++] = 0x00; - suites_[i++] = TLS_RSA_WITH_3DES_EDE_CBC_RMD160; - } - if (!removeDH) { - if (!removeRSA) { - suites_[i++] = 0x00; - suites_[i++] = TLS_DHE_RSA_WITH_AES_256_CBC_RMD160; - suites_[i++] = 0x00; - suites_[i++] = TLS_DHE_RSA_WITH_AES_128_CBC_RMD160; - suites_[i++] = 0x00; - suites_[i++] = TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160; - } - if (!removeDSA) { - suites_[i++] = 0x00; - suites_[i++] = TLS_DHE_DSS_WITH_AES_256_CBC_RMD160; - suites_[i++] = 0x00; - suites_[i++] = TLS_DHE_DSS_WITH_AES_128_CBC_RMD160; - suites_[i++] = 0x00; - suites_[i++] = TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160; - } - } - } - - if (!removeRSA) { - suites_[i++] = 0x00; - suites_[i++] = SSL_RSA_WITH_RC4_128_SHA; - suites_[i++] = 0x00; - suites_[i++] = SSL_RSA_WITH_RC4_128_MD5; - - suites_[i++] = 0x00; - suites_[i++] = SSL_RSA_WITH_3DES_EDE_CBC_SHA; - suites_[i++] = 0x00; - suites_[i++] = SSL_RSA_WITH_DES_CBC_SHA; - } - if (!removeDH) { - if (!removeRSA) { - suites_[i++] = 0x00; - suites_[i++] = SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA; - } - if (!removeDSA) { - suites_[i++] = 0x00; - suites_[i++] = SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA; - } - if (!removeRSA) { - suites_[i++] = 0x00; - suites_[i++] = SSL_DHE_RSA_WITH_DES_CBC_SHA; - } - if (!removeDSA) { - suites_[i++] = 0x00; - suites_[i++] = SSL_DHE_DSS_WITH_DES_CBC_SHA; - } - } - - suites_size_ = i; - - SetCipherNames(); -} - - -void Parameters::SetCipherNames() -{ - const int suites = suites_size_ / 2; - int pos = 0; - - for (int j = 0; j < suites; j++) { - int index = suites_[j*2 + 1]; // every other suite is suite id - size_t len = strlen(cipher_names[index]) + 1; - strncpy(cipher_list_[pos++], cipher_names[index], len); - } - cipher_list_[pos][0] = 0; -} - - -// input operator for RecordLayerHeader, adjust stream -input_buffer& operator>>(input_buffer& input, RecordLayerHeader& hdr) -{ - hdr.type_ = ContentType(input[AUTO]); - hdr.version_.major_ = input[AUTO]; - hdr.version_.minor_ = input[AUTO]; - - // length - byte tmp[2]; - tmp[0] = input[AUTO]; - tmp[1] = input[AUTO]; - ato16(tmp, hdr.length_); - - return input; -} - - -// output operator for RecordLayerHeader -output_buffer& operator<<(output_buffer& output, const RecordLayerHeader& hdr) -{ - output[AUTO] = hdr.type_; - output[AUTO] = hdr.version_.major_; - output[AUTO] = hdr.version_.minor_; - - // length - byte tmp[2]; - c16toa(hdr.length_, tmp); - output[AUTO] = tmp[0]; - output[AUTO] = tmp[1]; - - return output; -} - - -// virtual input operator for Messages -input_buffer& operator>>(input_buffer& input, Message& msg) -{ - return msg.set(input); -} - -// virtual output operator for Messages -output_buffer& operator<<(output_buffer& output, const Message& msg) -{ - return msg.get(output); -} - - -// input operator for HandShakeHeader -input_buffer& operator>>(input_buffer& input, HandShakeHeader& hs) -{ - hs.type_ = HandShakeType(input[AUTO]); - - hs.length_[0] = input[AUTO]; - hs.length_[1] = input[AUTO]; - hs.length_[2] = input[AUTO]; - - return input; -} - - -// output operator for HandShakeHeader -output_buffer& operator<<(output_buffer& output, const HandShakeHeader& hdr) -{ - output[AUTO] = hdr.type_; - output.write(hdr.length_, sizeof(hdr.length_)); - return output; -} - - -// HandShake Header Processing function -void HandShakeHeader::Process(input_buffer& input, SSL& ssl) -{ - ssl.verifyState(*this); - if (ssl.GetError()) return; - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - const HandShakeFactory& hsf = ssl.getFactory().getHandShake(); - mySTL::auto_ptr<HandShakeBase> hs(hsf.CreateObject(type_)); - if (!hs.get()) { - ssl.SetError(factory_error); - return; - } - - uint len = c24to32(length_); - if (len > input.get_remaining()) { - ssl.SetError(bad_input); - return; - } - hashHandShake(ssl, input, len); - - hs->set_length(len); - input >> *hs; - hs->Process(input, ssl); -} - - -ContentType HandShakeHeader::get_type() const -{ - return handshake; -} - - -uint16 HandShakeHeader::get_length() const -{ - return c24to32(length_); -} - - -HandShakeType HandShakeHeader::get_handshakeType() const -{ - return type_; -} - - -void HandShakeHeader::set_type(HandShakeType hst) -{ - type_ = hst; -} - - -void HandShakeHeader::set_length(uint32 u32) -{ - c32to24(u32, length_); -} - - -input_buffer& HandShakeHeader::set(input_buffer& in) -{ - return in >> *this; -} - - -output_buffer& HandShakeHeader::get(output_buffer& out) const -{ - return out << *this; -} - - - -int HandShakeBase::get_length() const -{ - return length_; -} - - -void HandShakeBase::set_length(int l) -{ - length_ = l; -} - - -// for building buffer's type field -HandShakeType HandShakeBase::get_type() const -{ - return no_shake; -} - - -input_buffer& HandShakeBase::set(input_buffer& in) -{ - return in; -} - - -output_buffer& HandShakeBase::get(output_buffer& out) const -{ - return out; -} - - -void HandShakeBase::Process(input_buffer&, SSL&) -{} - - -input_buffer& HelloRequest::set(input_buffer& in) -{ - return in; -} - - -output_buffer& HelloRequest::get(output_buffer& out) const -{ - return out; -} - - -void HelloRequest::Process(input_buffer&, SSL&) -{} - - -HandShakeType HelloRequest::get_type() const -{ - return hello_request; -} - - -// input operator for CipherSpec -input_buffer& operator>>(input_buffer& input, ChangeCipherSpec& cs) -{ - cs.type_ = CipherChoice(input[AUTO]); - return input; -} - -// output operator for CipherSpec -output_buffer& operator<<(output_buffer& output, const ChangeCipherSpec& cs) -{ - output[AUTO] = cs.type_; - return output; -} - - -ChangeCipherSpec::ChangeCipherSpec() - : type_(change_cipher_spec_choice) -{} - - -input_buffer& ChangeCipherSpec::set(input_buffer& in) -{ - return in >> *this; -} - - -output_buffer& ChangeCipherSpec::get(output_buffer& out) const -{ - return out << *this; -} - - -ContentType ChangeCipherSpec::get_type() const -{ - return change_cipher_spec; -} - - -uint16 ChangeCipherSpec::get_length() const -{ - return SIZEOF_ENUM; -} - - -// CipherSpec processing handler -void ChangeCipherSpec::Process(input_buffer& input, SSL& ssl) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - // detect duplicate change_cipher - if (ssl.getSecurity().get_parms().pending_ == false) { - ssl.order_error(); - return; - } - - ssl.useSecurity().use_parms().pending_ = false; - if (ssl.getSecurity().get_resuming()) { - if (ssl.getSecurity().get_parms().entity_ == client_end) - buildFinished(ssl, ssl.useHashes().use_verify(), server); // server - } - else if (ssl.getSecurity().get_parms().entity_ == server_end) - buildFinished(ssl, ssl.useHashes().use_verify(), client); // client -} - - -Alert::Alert(AlertLevel al, AlertDescription ad) - : level_(al), description_(ad) -{} - - -ContentType Alert::get_type() const -{ - return alert; -} - - -uint16 Alert::get_length() const -{ - return SIZEOF_ENUM * 2; -} - - -input_buffer& Alert::set(input_buffer& in) -{ - return in >> *this; -} - - -output_buffer& Alert::get(output_buffer& out) const -{ - return out << *this; -} - - -// input operator for Alert -input_buffer& operator>>(input_buffer& input, Alert& a) -{ - a.level_ = AlertLevel(input[AUTO]); - a.description_ = AlertDescription(input[AUTO]); - - return input; -} - - -// output operator for Alert -output_buffer& operator<<(output_buffer& output, const Alert& a) -{ - output[AUTO] = a.level_; - output[AUTO] = a.description_; - return output; -} - - -// Alert processing handler -void Alert::Process(input_buffer& input, SSL& ssl) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - if (ssl.getSecurity().get_parms().pending_ == false) { // encrypted alert - int aSz = get_length(); // alert size already read on input - opaque verify[SHA_LEN]; - const opaque* data = input.get_buffer() + input.get_current() - aSz; - - if (ssl.isTLS()) - TLS_hmac(ssl, verify, data, aSz, alert, true); - else - hmac(ssl, verify, data, aSz, alert, true); - - // read mac and skip fill - int digestSz = ssl.getCrypto().get_digest().get_digestSize(); - opaque mac[SHA_LEN]; - input.read(mac, digestSz); - - if (ssl.getSecurity().get_parms().cipher_type_ == block) { - int ivExtra = 0; - opaque fill __attribute__((unused)); - - if (ssl.isTLSv1_1()) - ivExtra = ssl.getCrypto().get_cipher().get_blockSize(); - int padSz = ssl.getSecurity().get_parms().encrypt_size_ - ivExtra - - aSz - digestSz; - for (int i = 0; i < padSz; i++) - fill = input[AUTO]; - } - - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - // verify - if (memcmp(mac, verify, digestSz)) { - ssl.SetError(verify_error); - return; - } - } - if (level_ == fatal) { - ssl.useStates().useRecord() = recordNotReady; - ssl.useStates().useHandShake() = handShakeNotReady; - ssl.SetError(YasslError(description_)); - } -} - - -Data::Data() - : length_(0), buffer_(0), write_buffer_(0) -{} - - -Data::Data(uint16 len, opaque* b) - : length_(len), buffer_(b), write_buffer_(0) -{} - - -void Data::SetData(uint16 len, const opaque* buffer) -{ - length_ = len; - write_buffer_ = buffer; -} - -input_buffer& Data::set(input_buffer& in) -{ - return in; -} - - -output_buffer& Data::get(output_buffer& out) const -{ - return out << *this; -} - - -ContentType Data::get_type() const -{ - return application_data; -} - - -uint16 Data::get_length() const -{ - return length_; -} - - -void Data::set_length(uint16 l) -{ - length_ = l; -} - - -opaque* Data::set_buffer() -{ - return buffer_; -} - - -// output operator for Data -output_buffer& operator<<(output_buffer& output, const Data& data) -{ - output.write(data.write_buffer_, data.length_); - return output; -} - - -// check all bytes for equality -static int constant_compare(const byte* a, const byte* b, int len) -{ - int good = 0; - int bad = 0; - - for (int i = 0; i < len; i++) { - if (a[i] == b[i]) - good++; - else - bad++; - } - - if (good == len) - return 0; - else - return 0 - bad; // failure -} - - -// check bytes for pad value -static int pad_check(const byte* input, byte pad, int len) -{ - int good = 0; - int bad = 0; - - for (int i = 0; i < len; i++) { - if (input[i] == pad) - good++; - else - bad++; - } - - if (good == len) - return 0; - else - return 0 - bad; // failure -} - - -// get number of compression rounds -static inline int get_rounds(int pLen, int padLen, int t) -{ - int roundL1 = 1; // round ups - int roundL2 = 1; - - int L1 = COMPRESS_CONSTANT + pLen - t; - int L2 = COMPRESS_CONSTANT + pLen - padLen - 1 - t; - - L1 -= COMPRESS_UPPER; - L2 -= COMPRESS_UPPER; - - if ( (L1 % COMPRESS_LOWER) == 0) - roundL1 = 0; - if ( (L2 % COMPRESS_LOWER) == 0) - roundL2 = 0; - - L1 /= COMPRESS_LOWER; - L2 /= COMPRESS_LOWER; - - L1 += roundL1; - L2 += roundL2; - - return L1 - L2; -} - - -// do compression rounds on dummy data -static inline void compress_rounds(SSL& ssl, int rounds, const byte* dummy) -{ - if (rounds) { - Digest* digest = NULL; - - MACAlgorithm ma = ssl.getSecurity().get_parms().mac_algorithm_; - if (ma == sha) - digest = NEW_YS SHA; - else if (ma == md5) - digest = NEW_YS MD5; - else if (ma == rmd) - digest = NEW_YS RMD; - else - return; - - for (int i = 0; i < rounds; i++) - digest->update(dummy, COMPRESS_LOWER); - - ysDelete(digest); - } -} - - -// timing resistant pad verification -static int timing_verify(SSL& ssl, const byte* input, int padLen, int t, - int pLen) -{ - byte verify[SHA_LEN]; - byte dummy[MAX_PAD_SIZE]; - - memset(dummy, 1, sizeof(dummy)); - - if ( (t + padLen + 1) > pLen) { - pad_check(dummy, (byte)padLen, MAX_PAD_SIZE); - if (ssl.isTLS()) - TLS_hmac(ssl, verify, input, pLen - t, application_data, 1); - else - hmac(ssl, verify, input, pLen - t, application_data, 1); - constant_compare(verify, input + pLen - t, t); - - return -1; - } - - if (pad_check(input + pLen - (padLen + 1), (byte)padLen, padLen + 1) != 0) { - pad_check(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1); - if (ssl.isTLS()) - TLS_hmac(ssl, verify, input, pLen - t, application_data, 1); - else - hmac(ssl, verify, input, pLen - t, application_data, 1); - constant_compare(verify, input + pLen - t, t); - - return -1; - } - - pad_check(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1); - if (ssl.isTLS()) - TLS_hmac(ssl, verify, input, pLen - padLen - 1 - t, application_data,1); - else - hmac(ssl, verify, input, pLen - padLen - 1 - t, application_data, 1); - - compress_rounds(ssl, get_rounds(pLen, padLen, t), dummy); - - if (constant_compare(verify, input + (pLen - padLen - 1 - t), t) != 0) - return -1; - - return 0; -} - - -// Process handler for Data -void Data::Process(input_buffer& input, SSL& ssl) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - int msgSz = ssl.getSecurity().get_parms().encrypt_size_; - int pad = 0, padSz = 0; - int ivExtra = 0; - int digestSz = ssl.getCrypto().get_digest().get_digestSize(); - const byte* rawData = input.get_buffer() + input.get_current(); - opaque verify[SHA_LEN]; - - if (ssl.getSecurity().get_parms().cipher_type_ == block) { - if (ssl.isTLSv1_1()) // IV - ivExtra = ssl.getCrypto().get_cipher().get_blockSize(); - pad = *(input.get_buffer() + input.get_current() + msgSz -ivExtra - 1); - padSz = 1; - - if (ssl.isTLS()) { - if (timing_verify(ssl, rawData, pad,digestSz, msgSz-ivExtra) != 0) { - ssl.SetError(verify_error); - return; - } - } - else { // SSLv3, some don't do this padding right - int sz3 = msgSz - digestSz - pad - 1; - hmac(ssl, verify, rawData, sz3, application_data, true); - if (constant_compare(verify, rawData + sz3, digestSz) != 0) { - ssl.SetError(verify_error); - return; - } - } - } - else { // stream - int streamSz = msgSz - digestSz; - if (ssl.isTLS()) - TLS_hmac(ssl, verify, rawData, streamSz, application_data, true); - else - hmac(ssl, verify, rawData, streamSz, application_data, true); - if (constant_compare(verify, rawData + streamSz, digestSz) != 0) { - ssl.SetError(verify_error); - return; - } - } - - int dataSz = msgSz - ivExtra - digestSz - pad - padSz; - - if (dataSz < 0 || dataSz > (MAX_RECORD_SIZE + COMPRESS_EXTRA)) { - ssl.SetError(bad_input); - return; - } - - // read data - if (dataSz) { // could be compressed - if (ssl.CompressionOn()) { - input_buffer tmp; - if (DeCompress(input, dataSz, tmp) == -1) { - ssl.SetError(decompress_error); - return; - } - ssl.addData(NEW_YS input_buffer(tmp.get_size(), - tmp.get_buffer(), tmp.get_size())); - } - else { - input_buffer* data; - ssl.addData(data = NEW_YS input_buffer(dataSz)); - input.read(data->get_buffer(), dataSz); - data->add_size(dataSz); - } - } - - // advance past mac and fill - input.set_current(input.get_current() + digestSz + pad + padSz); - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } -} - - -// virtual input operator for HandShakes -input_buffer& operator>>(input_buffer& input, HandShakeBase& hs) -{ - return hs.set(input); -} - - -// virtual output operator for HandShakes -output_buffer& operator<<(output_buffer& output, const HandShakeBase& hs) -{ - return hs.get(output); -} - - -Certificate::Certificate(const x509* cert) : cert_(cert) -{ - if (cert) - set_length(cert_->get_length() + 2 * CERT_HEADER); // list and cert size - else - set_length(CERT_HEADER); // total blank cert size, just list header -} - - -const opaque* Certificate::get_buffer() const -{ - if (cert_) - return cert_->get_buffer(); - - return NULL; -} - - -// output operator for Certificate -output_buffer& operator<<(output_buffer& output, const Certificate& cert) -{ - uint sz = cert.get_length(); - opaque tmp[CERT_HEADER]; - - if ((int)sz > CERT_HEADER) - sz -= 2 * CERT_HEADER; // actual cert, not including headers - else { - sz = 0; // blank cert case - c32to24(sz, tmp); - output.write(tmp, CERT_HEADER); - - return output; - } - - c32to24(sz + CERT_HEADER, tmp); - output.write(tmp, CERT_HEADER); - c32to24(sz, tmp); - output.write(tmp, CERT_HEADER); - output.write(cert.get_buffer(), sz); - - return output; -} - - -// certificate processing handler -void Certificate::Process(input_buffer& input, SSL& ssl) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - CertManager& cm = ssl.useCrypto().use_certManager(); - - uint32 list_sz; - byte tmp[3]; - - if (input.get_remaining() < sizeof(tmp)) { - ssl.SetError(YasslError(bad_input)); - return; - } - tmp[0] = input[AUTO]; - tmp[1] = input[AUTO]; - tmp[2] = input[AUTO]; - c24to32(tmp, list_sz); - - if (list_sz > (uint)MAX_RECORD_SIZE) { // sanity check - ssl.SetError(YasslError(bad_input)); - return; - } - - while (list_sz) { - // cert size - uint32 cert_sz; - - if (input.get_remaining() < sizeof(tmp)) { - ssl.SetError(YasslError(bad_input)); - return; - } - tmp[0] = input[AUTO]; - tmp[1] = input[AUTO]; - tmp[2] = input[AUTO]; - c24to32(tmp, cert_sz); - - if (cert_sz > (uint)MAX_RECORD_SIZE || input.get_remaining() < cert_sz){ - ssl.SetError(YasslError(bad_input)); - return; - } - if (cert_sz) { - x509* myCert; - cm.AddPeerCert(myCert = NEW_YS x509(cert_sz)); - input.read(myCert->use_buffer(), myCert->get_length()); - } - - list_sz -= cert_sz + CERT_HEADER; - } - if (int err = cm.Validate()) - ssl.SetError(YasslError(err)); - else if (ssl.getSecurity().get_parms().entity_ == client_end) - ssl.useStates().useClient() = serverCertComplete; -} - - -Certificate::Certificate() - : cert_(0) -{} - - -input_buffer& Certificate::set(input_buffer& in) -{ - return in; -} - - -output_buffer& Certificate::get(output_buffer& out) const -{ - return out << *this; -} - - -HandShakeType Certificate::get_type() const -{ - return certificate; -} - - -ServerDHParams::ServerDHParams() - : pSz_(0), gSz_(0), pubSz_(0), p_(0), g_(0), Ys_(0) -{} - - -ServerDHParams::~ServerDHParams() -{ - ysArrayDelete(Ys_); - ysArrayDelete(g_); - ysArrayDelete(p_); -} - - -int ServerDHParams::get_pSize() const -{ - return pSz_; -} - - -int ServerDHParams::get_gSize() const -{ - return gSz_; -} - - -int ServerDHParams::get_pubSize() const -{ - return pubSz_; -} - - -const opaque* ServerDHParams::get_p() const -{ - return p_; -} - - -const opaque* ServerDHParams::get_g() const -{ - return g_; -} - - -const opaque* ServerDHParams::get_pub() const -{ - return Ys_; -} - - -opaque* ServerDHParams::alloc_p(int sz) -{ - p_ = NEW_YS opaque[pSz_ = sz]; - return p_; -} - - -opaque* ServerDHParams::alloc_g(int sz) -{ - g_ = NEW_YS opaque[gSz_ = sz]; - return g_; -} - - -opaque* ServerDHParams::alloc_pub(int sz) -{ - Ys_ = NEW_YS opaque[pubSz_ = sz]; - return Ys_; -} - - -int ServerKeyBase::get_length() const -{ - return 0; -} - - -opaque* ServerKeyBase::get_serverKey() const -{ - return 0; -} - - -// input operator for ServerHello -input_buffer& operator>>(input_buffer& input, ServerHello& hello) -{ - // Protocol - hello.server_version_.major_ = input[AUTO]; - hello.server_version_.minor_ = input[AUTO]; - - // Random - input.read(hello.random_, RAN_LEN); - - // Session - hello.id_len_ = input[AUTO]; - if (hello.id_len_ > ID_LEN) { - input.set_error(); - return input; - } - if (hello.id_len_) - input.read(hello.session_id_, hello.id_len_); - - // Suites - hello.cipher_suite_[0] = input[AUTO]; - hello.cipher_suite_[1] = input[AUTO]; - - // Compression - hello.compression_method_ = CompressionMethod(input[AUTO]); - - return input; -} - - -// output operator for ServerHello -output_buffer& operator<<(output_buffer& output, const ServerHello& hello) -{ - // Protocol - output[AUTO] = hello.server_version_.major_; - output[AUTO] = hello.server_version_.minor_; - - // Random - output.write(hello.random_, RAN_LEN); - - // Session - output[AUTO] = hello.id_len_; - output.write(hello.session_id_, ID_LEN); - - // Suites - output[AUTO] = hello.cipher_suite_[0]; - output[AUTO] = hello.cipher_suite_[1]; - - // Compression - output[AUTO] = hello.compression_method_; - - return output; -} - - -// Server Hello processing handler -void ServerHello::Process(input_buffer& input, SSL& ssl) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - if (ssl.GetMultiProtocol()) { // SSLv23 support - if (ssl.isTLS() && server_version_.minor_ < 1) - // downgrade to SSLv3 - ssl.useSecurity().use_connection().TurnOffTLS(); - else if (ssl.isTLSv1_1() && server_version_.minor_ == 1) - // downdrage to TLSv1 - ssl.useSecurity().use_connection().TurnOffTLS1_1(); - } - else if (ssl.isTLSv1_1() && server_version_.minor_ < 2) { - ssl.SetError(badVersion_error); - return; - } - else if (ssl.isTLS() && server_version_.minor_ < 1) { - ssl.SetError(badVersion_error); - return; - } - else if (!ssl.isTLS() && (server_version_.major_ == 3 && - server_version_.minor_ >= 1)) { - ssl.SetError(badVersion_error); - return; - } - if (cipher_suite_[0] != 0x00) { - ssl.SetError(unknown_cipher); - return; - } - ssl.set_pending(cipher_suite_[1]); - ssl.set_random(random_, server_end); - if (id_len_) - ssl.set_sessionID(session_id_); - else - ssl.useSecurity().use_connection().sessionID_Set_ = false; - - if (ssl.getSecurity().get_resuming()) { - if (memcmp(session_id_, ssl.getSecurity().get_resume().GetID(), - ID_LEN) == 0) { - ssl.set_masterSecret(ssl.getSecurity().get_resume().GetSecret()); - if (ssl.isTLS()) - ssl.deriveTLSKeys(); - else - ssl.deriveKeys(); - ssl.useStates().useClient() = serverHelloDoneComplete; - return; - } - else { - ssl.useSecurity().set_resuming(false); - ssl.useLog().Trace("server denied resumption"); - } - } - - if (ssl.CompressionOn() && !compression_method_) - ssl.UnSetCompression(); // server isn't supporting yaSSL zlib request - - ssl.useStates().useClient() = serverHelloComplete; -} - - -ServerHello::ServerHello() -{ - memset(random_, 0, RAN_LEN); - memset(session_id_, 0, ID_LEN); -} - - -ServerHello::ServerHello(ProtocolVersion pv, bool useCompression) - : server_version_(pv), - compression_method_(useCompression ? zlib : no_compression) -{ - memset(random_, 0, RAN_LEN); - memset(session_id_, 0, ID_LEN); -} - - -input_buffer& ServerHello::set(input_buffer& in) -{ - return in >> *this; -} - - -output_buffer& ServerHello::get(output_buffer& out) const -{ - return out << *this; -} - - -HandShakeType ServerHello::get_type() const -{ - return server_hello; -} - - -const opaque* ServerHello::get_random() const -{ - return random_; -} - - -// Server Hello Done processing handler -void ServerHelloDone::Process(input_buffer& input, SSL& ssl) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - ssl.useStates().useClient() = serverHelloDoneComplete; -} - - -ServerHelloDone::ServerHelloDone() -{ - set_length(0); -} - - -input_buffer& ServerHelloDone::set(input_buffer& in) -{ - return in; -} - - -output_buffer& ServerHelloDone::get(output_buffer& out) const -{ - return out; -} - - -HandShakeType ServerHelloDone::get_type() const -{ - return server_hello_done; -} - - -int ClientKeyBase::get_length() const -{ - return 0; -} - - -opaque* ClientKeyBase::get_clientKey() const -{ - return 0; -} - - -// input operator for Client Hello -input_buffer& operator>>(input_buffer& input, ClientHello& hello) -{ - uint begin = input.get_current(); // could have extensions at end - - // Protocol - hello.client_version_.major_ = input[AUTO]; - hello.client_version_.minor_ = input[AUTO]; - - // Random - input.read(hello.random_, RAN_LEN); - - // Session - hello.id_len_ = input[AUTO]; - if (hello.id_len_) input.read(hello.session_id_, ID_LEN); - - // Suites - byte tmp[2]; - uint16 len; - tmp[0] = input[AUTO]; - tmp[1] = input[AUTO]; - ato16(tmp, len); - - hello.suite_len_ = min(len, static_cast<uint16>(MAX_SUITE_SZ)); - input.read(hello.cipher_suites_, hello.suite_len_); - if (len > hello.suite_len_) // ignore extra suites - input.set_current(input.get_current() + len - hello.suite_len_); - - // Compression - hello.comp_len_ = input[AUTO]; - hello.compression_methods_ = no_compression; - while (hello.comp_len_--) { - CompressionMethod cm = CompressionMethod(input[AUTO]); - if (cm == zlib) - hello.compression_methods_ = zlib; - } - - uint read = input.get_current() - begin; - uint expected = hello.get_length(); - - // ignore client hello extensions for now - if (read < expected) - input.set_current(input.get_current() + expected - read); - - return input; -} - - -// output operaotr for Client Hello -output_buffer& operator<<(output_buffer& output, const ClientHello& hello) -{ - // Protocol - output[AUTO] = hello.client_version_.major_; - output[AUTO] = hello.client_version_.minor_; - - // Random - output.write(hello.random_, RAN_LEN); - - // Session - output[AUTO] = hello.id_len_; - if (hello.id_len_) output.write(hello.session_id_, ID_LEN); - - // Suites - byte tmp[2]; - c16toa(hello.suite_len_, tmp); - output[AUTO] = tmp[0]; - output[AUTO] = tmp[1]; - output.write(hello.cipher_suites_, hello.suite_len_); - - // Compression - output[AUTO] = hello.comp_len_; - output[AUTO] = hello.compression_methods_; - - return output; -} - - -// Client Hello processing handler -void ClientHello::Process(input_buffer& input, SSL& ssl) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - // store version for pre master secret - ssl.useSecurity().use_connection().chVersion_ = client_version_; - - if (client_version_.major_ != 3) { - ssl.SetError(badVersion_error); - return; - } - if (ssl.GetMultiProtocol()) { // SSLv23 support - if (ssl.isTLS() && client_version_.minor_ < 1) { - // downgrade to SSLv3 - ssl.useSecurity().use_connection().TurnOffTLS(); - - ProtocolVersion pv = ssl.getSecurity().get_connection().version_; - bool removeDH = ssl.getSecurity().get_parms().removeDH_; - bool removeRSA = false; - bool removeDSA = false; - - const CertManager& cm = ssl.getCrypto().get_certManager(); - if (cm.get_keyType() == rsa_sa_algo) - removeDSA = true; - else - removeRSA = true; - - // reset w/ SSL suites - ssl.useSecurity().use_parms().SetSuites(pv, removeDH, removeRSA, - removeDSA); - } - else if (ssl.isTLSv1_1() && client_version_.minor_ == 1) - // downgrade to TLSv1, but use same suites - ssl.useSecurity().use_connection().TurnOffTLS1_1(); - } - else if (ssl.isTLSv1_1() && client_version_.minor_ < 2) { - ssl.SetError(badVersion_error); - return; - } - else if (ssl.isTLS() && client_version_.minor_ < 1) { - ssl.SetError(badVersion_error); - return; - } - else if (!ssl.isTLS() && client_version_.minor_ >= 1) { - ssl.SetError(badVersion_error); - return; - } - - ssl.set_random(random_, client_end); - - while (id_len_) { // trying to resume - SSL_SESSION* session = 0; - if (!ssl.getSecurity().GetContext()->GetSessionCacheOff()) - session = GetSessions().lookup(session_id_); - if (!session) { - ssl.useLog().Trace("session lookup failed"); - break; - } - ssl.set_session(session); - ssl.useSecurity().set_resuming(true); - ssl.matchSuite(session->GetSuite(), SUITE_LEN); - if (ssl.GetError()) return; - ssl.set_pending(ssl.getSecurity().get_parms().suite_[1]); - ssl.set_masterSecret(session->GetSecret()); - - opaque serverRandom[RAN_LEN]; - ssl.getCrypto().get_random().Fill(serverRandom, sizeof(serverRandom)); - ssl.set_random(serverRandom, server_end); - if (ssl.isTLS()) - ssl.deriveTLSKeys(); - else - ssl.deriveKeys(); - ssl.useStates().useServer() = clientKeyExchangeComplete; - return; - } - ssl.matchSuite(cipher_suites_, suite_len_); - if (ssl.GetError()) return; - ssl.set_pending(ssl.getSecurity().get_parms().suite_[1]); - - if (compression_methods_ == zlib) - ssl.SetCompression(); - - ssl.useStates().useServer() = clientHelloComplete; -} - - -input_buffer& ClientHello::set(input_buffer& in) -{ - return in >> *this; -} - - -output_buffer& ClientHello::get(output_buffer& out) const -{ - return out << *this; -} - - -HandShakeType ClientHello::get_type() const -{ - return client_hello; -} - - -const opaque* ClientHello::get_random() const -{ - return random_; -} - - -ClientHello::ClientHello() -{ - memset(random_, 0, RAN_LEN); -} - - -ClientHello::ClientHello(ProtocolVersion pv, bool useCompression) - : client_version_(pv), - compression_methods_(useCompression ? zlib : no_compression) -{ - memset(random_, 0, RAN_LEN); -} - - -// output operator for ServerKeyExchange -output_buffer& operator<<(output_buffer& output, const ServerKeyExchange& sk) -{ - output.write(sk.getKey(), sk.getKeyLength()); - return output; -} - - -// Server Key Exchange processing handler -void ServerKeyExchange::Process(input_buffer& input, SSL& ssl) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - createKey(ssl); - if (ssl.GetError()) return; - server_key_->read(ssl, input); - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - ssl.useStates().useClient() = serverKeyExchangeComplete; -} - - -ServerKeyExchange::ServerKeyExchange(SSL& ssl) -{ - createKey(ssl); -} - - -ServerKeyExchange::ServerKeyExchange() - : server_key_(0) -{} - - -ServerKeyExchange::~ServerKeyExchange() -{ - ysDelete(server_key_); -} - - -void ServerKeyExchange::build(SSL& ssl) -{ - server_key_->build(ssl); - set_length(server_key_->get_length()); -} - - -const opaque* ServerKeyExchange::getKey() const -{ - return server_key_->get_serverKey(); -} - - -int ServerKeyExchange::getKeyLength() const -{ - return server_key_->get_length(); -} - - -input_buffer& ServerKeyExchange::set(input_buffer& in) -{ - return in; // process does -} - - -output_buffer& ServerKeyExchange::get(output_buffer& out) const -{ - return out << *this; -} - - -HandShakeType ServerKeyExchange::get_type() const -{ - return server_key_exchange; -} - - -// CertificateRequest -CertificateRequest::CertificateRequest() - : typeTotal_(0) -{ - memset(certificate_types_, 0, sizeof(certificate_types_)); -} - - -CertificateRequest::~CertificateRequest() -{ - - STL::for_each(certificate_authorities_.begin(), - certificate_authorities_.end(), - del_ptr_zero()) ; -} - - -void CertificateRequest::Build() -{ - certificate_types_[0] = rsa_sign; - certificate_types_[1] = dss_sign; - - typeTotal_ = 2; - - uint16 authCount = 0; - uint16 authSz = 0; - - for (int j = 0; j < authCount; j++) { - int sz = REQUEST_HEADER + MIN_DIS_SIZE; - DistinguishedName dn; - certificate_authorities_.push_back(dn = NEW_YS byte[sz]); - - opaque tmp[REQUEST_HEADER]; - c16toa(MIN_DIS_SIZE, tmp); - memcpy(dn, tmp, sizeof(tmp)); - - // fill w/ junk for now - memcpy(dn, tmp, MIN_DIS_SIZE); - authSz += sz; - } - - set_length(SIZEOF_ENUM + typeTotal_ + REQUEST_HEADER + authSz); -} - - -input_buffer& CertificateRequest::set(input_buffer& in) -{ - return in >> *this; -} - - -output_buffer& CertificateRequest::get(output_buffer& out) const -{ - return out << *this; -} - - -// input operator for CertificateRequest -input_buffer& operator>>(input_buffer& input, CertificateRequest& request) -{ - // types - request.typeTotal_ = input[AUTO]; - if (request.typeTotal_ > CERT_TYPES) { - input.set_error(); - return input; - } - for (int i = 0; i < request.typeTotal_; i++) - request.certificate_types_[i] = ClientCertificateType(input[AUTO]); - - byte tmp[2]; - tmp[0] = input[AUTO]; - tmp[1] = input[AUTO]; - uint16 sz; - ato16(tmp, sz); - - // authorities - while (sz) { - uint16 dnSz; - tmp[0] = input[AUTO]; - tmp[1] = input[AUTO]; - ato16(tmp, dnSz); - - input.set_current(input.get_current() + dnSz); - - sz -= dnSz + REQUEST_HEADER; - - if (input.get_error()) - break; - } - - return input; -} - - -// output operator for CertificateRequest -output_buffer& operator<<(output_buffer& output, - const CertificateRequest& request) -{ - // types - output[AUTO] = request.typeTotal_; - for (int i = 0; i < request.typeTotal_; i++) - output[AUTO] = request.certificate_types_[i]; - - // authorities - opaque tmp[REQUEST_HEADER]; - c16toa(request.get_length() - SIZEOF_ENUM - - request.typeTotal_ - REQUEST_HEADER, tmp); - output.write(tmp, sizeof(tmp)); - - STL::list<DistinguishedName>::const_iterator first = - request.certificate_authorities_.begin(); - STL::list<DistinguishedName>::const_iterator last = - request.certificate_authorities_.end(); - while (first != last) { - uint16 sz; - ato16(*first, sz); - output.write(*first, sz + REQUEST_HEADER); - - ++first; - } - - return output; -} - - -// CertificateRequest processing handler -void CertificateRequest::Process(input_buffer& input, SSL& ssl) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - CertManager& cm = ssl.useCrypto().use_certManager(); - - cm.setSendVerify(); - if (cm.get_cert() == NULL || cm.get_privateKey() == NULL) - cm.setSendBlankCert(); // send blank cert, OpenSSL requires now -} - - -HandShakeType CertificateRequest::get_type() const -{ - return certificate_request; -} - - -// CertificateVerify -CertificateVerify::CertificateVerify() : signature_(0) -{} - - -CertificateVerify::~CertificateVerify() -{ - ysArrayDelete(signature_); -} - - -void CertificateVerify::Build(SSL& ssl) -{ - build_certHashes(ssl, hashes_); - - uint16 sz = 0; - byte len[VERIFY_HEADER]; - mySTL::auto_array<byte> sig; - - // sign - const CertManager& cert = ssl.getCrypto().get_certManager(); - if (cert.get_keyType() == rsa_sa_algo) { - RSA rsa(cert.get_privateKey(), cert.get_privateKeyLength(), false); - - sz = rsa.get_cipherLength() + VERIFY_HEADER; - sig.reset(NEW_YS byte[sz]); - - c16toa(sz - VERIFY_HEADER, len); - memcpy(sig.get(), len, VERIFY_HEADER); - rsa.sign(sig.get() + VERIFY_HEADER, hashes_.md5_, sizeof(Hashes), - ssl.getCrypto().get_random()); - // check for rsa signautre fault - if (!rsa.verify(hashes_.md5_, sizeof(Hashes), sig.get() + VERIFY_HEADER, - rsa.get_cipherLength())) { - ssl.SetError(rsaSignFault_error); - return; - } - } - else { // DSA - DSS dss(cert.get_privateKey(), cert.get_privateKeyLength(), false); - - sz = DSS_SIG_SZ + DSS_ENCODED_EXTRA + VERIFY_HEADER; - sig.reset(NEW_YS byte[sz]); - - c16toa(sz - VERIFY_HEADER, len); - memcpy(sig.get(), len, VERIFY_HEADER); - dss.sign(sig.get() + VERIFY_HEADER, hashes_.sha_, SHA_LEN, - ssl.getCrypto().get_random()); - - byte encoded[DSS_SIG_SZ + DSS_ENCODED_EXTRA]; - TaoCrypt::EncodeDSA_Signature(sig.get() + VERIFY_HEADER, encoded); - memcpy(sig.get() + VERIFY_HEADER, encoded, sizeof(encoded)); - } - set_length(sz); - signature_ = sig.release(); -} - - -input_buffer& CertificateVerify::set(input_buffer& in) -{ - return in >> *this; -} - - -output_buffer& CertificateVerify::get(output_buffer& out) const -{ - return out << *this; -} - - -// input operator for CertificateVerify -input_buffer& operator>>(input_buffer& input, CertificateVerify& request) -{ - byte tmp[VERIFY_HEADER]; - tmp[0] = input[AUTO]; - tmp[1] = input[AUTO]; - - uint16 sz = 0; - ato16(tmp, sz); - request.set_length(sz); - - if (sz == 0) { - input.set_error(); - return input; - } - - request.signature_ = NEW_YS byte[sz]; - input.read(request.signature_, sz); - - return input; -} - - -// output operator for CertificateVerify -output_buffer& operator<<(output_buffer& output, - const CertificateVerify& verify) -{ - output.write(verify.signature_, verify.get_length()); - - return output; -} - - -// CertificateVerify processing handler -void CertificateVerify::Process(input_buffer& input, SSL& ssl) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - const Hashes& hashVerify = ssl.getHashes().get_certVerify(); - const CertManager& cert = ssl.getCrypto().get_certManager(); - - if (cert.get_peerKeyType() == rsa_sa_algo) { - RSA rsa(cert.get_peerKey(), cert.get_peerKeyLength()); - - if (!rsa.verify(hashVerify.md5_, sizeof(hashVerify), signature_, - get_length())) - ssl.SetError(verify_error); - } - else { // DSA - byte decodedSig[DSS_SIG_SZ]; - TaoCrypt::DecodeDSA_Signature(decodedSig, signature_, get_length()); - - DSS dss(cert.get_peerKey(), cert.get_peerKeyLength()); - if (!dss.verify(hashVerify.sha_, SHA_LEN, decodedSig, get_length())) - ssl.SetError(verify_error); - } -} - - -HandShakeType CertificateVerify::get_type() const -{ - return certificate_verify; -} - - -// output operator for ClientKeyExchange -output_buffer& operator<<(output_buffer& output, const ClientKeyExchange& ck) -{ - output.write(ck.getKey(), ck.getKeyLength()); - return output; -} - - -// Client Key Exchange processing handler -void ClientKeyExchange::Process(input_buffer& input, SSL& ssl) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - createKey(ssl); - if (ssl.GetError()) return; - client_key_->read(ssl, input); - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - if (ssl.getCrypto().get_certManager().verifyPeer()) - build_certHashes(ssl, ssl.useHashes().use_certVerify()); - - ssl.useStates().useServer() = clientKeyExchangeComplete; -} - - -ClientKeyExchange::ClientKeyExchange(SSL& ssl) -{ - createKey(ssl); -} - - -ClientKeyExchange::ClientKeyExchange() - : client_key_(0) -{} - - -ClientKeyExchange::~ClientKeyExchange() -{ - ysDelete(client_key_); -} - - -void ClientKeyExchange::build(SSL& ssl) -{ - client_key_->build(ssl); - set_length(client_key_->get_length()); -} - -const opaque* ClientKeyExchange::getKey() const -{ - return client_key_->get_clientKey(); -} - - -int ClientKeyExchange::getKeyLength() const -{ - return client_key_->get_length(); -} - - -input_buffer& ClientKeyExchange::set(input_buffer& in) -{ - return in; -} - - -output_buffer& ClientKeyExchange::get(output_buffer& out) const -{ - return out << *this; -} - - -HandShakeType ClientKeyExchange::get_type() const -{ - return client_key_exchange; -} - - -// input operator for Finished -input_buffer& operator>>(input_buffer& input, Finished&) -{ - /* do in process */ - - return input; -} - -// output operator for Finished -output_buffer& operator<<(output_buffer& output, const Finished& fin) -{ - if (fin.get_length() == FINISHED_SZ) { - output.write(fin.hashes_.md5_, MD5_LEN); - output.write(fin.hashes_.sha_, SHA_LEN); - } - else // TLS_FINISHED_SZ - output.write(fin.hashes_.md5_, TLS_FINISHED_SZ); - - return output; -} - - -// Finished processing handler -void Finished::Process(input_buffer& input, SSL& ssl) -{ - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - // verify hashes - const Finished& verify = ssl.getHashes().get_verify(); - uint finishedSz = ssl.isTLS() ? TLS_FINISHED_SZ : FINISHED_SZ; - - input.read(hashes_.md5_, finishedSz); - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - if (memcmp(&hashes_, &verify.hashes_, finishedSz)) { - ssl.SetError(verify_error); - return; - } - - // read verify mac - opaque verifyMAC[SHA_LEN]; - uint macSz = finishedSz + HANDSHAKE_HEADER; - - if (ssl.isTLS()) - TLS_hmac(ssl, verifyMAC, input.get_buffer() + input.get_current() - - macSz, macSz, handshake, true); - else - hmac(ssl, verifyMAC, input.get_buffer() + input.get_current() - macSz, - macSz, handshake, true); - - // read mac and fill - opaque mac[SHA_LEN]; // max size - int digestSz = ssl.getCrypto().get_digest().get_digestSize(); - input.read(mac, digestSz); - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - uint ivExtra = 0; - if (ssl.getSecurity().get_parms().cipher_type_ == block) - if (ssl.isTLSv1_1()) - ivExtra = ssl.getCrypto().get_cipher().get_blockSize(); - - opaque fill __attribute__((unused)); - int padSz = ssl.getSecurity().get_parms().encrypt_size_ - ivExtra - - HANDSHAKE_HEADER - finishedSz - digestSz; - for (int i = 0; i < padSz; i++) - fill = input[AUTO]; - if (input.get_error()) { - ssl.SetError(bad_input); - return; - } - - // update states - ssl.useStates().useHandShake() = handShakeReady; - if (ssl.getSecurity().get_parms().entity_ == client_end) - ssl.useStates().useClient() = serverFinishedComplete; - else - ssl.useStates().useServer() = clientFinishedComplete; -} - - -Finished::Finished() -{ - set_length(FINISHED_SZ); -} - - -uint8* Finished::set_md5() -{ - return hashes_.md5_; -} - - -uint8* Finished::set_sha() -{ - return hashes_.sha_; -} - - -input_buffer& Finished::set(input_buffer& in) -{ - return in >> *this; -} - - -output_buffer& Finished::get(output_buffer& out) const -{ - return out << *this; -} - - -HandShakeType Finished::get_type() const -{ - return finished; -} - - -void clean(volatile opaque* p, uint sz, RandomPool& ran) -{ - uint i(0); - - for (i = 0; i < sz; ++i) - p[i] = 0; - - ran.Fill(const_cast<opaque*>(p), sz); - - for (i = 0; i < sz; ++i) - p[i] = 0; -} - - - -Connection::Connection(ProtocolVersion v, RandomPool& ran) - : pre_master_secret_(0), sequence_number_(0), peer_sequence_number_(0), - pre_secret_len_(0), send_server_key_(false), master_clean_(false), - TLS_(v.major_ >= 3 && v.minor_ >= 1), - TLSv1_1_(v.major_ >= 3 && v.minor_ >= 2), compression_(false), - version_(v), random_(ran) -{ - memset(sessionID_, 0, sizeof(sessionID_)); -} - - -Connection::~Connection() -{ - CleanMaster(); CleanPreMaster(); ysArrayDelete(pre_master_secret_); -} - - -void Connection::AllocPreSecret(uint sz) -{ - pre_master_secret_ = NEW_YS opaque[pre_secret_len_ = sz]; -} - - -void Connection::TurnOffTLS() -{ - TLS_ = false; - version_.minor_ = 0; -} - - -void Connection::TurnOffTLS1_1() -{ - TLSv1_1_ = false; - version_.minor_ = 1; -} - - -// wipeout master secret -void Connection::CleanMaster() -{ - if (!master_clean_) { - volatile opaque* p = master_secret_; - clean(p, SECRET_LEN, random_); - master_clean_ = true; - } -} - - -// wipeout pre master secret -void Connection::CleanPreMaster() -{ - if (pre_master_secret_) { - volatile opaque* p = pre_master_secret_; - clean(p, pre_secret_len_, random_); - - ysArrayDelete(pre_master_secret_); - pre_master_secret_ = 0; - } -} - - -// Create functions for message factory -Message* CreateCipherSpec() { return NEW_YS ChangeCipherSpec; } -Message* CreateAlert() { return NEW_YS Alert; } -Message* CreateHandShake() { return NEW_YS HandShakeHeader; } -Message* CreateData() { return NEW_YS Data; } - -// Create functions for handshake factory -HandShakeBase* CreateHelloRequest() { return NEW_YS HelloRequest; } -HandShakeBase* CreateClientHello() { return NEW_YS ClientHello; } -HandShakeBase* CreateServerHello() { return NEW_YS ServerHello; } -HandShakeBase* CreateCertificate() { return NEW_YS Certificate; } -HandShakeBase* CreateServerKeyExchange() { return NEW_YS ServerKeyExchange;} -HandShakeBase* CreateCertificateRequest() { return NEW_YS - CertificateRequest; } -HandShakeBase* CreateServerHelloDone() { return NEW_YS ServerHelloDone; } -HandShakeBase* CreateCertificateVerify() { return NEW_YS CertificateVerify;} -HandShakeBase* CreateClientKeyExchange() { return NEW_YS ClientKeyExchange;} -HandShakeBase* CreateFinished() { return NEW_YS Finished; } - -// Create functions for server key exchange factory -ServerKeyBase* CreateRSAServerKEA() { return NEW_YS RSA_Server; } -ServerKeyBase* CreateDHServerKEA() { return NEW_YS DH_Server; } -ServerKeyBase* CreateFortezzaServerKEA() { return NEW_YS Fortezza_Server; } - -// Create functions for client key exchange factory -ClientKeyBase* CreateRSAClient() { return NEW_YS - EncryptedPreMasterSecret; } -ClientKeyBase* CreateDHClient() { return NEW_YS - ClientDiffieHellmanPublic; } -ClientKeyBase* CreateFortezzaClient() { return NEW_YS FortezzaKeys; } - - -// Constructor calls this to Register compile time callbacks -void InitMessageFactory(MessageFactory& mf) -{ - mf.Reserve(4); - mf.Register(alert, CreateAlert); - mf.Register(change_cipher_spec, CreateCipherSpec); - mf.Register(handshake, CreateHandShake); - mf.Register(application_data, CreateData); -} - - -// Constructor calls this to Register compile time callbacks -void InitHandShakeFactory(HandShakeFactory& hsf) -{ - hsf.Reserve(10); - hsf.Register(hello_request, CreateHelloRequest); - hsf.Register(client_hello, CreateClientHello); - hsf.Register(server_hello, CreateServerHello); - hsf.Register(certificate, CreateCertificate); - hsf.Register(server_key_exchange, CreateServerKeyExchange); - hsf.Register(certificate_request, CreateCertificateRequest); - hsf.Register(server_hello_done, CreateServerHelloDone); - hsf.Register(certificate_verify, CreateCertificateVerify); - hsf.Register(client_key_exchange, CreateClientKeyExchange); - hsf.Register(finished, CreateFinished); -} - - -// Constructor calls this to Register compile time callbacks -void InitServerKeyFactory(ServerKeyFactory& skf) -{ - skf.Reserve(3); - skf.Register(rsa_kea, CreateRSAServerKEA); - skf.Register(diffie_hellman_kea, CreateDHServerKEA); - skf.Register(fortezza_kea, CreateFortezzaServerKEA); -} - - -// Constructor calls this to Register compile time callbacks -void InitClientKeyFactory(ClientKeyFactory& ckf) -{ - ckf.Reserve(3); - ckf.Register(rsa_kea, CreateRSAClient); - ckf.Register(diffie_hellman_kea, CreateDHClient); - ckf.Register(fortezza_kea, CreateFortezzaClient); -} - - -} // namespace diff --git a/extra/yassl/src/yassl_int.cpp b/extra/yassl/src/yassl_int.cpp deleted file mode 100644 index e244761e647..00000000000 --- a/extra/yassl/src/yassl_int.cpp +++ /dev/null @@ -1,2705 +0,0 @@ -/* - Copyright (c) 2005, 2017, Oracle and/or its affiliates. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* yaSSL internal source implements SSL supporting types not specified in the - * draft along with type conversion functions. - */ - -#include "runtime.hpp" -#include "yassl_int.hpp" -#include "handshake.hpp" -#include "timer.hpp" - -#ifdef _POSIX_THREADS - #include "pthread.h" -#endif - - -#ifdef HAVE_LIBZ - #include "zlib.h" -#endif - - -#ifdef YASSL_PURE_C - - void* operator new(size_t sz, yaSSL::new_t) - { - void* ptr = malloc(sz ? sz : 1); - if (!ptr) abort(); - - return ptr; - } - - - void operator delete(void* ptr, yaSSL::new_t) - { - if (ptr) free(ptr); - } - - - void* operator new[](size_t sz, yaSSL::new_t nt) - { - return ::operator new(sz, nt); - } - - - void operator delete[](void* ptr, yaSSL::new_t nt) - { - ::operator delete(ptr, nt); - } - - namespace yaSSL { - - new_t ys; // for yaSSL library new - - } - -#endif // YASSL_PURE_C - - -namespace yaSSL { - - - - - - -// convert a 32 bit integer into a 24 bit one -void c32to24(uint32 u32, uint24& u24) -{ - u24[0] = (u32 >> 16) & 0xff; - u24[1] = (u32 >> 8) & 0xff; - u24[2] = u32 & 0xff; -} - - -// convert a 24 bit integer into a 32 bit one -void c24to32(const uint24 u24, uint32& u32) -{ - u32 = 0; - u32 = (u24[0] << 16) | (u24[1] << 8) | u24[2]; -} - - -// convert with return for ease of use -uint32 c24to32(const uint24 u24) -{ - uint32 ret; - c24to32(u24, ret); - - return ret; -} - - -// using a for opaque since underlying type is unsgined char and o is not a -// good leading identifier - -// convert opaque to 16 bit integer -void ato16(const opaque* c, uint16& u16) -{ - u16 = 0; - u16 = (c[0] << 8) | (c[1]); -} - - -// convert (copy) opaque to 24 bit integer -void ato24(const opaque* c, uint24& u24) -{ - u24[0] = c[0]; - u24[1] = c[1]; - u24[2] = c[2]; -} - - -// convert 16 bit integer to opaque -void c16toa(uint16 u16, opaque* c) -{ - c[0] = (u16 >> 8) & 0xff; - c[1] = u16 & 0xff; -} - - -// convert 24 bit integer to opaque -void c24toa(const uint24 u24, opaque* c) -{ - c[0] = u24[0]; - c[1] = u24[1]; - c[2] = u24[2]; -} - - -// convert 32 bit integer to opaque -void c32toa(uint32 u32, opaque* c) -{ - c[0] = (u32 >> 24) & 0xff; - c[1] = (u32 >> 16) & 0xff; - c[2] = (u32 >> 8) & 0xff; - c[3] = u32 & 0xff; -} - - -States::States() : recordLayer_(recordReady), handshakeLayer_(preHandshake), - clientState_(serverNull), serverState_(clientNull), - connectState_(CONNECT_BEGIN), acceptState_(ACCEPT_BEGIN), - what_(no_error) {} - -const RecordLayerState& States::getRecord() const -{ - return recordLayer_; -} - - -const HandShakeState& States::getHandShake() const -{ - return handshakeLayer_; -} - - -const ClientState& States::getClient() const -{ - return clientState_; -} - - -const ServerState& States::getServer() const -{ - return serverState_; -} - - -const ConnectState& States::GetConnect() const -{ - return connectState_; -} - - -const AcceptState& States::GetAccept() const -{ - return acceptState_; -} - - -const char* States::getString() const -{ - return errorString_; -} - - -YasslError States::What() const -{ - return what_; -} - - -RecordLayerState& States::useRecord() -{ - return recordLayer_; -} - - -HandShakeState& States::useHandShake() -{ - return handshakeLayer_; -} - - -ClientState& States::useClient() -{ - return clientState_; -} - - -ServerState& States::useServer() -{ - return serverState_; -} - - -ConnectState& States::UseConnect() -{ - return connectState_; -} - - -AcceptState& States::UseAccept() -{ - return acceptState_; -} - - -char* States::useString() -{ - return errorString_; -} - - -void States::SetError(YasslError ye) -{ - what_ = ye; -} - - -// mark message recvd, check for duplicates, return 0 on success -int States::SetMessageRecvd(HandShakeType hst) -{ - switch (hst) { - case hello_request: - break; // could send more than one - - case client_hello: - if (recvdMessages_.gotClientHello_) - return -1; - recvdMessages_.gotClientHello_ = 1; - break; - - case server_hello: - if (recvdMessages_.gotServerHello_) - return -1; - recvdMessages_.gotServerHello_ = 1; - break; - - case certificate: - if (recvdMessages_.gotCert_) - return -1; - recvdMessages_.gotCert_ = 1; - break; - - case server_key_exchange: - if (recvdMessages_.gotServerKeyExchange_) - return -1; - recvdMessages_.gotServerKeyExchange_ = 1; - break; - - case certificate_request: - if (recvdMessages_.gotCertRequest_) - return -1; - recvdMessages_.gotCertRequest_ = 1; - break; - - case server_hello_done: - if (recvdMessages_.gotServerHelloDone_) - return -1; - recvdMessages_.gotServerHelloDone_ = 1; - break; - - case certificate_verify: - if (recvdMessages_.gotCertVerify_) - return -1; - recvdMessages_.gotCertVerify_ = 1; - break; - - case client_key_exchange: - if (recvdMessages_.gotClientKeyExchange_) - return -1; - recvdMessages_.gotClientKeyExchange_ = 1; - break; - - case finished: - if (recvdMessages_.gotFinished_) - return -1; - recvdMessages_.gotFinished_ = 1; - break; - - - default: - return -1; - - } - - return 0; -} - - -sslFactory::sslFactory() : - messageFactory_(InitMessageFactory), - handShakeFactory_(InitHandShakeFactory), - serverKeyFactory_(InitServerKeyFactory), - clientKeyFactory_(InitClientKeyFactory) -{} - - -const MessageFactory& sslFactory::getMessage() const -{ - return messageFactory_; -} - - -const HandShakeFactory& sslFactory::getHandShake() const -{ - return handShakeFactory_; -} - - -const ServerKeyFactory& sslFactory::getServerKey() const -{ - return serverKeyFactory_; -} - - -const ClientKeyFactory& sslFactory::getClientKey() const -{ - return clientKeyFactory_; -} - - -// extract context parameters and store -SSL::SSL(SSL_CTX* ctx) - : secure_(ctx->getMethod()->getVersion(), crypto_.use_random(), - ctx->getMethod()->getSide(), ctx->GetCiphers(), ctx, - ctx->GetDH_Parms().set_), quietShutdown_(false), has_data_(false) -{ - if (int err = crypto_.get_random().GetError()) { - SetError(YasslError(err)); - return; - } - - CertManager& cm = crypto_.use_certManager(); - cm.CopySelfCert(ctx->getCert()); - - bool serverSide = secure_.use_parms().entity_ == server_end; - - if (ctx->getKey()) { - if (int err = cm.SetPrivateKey(*ctx->getKey())) { - SetError(YasslError(err)); - return; - } - else if (serverSide && ctx->GetCiphers().setSuites_ == 0) { - // remove RSA or DSA suites depending on cert key type - // but don't override user sets - ProtocolVersion pv = secure_.get_connection().version_; - - bool removeDH = secure_.use_parms().removeDH_; - bool removeRSA = false; - bool removeDSA = false; - - if (cm.get_keyType() == rsa_sa_algo) - removeDSA = true; - else - removeRSA = true; - secure_.use_parms().SetSuites(pv, removeDH, removeRSA, removeDSA); - } - } - else if (serverSide) { - SetError(no_key_file); - return; - } - - if (ctx->getMethod()->verifyPeer()) - cm.setVerifyPeer(); - if (ctx->getMethod()->verifyNone()) - cm.setVerifyNone(); - if (ctx->getMethod()->failNoCert()) - cm.setFailNoCert(); - cm.setVerifyCallback(ctx->getVerifyCallback()); - - if (serverSide) - crypto_.SetDH(ctx->GetDH_Parms()); - - const SSL_CTX::CertList& ca = ctx->GetCA_List(); - SSL_CTX::CertList::const_iterator first(ca.begin()); - SSL_CTX::CertList::const_iterator last(ca.end()); - - while (first != last) { - if (int err = cm.CopyCaCert(*first)) { - SetError(YasslError(err)); - return; - } - ++first; - } -} - - -// store pending security parameters from Server Hello -void SSL::set_pending(Cipher suite) -{ - Parameters& parms = secure_.use_parms(); - - switch (suite) { - - case TLS_RSA_WITH_AES_256_CBC_SHA: - parms.bulk_cipher_algorithm_ = aes; - parms.mac_algorithm_ = sha; - parms.kea_ = rsa_kea; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = AES_256_KEY_SZ; - parms.iv_size_ = AES_BLOCK_SZ; - parms.cipher_type_ = block; - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ)); - strncpy(parms.cipher_name_, cipher_names[TLS_RSA_WITH_AES_256_CBC_SHA], - MAX_SUITE_NAME); - break; - - case TLS_RSA_WITH_AES_128_CBC_SHA: - parms.bulk_cipher_algorithm_ = aes; - parms.mac_algorithm_ = sha; - parms.kea_ = rsa_kea; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = AES_128_KEY_SZ; - parms.iv_size_ = AES_BLOCK_SZ; - parms.cipher_type_ = block; - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS AES); - strncpy(parms.cipher_name_, cipher_names[TLS_RSA_WITH_AES_128_CBC_SHA], - MAX_SUITE_NAME); - break; - - case SSL_RSA_WITH_3DES_EDE_CBC_SHA: - parms.bulk_cipher_algorithm_ = triple_des; - parms.mac_algorithm_ = sha; - parms.kea_ = rsa_kea; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = DES_EDE_KEY_SZ; - parms.iv_size_ = DES_IV_SZ; - parms.cipher_type_ = block; - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS DES_EDE); - strncpy(parms.cipher_name_, cipher_names[SSL_RSA_WITH_3DES_EDE_CBC_SHA] - , MAX_SUITE_NAME); - break; - - case SSL_RSA_WITH_DES_CBC_SHA: - parms.bulk_cipher_algorithm_ = des; - parms.mac_algorithm_ = sha; - parms.kea_ = rsa_kea; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = DES_KEY_SZ; - parms.iv_size_ = DES_IV_SZ; - parms.cipher_type_ = block; - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS DES); - strncpy(parms.cipher_name_, cipher_names[SSL_RSA_WITH_DES_CBC_SHA], - MAX_SUITE_NAME); - break; - - case SSL_RSA_WITH_RC4_128_SHA: - parms.bulk_cipher_algorithm_ = rc4; - parms.mac_algorithm_ = sha; - parms.kea_ = rsa_kea; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = RC4_KEY_SZ; - parms.iv_size_ = 0; - parms.cipher_type_ = stream; - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS RC4); - strncpy(parms.cipher_name_, cipher_names[SSL_RSA_WITH_RC4_128_SHA], - MAX_SUITE_NAME); - break; - - case SSL_RSA_WITH_RC4_128_MD5: - parms.bulk_cipher_algorithm_ = rc4; - parms.mac_algorithm_ = md5; - parms.kea_ = rsa_kea; - parms.hash_size_ = MD5_LEN; - parms.key_size_ = RC4_KEY_SZ; - parms.iv_size_ = 0; - parms.cipher_type_ = stream; - crypto_.setDigest(NEW_YS MD5); - crypto_.setCipher(NEW_YS RC4); - strncpy(parms.cipher_name_, cipher_names[SSL_RSA_WITH_RC4_128_MD5], - MAX_SUITE_NAME); - break; - - case SSL_DHE_RSA_WITH_DES_CBC_SHA: - parms.bulk_cipher_algorithm_ = des; - parms.mac_algorithm_ = sha; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = rsa_sa_algo; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = DES_KEY_SZ; - parms.iv_size_ = DES_IV_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS DES); - strncpy(parms.cipher_name_, cipher_names[SSL_DHE_RSA_WITH_DES_CBC_SHA], - MAX_SUITE_NAME); - break; - - case SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA: - parms.bulk_cipher_algorithm_ = triple_des; - parms.mac_algorithm_ = sha; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = rsa_sa_algo; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = DES_EDE_KEY_SZ; - parms.iv_size_ = DES_IV_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS DES_EDE); - strncpy(parms.cipher_name_, - cipher_names[SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA], MAX_SUITE_NAME); - break; - - case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: - parms.bulk_cipher_algorithm_ = aes; - parms.mac_algorithm_ = sha; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = rsa_sa_algo; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = AES_256_KEY_SZ; - parms.iv_size_ = AES_BLOCK_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ)); - strncpy(parms.cipher_name_, - cipher_names[TLS_DHE_RSA_WITH_AES_256_CBC_SHA], MAX_SUITE_NAME); - break; - - case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: - parms.bulk_cipher_algorithm_ = aes; - parms.mac_algorithm_ = sha; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = rsa_sa_algo; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = AES_128_KEY_SZ; - parms.iv_size_ = AES_BLOCK_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS AES); - strncpy(parms.cipher_name_, - cipher_names[TLS_DHE_RSA_WITH_AES_128_CBC_SHA], MAX_SUITE_NAME); - break; - - case SSL_DHE_DSS_WITH_DES_CBC_SHA: - parms.bulk_cipher_algorithm_ = des; - parms.mac_algorithm_ = sha; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = dsa_sa_algo; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = DES_KEY_SZ; - parms.iv_size_ = DES_IV_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS DES); - strncpy(parms.cipher_name_, cipher_names[SSL_DHE_DSS_WITH_DES_CBC_SHA], - MAX_SUITE_NAME); - break; - - case SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA: - parms.bulk_cipher_algorithm_ = triple_des; - parms.mac_algorithm_ = sha; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = dsa_sa_algo; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = DES_EDE_KEY_SZ; - parms.iv_size_ = DES_IV_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS DES_EDE); - strncpy(parms.cipher_name_, - cipher_names[SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA], MAX_SUITE_NAME); - break; - - case TLS_DHE_DSS_WITH_AES_256_CBC_SHA: - parms.bulk_cipher_algorithm_ = aes; - parms.mac_algorithm_ = sha; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = dsa_sa_algo; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = AES_256_KEY_SZ; - parms.iv_size_ = AES_BLOCK_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ)); - strncpy(parms.cipher_name_, - cipher_names[TLS_DHE_DSS_WITH_AES_256_CBC_SHA], MAX_SUITE_NAME); - break; - - case TLS_DHE_DSS_WITH_AES_128_CBC_SHA: - parms.bulk_cipher_algorithm_ = aes; - parms.mac_algorithm_ = sha; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = dsa_sa_algo; - parms.hash_size_ = SHA_LEN; - parms.key_size_ = AES_128_KEY_SZ; - parms.iv_size_ = AES_BLOCK_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS SHA); - crypto_.setCipher(NEW_YS AES); - strncpy(parms.cipher_name_, - cipher_names[TLS_DHE_DSS_WITH_AES_128_CBC_SHA], MAX_SUITE_NAME); - break; - - case TLS_RSA_WITH_AES_256_CBC_RMD160: - parms.bulk_cipher_algorithm_ = aes; - parms.mac_algorithm_ = rmd; - parms.kea_ = rsa_kea; - parms.hash_size_ = RMD_LEN; - parms.key_size_ = AES_256_KEY_SZ; - parms.iv_size_ = AES_BLOCK_SZ; - parms.cipher_type_ = block; - crypto_.setDigest(NEW_YS RMD); - crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ)); - strncpy(parms.cipher_name_, - cipher_names[TLS_RSA_WITH_AES_256_CBC_RMD160], MAX_SUITE_NAME); - break; - - case TLS_RSA_WITH_AES_128_CBC_RMD160: - parms.bulk_cipher_algorithm_ = aes; - parms.mac_algorithm_ = rmd; - parms.kea_ = rsa_kea; - parms.hash_size_ = RMD_LEN; - parms.key_size_ = AES_128_KEY_SZ; - parms.iv_size_ = AES_BLOCK_SZ; - parms.cipher_type_ = block; - crypto_.setDigest(NEW_YS RMD); - crypto_.setCipher(NEW_YS AES); - strncpy(parms.cipher_name_, - cipher_names[TLS_RSA_WITH_AES_128_CBC_RMD160], MAX_SUITE_NAME); - break; - - case TLS_RSA_WITH_3DES_EDE_CBC_RMD160: - parms.bulk_cipher_algorithm_ = triple_des; - parms.mac_algorithm_ = rmd; - parms.kea_ = rsa_kea; - parms.hash_size_ = RMD_LEN; - parms.key_size_ = DES_EDE_KEY_SZ; - parms.iv_size_ = DES_IV_SZ; - parms.cipher_type_ = block; - crypto_.setDigest(NEW_YS RMD); - crypto_.setCipher(NEW_YS DES_EDE); - strncpy(parms.cipher_name_, - cipher_names[TLS_RSA_WITH_3DES_EDE_CBC_RMD160], MAX_SUITE_NAME); - break; - - case TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160: - parms.bulk_cipher_algorithm_ = triple_des; - parms.mac_algorithm_ = rmd; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = rsa_sa_algo; - parms.hash_size_ = RMD_LEN; - parms.key_size_ = DES_EDE_KEY_SZ; - parms.iv_size_ = DES_IV_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS RMD); - crypto_.setCipher(NEW_YS DES_EDE); - strncpy(parms.cipher_name_, - cipher_names[TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160], - MAX_SUITE_NAME); - break; - - case TLS_DHE_RSA_WITH_AES_256_CBC_RMD160: - parms.bulk_cipher_algorithm_ = aes; - parms.mac_algorithm_ = rmd; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = rsa_sa_algo; - parms.hash_size_ = RMD_LEN; - parms.key_size_ = AES_256_KEY_SZ; - parms.iv_size_ = AES_BLOCK_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS RMD); - crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ)); - strncpy(parms.cipher_name_, - cipher_names[TLS_DHE_RSA_WITH_AES_256_CBC_RMD160], - MAX_SUITE_NAME); - break; - - case TLS_DHE_RSA_WITH_AES_128_CBC_RMD160: - parms.bulk_cipher_algorithm_ = aes; - parms.mac_algorithm_ = rmd; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = rsa_sa_algo; - parms.hash_size_ = RMD_LEN; - parms.key_size_ = AES_128_KEY_SZ; - parms.iv_size_ = AES_BLOCK_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS RMD); - crypto_.setCipher(NEW_YS AES); - strncpy(parms.cipher_name_, - cipher_names[TLS_DHE_RSA_WITH_AES_128_CBC_RMD160], - MAX_SUITE_NAME); - break; - - case TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160: - parms.bulk_cipher_algorithm_ = triple_des; - parms.mac_algorithm_ = rmd; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = dsa_sa_algo; - parms.hash_size_ = RMD_LEN; - parms.key_size_ = DES_EDE_KEY_SZ; - parms.iv_size_ = DES_IV_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS RMD); - crypto_.setCipher(NEW_YS DES_EDE); - strncpy(parms.cipher_name_, - cipher_names[TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160], - MAX_SUITE_NAME); - break; - - case TLS_DHE_DSS_WITH_AES_256_CBC_RMD160: - parms.bulk_cipher_algorithm_ = aes; - parms.mac_algorithm_ = rmd; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = dsa_sa_algo; - parms.hash_size_ = RMD_LEN; - parms.key_size_ = AES_256_KEY_SZ; - parms.iv_size_ = AES_BLOCK_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS RMD); - crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ)); - strncpy(parms.cipher_name_, - cipher_names[TLS_DHE_DSS_WITH_AES_256_CBC_RMD160], - MAX_SUITE_NAME); - break; - - case TLS_DHE_DSS_WITH_AES_128_CBC_RMD160: - parms.bulk_cipher_algorithm_ = aes; - parms.mac_algorithm_ = rmd; - parms.kea_ = diffie_hellman_kea; - parms.sig_algo_ = dsa_sa_algo; - parms.hash_size_ = RMD_LEN; - parms.key_size_ = AES_128_KEY_SZ; - parms.iv_size_ = AES_BLOCK_SZ; - parms.cipher_type_ = block; - secure_.use_connection().send_server_key_ = true; // eph - crypto_.setDigest(NEW_YS RMD); - crypto_.setCipher(NEW_YS AES); - strncpy(parms.cipher_name_, - cipher_names[TLS_DHE_DSS_WITH_AES_128_CBC_RMD160], - MAX_SUITE_NAME); - break; - - default: - SetError(unknown_cipher); - } -} - - -// store peer's random -void SSL::set_random(const opaque* random, ConnectionEnd sender) -{ - if (sender == client_end) - memcpy(secure_.use_connection().client_random_, random, RAN_LEN); - else - memcpy(secure_.use_connection().server_random_, random, RAN_LEN); -} - - -// store client pre master secret -void SSL::set_preMaster(const opaque* pre, uint sz) -{ - uint i(0); // trim leading zeros - uint fullSz(sz); - - while (i++ < fullSz && *pre == 0) { - sz--; - pre++; - } - - if (sz == 0) { - SetError(bad_input); - return; - } - - secure_.use_connection().AllocPreSecret(sz); - memcpy(secure_.use_connection().pre_master_secret_, pre, sz); -} - - -// set yaSSL zlib type compression -int SSL::SetCompression() -{ -#ifdef HAVE_LIBZ - secure_.use_connection().compression_ = true; - return 0; -#else - return -1; // not built in -#endif -} - - -// unset yaSSL zlib type compression -void SSL::UnSetCompression() -{ - secure_.use_connection().compression_ = false; -} - - -// is yaSSL zlib compression on -bool SSL::CompressionOn() const -{ - return secure_.get_connection().compression_; -} - - -// store master secret -void SSL::set_masterSecret(const opaque* sec) -{ - memcpy(secure_.use_connection().master_secret_, sec, SECRET_LEN); -} - -// store server issued id -void SSL::set_sessionID(const opaque* sessionID) -{ - memcpy(secure_.use_connection().sessionID_, sessionID, ID_LEN); - secure_.use_connection().sessionID_Set_ = true; -} - - -// store error -void SSL::SetError(YasslError ye) -{ - states_.SetError(ye); - //strncpy(states_.useString(), e.what(), mySTL::named_exception::NAME_SIZE); - // TODO: add string here -} - - -// set the quiet shutdown mode (close_nofiy not sent or received on shutdown) -void SSL::SetQuietShutdown(bool mode) -{ - quietShutdown_ = mode; -} - - -Buffers& SSL::useBuffers() -{ - return buffers_; -} - - -// locals -namespace { - -// DeriveKeys and MasterSecret helper sets prefix letters -static bool setPrefix(opaque* sha_input, int i) -{ - switch (i) { - case 0: - memcpy(sha_input, "A", 1); - break; - case 1: - memcpy(sha_input, "BB", 2); - break; - case 2: - memcpy(sha_input, "CCC", 3); - break; - case 3: - memcpy(sha_input, "DDDD", 4); - break; - case 4: - memcpy(sha_input, "EEEEE", 5); - break; - case 5: - memcpy(sha_input, "FFFFFF", 6); - break; - case 6: - memcpy(sha_input, "GGGGGGG", 7); - break; - default: - return false; // prefix_error - } - return true; -} - -} // namespcae for locals - - -void SSL::order_error() -{ - SetError(out_of_order); -} - - -// Create and store the master secret see page 32, 6.1 -void SSL::makeMasterSecret() -{ - if (GetError()) return; - - if (isTLS()) - makeTLSMasterSecret(); - else { - opaque sha_output[SHA_LEN]; - - const uint& preSz = secure_.get_connection().pre_secret_len_; - output_buffer md5_input(preSz + SHA_LEN); - output_buffer sha_input(PREFIX + preSz + 2 * RAN_LEN); - - MD5 md5; - SHA sha; - - md5_input.write(secure_.get_connection().pre_master_secret_, preSz); - - for (int i = 0; i < MASTER_ROUNDS; ++i) { - opaque prefix[PREFIX]; - if (!setPrefix(prefix, i)) { - SetError(prefix_error); - return; - } - - sha_input.set_current(0); - sha_input.write(prefix, i + 1); - - sha_input.write(secure_.get_connection().pre_master_secret_,preSz); - sha_input.write(secure_.get_connection().client_random_, RAN_LEN); - sha_input.write(secure_.get_connection().server_random_, RAN_LEN); - sha.get_digest(sha_output, sha_input.get_buffer(), - sha_input.get_size()); - - md5_input.set_current(preSz); - md5_input.write(sha_output, SHA_LEN); - md5.get_digest(&secure_.use_connection().master_secret_[i*MD5_LEN], - md5_input.get_buffer(), md5_input.get_size()); - } - deriveKeys(); - } - secure_.use_connection().CleanPreMaster(); -} - - -// create TLSv1 master secret -void SSL::makeTLSMasterSecret() -{ - opaque seed[SEED_LEN]; - - memcpy(seed, secure_.get_connection().client_random_, RAN_LEN); - memcpy(&seed[RAN_LEN], secure_.get_connection().server_random_, RAN_LEN); - - PRF(secure_.use_connection().master_secret_, SECRET_LEN, - secure_.get_connection().pre_master_secret_, - secure_.get_connection().pre_secret_len_, - master_label, MASTER_LABEL_SZ, - seed, SEED_LEN); - - deriveTLSKeys(); -} - - -// derive mac, write, and iv keys for server and client, see page 34, 6.2.2 -void SSL::deriveKeys() -{ - int length = 2 * secure_.get_parms().hash_size_ + - 2 * secure_.get_parms().key_size_ + - 2 * secure_.get_parms().iv_size_; - int rounds = (length + MD5_LEN - 1 ) / MD5_LEN; - input_buffer key_data(rounds * MD5_LEN); - - opaque sha_output[SHA_LEN]; - opaque md5_input[SECRET_LEN + SHA_LEN]; - opaque sha_input[KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN]; - - MD5 md5; - SHA sha; - - memcpy(md5_input, secure_.get_connection().master_secret_, SECRET_LEN); - - for (int i = 0; i < rounds; ++i) { - int j = i + 1; - if (!setPrefix(sha_input, i)) { - SetError(prefix_error); - return; - } - - memcpy(&sha_input[j], secure_.get_connection().master_secret_, - SECRET_LEN); - memcpy(&sha_input[j+SECRET_LEN], - secure_.get_connection().server_random_, RAN_LEN); - memcpy(&sha_input[j + SECRET_LEN + RAN_LEN], - secure_.get_connection().client_random_, RAN_LEN); - sha.get_digest(sha_output, sha_input, - sizeof(sha_input) - KEY_PREFIX + j); - - memcpy(&md5_input[SECRET_LEN], sha_output, SHA_LEN); - md5.get_digest(key_data.get_buffer() + i * MD5_LEN, - md5_input, sizeof(md5_input)); - } - storeKeys(key_data.get_buffer()); -} - - -// derive mac, write, and iv keys for server and client -void SSL::deriveTLSKeys() -{ - int length = 2 * secure_.get_parms().hash_size_ + - 2 * secure_.get_parms().key_size_ + - 2 * secure_.get_parms().iv_size_; - opaque seed[SEED_LEN]; - input_buffer key_data(length); - - memcpy(seed, secure_.get_connection().server_random_, RAN_LEN); - memcpy(&seed[RAN_LEN], secure_.get_connection().client_random_, RAN_LEN); - - PRF(key_data.get_buffer(), length, secure_.get_connection().master_secret_, - SECRET_LEN, key_label, KEY_LABEL_SZ, seed, SEED_LEN); - - storeKeys(key_data.get_buffer()); -} - - -// store mac, write, and iv keys for client and server -void SSL::storeKeys(const opaque* key_data) -{ - int sz = secure_.get_parms().hash_size_; - memcpy(secure_.use_connection().client_write_MAC_secret_, key_data, sz); - int i = sz; - memcpy(secure_.use_connection().server_write_MAC_secret_,&key_data[i], sz); - i += sz; - - sz = secure_.get_parms().key_size_; - memcpy(secure_.use_connection().client_write_key_, &key_data[i], sz); - i += sz; - memcpy(secure_.use_connection().server_write_key_, &key_data[i], sz); - i += sz; - - sz = secure_.get_parms().iv_size_; - memcpy(secure_.use_connection().client_write_IV_, &key_data[i], sz); - i += sz; - memcpy(secure_.use_connection().server_write_IV_, &key_data[i], sz); - - setKeys(); -} - - -// set encrypt/decrypt keys and ivs -void SSL::setKeys() -{ - Connection& conn = secure_.use_connection(); - - if (secure_.get_parms().entity_ == client_end) { - crypto_.use_cipher().set_encryptKey(conn.client_write_key_, - conn.client_write_IV_); - crypto_.use_cipher().set_decryptKey(conn.server_write_key_, - conn.server_write_IV_); - } - else { - crypto_.use_cipher().set_encryptKey(conn.server_write_key_, - conn.server_write_IV_); - crypto_.use_cipher().set_decryptKey(conn.client_write_key_, - conn.client_write_IV_); - } -} - - - -// local functors -namespace yassl_int_cpp_local1 { // for explicit templates - -struct SumData { - uint total_; - SumData() : total_(0) {} - void operator()(input_buffer* data) { total_ += data->get_remaining(); } -}; - - -struct SumBuffer { - uint total_; - SumBuffer() : total_(0) {} - void operator()(output_buffer* buffer) { total_ += buffer->get_size(); } -}; - -} // namespace for locals -using namespace yassl_int_cpp_local1; - - -uint SSL::bufferedData() -{ - return STL::for_each(buffers_.getData().begin(),buffers_.getData().end(), - SumData()).total_; -} - - -// use input buffer to fill data -void SSL::fillData(Data& data) -{ - if (GetError()) return; - uint dataSz = data.get_length(); // input, data size to fill - size_t elements = buffers_.getData().size(); - - data.set_length(0); // output, actual data filled - dataSz = min(dataSz, bufferedData()); - - for (size_t i = 0; i < elements; i++) { - input_buffer* front = buffers_.getData().front(); - uint frontSz = front->get_remaining(); - uint readSz = min(dataSz - data.get_length(), frontSz); - - front->read(data.set_buffer() + data.get_length(), readSz); - data.set_length(data.get_length() + readSz); - - if (readSz == frontSz) { - buffers_.useData().pop_front(); - ysDelete(front); - } - if (data.get_length() == dataSz) - break; - } - - if (buffers_.getData().size() == 0) has_data_ = false; // none left -} - - -// like Fill but keep data in buffer -void SSL::PeekData(Data& data) -{ - if (GetError()) return; - uint dataSz = data.get_length(); // input, data size to fill - size_t elements = buffers_.getData().size(); - - data.set_length(0); // output, actual data filled - dataSz = min(dataSz, bufferedData()); - - Buffers::inputList::iterator front = buffers_.useData().begin(); - - while (elements) { - uint frontSz = (*front)->get_remaining(); - uint readSz = min(dataSz - data.get_length(), frontSz); - uint before = (*front)->get_current(); - - (*front)->read(data.set_buffer() + data.get_length(), readSz); - data.set_length(data.get_length() + readSz); - (*front)->set_current(before); - - if (data.get_length() == dataSz) - break; - - elements--; - front++; - } -} - - -// flush output buffer -void SSL::flushBuffer() -{ - if (GetError()) return; - - uint sz = STL::for_each(buffers_.getHandShake().begin(), - buffers_.getHandShake().end(), - SumBuffer()).total_; - output_buffer out(sz); - size_t elements = buffers_.getHandShake().size(); - - for (size_t i = 0; i < elements; i++) { - output_buffer* front = buffers_.getHandShake().front(); - out.write(front->get_buffer(), front->get_size()); - - buffers_.useHandShake().pop_front(); - ysDelete(front); - } - Send(out.get_buffer(), out.get_size()); -} - - -void SSL::Send(const byte* buffer, uint sz) -{ - unsigned int sent = 0; - - if (socket_.send(buffer, sz, sent) != sz) { - if (socket_.WouldBlock()) { - buffers_.SetOutput(NEW_YS output_buffer(sz - sent, buffer + sent, - sz - sent)); - SetError(YasslError(SSL_ERROR_WANT_WRITE)); - } - else - SetError(send_error); - } -} - - -void SSL::SendWriteBuffered() -{ - output_buffer* out = buffers_.TakeOutput(); - - if (out) { - mySTL::auto_ptr<output_buffer> tmp(out); - Send(out->get_buffer(), out->get_size()); - } -} - - -// get sequence number, if verify get peer's -uint SSL::get_SEQIncrement(bool verify) -{ - if (verify) - return secure_.use_connection().peer_sequence_number_++; - else - return secure_.use_connection().sequence_number_++; -} - - -const byte* SSL::get_macSecret(bool verify) -{ - if ( (secure_.get_parms().entity_ == client_end && !verify) || - (secure_.get_parms().entity_ == server_end && verify) ) - return secure_.get_connection().client_write_MAC_secret_; - else - return secure_.get_connection().server_write_MAC_secret_; -} - - -void SSL::verifyState(const RecordLayerHeader& rlHeader) -{ - if (GetError()) return; - - if (rlHeader.version_.major_ != 3 || rlHeader.version_.minor_ > 2) { - SetError(badVersion_error); - return; - } - - if (states_.getRecord() == recordNotReady || - (rlHeader.type_ == application_data && // data and handshake - states_.getHandShake() != handShakeReady) ) // isn't complete yet - SetError(record_layer); -} - - -void SSL::verifyState(const HandShakeHeader& hsHeader) -{ - if (GetError()) return; - - if (states_.getHandShake() == handShakeNotReady) { - SetError(handshake_layer); - return; - } - - if (states_.SetMessageRecvd(hsHeader.get_handshakeType()) != 0) { - order_error(); - return; - } - - if (secure_.get_parms().entity_ == client_end) - verifyClientState(hsHeader.get_handshakeType()); - else - verifyServerState(hsHeader.get_handshakeType()); -} - - -void SSL::verifyState(ClientState cs) -{ - if (GetError()) return; - if (states_.getClient() != cs) order_error(); -} - - -void SSL::verifyState(ServerState ss) -{ - if (GetError()) return; - if (states_.getServer() != ss) order_error(); -} - - -void SSL::verfiyHandShakeComplete() -{ - if (GetError()) return; - if (states_.getHandShake() != handShakeReady) order_error(); -} - - -void SSL::verifyClientState(HandShakeType hsType) -{ - if (GetError()) return; - - switch(hsType) { - case server_hello : - if (states_.getClient() != serverNull) - order_error(); - break; - case certificate : - if (states_.getClient() != serverHelloComplete) - order_error(); - break; - case server_key_exchange : - if (states_.getClient() != serverCertComplete) - order_error(); - break; - case certificate_request : - if (states_.getClient() != serverCertComplete && - states_.getClient() != serverKeyExchangeComplete) - order_error(); - break; - case server_hello_done : - if (states_.getClient() != serverCertComplete && - states_.getClient() != serverKeyExchangeComplete) - order_error(); - break; - case finished : - if (states_.getClient() != serverHelloDoneComplete || - secure_.get_parms().pending_) // no change - order_error(); // cipher yet - break; - default : - order_error(); - }; -} - - -void SSL::verifyServerState(HandShakeType hsType) -{ - if (GetError()) return; - - switch(hsType) { - case client_hello : - if (states_.getServer() != clientNull) - order_error(); - break; - case certificate : - if (states_.getServer() != clientHelloComplete) - order_error(); - break; - case client_key_exchange : - if (states_.getServer() != clientHelloComplete) - order_error(); - break; - case certificate_verify : - if (states_.getServer() != clientKeyExchangeComplete) - order_error(); - break; - case finished : - if (states_.getServer() != clientKeyExchangeComplete || - secure_.get_parms().pending_) // no change - order_error(); // cipher yet - break; - default : - order_error(); - }; -} - - -// try to find a suite match -void SSL::matchSuite(const opaque* peer, uint length) -{ - if (length == 0 || (length % 2) != 0) { - SetError(bad_input); - return; - } - - // start with best, if a match we are good, Ciphers are at odd index - // since all SSL and TLS ciphers have 0x00 first byte - for (uint i = 1; i < secure_.get_parms().suites_size_; i += 2) - for (uint j = 0; (j + 1) < length; j+= 2) { - if (peer[j] != 0x00) { - continue; // only 0x00 first byte supported - } - - if (secure_.use_parms().suites_[i] == peer[j + 1]) { - secure_.use_parms().suite_[0] = 0x00; - secure_.use_parms().suite_[1] = peer[j + 1]; - return; - } - } - - SetError(match_error); -} - - -void SSL::set_session(SSL_SESSION* s) -{ - if (getSecurity().GetContext()->GetSessionCacheOff()) - return; - - if (s && GetSessions().lookup(s->GetID(), &secure_.use_resume())) { - secure_.set_resuming(true); - crypto_.use_certManager().setPeerX509(s->GetPeerX509()); - } -} - - -const Crypto& SSL::getCrypto() const -{ - return crypto_; -} - - -const Security& SSL::getSecurity() const -{ - return secure_; -} - - -const States& SSL::getStates() const -{ - return states_; -} - - -const sslHashes& SSL::getHashes() const -{ - return hashes_; -} - - -const sslFactory& SSL::getFactory() const -{ - return GetSSL_Factory(); -} - - -const Socket& SSL::getSocket() const -{ - return socket_; -} - - -YasslError SSL::GetError() const -{ - return states_.What(); -} - - -bool SSL::GetQuietShutdown() const -{ - return quietShutdown_; -} - - -bool SSL::GetMultiProtocol() const -{ - return secure_.GetContext()->getMethod()->multipleProtocol(); -} - - -Crypto& SSL::useCrypto() -{ - return crypto_; -} - - -Security& SSL::useSecurity() -{ - return secure_; -} - - -States& SSL::useStates() -{ - return states_; -} - - -sslHashes& SSL::useHashes() -{ - return hashes_; -} - - -Socket& SSL::useSocket() -{ - return socket_; -} - - -Log& SSL::useLog() -{ - return log_; -} - - -bool SSL::isTLS() const -{ - return secure_.get_connection().TLS_; -} - - -bool SSL::isTLSv1_1() const -{ - return secure_.get_connection().TLSv1_1_; -} - - -// is there buffered data available, optimization to remove iteration on buffer -bool SSL::HasData() const -{ - return has_data_; -} - - -void SSL::addData(input_buffer* data) -{ - buffers_.useData().push_back(data); - if (!has_data_) has_data_ = true; -} - - -void SSL::addBuffer(output_buffer* b) -{ - buffers_.useHandShake().push_back(b); -} - - -void SSL_SESSION::CopyX509(X509* x) -{ - if (x == 0) return; - - X509_NAME* issuer = x->GetIssuer(); - X509_NAME* subject = x->GetSubject(); - ASN1_TIME* before = x->GetBefore(); - ASN1_TIME* after = x->GetAfter(); - - peerX509_ = NEW_YS X509(issuer->GetName(), issuer->GetLength(), - subject->GetName(), subject->GetLength(), before, after, - issuer->GetCnPosition(), issuer->GetCnLength(), - subject->GetCnPosition(), subject->GetCnLength()); -} - - -// store connection parameters -SSL_SESSION::SSL_SESSION(const SSL& ssl, RandomPool& ran) - : timeout_(DEFAULT_TIMEOUT), random_(ran), peerX509_(0) -{ - const Connection& conn = ssl.getSecurity().get_connection(); - - memcpy(sessionID_, conn.sessionID_, ID_LEN); - memcpy(master_secret_, conn.master_secret_, SECRET_LEN); - memcpy(suite_, ssl.getSecurity().get_parms().suite_, SUITE_LEN); - - bornOn_ = lowResTimer(); - - CopyX509(ssl.getCrypto().get_certManager().get_peerX509()); -} - - -// for resumption copy in ssl::parameters -SSL_SESSION::SSL_SESSION(RandomPool& ran) - : bornOn_(0), timeout_(0), random_(ran), peerX509_(0) -{ - memset(sessionID_, 0, ID_LEN); - memset(master_secret_, 0, SECRET_LEN); - memset(suite_, 0, SUITE_LEN); -} - - -SSL_SESSION& SSL_SESSION::operator=(const SSL_SESSION& that) -{ - memcpy(sessionID_, that.sessionID_, ID_LEN); - memcpy(master_secret_, that.master_secret_, SECRET_LEN); - memcpy(suite_, that.suite_, SUITE_LEN); - - bornOn_ = that.bornOn_; - timeout_ = that.timeout_; - - if (peerX509_) { - ysDelete(peerX509_); - peerX509_ = 0; - } - CopyX509(that.peerX509_); - - return *this; -} - - -const opaque* SSL_SESSION::GetID() const -{ - return sessionID_; -} - - -const opaque* SSL_SESSION::GetSecret() const -{ - return master_secret_; -} - - -const Cipher* SSL_SESSION::GetSuite() const -{ - return suite_; -} - - -X509* SSL_SESSION::GetPeerX509() const -{ - return peerX509_; -} - - -uint SSL_SESSION::GetBornOn() const -{ - return bornOn_; -} - - -uint SSL_SESSION::GetTimeOut() const -{ - return timeout_; -} - - -void SSL_SESSION::SetTimeOut(uint t) -{ - timeout_ = t; -} - - -extern void clean(volatile opaque*, uint, RandomPool&); - - -// clean up secret data -SSL_SESSION::~SSL_SESSION() -{ - volatile opaque* p = master_secret_; - clean(p, SECRET_LEN, random_); - - ysDelete(peerX509_); -} - - -static Sessions* sessionsInstance = 0; - -Sessions& GetSessions() -{ - if (!sessionsInstance) - sessionsInstance = NEW_YS Sessions; - return *sessionsInstance; -} - - -static sslFactory* sslFactoryInstance = 0; - -sslFactory& GetSSL_Factory() -{ - if (!sslFactoryInstance) - sslFactoryInstance = NEW_YS sslFactory; - return *sslFactoryInstance; -} - - -static Errors* errorsInstance = 0; - -Errors& GetErrors() -{ - if (!errorsInstance) - errorsInstance = NEW_YS Errors; - return *errorsInstance; -} - -bool HasErrors() -{ - return (errorsInstance != 0); -} - - -typedef Mutex::Lock Lock; - - - -void Sessions::add(const SSL& ssl) -{ - if (ssl.getSecurity().get_connection().sessionID_Set_) { - Lock guard(mutex_); - list_.push_back(NEW_YS SSL_SESSION(ssl, random_)); - count_++; - } - - if (count_ > SESSION_FLUSH_COUNT) - if (!ssl.getSecurity().GetContext()->GetSessionCacheFlushOff()) - Flush(); -} - - -Sessions::~Sessions() -{ - STL::for_each(list_.begin(), list_.end(), del_ptr_zero()); -} - - -// locals -namespace yassl_int_cpp_local2 { // for explicit templates - -typedef STL::list<SSL_SESSION*>::iterator sess_iterator; -typedef STL::list<ThreadError>::iterator thr_iterator; - -struct sess_match { - const opaque* id_; - explicit sess_match(const opaque* p) : id_(p) {} - - bool operator()(SSL_SESSION* sess) - { - if ( memcmp(sess->GetID(), id_, ID_LEN) == 0) - return true; - return false; - } -}; - - -THREAD_ID_T GetSelf() -{ -#ifndef _POSIX_THREADS - return GetCurrentThreadId(); -#else - return pthread_self(); -#endif -} - -struct thr_match { - THREAD_ID_T id_; - explicit thr_match() : id_(GetSelf()) {} - - bool operator()(ThreadError thr) - { - if (thr.threadID_ == id_) - return true; - return false; - } -}; - - -} // local namespace -using namespace yassl_int_cpp_local2; - - -// lookup session by id, return a copy if space provided -SSL_SESSION* Sessions::lookup(const opaque* id, SSL_SESSION* copy) -{ - Lock guard(mutex_); - sess_iterator find = STL::find_if(list_.begin(), list_.end(), - sess_match(id)); - if (find != list_.end()) { - uint current = lowResTimer(); - if ( ((*find)->GetBornOn() + (*find)->GetTimeOut()) < current) { - del_ptr_zero()(*find); - list_.erase(find); - return 0; - } - if (copy) - *copy = *(*find); - return *find; - } - return 0; -} - - -// remove a session by id -void Sessions::remove(const opaque* id) -{ - Lock guard(mutex_); - sess_iterator find = STL::find_if(list_.begin(), list_.end(), - sess_match(id)); - if (find != list_.end()) { - del_ptr_zero()(*find); - list_.erase(find); - } -} - - -// flush expired sessions from cache -void Sessions::Flush() -{ - Lock guard(mutex_); - sess_iterator next = list_.begin(); - uint current = lowResTimer(); - - while (next != list_.end()) { - sess_iterator si = next; - ++next; - if ( ((*si)->GetBornOn() + (*si)->GetTimeOut()) < current) { - del_ptr_zero()(*si); - list_.erase(si); - } - } - count_ = 0; // reset flush counter -} - - -// remove a self thread error -void Errors::Remove() -{ - Lock guard(mutex_); - thr_iterator find = STL::find_if(list_.begin(), list_.end(), - thr_match()); - if (find != list_.end()) - list_.erase(find); -} - - -// lookup self error code -int Errors::Lookup(bool peek) -{ - Lock guard(mutex_); - thr_iterator find = STL::find_if(list_.begin(), list_.end(), - thr_match()); - if (find != list_.end()) { - int ret = find->errorID_; - if (!peek) - list_.erase(find); - return ret; - } - else - return 0; -} - - -// add a new error code for self -void Errors::Add(int error) -{ - ThreadError add; - add.errorID_ = error; - add.threadID_ = GetSelf(); - - Remove(); // may have old error - - Lock guard(mutex_); - list_.push_back(add); -} - - -SSL_METHOD::SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv, bool multiProto) - : version_(pv), side_(ce), verifyPeer_(false), verifyNone_(false), - failNoCert_(false), multipleProtocol_(multiProto) -{} - - -ProtocolVersion SSL_METHOD::getVersion() const -{ - return version_; -} - - -ConnectionEnd SSL_METHOD::getSide() const -{ - return side_; -} - - -void SSL_METHOD::setVerifyPeer() -{ - verifyPeer_ = true; -} - - -void SSL_METHOD::setVerifyNone() -{ - verifyNone_ = true; -} - - -void SSL_METHOD::setFailNoCert() -{ - failNoCert_ = true; -} - - -bool SSL_METHOD::verifyPeer() const -{ - return verifyPeer_; -} - - -bool SSL_METHOD::verifyNone() const -{ - return verifyNone_; -} - - -bool SSL_METHOD::failNoCert() const -{ - return failNoCert_; -} - - -bool SSL_METHOD::multipleProtocol() const -{ - return multipleProtocol_; -} - - -SSL_CTX::SSL_CTX(SSL_METHOD* meth) - : method_(meth), certificate_(0), privateKey_(0), passwordCb_(0), - userData_(0), sessionCacheOff_(false), sessionCacheFlushOff_(false), - verifyCallback_(0) -{} - - -SSL_CTX::~SSL_CTX() -{ - ysDelete(method_); - ysDelete(certificate_); - ysDelete(privateKey_); - - STL::for_each(caList_.begin(), caList_.end(), del_ptr_zero()); -} - - -void SSL_CTX::AddCA(x509* ca) -{ - caList_.push_back(ca); -} - - -const SSL_CTX::CertList& -SSL_CTX::GetCA_List() const -{ - return caList_; -} - - -VerifyCallback SSL_CTX::getVerifyCallback() const -{ - return verifyCallback_; -} - - -const x509* SSL_CTX::getCert() const -{ - return certificate_; -} - - -const x509* SSL_CTX::getKey() const -{ - return privateKey_; -} - - -const SSL_METHOD* SSL_CTX::getMethod() const -{ - return method_; -} - - -const Ciphers& SSL_CTX::GetCiphers() const -{ - return ciphers_; -} - - -const DH_Parms& SSL_CTX::GetDH_Parms() const -{ - return dhParms_; -} - - -const Stats& SSL_CTX::GetStats() const -{ - return stats_; -} - - -pem_password_cb SSL_CTX::GetPasswordCb() const -{ - return passwordCb_; -} - - -void SSL_CTX::SetPasswordCb(pem_password_cb cb) -{ - passwordCb_ = cb; -} - - -void* SSL_CTX::GetUserData() const -{ - return userData_; -} - - -bool SSL_CTX::GetSessionCacheOff() const -{ - return sessionCacheOff_; -} - - -bool SSL_CTX::GetSessionCacheFlushOff() const -{ - return sessionCacheFlushOff_; -} - - -void SSL_CTX::SetUserData(void* data) -{ - userData_ = data; -} - - -void SSL_CTX::SetSessionCacheOff() -{ - sessionCacheOff_ = true; -} - - -void SSL_CTX::SetSessionCacheFlushOff() -{ - sessionCacheFlushOff_ = true; -} - - -void SSL_CTX::setVerifyPeer() -{ - method_->setVerifyPeer(); -} - - -void SSL_CTX::setVerifyNone() -{ - method_->setVerifyNone(); -} - - -void SSL_CTX::setFailNoCert() -{ - method_->setFailNoCert(); -} - - -void SSL_CTX::setVerifyCallback(VerifyCallback vc) -{ - verifyCallback_ = vc; -} - - -bool SSL_CTX::SetDH(const DH& dh) -{ - dhParms_.p_ = dh.p->int_; - dhParms_.g_ = dh.g->int_; - - return dhParms_.set_ = true; -} - - -bool SSL_CTX::SetCipherList(const char* list) -{ - if (!list) - return false; - - bool ret = false; - char name[MAX_SUITE_NAME]; - - char needle[] = ":"; - char* haystack = const_cast<char*>(list); - char* prev; - - const int suiteSz = sizeof(cipher_names) / sizeof(cipher_names[0]); - int idx = 0; - - for(;;) { - size_t len; - prev = haystack; - haystack = strstr(haystack, needle); - - if (!haystack) // last cipher - len = min(sizeof(name), strlen(prev)); - else - len = min(sizeof(name), (size_t)(haystack - prev)); - - strncpy(name, prev, len); - name[(len == sizeof(name)) ? len - 1 : len] = 0; - - for (int i = 0; i < suiteSz; i++) - if (strncmp(name, cipher_names[i], sizeof(name)) == 0) { - - ciphers_.suites_[idx++] = 0x00; // first byte always zero - ciphers_.suites_[idx++] = i; - - if (!ret) ret = true; // found at least one - break; - } - if (!haystack) break; - haystack++; - } - - if (ret) { - ciphers_.setSuites_ = true; - ciphers_.suiteSz_ = idx; - } - - return ret; -} - - -void SSL_CTX::IncrementStats(StatsField fd) -{ - - Lock guard(mutex_); - - switch (fd) { - - case Accept: - ++stats_.accept_; - break; - - case Connect: - ++stats_.connect_; - break; - - case AcceptGood: - ++stats_.acceptGood_; - break; - - case ConnectGood: - ++stats_.connectGood_; - break; - - case AcceptRenegotiate: - ++stats_.acceptRenegotiate_; - break; - - case ConnectRenegotiate: - ++stats_.connectRenegotiate_; - break; - - case Hits: - ++stats_.hits_; - break; - - case CbHits: - ++stats_.cbHits_; - break; - - case CacheFull: - ++stats_.cacheFull_; - break; - - case Misses: - ++stats_.misses_; - break; - - case Timeouts: - ++stats_.timeouts_; - break; - - case Number: - ++stats_.number_; - break; - - case GetCacheSize: - ++stats_.getCacheSize_; - break; - - case VerifyMode: - ++stats_.verifyMode_; - break; - - case VerifyDepth: - ++stats_.verifyDepth_; - break; - - default: - break; - } -} - - -Crypto::Crypto() - : digest_(0), cipher_(0), dh_(0) -{} - - -Crypto::~Crypto() -{ - ysDelete(dh_); - ysDelete(cipher_); - ysDelete(digest_); -} - - -const Digest& Crypto::get_digest() const -{ - return *digest_; -} - - -const BulkCipher& Crypto::get_cipher() const -{ - return *cipher_; -} - - -const DiffieHellman& Crypto::get_dh() const -{ - return *dh_; -} - - -const RandomPool& Crypto::get_random() const -{ - return random_; -} - - -const CertManager& Crypto::get_certManager() const -{ - return cert_; -} - - - -Digest& Crypto::use_digest() -{ - return *digest_; -} - - -BulkCipher& Crypto::use_cipher() -{ - return *cipher_; -} - - -DiffieHellman& Crypto::use_dh() -{ - return *dh_; -} - - -RandomPool& Crypto::use_random() -{ - return random_; -} - - -CertManager& Crypto::use_certManager() -{ - return cert_; -} - - - -void Crypto::SetDH(DiffieHellman* dh) -{ - dh_ = dh; -} - - -void Crypto::SetDH(const DH_Parms& dh) -{ - if (dh.set_) - dh_ = NEW_YS DiffieHellman(dh.p_, dh.g_, random_); -} - - -bool Crypto::DhSet() -{ - return dh_ != 0; -} - - -void Crypto::setDigest(Digest* digest) -{ - digest_ = digest; -} - - -void Crypto::setCipher(BulkCipher* c) -{ - cipher_ = c; -} - - -const MD5& sslHashes::get_MD5() const -{ - return md5HandShake_; -} - - -const SHA& sslHashes::get_SHA() const -{ - return shaHandShake_; -} - - -const Finished& sslHashes::get_verify() const -{ - return verify_; -} - - -const Hashes& sslHashes::get_certVerify() const -{ - return certVerify_; -} - - -MD5& sslHashes::use_MD5(){ - return md5HandShake_; -} - - -SHA& sslHashes::use_SHA() -{ - return shaHandShake_; -} - - -Finished& sslHashes::use_verify() -{ - return verify_; -} - - -Hashes& sslHashes::use_certVerify() -{ - return certVerify_; -} - - -Buffers::Buffers() : prevSent(0), plainSz(0), rawInput_(0), output_(0) -{} - - -Buffers::~Buffers() -{ - STL::for_each(handShakeList_.begin(), handShakeList_.end(), - del_ptr_zero()) ; - STL::for_each(dataList_.begin(), dataList_.end(), - del_ptr_zero()) ; - ysDelete(rawInput_); - ysDelete(output_); -} - - -void Buffers::SetOutput(output_buffer* ob) -{ - output_ = ob; -} - - -void Buffers::SetRawInput(input_buffer* ib) -{ - rawInput_ = ib; -} - - -input_buffer* Buffers::TakeRawInput() -{ - input_buffer* ret = rawInput_; - rawInput_ = 0; - - return ret; -} - - -output_buffer* Buffers::TakeOutput() -{ - output_buffer* ret = output_; - output_ = 0; - - return ret; -} - - -const Buffers::inputList& Buffers::getData() const -{ - return dataList_; -} - - -const Buffers::outputList& Buffers::getHandShake() const -{ - return handShakeList_; -} - - -Buffers::inputList& Buffers::useData() -{ - return dataList_; -} - - -Buffers::outputList& Buffers::useHandShake() -{ - return handShakeList_; -} - - -Security::Security(ProtocolVersion pv, RandomPool& ran, ConnectionEnd ce, - const Ciphers& ciphers, SSL_CTX* ctx, bool haveDH) - : conn_(pv, ran), parms_(ce, ciphers, pv, haveDH), resumeSession_(ran), - ctx_(ctx), resuming_(false) -{} - - -const Connection& Security::get_connection() const -{ - return conn_; -} - - -const SSL_CTX* Security::GetContext() const -{ - return ctx_; -} - - -const Parameters& Security::get_parms() const -{ - return parms_; -} - - -const SSL_SESSION& Security::get_resume() const -{ - return resumeSession_; -} - - -bool Security::get_resuming() const -{ - return resuming_; -} - - -Connection& Security::use_connection() -{ - return conn_; -} - - -Parameters& Security::use_parms() -{ - return parms_; -} - - -SSL_SESSION& Security::use_resume() -{ - return resumeSession_; -} - - -void Security::set_resuming(bool b) -{ - resuming_ = b; -} - - -X509_NAME::X509_NAME(const char* n, size_t sz, int pos, int len) - : name_(0), sz_(sz), cnPosition_(pos), cnLen_(len) -{ - if (sz) { - name_ = NEW_YS char[sz]; - memcpy(name_, n, sz); - } - entry_.data = 0; -} - - -X509_NAME::~X509_NAME() -{ - ysArrayDelete(name_); - ysArrayDelete(entry_.data); -} - - -const char* X509_NAME::GetName() const -{ - return name_; -} - - -size_t X509_NAME::GetLength() const -{ - return sz_; -} - - -X509::X509(const char* i, size_t iSz, const char* s, size_t sSz, - ASN1_STRING *b, ASN1_STRING *a, - int issPos, int issLen, - int subPos, int subLen) - : issuer_(i, iSz, issPos, issLen), subject_(s, sSz, subPos, subLen), - beforeDate_((char *) b->data, b->length, b->type), - afterDate_((char *) a->data, a->length, a->type) -{} - - -X509_NAME* X509::GetIssuer() -{ - return &issuer_; -} - - -X509_NAME* X509::GetSubject() -{ - return &subject_; -} - - -ASN1_TIME* X509::GetBefore() -{ - return beforeDate_.GetString(); -} - - -ASN1_TIME* X509::GetAfter() -{ - return afterDate_.GetString(); -} - - -ASN1_STRING* X509_NAME::GetEntry(int i) -{ - if (i < 0 || i >= int(sz_)) - return 0; - - if (i != cnPosition_ || cnLen_ <= 0) // only entry currently supported - return 0; - - if (cnLen_ > int(sz_-i)) // make sure there's room in read buffer - return 0; - - if (entry_.data) - ysArrayDelete(entry_.data); - entry_.data = NEW_YS byte[cnLen_+1]; // max size; - - memcpy(entry_.data, &name_[i], cnLen_); - entry_.data[cnLen_] = 0; - entry_.length = cnLen_; - entry_.type = 0; - - return &entry_; -} - - -StringHolder::StringHolder(const char* str, int sz, byte type) -{ - asnString_.length = sz; - asnString_.data = NEW_YS byte[sz + 1]; - memcpy(asnString_.data, str, sz); - asnString_.type = type; -} - - -StringHolder::~StringHolder() -{ - ysArrayDelete(asnString_.data); -} - - -ASN1_STRING* StringHolder::GetString() -{ - return &asnString_; -} - - -#ifdef HAVE_LIBZ - - void* myAlloc(void* /* opaque */, unsigned int item, unsigned int size) - { - return NEW_YS unsigned char[item * size]; - } - - - void myFree(void* /* opaque */, void* memory) - { - unsigned char* ptr = static_cast<unsigned char*>(memory); - yaSSL::ysArrayDelete(ptr); - } - - - // put size in front of compressed data - int Compress(const byte* in, int sz, input_buffer& buffer) - { - byte tmp[LENGTH_SZ]; - z_stream c_stream; /* compression stream */ - - buffer.allocate(sz + sizeof(uint16) + COMPRESS_EXTRA); - - c_stream.zalloc = myAlloc; - c_stream.zfree = myFree; - c_stream.opaque = (voidpf)0; - - c_stream.next_in = const_cast<byte*>(in); - c_stream.avail_in = sz; - c_stream.next_out = buffer.get_buffer() + sizeof(tmp); - c_stream.avail_out = buffer.get_capacity() - sizeof(tmp); - - if (deflateInit(&c_stream, 8) != Z_OK) return -1; - int err = deflate(&c_stream, Z_FINISH); - deflateEnd(&c_stream); - if (err != Z_OK && err != Z_STREAM_END) return -1; - - c16toa(sz, tmp); - memcpy(buffer.get_buffer(), tmp, sizeof(tmp)); - buffer.add_size(c_stream.total_out + sizeof(tmp)); - - return 0; - } - - - // get uncompressed size in front - int DeCompress(input_buffer& in, int sz, input_buffer& out) - { - byte tmp[LENGTH_SZ]; - - tmp[0] = in[AUTO]; - tmp[1] = in[AUTO]; - - uint16 len; - ato16(tmp, len); - - out.allocate(len); - - z_stream d_stream; /* decompression stream */ - - d_stream.zalloc = myAlloc; - d_stream.zfree = myFree; - d_stream.opaque = (voidpf)0; - - d_stream.next_in = in.get_buffer() + in.get_current(); - d_stream.avail_in = sz - sizeof(tmp); - d_stream.next_out = out.get_buffer(); - d_stream.avail_out = out.get_capacity(); - - if (inflateInit(&d_stream) != Z_OK) return -1; - int err = inflate(&d_stream, Z_FINISH); - inflateEnd(&d_stream); - if (err != Z_OK && err != Z_STREAM_END) return -1; - - out.add_size(d_stream.total_out); - in.set_current(in.get_current() + sz - sizeof(tmp)); - - return 0; - } - - -#else // LIBZ - - // these versions should never get called - int Compress(const byte* in, int sz, input_buffer& buffer) - { - return -1; - } - - - int DeCompress(input_buffer& in, int sz, input_buffer& out) - { - return -1; - } - - -#endif // LIBZ - - -} // namespace - - - -extern "C" void yaSSL_CleanUp() -{ - TaoCrypt::CleanUp(); - yaSSL::ysDelete(yaSSL::sslFactoryInstance); - yaSSL::ysDelete(yaSSL::sessionsInstance); - yaSSL::ysDelete(yaSSL::errorsInstance); - - // In case user calls more than once, prevent seg fault - yaSSL::sslFactoryInstance = 0; - yaSSL::sessionsInstance = 0; - yaSSL::errorsInstance = 0; -} diff --git a/extra/yassl/taocrypt/CMakeLists.txt b/extra/yassl/taocrypt/CMakeLists.txt deleted file mode 100644 index ebfa70e8799..00000000000 --- a/extra/yassl/taocrypt/CMakeLists.txt +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright (c) 2006, 2014, Oracle and/or its affiliates. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335 USA - -INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/extra/yassl/taocrypt/mySTL - ${CMAKE_SOURCE_DIR}/extra/yassl/taocrypt/include) - -INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) -ADD_DEFINITIONS(${SSL_DEFINES}) -SET(TAOCRYPT_SOURCES src/aes.cpp src/aestables.cpp src/algebra.cpp src/arc4.cpp src/asn.cpp src/coding.cpp - src/des.cpp src/dh.cpp src/dsa.cpp src/file.cpp src/hash.cpp src/integer.cpp src/md2.cpp - src/md4.cpp src/md5.cpp src/misc.cpp src/random.cpp src/ripemd.cpp src/rsa.cpp src/sha.cpp - src/rabbit.cpp src/hc128.cpp - include/aes.hpp include/algebra.hpp include/arc4.hpp include/asn.hpp include/block.hpp - include/coding.hpp include/des.hpp include/dh.hpp include/dsa.hpp include/dsa.hpp - include/error.hpp include/file.hpp include/hash.hpp include/hmac.hpp include/integer.hpp - include/md2.hpp include/md5.hpp include/misc.hpp include/modarith.hpp include/modes.hpp - include/random.hpp include/ripemd.hpp include/rsa.hpp include/sha.hpp - include/rabbit.hpp include/hc128.hpp) - -ADD_CONVENIENCE_LIBRARY(taocrypt ${TAOCRYPT_SOURCES}) -RESTRICT_SYMBOL_EXPORTS(taocrypt) - diff --git a/extra/yassl/taocrypt/COPYING b/extra/yassl/taocrypt/COPYING deleted file mode 100644 index 98861a5402d..00000000000 --- a/extra/yassl/taocrypt/COPYING +++ /dev/null @@ -1,340 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - <one line to give the program's name and a brief idea of what it does.> - Copyright (C) <year> <name of author> - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA - - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - <signature of Ty Coon>, 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General -Public License instead of this License. diff --git a/extra/yassl/taocrypt/INSTALL b/extra/yassl/taocrypt/INSTALL deleted file mode 100644 index 54caf7c190f..00000000000 --- a/extra/yassl/taocrypt/INSTALL +++ /dev/null @@ -1,229 +0,0 @@ -Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002 Free Software -Foundation, Inc. - - This file is free documentation; the Free Software Foundation gives -unlimited permission to copy, distribute and modify it. - -Basic Installation -================== - - These are generic installation instructions. - - The `configure' shell script attempts to guess correct values for -various system-dependent variables used during compilation. It uses -those values to create a `Makefile' in each directory of the package. -It may also create one or more `.h' files containing system-dependent -definitions. Finally, it creates a shell script `config.status' that -you can run in the future to recreate the current configuration, and a -file `config.log' containing compiler output (useful mainly for -debugging `configure'). - - It can also use an optional file (typically called `config.cache' -and enabled with `--cache-file=config.cache' or simply `-C') that saves -the results of its tests to speed up reconfiguring. (Caching is -disabled by default to prevent problems with accidental use of stale -cache files.) - - If you need to do unusual things to compile the package, please try -to figure out how `configure' could check whether to do them, and mail -diffs or instructions to the address given in the `README' so they can -be considered for the next release. If you are using the cache, and at -some point `config.cache' contains results you don't want to keep, you -may remove or edit it. - - The file `configure.ac' (or `configure.in') is used to create -`configure' by a program called `autoconf'. You only need -`configure.ac' if you want to change it or regenerate `configure' using -a newer version of `autoconf'. - -The simplest way to compile this package is: - - 1. `cd' to the directory containing the package's source code and type - `./configure' to configure the package for your system. If you're - using `csh' on an old version of System V, you might need to type - `sh ./configure' instead to prevent `csh' from trying to execute - `configure' itself. - - Running `configure' takes awhile. While running, it prints some - messages telling which features it is checking for. - - 2. Type `make' to compile the package. - - 3. Optionally, type `make check' to run any self-tests that come with - the package. - - 4. Type `make install' to install the programs and any data files and - documentation. - - 5. You can remove the program binaries and object files from the - source code directory by typing `make clean'. To also remove the - files that `configure' created (so you can compile the package for - a different kind of computer), type `make distclean'. There is - also a `make maintainer-clean' target, but that is intended mainly - for the package's developers. If you use it, you may have to get - all sorts of other programs in order to regenerate files that came - with the distribution. - -Compilers and Options -===================== - - Some systems require unusual options for compilation or linking that -the `configure' script does not know about. Run `./configure --help' -for details on some of the pertinent environment variables. - - You can give `configure' initial values for configuration parameters -by setting variables in the command line or in the environment. Here -is an example: - - ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix - - *Note Defining Variables::, for more details. - -Compiling For Multiple Architectures -==================================== - - You can compile the package for more than one kind of computer at the -same time, by placing the object files for each architecture in their -own directory. To do this, you must use a version of `make' that -supports the `VPATH' variable, such as GNU `make'. `cd' to the -directory where you want the object files and executables to go and run -the `configure' script. `configure' automatically checks for the -source code in the directory that `configure' is in and in `..'. - - If you have to use a `make' that does not support the `VPATH' -variable, you have to compile the package for one architecture at a -time in the source code directory. After you have installed the -package for one architecture, use `make distclean' before reconfiguring -for another architecture. - -Installation Names -================== - - By default, `make install' will install the package's files in -`/usr/local/bin', `/usr/local/man', etc. You can specify an -installation prefix other than `/usr/local' by giving `configure' the -option `--prefix=PATH'. - - You can specify separate installation prefixes for -architecture-specific files and architecture-independent files. If you -give `configure' the option `--exec-prefix=PATH', the package will use -PATH as the prefix for installing programs and libraries. -Documentation and other data files will still use the regular prefix. - - In addition, if you use an unusual directory layout you can give -options like `--bindir=PATH' to specify different values for particular -kinds of files. Run `configure --help' for a list of the directories -you can set and what kinds of files go in them. - - If the package supports it, you can cause programs to be installed -with an extra prefix or suffix on their names by giving `configure' the -option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. - -Optional Features -================= - - Some packages pay attention to `--enable-FEATURE' options to -`configure', where FEATURE indicates an optional part of the package. -They may also pay attention to `--with-PACKAGE' options, where PACKAGE -is something like `gnu-as' or `x' (for the X Window System). The -`README' should mention any `--enable-' and `--with-' options that the -package recognizes. - - For packages that use the X Window System, `configure' can usually -find the X include and library files automatically, but if it doesn't, -you can use the `configure' options `--x-includes=DIR' and -`--x-libraries=DIR' to specify their locations. - -Specifying the System Type -========================== - - There may be some features `configure' cannot figure out -automatically, but needs to determine by the type of machine the package -will run on. Usually, assuming the package is built to be run on the -_same_ architectures, `configure' can figure that out, but if it prints -a message saying it cannot guess the machine type, give it the -`--build=TYPE' option. TYPE can either be a short name for the system -type, such as `sun4', or a canonical name which has the form: - - CPU-COMPANY-SYSTEM - -where SYSTEM can have one of these forms: - - OS KERNEL-OS - - See the file `config.sub' for the possible values of each field. If -`config.sub' isn't included in this package, then this package doesn't -need to know the machine type. - - If you are _building_ compiler tools for cross-compiling, you should -use the `--target=TYPE' option to select the type of system they will -produce code for. - - If you want to _use_ a cross compiler, that generates code for a -platform different from the build platform, you should specify the -"host" platform (i.e., that on which the generated programs will -eventually be run) with `--host=TYPE'. - -Sharing Defaults -================ - - If you want to set default values for `configure' scripts to share, -you can create a site shell script called `config.site' that gives -default values for variables like `CC', `cache_file', and `prefix'. -`configure' looks for `PREFIX/share/config.site' if it exists, then -`PREFIX/etc/config.site' if it exists. Or, you can set the -`CONFIG_SITE' environment variable to the location of the site script. -A warning: not all `configure' scripts look for a site script. - -Defining Variables -================== - - Variables not defined in a site shell script can be set in the -environment passed to `configure'. However, some packages may run -configure again during the build, and the customized values of these -variables may be lost. In order to avoid this problem, you should set -them in the `configure' command line, using `VAR=value'. For example: - - ./configure CC=/usr/local2/bin/gcc - -will cause the specified gcc to be used as the C compiler (unless it is -overridden in the site shell script). - -`configure' Invocation -====================== - - `configure' recognizes the following options to control how it -operates. - -`--help' -`-h' - Print a summary of the options to `configure', and exit. - -`--version' -`-V' - Print the version of Autoconf used to generate the `configure' - script, and exit. - -`--cache-file=FILE' - Enable the cache: use and save the results of the tests in FILE, - traditionally `config.cache'. FILE defaults to `/dev/null' to - disable caching. - -`--config-cache' -`-C' - Alias for `--cache-file=config.cache'. - -`--quiet' -`--silent' -`-q' - Do not print messages saying which checks are being made. To - suppress all normal output, redirect it to `/dev/null' (any error - messages will still be shown). - -`--srcdir=DIR' - Look for the package's source code in directory DIR. Usually - `configure' can determine that directory automatically. - -`configure' also accepts some other, not widely useful, options. Run -`configure --help' for more details. - diff --git a/extra/yassl/taocrypt/README b/extra/yassl/taocrypt/README deleted file mode 100644 index bd786b7ce54..00000000000 --- a/extra/yassl/taocrypt/README +++ /dev/null @@ -1,48 +0,0 @@ -TaoCrypt release 0.9.2 02/5/2007 - - -This release includes bug fixes, portability enhancements, and some -optimiations. - -See 0.9.0 for build instructions. - - - - -******************TaoCrypt release 0.9.0 09/18/2006 - -This is the first release of TaoCrypt, it was previously only included with -yaSSL. TaoCrypt is highly portable and fast, its features include: - -One way hash functions: SHA-1, MD2, MD4, MD5, RIPEMD-160 -Message authentication codes: HMAC -Block Ciphers: DES, Triple-DES, AES, Blowfish, Twofish -Stream Ciphers: ARC4 -Public Key Crypto: RSA, DSA, Diffie-Hellman -Password based key derivation: PBKDF2 from PKCS #5 -Pseudo Random Number Generators -Large Integer Support -Base 16/64 encoding/decoding -DER encoding/decoding -X.509 processing -SSE2 and ia32 asm for the right processors and compilers - - -To build on Unix - - ./configure - make - - To test the build, from the ./test directory run ./test - - -On Windows - - Open the taocrypt project workspace - Choose (Re)Build All - - To test the build, run the test executable - - -Please send any questions or comments to todd@yassl.com. - diff --git a/extra/yassl/taocrypt/benchmark/benchmark.cpp b/extra/yassl/taocrypt/benchmark/benchmark.cpp deleted file mode 100644 index 6afad32ed41..00000000000 --- a/extra/yassl/taocrypt/benchmark/benchmark.cpp +++ /dev/null @@ -1,462 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -// benchmark.cpp -// TaoCrypt benchmark - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#include <string.h> -#include <stdio.h> - -#include "runtime.hpp" -#include "des.hpp" -#include "aes.hpp" -#include "twofish.hpp" -#include "blowfish.hpp" -#include "arc4.hpp" -#include "md5.hpp" -#include "sha.hpp" -#include "ripemd.hpp" -#include "rsa.hpp" -#include "dh.hpp" -#include "dsa.hpp" - - -using namespace TaoCrypt; - -void bench_aes(bool show); -void bench_des(); -void bench_blowfish(); -void bench_twofish(); -void bench_arc4(); - -void bench_md5(); -void bench_sha(); -void bench_ripemd(); - -void bench_rsa(); -void bench_dh(); -void bench_dsa(); - -double current_time(); - - - - -int main(int argc, char** argv) -{ - bench_aes(false); - bench_aes(true); - bench_blowfish(); - bench_twofish(); - bench_arc4(); - bench_des(); - - printf("\n"); - - bench_md5(); - bench_sha(); - bench_ripemd(); - - printf("\n"); - - bench_rsa(); - bench_dh(); - bench_dsa(); - - return 0; -} - -const int megs = 5; // how much to test - -const byte key[] = -{ - 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, - 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, - 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 -}; - -const byte iv[] = -{ - 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, - 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, - 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 - -}; - - -byte plain [1024*1024]; -byte cipher[1024*1024]; - - -void bench_des() -{ - DES_EDE3_CBC_Encryption enc; - enc.SetKey(key, 16, iv); - - double start = current_time(); - - for(int i = 0; i < megs; i++) - enc.Process(plain, cipher, sizeof(plain)); - - double total = current_time() - start; - - double persec = 1 / total * megs; - - printf("3DES %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); -} - - -void bench_aes(bool show) -{ - AES_CBC_Encryption enc; - enc.SetKey(key, 16, iv); - - double start = current_time(); - - for(int i = 0; i < megs; i++) - enc.Process(plain, cipher, sizeof(plain)); - - double total = current_time() - start; - - double persec = 1 / total * megs; - - if (show) - printf("AES %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); -} - - -void bench_twofish() -{ - Twofish_CBC_Encryption enc; - enc.SetKey(key, 16, iv); - - double start = current_time(); - - for(int i = 0; i < megs; i++) - enc.Process(plain, cipher, sizeof(plain)); - - double total = current_time() - start; - - double persec = 1 / total * megs; - - printf("Twofish %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); - -} - - -void bench_blowfish() -{ - Blowfish_CBC_Encryption enc; - enc.SetKey(key, 16, iv); - - double start = current_time(); - - for(int i = 0; i < megs; i++) - enc.Process(plain, cipher, sizeof(plain)); - - double total = current_time() - start; - - double persec = 1 / total * megs; - - printf("Blowfish %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); -} - - -void bench_arc4() -{ - ARC4 enc; - enc.SetKey(key, 16); - - double start = current_time(); - - for(int i = 0; i < megs; i++) - enc.Process(cipher, plain, sizeof(plain)); - - double total = current_time() - start; - - double persec = 1 / total * megs; - - printf("ARC4 %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); -} - - -void bench_md5() -{ - MD5 hash; - byte digest[MD5::DIGEST_SIZE]; - - double start = current_time(); - - - for(int i = 0; i < megs; i++) - hash.Update(plain, sizeof(plain)); - - hash.Final(digest); - - double total = current_time() - start; - - double persec = 1 / total * megs; - - printf("MD5 %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); -} - - -void bench_sha() -{ - SHA hash; - byte digest[SHA::DIGEST_SIZE]; - - double start = current_time(); - - - for(int i = 0; i < megs; i++) - hash.Update(plain, sizeof(plain)); - - hash.Final(digest); - - /* - for(int i = 0; i < megs; i++) - hash.AsmTransform(plain, 16384); - */ - - - double total = current_time() - start; - - double persec = 1 / total * megs; - - printf("SHA %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); -} - - -void bench_ripemd() -{ - RIPEMD160 hash; - byte digest[RIPEMD160::DIGEST_SIZE]; - - double start = current_time(); - - - for(int i = 0; i < megs; i++) - hash.Update(plain, sizeof(plain)); - - hash.Final(digest); - - double total = current_time() - start; - - double persec = 1 / total * megs; - - printf("RIPEMD %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); -} - -RandomNumberGenerator rng; - -void bench_rsa() -{ - const int times = 100; - - Source source; - FileSource("./rsa1024.der", source); - - if (source.size() == 0) { - printf("can't find ./rsa1024.der\n"); - return; - } - RSA_PrivateKey priv(source); - RSAES_Encryptor enc(priv); - - byte message[] = "Everyone gets Friday off."; - byte cipher[128]; // for 1024 bit - byte plain[128]; // for 1024 bit - const int len = (word32)strlen((char*)message); - - int i; - double start = current_time(); - - for (i = 0; i < times; i++) - enc.Encrypt(message, len, cipher, rng); - - double total = current_time() - start; - double each = total / times; // per second - double milliEach = each * 1000; // milliseconds - - printf("RSA 1024 encryption took %6.2f milliseconds, avg over %d" - " iterations\n", milliEach, times); - - RSAES_Decryptor dec(priv); - - start = current_time(); - - for (i = 0; i < times; i++) - dec.Decrypt(cipher, 128, plain, rng); - - total = current_time() - start; - each = total / times; // per second - milliEach = each * 1000; // milliseconds - - printf("RSA 1024 decryption took %6.2f milliseconds, avg over %d" - " iterations\n", milliEach, times); -} - - -void bench_dh() -{ - const int times = 100; - - Source source; - FileSource("./dh1024.der", source); - - if (source.size() == 0) { - printf("can't find ./dh1024.der\n"); - return; - } - DH dh(source); - - byte pub[128]; // for 1024 bit - byte priv[128]; // for 1024 bit - - int i; - double start = current_time(); - - for (i = 0; i < times; i++) - dh.GenerateKeyPair(rng, priv, pub); - - double total = current_time() - start; - double each = total / times; // per second - double milliEach = each * 1000; // milliseconds - - printf("DH 1024 key generation %6.2f milliseconds, avg over %d" - " iterations\n", milliEach, times); - - DH dh2(dh); - byte pub2[128]; // for 1024 bit - byte priv2[128]; // for 1024 bit - dh2.GenerateKeyPair(rng, priv2, pub2); - unsigned char key[256]; - - start = current_time(); - - for (i = 0; i < times; i++) - dh.Agree(key, priv, pub2); - - total = current_time() - start; - each = total / times; // per second - milliEach = each * 1000; // in milliseconds - - printf("DH 1024 key agreement %6.2f milliseconds, avg over %d" - " iterations\n", milliEach, times); -} - -void bench_dsa() -{ - const int times = 100; - - Source source; - FileSource("./dsa1024.der", source); - - if (source.size() == 0) { - printf("can't find ./dsa1024.der\n"); - return; - } - - DSA_PrivateKey key(source); - DSA_Signer signer(key); - - SHA sha; - byte digest[SHA::DIGEST_SIZE]; - byte signature[40]; - const char msg[] = "this is the message"; - sha.Update((byte*)msg, sizeof(msg)); - sha.Final(digest); - - int i; - double start = current_time(); - - for (i = 0; i < times; i++) - signer.Sign(digest, signature, rng); - - double total = current_time() - start; - double each = total / times; // per second - double milliEach = each * 1000; // milliseconds - - printf("DSA 1024 sign took %6.2f milliseconds, avg over %d" - " iterations\n", milliEach, times); - - DSA_Verifier verifier(key); - - start = current_time(); - - for (i = 0; i < times; i++) - verifier.Verify(digest, signature); - - total = current_time() - start; - each = total / times; // per second - milliEach = each * 1000; // in milliseconds - - printf("DSA 1024 verify took %6.2f milliseconds, avg over %d" - " iterations\n", milliEach, times); -} - - - -#ifdef _WIN32 - - #define WIN32_LEAN_AND_MEAN - #include <windows.h> - - double current_time() - { - static bool init(false); - static LARGE_INTEGER freq; - - if (!init) { - QueryPerformanceFrequency(&freq); - init = true; - } - - LARGE_INTEGER count; - QueryPerformanceCounter(&count); - - return static_cast<double>(count.QuadPart) / freq.QuadPart; - } - -#else - - #include <sys/time.h> - - double current_time() - { - struct timeval tv; - gettimeofday(&tv, 0); - - return static_cast<double>(tv.tv_sec) - + static_cast<double>(tv.tv_usec) / 1000000; - } - -#endif // _WIN32 diff --git a/extra/yassl/taocrypt/benchmark/benchmark.dsp b/extra/yassl/taocrypt/benchmark/benchmark.dsp deleted file mode 100644 index 449299a1c8d..00000000000 --- a/extra/yassl/taocrypt/benchmark/benchmark.dsp +++ /dev/null @@ -1,101 +0,0 @@ -# Microsoft Developer Studio Project File - Name="benchmark" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Console Application" 0x0103 - -CFG=benchmark - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "benchmark.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "benchmark.mak" CFG="benchmark - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "benchmark - Win32 Release" (based on "Win32 (x86) Console Application") -!MESSAGE "benchmark - Win32 Debug" (based on "Win32 (x86) Console Application") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "benchmark - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "benchmark___Win32_Release" -# PROP BASE Intermediate_Dir "benchmark___Win32_Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MT /W3 /GX /O2 /I "..\include" /I "..\mySTL" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 - -!ELSEIF "$(CFG)" == "benchmark - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "benchmark___Win32_Debug" -# PROP BASE Intermediate_Dir "benchmark___Win32_Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c -# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /I "..\include" /I "..\mySTL" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept - -!ENDIF - -# Begin Target - -# Name "benchmark - Win32 Release" -# Name "benchmark - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=.\benchmark.cpp -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" -# End Group -# End Target -# End Project diff --git a/extra/yassl/taocrypt/benchmark/dh1024.der b/extra/yassl/taocrypt/benchmark/dh1024.der Binary files differdeleted file mode 100644 index 09f81ee14c1..00000000000 --- a/extra/yassl/taocrypt/benchmark/dh1024.der +++ /dev/null diff --git a/extra/yassl/taocrypt/benchmark/dsa1024.der b/extra/yassl/taocrypt/benchmark/dsa1024.der Binary files differdeleted file mode 100644 index 3a6dfca4b8f..00000000000 --- a/extra/yassl/taocrypt/benchmark/dsa1024.der +++ /dev/null diff --git a/extra/yassl/taocrypt/benchmark/make.bat b/extra/yassl/taocrypt/benchmark/make.bat deleted file mode 100755 index 8f445986c7e..00000000000 --- a/extra/yassl/taocrypt/benchmark/make.bat +++ /dev/null @@ -1,24 +0,0 @@ -REM Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. -REM -REM This program is free software; you can redistribute it and/or modify -REM it under the terms of the GNU General Public License as published by -REM the Free Software Foundation; version 2 of the License. -REM -REM This program is distributed in the hope that it will be useful, -REM but WITHOUT ANY WARRANTY; without even the implied warranty of -REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -REM GNU General Public License for more details. -REM -REM You should have received a copy of the GNU General Public License -REM along with this program; if not, write to the Free Software -REM Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA - -REM quick and dirty build file for testing different MSDEVs -setlocal - -set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2 - -cl %myFLAGS% benchmark.cpp - -link.exe /out:benchmark.exe ../src/taocrypt.lib benchmark.obj advapi32.lib - diff --git a/extra/yassl/taocrypt/benchmark/rsa1024.der b/extra/yassl/taocrypt/benchmark/rsa1024.der Binary files differdeleted file mode 100644 index 5ba3fbe6c9c..00000000000 --- a/extra/yassl/taocrypt/benchmark/rsa1024.der +++ /dev/null diff --git a/extra/yassl/taocrypt/certs/client-cert.der b/extra/yassl/taocrypt/certs/client-cert.der Binary files differdeleted file mode 100644 index 9c2ef138bf6..00000000000 --- a/extra/yassl/taocrypt/certs/client-cert.der +++ /dev/null diff --git a/extra/yassl/taocrypt/certs/client-key.der b/extra/yassl/taocrypt/certs/client-key.der Binary files differdeleted file mode 100644 index 649406c4417..00000000000 --- a/extra/yassl/taocrypt/certs/client-key.der +++ /dev/null diff --git a/extra/yassl/taocrypt/certs/dh1024.dat b/extra/yassl/taocrypt/certs/dh1024.dat deleted file mode 100644 index 86a95518278..00000000000 --- a/extra/yassl/taocrypt/certs/dh1024.dat +++ /dev/null @@ -1 +0,0 @@ -30818702818100DA9A18547FF03B385CC16508C173A7EF4EB61CB40EF8FEF3B31F145051676166BCDC3FE6B799FC394D08C26385F9413F896E09117E46209D6923602683CEA100924A6EE695281775C619DAA94EA8CB3691B4275B0183F1D39639EBC92995FE645D6C1BC28D409E585549BBD2C5DCDD6C208B04EADD8B7A6D997F72CBAD88390F020102
\ No newline at end of file diff --git a/extra/yassl/taocrypt/certs/dsa512.der b/extra/yassl/taocrypt/certs/dsa512.der Binary files differdeleted file mode 100644 index 027bedeffb1..00000000000 --- a/extra/yassl/taocrypt/certs/dsa512.der +++ /dev/null diff --git a/extra/yassl/taocrypt/include/aes.hpp b/extra/yassl/taocrypt/include/aes.hpp deleted file mode 100644 index 191f294b2b5..00000000000 --- a/extra/yassl/taocrypt/include/aes.hpp +++ /dev/null @@ -1,155 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* aes.hpp defines AES -*/ - - -#ifndef TAO_CRYPT_AES_HPP -#define TAO_CRYPT_AES_HPP - -#include "misc.hpp" -#include "modes.hpp" - - -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_AES_ASM -#endif - - - -namespace TaoCrypt { - - -enum { AES_BLOCK_SIZE = 16 }; - - -// AES encryption and decryption, see FIPS-197 -class AES : public Mode_BASE { -public: - enum { BLOCK_SIZE = AES_BLOCK_SIZE }; - - AES(CipherDir DIR, Mode MODE) - : Mode_BASE(BLOCK_SIZE, DIR, MODE) {} - -#ifdef DO_AES_ASM - void Process(byte*, const byte*, word32); -#endif - void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION); - void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); } -private: - static const word32 rcon_[]; - - word32 rounds_; - word32 key_[60]; // max size - - static const word32 Te[5][256]; - static const word32 Td[5][256]; - static const byte CTd4[256]; - - static const word32* Te0; - static const word32* Te1; - static const word32* Te2; - static const word32* Te3; - static const word32* Te4; - - static const word32* Td0; - static const word32* Td1; - static const word32* Td2; - static const word32* Td3; - static const word32* Td4; - - void encrypt(const byte*, const byte*, byte*) const; - void AsmEncrypt(const byte*, byte*, void*) const; - void decrypt(const byte*, const byte*, byte*) const; - void AsmDecrypt(const byte*, byte*, void*) const; - - void ProcessAndXorBlock(const byte*, const byte*, byte*) const; - - word32 PreFetchTe() const; - word32 PreFetchTd() const; - word32 PreFetchCTd4() const; - - AES(const AES&); // hide copy - AES& operator=(const AES&); // and assign -}; - - -#if defined(__x86_64__) || defined(_M_X64) || \ - (defined(__ILP32__) && (__ILP32__ >= 1)) - #define TC_CACHE_LINE_SZ 64 -#else - /* default cache line size */ - #define TC_CACHE_LINE_SZ 32 -#endif - -inline word32 AES::PreFetchTe() const -{ - word32 x = 0; - - /* 4 tables of 256 entries */ - for (int i = 0; i < 4; i++) { - /* each entry is 4 bytes */ - for (int j = 0; j < 256; j += TC_CACHE_LINE_SZ/4) { - x &= Te[i][j]; - } - } - - return x; -} - - -inline word32 AES::PreFetchTd() const -{ - word32 x = 0; - - /* 4 tables of 256 entries */ - for (int i = 0; i < 4; i++) { - /* each entry is 4 bytes */ - for (int j = 0; j < 256; j += TC_CACHE_LINE_SZ/4) { - x &= Td[i][j]; - } - } - - return x; -} - - -inline word32 AES::PreFetchCTd4() const -{ - word32 x = 0; - int i; - - for (i = 0; i < 256; i += TC_CACHE_LINE_SZ) { - x &= CTd4[i]; - } - - return x; -} - - -typedef BlockCipher<ENCRYPTION, AES, ECB> AES_ECB_Encryption; -typedef BlockCipher<DECRYPTION, AES, ECB> AES_ECB_Decryption; - -typedef BlockCipher<ENCRYPTION, AES, CBC> AES_CBC_Encryption; -typedef BlockCipher<DECRYPTION, AES, CBC> AES_CBC_Decryption; - - -} // naemspace - -#endif // TAO_CRYPT_AES_HPP diff --git a/extra/yassl/taocrypt/include/algebra.hpp b/extra/yassl/taocrypt/include/algebra.hpp deleted file mode 100644 index b216e5cccca..00000000000 --- a/extra/yassl/taocrypt/include/algebra.hpp +++ /dev/null @@ -1,227 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* based on Wei Dai's algebra.h from CryptoPP */ - -#ifndef TAO_CRYPT_ALGEBRA_HPP -#define TAO_CRYPT_ALGEBRA_HPP - -#include "integer.hpp" - -namespace TaoCrypt { - - -// "const Element&" returned by member functions are references -// to internal data members. Since each object may have only -// one such data member for holding results, the following code -// will produce incorrect results: -// abcd = group.Add(group.Add(a,b), group.Add(c,d)); -// But this should be fine: -// abcd = group.Add(a, group.Add(b, group.Add(c,d)); - -// Abstract Group -class TAOCRYPT_NO_VTABLE AbstractGroup : public virtual_base -{ -public: - typedef Integer Element; - - virtual ~AbstractGroup() {} - - virtual bool Equal(const Element &a, const Element &b) const =0; - virtual const Element& Identity() const =0; - virtual const Element& Add(const Element &a, const Element &b) const =0; - virtual const Element& Inverse(const Element &a) const =0; - virtual bool InversionIsFast() const {return false;} - - virtual const Element& Double(const Element &a) const; - virtual const Element& Subtract(const Element &a, const Element &b) const; - virtual Element& Accumulate(Element &a, const Element &b) const; - virtual Element& Reduce(Element &a, const Element &b) const; - - virtual Element ScalarMultiply(const Element &a, const Integer &e) const; - virtual Element CascadeScalarMultiply(const Element &x, const Integer &e1, - const Element &y, const Integer &e2) const; - - virtual void SimultaneousMultiply(Element *results, const Element &base, - const Integer *exponents, unsigned int exponentsCount) const; -}; - -// Abstract Ring -class TAOCRYPT_NO_VTABLE AbstractRing : public AbstractGroup -{ -public: - typedef Integer Element; - - AbstractRing() : AbstractGroup() {m_mg.m_pRing = this;} - AbstractRing(const AbstractRing &source) : AbstractGroup() - {m_mg.m_pRing = this;} - AbstractRing& operator=(const AbstractRing &source) {return *this;} - - virtual bool IsUnit(const Element &a) const =0; - virtual const Element& MultiplicativeIdentity() const =0; - virtual const Element& Multiply(const Element&, const Element&) const =0; - virtual const Element& MultiplicativeInverse(const Element &a) const =0; - - virtual const Element& Square(const Element &a) const; - virtual const Element& Divide(const Element &a, const Element &b) const; - - virtual Element Exponentiate(const Element &a, const Integer &e) const; - virtual Element CascadeExponentiate(const Element &x, const Integer &e1, - const Element &y, const Integer &e2) const; - - virtual void SimultaneousExponentiate(Element *results, const Element&, - const Integer *exponents, unsigned int exponentsCount) const; - - virtual const AbstractGroup& MultiplicativeGroup() const - {return m_mg;} - -private: - class MultiplicativeGroupT : public AbstractGroup - { - public: - const AbstractRing& GetRing() const - {return *m_pRing;} - - bool Equal(const Element &a, const Element &b) const - {return GetRing().Equal(a, b);} - - const Element& Identity() const - {return GetRing().MultiplicativeIdentity();} - - const Element& Add(const Element &a, const Element &b) const - {return GetRing().Multiply(a, b);} - - Element& Accumulate(Element &a, const Element &b) const - {return a = GetRing().Multiply(a, b);} - - const Element& Inverse(const Element &a) const - {return GetRing().MultiplicativeInverse(a);} - - const Element& Subtract(const Element &a, const Element &b) const - {return GetRing().Divide(a, b);} - - Element& Reduce(Element &a, const Element &b) const - {return a = GetRing().Divide(a, b);} - - const Element& Double(const Element &a) const - {return GetRing().Square(a);} - - Element ScalarMultiply(const Element &a, const Integer &e) const - {return GetRing().Exponentiate(a, e);} - - Element CascadeScalarMultiply(const Element &x, const Integer &e1, - const Element &y, const Integer &e2) const - {return GetRing().CascadeExponentiate(x, e1, y, e2);} - - void SimultaneousMultiply(Element *results, const Element &base, - const Integer *exponents, unsigned int exponentsCount) const - {GetRing().SimultaneousExponentiate(results, base, exponents, - exponentsCount);} - - const AbstractRing* m_pRing; - }; - - MultiplicativeGroupT m_mg; -}; - - -// Abstract Euclidean Domain -class TAOCRYPT_NO_VTABLE AbstractEuclideanDomain - : public AbstractRing -{ -public: - typedef Integer Element; - - virtual void DivisionAlgorithm(Element &r, Element &q, const Element &a, - const Element &d) const =0; - - virtual const Element& Mod(const Element &a, const Element &b) const =0; - virtual const Element& Gcd(const Element &a, const Element &b) const; - -protected: - mutable Element result; -}; - - -// EuclideanDomainOf -class EuclideanDomainOf : public AbstractEuclideanDomain -{ -public: - typedef Integer Element; - - EuclideanDomainOf() {} - - bool Equal(const Element &a, const Element &b) const - {return a==b;} - - const Element& Identity() const - {return Element::Zero();} - - const Element& Add(const Element &a, const Element &b) const - {return result = a+b;} - - Element& Accumulate(Element &a, const Element &b) const - {return a+=b;} - - const Element& Inverse(const Element &a) const - {return result = -a;} - - const Element& Subtract(const Element &a, const Element &b) const - {return result = a-b;} - - Element& Reduce(Element &a, const Element &b) const - {return a-=b;} - - const Element& Double(const Element &a) const - {return result = a.Doubled();} - - const Element& MultiplicativeIdentity() const - {return Element::One();} - - const Element& Multiply(const Element &a, const Element &b) const - {return result = a*b;} - - const Element& Square(const Element &a) const - {return result = a.Squared();} - - bool IsUnit(const Element &a) const - {return a.IsUnit();} - - const Element& MultiplicativeInverse(const Element &a) const - {return result = a.MultiplicativeInverse();} - - const Element& Divide(const Element &a, const Element &b) const - {return result = a/b;} - - const Element& Mod(const Element &a, const Element &b) const - {return result = a%b;} - - void DivisionAlgorithm(Element &r, Element &q, const Element &a, - const Element &d) const - {Element::Divide(r, q, a, d);} - -private: - mutable Element result; -}; - - - -} // namespace - -#endif // TAO_CRYPT_ALGEBRA_HPP diff --git a/extra/yassl/taocrypt/include/arc4.hpp b/extra/yassl/taocrypt/include/arc4.hpp deleted file mode 100644 index ed6a35e054a..00000000000 --- a/extra/yassl/taocrypt/include/arc4.hpp +++ /dev/null @@ -1,59 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* arc4.hpp defines ARC4 -*/ - - -#ifndef TAO_CRYPT_ARC4_HPP -#define TAO_CRYPT_ARC4_HPP - -#include "misc.hpp" - -namespace TaoCrypt { - - -// ARC4 encryption and decryption -class ARC4 { -public: - enum { STATE_SIZE = 256 }; - - typedef ARC4 Encryption; - typedef ARC4 Decryption; - - ARC4() {} - - void Process(byte*, const byte*, word32); - void SetKey(const byte*, word32); -private: - byte x_; - byte y_; - byte state_[STATE_SIZE]; - - ARC4(const ARC4&); // hide copy - const ARC4 operator=(const ARC4&); // and assign - - void AsmProcess(byte*, const byte*, word32); -}; - -} // namespace - - -#endif // TAO_CRYPT_ARC4_HPP - diff --git a/extra/yassl/taocrypt/include/asn.hpp b/extra/yassl/taocrypt/include/asn.hpp deleted file mode 100644 index e8a8820ed1a..00000000000 --- a/extra/yassl/taocrypt/include/asn.hpp +++ /dev/null @@ -1,392 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* asn.hpp provides ASN1 BER, PublicKey, and x509v3 decoding -*/ - - -#ifndef TAO_CRYPT_ASN_HPP -#define TAO_CRYPT_ASN_HPP - - -#include "misc.hpp" -#include "block.hpp" -#include "error.hpp" -#ifdef USE_SYS_STL - #include <list> -#else - #include "list.hpp" -#endif -#include <time.h> - -namespace STL = STL_NAMESPACE; - - -namespace TaoCrypt { - -// these tags and flags are not complete -enum ASNTag -{ - BOOLEAN = 0x01, - INTEGER = 0x02, - BIT_STRING = 0x03, - OCTET_STRING = 0x04, - TAG_NULL = 0x05, - OBJECT_IDENTIFIER = 0x06, - OBJECT_DESCRIPTOR = 0x07, - EXTERNAL = 0x08, - REAL = 0x09, - ENUMERATED = 0x0a, - UTF8_STRING = 0x0c, - SEQUENCE = 0x10, - SET = 0x11, - NUMERIC_STRING = 0x12, - PRINTABLE_STRING = 0x13, - T61_STRING = 0x14, - VIDEOTEXT_STRING = 0x15, - IA5_STRING = 0x16, - UTC_TIME = 0x17, - GENERALIZED_TIME = 0x18, - GRAPHIC_STRING = 0x19, - VISIBLE_STRING = 0x1a, - GENERAL_STRING = 0x1b, - LONG_LENGTH = 0x80 -}; - -enum ASNIdFlag -{ - UNIVERSAL = 0x00, - DATA = 0x01, - HEADER = 0x02, - CONSTRUCTED = 0x20, - APPLICATION = 0x40, - CONTEXT_SPECIFIC = 0x80, - PRIVATE = 0xc0 -}; - - -enum DNTags -{ - COMMON_NAME = 0x03, // CN - SUR_NAME = 0x04, // SN - COUNTRY_NAME = 0x06, // C - LOCALITY_NAME = 0x07, // L - STATE_NAME = 0x08, // ST - ORG_NAME = 0x0a, // O - ORGUNIT_NAME = 0x0b // OU -}; - - -enum PCKS12_Tags -{ - /* DATA = 1, */ // from ASN1 - SIGNED_DATA = 2, - ENVELOPED_DATA = 3, - SIGNED_AND_ENVELOPED_DATA = 4, - DIGESTED_DATA = 5, - ENCRYPTED_DATA = 6 -}; - - -enum Constants -{ - MIN_DATE_SZ = 13, - MAX_DATE_SZ = 16, - MAX_ALGO_SZ = 16, - MAX_LENGTH_SZ = 5, - MAX_SEQ_SZ = 5, // enum(seq|con) + length(4) - MAX_ALGO_SIZE = 9, - MAX_DIGEST_SZ = 69, // SHA512 + enum(Bit or Octet) + length(4) - DSA_SIG_SZ = 40, - ASN_NAME_MAX = 512 // max total of all included names -}; - - -class Source; -class RSA_PublicKey; -class RSA_PrivateKey; -class DSA_PublicKey; -class DSA_PrivateKey; -class Integer; -class DH; - - -// General BER decoding -class BER_Decoder : public virtual_base { -protected: - Source& source_; -public: - explicit BER_Decoder(Source& s) : source_(s) {} - virtual ~BER_Decoder() {} - - Integer& GetInteger(Integer&); - word32 GetSequence(); - word32 GetSet(); - word32 GetVersion(); - word32 GetExplicitVersion(); - - Error GetError(); -private: - virtual void ReadHeader() = 0; - - BER_Decoder(const BER_Decoder&); // hide copy - BER_Decoder& operator=(const BER_Decoder&); // and assign -}; - - -// RSA Private Key BER Decoder -class RSA_Private_Decoder : public BER_Decoder { -public: - explicit RSA_Private_Decoder(Source& s) : BER_Decoder(s) {} - void Decode(RSA_PrivateKey&); -private: - void ReadHeader(); -}; - - -// RSA Public Key BER Decoder -class RSA_Public_Decoder : public BER_Decoder { -public: - explicit RSA_Public_Decoder(Source& s) : BER_Decoder(s) {} - void Decode(RSA_PublicKey&); -private: - void ReadHeader(); - void ReadHeaderOpenSSL(); -}; - - -// DSA Private Key BER Decoder -class DSA_Private_Decoder : public BER_Decoder { -public: - explicit DSA_Private_Decoder(Source& s) : BER_Decoder(s) {} - void Decode(DSA_PrivateKey&); -private: - void ReadHeader(); -}; - - -// DSA Public Key BER Decoder -class DSA_Public_Decoder : public BER_Decoder { -public: - explicit DSA_Public_Decoder(Source& s) : BER_Decoder(s) {} - void Decode(DSA_PublicKey&); -private: - void ReadHeader(); -}; - - -// DH Key BER Decoder -class DH_Decoder : public BER_Decoder { -public: - explicit DH_Decoder(Source& s) : BER_Decoder(s) {} - void Decode(DH&); -private: - void ReadHeader(); -}; - - -// PKCS12 BER Decoder -class PKCS12_Decoder : public BER_Decoder { -public: - explicit PKCS12_Decoder(Source& s) : BER_Decoder(s) {} - void Decode(); -private: - void ReadHeader(); -}; - - -// General PublicKey -class PublicKey { - byte* key_; - word32 sz_; -public: - explicit PublicKey(const byte* k = 0, word32 s = 0); - ~PublicKey() { tcArrayDelete(key_); } - - const byte* GetKey() const { return key_; } - word32 size() const { return sz_; } - - void SetKey(const byte*); - void SetSize(word32 s); - - void AddToEnd(const byte*, word32); -private: - PublicKey(const PublicKey&); // hide copy - PublicKey& operator=(const PublicKey&); // and assign -}; - - -enum { SHA_SIZE = 20 }; - - -// A Signing Authority -class Signer { - PublicKey key_; - char name_[ASN_NAME_MAX]; - byte hash_[SHA_SIZE]; -public: - Signer(const byte* k, word32 kSz, const char* n, const byte* h); - ~Signer(); - - const PublicKey& GetPublicKey() const { return key_; } - const char* GetName() const { return name_; } - const byte* GetHash() const { return hash_; } - -private: - Signer(const Signer&); // hide copy - Signer& operator=(const Signer&); // and assign -}; - - -typedef STL::list<Signer*> SignerList; - - -enum ContentType { HUH = 651 }; -enum SigType { SHAwDSA = 517, MD2wRSA = 646, MD5wRSA = 648, SHAwRSA = 649, - SHA256wRSA = 655, SHA384wRSA = 656, SHA512wRSA = 657, - SHA256wDSA = 416 }; -enum HashType { MD2h = 646, MD5h = 649, SHAh = 88, SHA256h = 414, SHA384h = 415, - SHA512h = 416 }; -enum KeyType { DSAk = 515, RSAk = 645 }; // sums of algo OID - - -// an x509v Certificate BER Decoder -class CertDecoder : public BER_Decoder { -public: - enum DateType { BEFORE, AFTER }; - enum NameType { ISSUER, SUBJECT }; - enum CertType { CA, USER }; - - explicit CertDecoder(Source&, bool decode = true, SignerList* sl = 0, - bool noVerify = false, CertType ct = USER); - ~CertDecoder(); - - const PublicKey& GetPublicKey() const { return key_; } - KeyType GetKeyType() const { return KeyType(keyOID_); } - const char* GetIssuer() const { return issuer_; } - const char* GetCommonName() const { return subject_; } - const byte* GetHash() const { return subjectHash_; } - const char* GetBeforeDate() const { return beforeDate_; } - byte GetBeforeDateType() const { return beforeDateType_; } - const char* GetAfterDate() const { return afterDate_; } - byte GetAfterDateType() const { return afterDateType_; } - int GetSubjectCnStart() const { return subCnPos_; } - int GetIssuerCnStart() const { return issCnPos_; } - int GetSubjectCnLength() const { return subCnLen_; } - int GetIssuerCnLength() const { return issCnLen_; } - - void DecodeToKey(); -private: - PublicKey key_; - word32 certBegin_; // offset to start of cert - word32 sigIndex_; // offset to start of signature - word32 sigLength_; // length of signature - word32 signatureOID_; // sum of algorithm object id - word32 keyOID_; // sum of key algo object id - int subCnPos_; // subject common name start, -1 is none - int subCnLen_; // length of above - int issCnPos_; // issuer common name start, -1 is none - int issCnLen_; // length of above - byte subjectHash_[SHA_SIZE]; // hash of all Names - byte issuerHash_[SHA_SIZE]; // hash of all Names - byte* signature_; - char issuer_[ASN_NAME_MAX]; // Names - char subject_[ASN_NAME_MAX]; // Names - char beforeDate_[MAX_DATE_SZ+1]; // valid before date, +null term - byte beforeDateType_; // beforeDate time type - char afterDate_[MAX_DATE_SZ+1]; // valid after date, +null term - byte afterDateType_; // afterDate time type - bool verify_; // Default to yes, but could be off - - void ReadHeader(); - void Decode(SignerList*, CertType); - void StoreKey(); - void AddDSA(); - bool ValidateSelfSignature(); - bool ValidateSignature(SignerList*); - bool ConfirmSignature(Source&); - void GetKey(); - char* AddTag(char*, const char*, const char*, word32, word32); - void GetName(NameType); - void GetValidity(); - void GetDate(DateType); - void GetCompareHash(const byte*, word32, byte*, word32); - word32 GetAlgoId(); - word32 GetSignature(); - word32 GetDigest(); -}; - - -word32 GetLength(Source&); - -word32 SetLength(word32, byte*); -word32 SetSequence(word32, byte*); - -word32 EncodeDSA_Signature(const byte* signature, byte* output); -word32 EncodeDSA_Signature(const Integer& r, const Integer& s, byte* output); -word32 DecodeDSA_Signature(byte* decoded, const byte* encoded, word32 sz); - - -// General DER encoding -class DER_Encoder : public virtual_base { -public: - DER_Encoder() {} - virtual ~DER_Encoder() {} - - word32 SetAlgoID(HashType, byte*); - - Error GetError() const { return error_; } -private: - //virtual void WriteHeader() = 0; - Error error_; - - DER_Encoder(const DER_Encoder&); // hide copy - DER_Encoder& operator=(const DER_Encoder&); // and assign -}; - - - -class Signature_Encoder : public DER_Encoder { - const byte* digest_; - word32 digestSz_; - SigType digestOID_; -public: - explicit Signature_Encoder(const byte*, word32, HashType, Source&); - -private: - void WriteHeader(); - word32 SetDigest(const byte*, word32, byte*); - - Signature_Encoder(const Signature_Encoder&); // hide copy - Signature_Encoder& operator=(const Signature_Encoder&); // and assign -}; - - -// Get Cert in PEM format from BEGIN to END -int GetCert(Source&); - -// Get Cert in PEM format from pkcs12 file -int GetPKCS_Cert(const char* password, Source&); - -void ASN1_TIME_extract(const unsigned char* date, unsigned char format, - tm *parsed_time); - -} // namespace - - -#endif // TAO_CRYPT_ASN_HPP diff --git a/extra/yassl/taocrypt/include/block.hpp b/extra/yassl/taocrypt/include/block.hpp deleted file mode 100644 index b5958a06955..00000000000 --- a/extra/yassl/taocrypt/include/block.hpp +++ /dev/null @@ -1,203 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* block.hpp provides word and byte blocks with configurable allocators -*/ - - -#ifndef TAO_CRYPT_BLOCK_HPP -#define TAO_CRYPT_BLOCK_HPP - -#include "misc.hpp" -#include <string.h> // memcpy -#include <stddef.h> // ptrdiff_t - -#ifdef USE_SYS_STL - #include <algorithm> -#else - #include "algorithm.hpp" -#endif - - -namespace STL = STL_NAMESPACE; - - -namespace TaoCrypt { - - -// a Base class for Allocators -template<class T> -class AllocatorBase -{ -public: - typedef T value_type; - typedef size_t size_type; - typedef ptrdiff_t difference_type; - typedef T* pointer; - typedef const T* const_pointer; - typedef T& reference; - typedef const T& const_reference; - - pointer address(reference r) const {return (&r);} - const_pointer address(const_reference r) const {return (&r); } - void construct(pointer p, const T& val) {new (p) T(val);} - void destroy(pointer p) {p->~T();} - size_type max_size() const {return ~size_type(0)/sizeof(T);} -protected: -}; - - -// General purpose realloc -template<typename T, class A> -typename A::pointer StdReallocate(A& a, T* p, typename A::size_type oldSize, - typename A::size_type newSize, bool preserve) -{ - if (oldSize == newSize) - return p; - - if (preserve) { - A b = A(); - typename A::pointer newPointer = b.allocate(newSize, 0); - memcpy(newPointer, p, sizeof(T) * min(oldSize, newSize)); - a.deallocate(p, oldSize); - STL::swap(a, b); - return newPointer; - } - else { - a.deallocate(p, oldSize); - return a.allocate(newSize, 0); - } -} - - -// Allocator that zeros out memory on deletion -template <class T> -class AllocatorWithCleanup : public AllocatorBase<T> -{ -public: - typedef typename AllocatorBase<T>::pointer pointer; - typedef typename AllocatorBase<T>::size_type size_type; - - pointer allocate(size_type n, const void* = 0) - { - if (n > this->max_size()) - return 0; - if (n == 0) - return 0; - return NEW_TC T[n]; - } - - void deallocate(void* p, size_type n) - { - memset(p, 0, n * sizeof(T)); - tcArrayDelete((T*)p); - } - - pointer reallocate(T* p, size_type oldSize, size_type newSize, - bool preserve) - { - return StdReallocate(*this, p, oldSize, newSize, preserve); - } - - // VS.NET STL enforces the policy of "All STL-compliant allocators have to - // provide a template class member called rebind". - template <class U> struct rebind { typedef AllocatorWithCleanup<U> other;}; -}; - - -// Block class template -template<typename T, class A = AllocatorWithCleanup<T> > -class Block { -public: - explicit Block(word32 s = 0) : sz_(s), buffer_(allocator_.allocate(sz_)) - { CleanNew(sz_); } - - Block(const T* buff, word32 s) : sz_(s), buffer_(allocator_.allocate(sz_)) - { memcpy(buffer_, buff, sz_ * sizeof(T)); } - - Block(const Block& that) : sz_(that.sz_), buffer_(allocator_.allocate(sz_)) - { memcpy(buffer_, that.buffer_, sz_ * sizeof(T)); } - - Block& operator=(const Block& that) { - Block tmp(that); - Swap(tmp); - return *this; - } - - T& operator[] (word32 i) { return buffer_[i]; } - const T& operator[] (word32 i) const { return buffer_[i]; } - - T* operator+ (word32 i) { return buffer_ + i; } - const T* operator+ (word32 i) const { return buffer_ + i; } - - word32 size() const { return sz_; } - - T* get_buffer() const { return buffer_; } - T* begin() const { return get_buffer(); } - - void CleanGrow(word32 newSize) - { - if (newSize > sz_) { - buffer_ = allocator_.reallocate(buffer_, sz_, newSize, true); - memset(buffer_ + sz_, 0, (newSize - sz_) * sizeof(T)); - sz_ = newSize; - } - } - - void CleanNew(word32 newSize) - { - New(newSize); - if (sz_ > 0) - memset(buffer_, 0, sz_ * sizeof(T)); - } - - void New(word32 newSize) - { - buffer_ = allocator_.reallocate(buffer_, sz_, newSize, false); - sz_ = newSize; - } - - void resize(word32 newSize) - { - buffer_ = allocator_.reallocate(buffer_, sz_, newSize, true); - sz_ = newSize; - } - - void Swap(Block& other) { - STL::swap(sz_, other.sz_); - STL::swap(buffer_, other.buffer_); - STL::swap(allocator_, other.allocator_); - } - - ~Block() { allocator_.deallocate(buffer_, sz_); } -private: - A allocator_; - word32 sz_; // size in Ts - T* buffer_; -}; - - -typedef Block<byte> ByteBlock; -typedef Block<word> WordBlock; -typedef Block<word32> Word32Block; - - -} // namespace - -#endif // TAO_CRYPT_BLOCK_HPP diff --git a/extra/yassl/taocrypt/include/blowfish.hpp b/extra/yassl/taocrypt/include/blowfish.hpp deleted file mode 100644 index 74ea7f99480..00000000000 --- a/extra/yassl/taocrypt/include/blowfish.hpp +++ /dev/null @@ -1,88 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* blowfish.hpp defines Blowfish -*/ - - -#ifndef TAO_CRYPT_BLOWFISH_HPP -#define TAO_CRYPT_BLOWFISH_HPP - -#include "misc.hpp" -#include "modes.hpp" -#ifdef USE_SYS_STL - #include <algorithm> -#else - #include "algorithm.hpp" -#endif - - -namespace STL = STL_NAMESPACE; - - -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_BLOWFISH_ASM -#endif - - -namespace TaoCrypt { - -enum { BLOWFISH_BLOCK_SIZE = 8 }; - - -// Blowfish encryption and decryption, see -class Blowfish : public Mode_BASE { -public: - enum { BLOCK_SIZE = BLOWFISH_BLOCK_SIZE, ROUNDS = 16 }; - - Blowfish(CipherDir DIR, Mode MODE) - : Mode_BASE(BLOCK_SIZE, DIR, MODE), sbox_(pbox_ + ROUNDS + 2) {} - -#ifdef DO_BLOWFISH_ASM - void Process(byte*, const byte*, word32); -#endif - void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION); - void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); } -private: - static const word32 p_init_[ROUNDS + 2]; - static const word32 s_init_[4 * 256]; - - word32 pbox_[ROUNDS + 2 + 4 * 256]; - word32* sbox_; - - void crypt_block(const word32 in[2], word32 out[2]) const; - void AsmProcess(const byte* in, byte* out) const; - void ProcessAndXorBlock(const byte*, const byte*, byte*) const; - - Blowfish(const Blowfish&); // hide copy - Blowfish& operator=(const Blowfish&); // and assign -}; - - -typedef BlockCipher<ENCRYPTION, Blowfish, ECB> Blowfish_ECB_Encryption; -typedef BlockCipher<DECRYPTION, Blowfish, ECB> Blowfish_ECB_Decryption; - -typedef BlockCipher<ENCRYPTION, Blowfish, CBC> Blowfish_CBC_Encryption; -typedef BlockCipher<DECRYPTION, Blowfish, CBC> Blowfish_CBC_Decryption; - - - -} // namespace - -#endif // TAO_CRYPT_BLOWFISH_HPP - diff --git a/extra/yassl/taocrypt/include/coding.hpp b/extra/yassl/taocrypt/include/coding.hpp deleted file mode 100644 index 758ac452673..00000000000 --- a/extra/yassl/taocrypt/include/coding.hpp +++ /dev/null @@ -1,92 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* coding.hpp defines hex and base64 encoding/decoing -*/ - -#ifndef TAO_CRYPT_CODING_HPP -#define TAO_CRYPT_CODING_HPP - -#include "misc.hpp" -#include "block.hpp" - -namespace TaoCrypt { - -class Source; - - -// Hex Encoding, see RFC 3548 -class HexEncoder { - ByteBlock encoded_; - Source& plain_; -public: - explicit HexEncoder(Source& s) : plain_(s) { Encode(); } -private: - void Encode(); - - HexEncoder(const HexEncoder&); // hide copy - HexEncoder& operator=(const HexEncoder&); // and assign -}; - - -// Hex Decoding, see RFC 3548 -class HexDecoder { - ByteBlock decoded_; - Source& coded_; -public: - explicit HexDecoder(Source& s) : coded_(s) { Decode(); } -private: - void Decode(); - - HexDecoder(const HexDecoder&); // hide copy - HexDecoder& operator=(const HexDecoder&); // and assign -}; - - -// Base 64 encoding, see RFC 3548 -class Base64Encoder { - ByteBlock encoded_; - Source& plain_; -public: - explicit Base64Encoder(Source& s) : plain_(s) { Encode(); } -private: - void Encode(); - - Base64Encoder(const Base64Encoder&); // hide copy - Base64Encoder& operator=(const Base64Encoder&); // and assign -}; - - -// Base 64 decoding, see RFC 3548 -class Base64Decoder { - ByteBlock decoded_; - Source& coded_; -public: - explicit Base64Decoder(Source& s) : coded_(s) { Decode(); } -private: - void Decode(); - - Base64Decoder(const Base64Decoder&); // hide copy - Base64Decoder& operator=(const Base64Decoder&); // and assign -}; - - -} // namespace - -#endif // TAO_CRYPT_CODING_HPP diff --git a/extra/yassl/taocrypt/include/des.hpp b/extra/yassl/taocrypt/include/des.hpp deleted file mode 100644 index 074cc80d3dd..00000000000 --- a/extra/yassl/taocrypt/include/des.hpp +++ /dev/null @@ -1,130 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* des.hpp defines DES, DES_EDE2, and DES_EDE3 - see FIPS 46-2 and FIPS 81 -*/ - - -#ifndef TAO_CRYPT_DES_HPP -#define TAO_CRYPT_DES_HPP - -#include "misc.hpp" -#include "modes.hpp" - - -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_DES_ASM -#endif - - -namespace TaoCrypt { - - -enum { DES_BLOCK_SIZE = 8, DES_KEY_SIZE = 32 }; - - -class BasicDES { -public: - void SetKey(const byte*, word32, CipherDir dir); - void RawProcessBlock(word32&, word32&) const; -protected: - word32 k_[DES_KEY_SIZE]; -}; - - -// DES -class DES : public Mode_BASE, public BasicDES { -public: - DES(CipherDir DIR, Mode MODE) - : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {} - -private: - void ProcessAndXorBlock(const byte*, const byte*, byte*) const; - - DES(const DES&); // hide copy - DES& operator=(const DES&); // and assign -}; - - -// DES_EDE2 -class DES_EDE2 : public Mode_BASE { -public: - DES_EDE2(CipherDir DIR, Mode MODE) - : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {} - - void SetKey(const byte*, word32, CipherDir dir); -private: - BasicDES des1_; - BasicDES des2_; - - void ProcessAndXorBlock(const byte*, const byte*, byte*) const; - - DES_EDE2(const DES_EDE2&); // hide copy - DES_EDE2& operator=(const DES_EDE2&); // and assign -}; - - - -// DES_EDE3 -class DES_EDE3 : public Mode_BASE { -public: - DES_EDE3(CipherDir DIR, Mode MODE) - : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {} - - void SetKey(const byte*, word32, CipherDir dir); - void SetIV(const byte* iv) { memcpy(r_, iv, DES_BLOCK_SIZE); } -#ifdef DO_DES_ASM - void Process(byte*, const byte*, word32); -#endif -private: - BasicDES des1_; - BasicDES des2_; - BasicDES des3_; - - void AsmProcess(const byte* in, byte* out, void* box) const; - void ProcessAndXorBlock(const byte*, const byte*, byte*) const; - - DES_EDE3(const DES_EDE3&); // hide copy - DES_EDE3& operator=(const DES_EDE3&); // and assign -}; - - -typedef BlockCipher<ENCRYPTION, DES, ECB> DES_ECB_Encryption; -typedef BlockCipher<DECRYPTION, DES, ECB> DES_ECB_Decryption; - -typedef BlockCipher<ENCRYPTION, DES, CBC> DES_CBC_Encryption; -typedef BlockCipher<DECRYPTION, DES, CBC> DES_CBC_Decryption; - -typedef BlockCipher<ENCRYPTION, DES_EDE2, ECB> DES_EDE2_ECB_Encryption; -typedef BlockCipher<DECRYPTION, DES_EDE2, ECB> DES_EDE2_ECB_Decryption; - -typedef BlockCipher<ENCRYPTION, DES_EDE2, CBC> DES_EDE2_CBC_Encryption; -typedef BlockCipher<DECRYPTION, DES_EDE2, CBC> DES_EDE2_CBC_Decryption; - -typedef BlockCipher<ENCRYPTION, DES_EDE3, ECB> DES_EDE3_ECB_Encryption; -typedef BlockCipher<DECRYPTION, DES_EDE3, ECB> DES_EDE3_ECB_Decryption; - -typedef BlockCipher<ENCRYPTION, DES_EDE3, CBC> DES_EDE3_CBC_Encryption; -typedef BlockCipher<DECRYPTION, DES_EDE3, CBC> DES_EDE3_CBC_Decryption; - - -} // namespace - - -#endif // TAO_CRYPT_DES_HPP diff --git a/extra/yassl/taocrypt/include/dh.hpp b/extra/yassl/taocrypt/include/dh.hpp deleted file mode 100644 index 84c41004107..00000000000 --- a/extra/yassl/taocrypt/include/dh.hpp +++ /dev/null @@ -1,87 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* dh.hpp provides Diffie-Hellman support -*/ - - -#ifndef TAO_CRYPT_DH_HPP -#define TAO_CRYPT_DH_HPP - -#include "misc.hpp" -#include "integer.hpp" - -namespace TaoCrypt { - - -class Source; - - -// Diffie-Hellman -class DH { -public: - DH() {} - DH(Integer& p, Integer& g) : p_(p), g_(g) {} - explicit DH(Source&); - - DH(const DH& that) : p_(that.p_), g_(that.g_) {} - DH& operator=(const DH& that) - { - DH tmp(that); - Swap(tmp); - return *this; - } - - void Swap(DH& other) - { - p_.Swap(other.p_); - g_.Swap(other.g_); - } - - void Initialize(Source&); - void Initialize(Integer& p, Integer& g) - { - SetP(p); - SetG(g); - } - - void GenerateKeyPair(RandomNumberGenerator&, byte*, byte*); - void Agree(byte*, const byte*, const byte*, word32 otherSz = 0); - - void SetP(const Integer& p) { p_ = p; } - void SetG(const Integer& g) { g_ = g; } - - Integer& GetP() { return p_; } - Integer& GetG() { return g_; } - - // for p and agree - word32 GetByteLength() const { return p_.ByteCount(); } -private: - // group parms - Integer p_; - Integer g_; - - void GeneratePrivate(RandomNumberGenerator&, byte*); - void GeneratePublic(const byte*, byte*); -}; - - -} // namespace - -#endif // TAO_CRYPT_DH_HPP diff --git a/extra/yassl/taocrypt/include/dsa.hpp b/extra/yassl/taocrypt/include/dsa.hpp deleted file mode 100644 index e35b56a1d91..00000000000 --- a/extra/yassl/taocrypt/include/dsa.hpp +++ /dev/null @@ -1,127 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* dsa.hpp provides Digitial Signautre Algorithm see FIPS 186-2 -*/ - -#ifndef TAO_CRYPT_DSA_HPP -#define TAO_CRYPT_DSA_HPP - -#include "integer.hpp" - - -namespace TaoCrypt { - -class Source; - - -class DSA_PublicKey { -protected: - Integer p_; - Integer q_; - Integer g_; - Integer y_; -public: - DSA_PublicKey() {} - explicit DSA_PublicKey(Source&); - - void Initialize(Source&); - void Initialize(const Integer& p, const Integer& q, const Integer& g, - const Integer& y); - - const Integer& GetModulus() const; - const Integer& GetSubGroupOrder() const; - const Integer& GetSubGroupGenerator() const; - const Integer& GetPublicPart() const; - - void SetModulus(const Integer&); - void SetSubGroupOrder(const Integer&); - void SetSubGroupGenerator(const Integer&); - void SetPublicPart(const Integer&); - - word32 SignatureLength() const; - - DSA_PublicKey(const DSA_PublicKey&); - DSA_PublicKey& operator=(const DSA_PublicKey&); - - void Swap(DSA_PublicKey& other); -}; - - - -class DSA_PrivateKey : public DSA_PublicKey { - Integer x_; -public: - DSA_PrivateKey() {} - explicit DSA_PrivateKey(Source&); - - void Initialize(Source&); - void Initialize(const Integer& p, const Integer& q, const Integer& g, - const Integer& y, const Integer& x); - - const Integer& GetPrivatePart() const; - - void SetPrivatePart(const Integer&); -private: - DSA_PrivateKey(const DSA_PrivateKey&); // hide copy - DSA_PrivateKey& operator=(const DSA_PrivateKey&); // and assign -}; - - - -class DSA_Signer { - const DSA_PrivateKey& key_; - Integer r_; - Integer s_; -public: - explicit DSA_Signer(const DSA_PrivateKey&); - - word32 Sign(const byte* sha_digest, byte* sig, RandomNumberGenerator&); - - const Integer& GetR() const; - const Integer& GetS() const; -private: - DSA_Signer(const DSA_Signer&); // hide copy - DSA_Signer& operator=(DSA_Signer&); // and assign -}; - - -class DSA_Verifier { - const DSA_PublicKey& key_; - Integer r_; - Integer s_; -public: - explicit DSA_Verifier(const DSA_PublicKey&); - - bool Verify(const byte* sha_digest, const byte* sig); - - const Integer& GetR() const; - const Integer& GetS() const; -private: - DSA_Verifier(const DSA_Verifier&); // hide copy - DSA_Verifier& operator=(const DSA_Verifier&); // and assign -}; - - - - - -} // namespace - -#endif // TAO_CRYPT_DSA_HPP diff --git a/extra/yassl/taocrypt/include/error.hpp b/extra/yassl/taocrypt/include/error.hpp deleted file mode 100644 index a749c00d80d..00000000000 --- a/extra/yassl/taocrypt/include/error.hpp +++ /dev/null @@ -1,89 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* error.hpp provides a taocrypt error numbers - * - */ - - -#ifndef TAO_CRYPT_ERROR_HPP -#define TAO_CRYPT_ERROR_HPP - - -namespace TaoCrypt { - - -enum ErrorNumber { - -NO_ERROR_E = 0, // "not in error state" - -// RandomNumberGenerator -WINCRYPT_E = 1001, // "bad wincrypt acquire" -CRYPTGEN_E = 1002, // "CryptGenRandom error" -OPEN_RAN_E = 1003, // "open /dev/urandom error" -READ_RAN_E = 1004, // "read /dev/urandom error" - -// Integer -INTEGER_E = 1010, // "bad DER Integer Header" - - -// ASN.1 -SEQUENCE_E = 1020, // "bad Sequence Header" -SET_E = 1021, // "bad Set Header" -VERSION_E = 1022, // "version length not 1" -SIG_OID_E = 1023, // "signature OID mismatch" -BIT_STR_E = 1024, // "bad BitString Header" -UNKNOWN_OID_E = 1025, // "unknown key OID type" -OBJECT_ID_E = 1026, // "bad Ojbect ID Header" -TAG_NULL_E = 1027, // "expected TAG NULL" -EXPECT_0_E = 1028, // "expected 0" -OCTET_STR_E = 1029, // "bad Octet String Header" -TIME_E = 1030, // "bad TIME" - -DATE_SZ_E = 1031, // "bad Date Size" -SIG_LEN_E = 1032, // "bad Signature Length" -UNKOWN_SIG_E = 1033, // "unknown signature OID" -UNKOWN_HASH_E = 1034, // "unknown hash OID" -DSA_SZ_E = 1035, // "bad DSA r or s size" -BEFORE_DATE_E = 1036, // "before date in the future" -AFTER_DATE_E = 1037, // "after date in the past" -SIG_CONFIRM_E = 1038, // "bad self signature confirmation" -SIG_OTHER_E = 1039, // "bad other signature confirmation" - -CONTENT_E = 1040, // "bad content processing" -PEM_E = 1041 // "bad pem format error" - - // add error string to yassl/src/yassl_error.cpp !!! -}; - - -struct Error { - ErrorNumber what_; // description number, 0 for no error - - explicit Error(ErrorNumber w = NO_ERROR_E) : what_(w) {} - - ErrorNumber What() const { return what_; } - void SetError(ErrorNumber w) { what_ = w; } -}; - - - -} // namespace TaoCrypt - -#endif // TAO_CRYPT_ERROR_HPP diff --git a/extra/yassl/taocrypt/include/file.hpp b/extra/yassl/taocrypt/include/file.hpp deleted file mode 100644 index 1e2955d8737..00000000000 --- a/extra/yassl/taocrypt/include/file.hpp +++ /dev/null @@ -1,130 +0,0 @@ -/* - Copyright (C) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* file.hpp provies File Sources and Sinks -*/ - - -#ifndef TAO_CRYPT_FILE_HPP -#define TAO_CRYPT_FILE_HPP - -#include "misc.hpp" -#include "block.hpp" -#include "error.hpp" -#include <stdio.h> - -namespace TaoCrypt { - - -class Source { - ByteBlock buffer_; - word32 current_; - Error error_; -public: - explicit Source(word32 sz = 0) : buffer_(sz), current_(0) {} - Source(const byte* b, word32 sz) : buffer_(b, sz), current_(0) {} - - word32 remaining() { if (GetError().What()) return 0; - else return buffer_.size() - current_; } - word32 size() const { return buffer_.size(); } - void grow(word32 sz) { buffer_.CleanGrow(sz); } - - bool IsLeft(word32 sz) { if (remaining() >= sz) return true; - else { SetError(CONTENT_E); return false; } } - - const byte* get_buffer() const { return buffer_.get_buffer(); } - const byte* get_current() const { return &buffer_[current_]; } - word32 get_index() const { return current_; } - void set_index(word32 i) { if (i < size()) current_ = i; } - - byte operator[] (word32 i) { current_ = i; return next(); } - byte next() { if (IsLeft(1)) return buffer_[current_++]; else return 0; } - byte prev() { if (current_) return buffer_[--current_]; else return 0; } - - void add(const byte* data, word32 len) - { - if (IsLeft(len)) { - memcpy(buffer_.get_buffer() + current_, data, len); - current_ += len; - } - } - - void advance(word32 i) { if (IsLeft(i)) current_ += i; } - void reset(ByteBlock&); - - Error GetError() { return error_; } - void SetError(ErrorNumber w) { error_.SetError(w); } - - friend class FileSource; // for get() - - Source(const Source& that) - : buffer_(that.buffer_), current_(that.current_) {} - - Source& operator=(const Source& that) - { - Source tmp(that); - Swap(tmp); - return *this; - } - - void Swap(Source& other) - { - buffer_.Swap(other.buffer_); - STL::swap(current_, other.current_); - } - -}; - - -// File Source -class FileSource { - FILE* file_; -public: - FileSource(const char* fname, Source& source); - ~FileSource(); - - word32 size(bool use_current = false); -private: - word32 get(Source&); - word32 size_left(); - - FileSource(const FileSource&); // hide - FileSource& operator=(const FileSource&); // hide -}; - - -// File Sink -class FileSink { - FILE* file_; -public: - FileSink(const char* fname, Source& source); - ~FileSink(); - - word32 size(bool use_current = false); -private: - size_t put(Source&); - - FileSink(const FileSink&); // hide - FileSink& operator=(const FileSink&); // hide -}; - - - -} // namespace - -#endif // TAO_CRYPT_FILE_HPP diff --git a/extra/yassl/taocrypt/include/hash.hpp b/extra/yassl/taocrypt/include/hash.hpp deleted file mode 100644 index 4ffb305869a..00000000000 --- a/extra/yassl/taocrypt/include/hash.hpp +++ /dev/null @@ -1,110 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* hash.hpp provides a base for digest types -*/ - - -#ifndef TAO_CRYPT_HASH_HPP -#define TAO_CRYPT_HASH_HPP - -#include "misc.hpp" - -namespace TaoCrypt { - - -// HASH -class HASH : public virtual_base { -public: - virtual ~HASH() {} - - virtual void Update(const byte*, word32) = 0; - virtual void Final(byte*) = 0; - - virtual void Init() = 0; - - virtual word32 getBlockSize() const = 0; - virtual word32 getDigestSize() const = 0; -}; - - -// HASH with Transform -class HASHwithTransform : public HASH { -public: - HASHwithTransform(word32 digSz, word32 buffSz); - virtual ~HASHwithTransform() {} - virtual ByteOrder getByteOrder() const = 0; - virtual word32 getPadSize() const = 0; - - virtual void Update(const byte*, word32); - virtual void Final(byte*); - - word32 GetBitCountLo() const { return loLen_ << 3; } - word32 GetBitCountHi() const { return (loLen_ >> (8*sizeof(loLen_) - 3)) + - (hiLen_ << 3); } - enum { MaxDigestSz = 8, MaxBufferSz = 64 }; -protected: - typedef word32 HashLengthType; - word32 buffLen_; // in bytes - HashLengthType loLen_; // length in bytes - HashLengthType hiLen_; // length in bytes - word32 digest_[MaxDigestSz]; - word32 buffer_[MaxBufferSz / sizeof(word32)]; - - virtual void Transform() = 0; - - void AddLength(word32); -}; - - -#ifdef WORD64_AVAILABLE - -// 64-bit HASH with Transform -class HASH64withTransform : public HASH { -public: - HASH64withTransform(word32 digSz, word32 buffSz); - virtual ~HASH64withTransform() {} - virtual ByteOrder getByteOrder() const = 0; - virtual word32 getPadSize() const = 0; - - virtual void Update(const byte*, word32); - virtual void Final(byte*); - - word32 GetBitCountLo() const { return loLen_ << 3; } - word32 GetBitCountHi() const { return (loLen_ >> (8*sizeof(loLen_) - 3)) + - (hiLen_ << 3); } - enum { MaxDigestSz = 8, MaxBufferSz = 128 }; -protected: - typedef word32 HashLengthType; - word32 buffLen_; // in bytes - HashLengthType loLen_; // length in bytes - HashLengthType hiLen_; // length in bytes - word64 digest_[MaxDigestSz]; - word64 buffer_[MaxBufferSz / sizeof(word64)]; - - virtual void Transform() = 0; - - void AddLength(word32); -}; - -#endif // WORD64_AVAILABLE - - -} // namespace - -#endif // TAO_CRYPT_HASH_HPP diff --git a/extra/yassl/taocrypt/include/hc128.hpp b/extra/yassl/taocrypt/include/hc128.hpp deleted file mode 100644 index e1ed337de6a..00000000000 --- a/extra/yassl/taocrypt/include/hc128.hpp +++ /dev/null @@ -1,63 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* hc128.hpp defines HC128 -*/ - - -#ifndef TAO_CRYPT_HC128_HPP -#define TAO_CRYPT_HC128_HPP - -#include "misc.hpp" - -namespace TaoCrypt { - - -// HC128 encryption and decryption -class HC128 { -public: - - typedef HC128 Encryption; - typedef HC128 Decryption; - - - HC128() {} - - void Process(byte*, const byte*, word32); - void SetKey(const byte*, const byte*); -private: - word32 T_[1024]; /* P[i] = T[i]; Q[i] = T[1024 + i ]; */ - word32 X_[16]; - word32 Y_[16]; - word32 counter1024_; /* counter1024 = i mod 1024 at the ith step */ - word32 key_[8]; - word32 iv_[8]; - - void SetIV(const byte*); - void GenerateKeystream(word32*); - void SetupUpdate(); - - HC128(const HC128&); // hide copy - const HC128 operator=(const HC128&); // and assign -}; - -} // namespace - - -#endif // TAO_CRYPT_HC128_HPP - diff --git a/extra/yassl/taocrypt/include/hmac.hpp b/extra/yassl/taocrypt/include/hmac.hpp deleted file mode 100644 index a5b16cdaf38..00000000000 --- a/extra/yassl/taocrypt/include/hmac.hpp +++ /dev/null @@ -1,139 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* hamc.hpp implements HMAC, see RFC 2104 -*/ - - -#ifndef TAO_CRYPT_HMAC_HPP -#define TAO_CRYPT_HMAC_HPP - -#include "hash.hpp" - -namespace TaoCrypt { - - -// HMAC class template -template <class T> -class HMAC { -public: - enum { IPAD = 0x36, OPAD = 0x5C }; - - HMAC() : ipad_(reinterpret_cast<byte*>(&ip_)), - opad_(reinterpret_cast<byte*>(&op_)), - innerHash_(reinterpret_cast<byte*>(&innerH_)) - { - Init(); - } - void Update(const byte*, word32); - void Final(byte*); - void Init(); - - void SetKey(const byte*, word32); -private: - byte* ipad_; - byte* opad_; - byte* innerHash_; - bool innerHashKeyed_; - T mac_; - - // MSVC 6 HACK, gives compiler error if calculated in array - enum { HMAC_BSIZE = T::BLOCK_SIZE / sizeof(word32), - HMAC_DSIZE = T::DIGEST_SIZE / sizeof(word32) }; - - word32 ip_[HMAC_BSIZE]; // align ipad_ on word32 - word32 op_[HMAC_BSIZE]; // align opad_ on word32 - word32 innerH_[HMAC_DSIZE]; // align innerHash_ on word32 - - void KeyInnerHash(); - - HMAC(const HMAC&); - HMAC& operator= (const HMAC&); -}; - - -// Setup -template <class T> -void HMAC<T>::Init() -{ - mac_.Init(); - innerHashKeyed_ = false; -} - - -// Key generation -template <class T> -void HMAC<T>::SetKey(const byte* key, word32 length) -{ - Init(); - - if (length <= T::BLOCK_SIZE) - memcpy(ipad_, key, length); - else { - mac_.Update(key, length); - mac_.Final(ipad_); - length = T::DIGEST_SIZE; - } - memset(ipad_ + length, 0, T::BLOCK_SIZE - length); - - for (word32 i = 0; i < T::BLOCK_SIZE; i++) { - opad_[i] = ipad_[i] ^ OPAD; - ipad_[i] ^= IPAD; - } -} - - -// Inner Key Hash -template <class T> -void HMAC<T>::KeyInnerHash() -{ - mac_.Update(ipad_, T::BLOCK_SIZE); - innerHashKeyed_ = true; -} - - -// Update -template <class T> -void HMAC<T>::Update(const byte* msg, word32 length) -{ - if (!innerHashKeyed_) - KeyInnerHash(); - mac_.Update(msg, length); -} - - -// Final -template <class T> -void HMAC<T>::Final(byte* hash) -{ - if (!innerHashKeyed_) - KeyInnerHash(); - mac_.Final(innerHash_); - - mac_.Update(opad_, T::BLOCK_SIZE); - mac_.Update(innerHash_, T::DIGEST_SIZE); - mac_.Final(hash); - - innerHashKeyed_ = false; -} - - -} // namespace - -#endif // TAO_CRYPT_HMAC_HPP diff --git a/extra/yassl/taocrypt/include/integer.hpp b/extra/yassl/taocrypt/include/integer.hpp deleted file mode 100644 index 613ed44b13d..00000000000 --- a/extra/yassl/taocrypt/include/integer.hpp +++ /dev/null @@ -1,332 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* based on Wei Dai's integer.h from CryptoPP */ - - -#ifndef TAO_CRYPT_INTEGER_HPP -#define TAO_CRYPT_INTEGER_HPP - - -#ifdef _MSC_VER - // 4250: dominance - // 4660: explicitly instantiating a class already implicitly instantiated - // 4661: no suitable definition provided for explicit template request - // 4786: identifer was truncated in debug information - // 4355: 'this' : used in base member initializer list -# pragma warning(disable: 4250 4660 4661 4786 4355) -#endif - - -#include "misc.hpp" -#include "block.hpp" -#include "random.hpp" -#include "file.hpp" -#include <string.h> -#ifdef USE_SYS_STL - #include <algorithm> -#else - #include "algorithm.hpp" -#endif - - -#ifdef TAOCRYPT_X86ASM_AVAILABLE - #if defined(__GNUC__) && (__GNUC__ >= 4) - // GCC 4 or greater optimizes too much inline on recursive for bigint, - // -O3 just as fast without asm here anyway - #undef TAOCRYPT_X86ASM_AVAILABLE - #endif -#endif - -#ifdef TAOCRYPT_X86ASM_AVAILABLE - -#ifdef _M_IX86 - #if (defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 500)) || \ - (defined(__ICL) && (__ICL >= 500)) - #define SSE2_INTRINSICS_AVAILABLE - #define TAOCRYPT_MM_MALLOC_AVAILABLE - #elif defined(_MSC_VER) - // _mm_free seems to be the only way to tell if the Processor Pack is - //installed or not - #include <malloc.h> - #if defined(_mm_free) - #define SSE2_INTRINSICS_AVAILABLE - #define TAOCRYPT_MM_MALLOC_AVAILABLE - #endif - #endif -#endif - -// SSE2 intrinsics work in GCC 3.3 or later -#if defined(__SSE2__) && (__GNUC__ == 4 || __GNUC_MAJOR__ > 3 || \ - __GNUC_MINOR__ > 2) - #define SSE2_INTRINSICS_AVAILABLE -#endif - -#endif // X86ASM - - - - -namespace TaoCrypt { - -#if defined(SSE2_INTRINSICS_AVAILABLE) - - // Allocator handling proper alignment - template <class T> - class AlignedAllocator : public AllocatorBase<T> - { - public: - typedef typename AllocatorBase<T>::pointer pointer; - typedef typename AllocatorBase<T>::size_type size_type; - - pointer allocate(size_type n, const void* = 0); - void deallocate(void* p, size_type n); - pointer reallocate(T* p, size_type oldSize, size_type newSize, - bool preserve) - { - return StdReallocate(*this, p, oldSize, newSize, preserve); - } - - #if !(defined(TAOCRYPT_MALLOC_ALIGNMENT_IS_16) || \ - defined(TAOCRYPT_MEMALIGN_AVAILABLE) || \ - defined(TAOCRYPT_MM_MALLOC_AVAILABLE)) - #define TAOCRYPT_NO_ALIGNED_ALLOC - AlignedAllocator() : m_pBlock(0) {} - protected: - void *m_pBlock; - #endif - }; - - typedef Block<word, AlignedAllocator<word> > AlignedWordBlock; -#else - typedef WordBlock AlignedWordBlock; -#endif - - - -#ifdef _WIN32 - #undef max // avoid name clash -#endif -// general MAX -template<typename T> inline -const T& max(const T& a, const T& b) -{ - return a > b ? a : b; -} - - -// Large Integer class -class Integer { -public: - enum Sign {POSITIVE = 0, NEGATIVE = 1 }; - enum Signedness { UNSIGNED, SIGNED }; - enum RandomNumberType { ANY, PRIME }; - - class DivideByZero {}; - - Integer(); - Integer(const Integer& t); - Integer(signed long value); - Integer(Sign s, word highWord, word lowWord); - - // BER Decode Source - explicit Integer(Source&); - - Integer(const byte* encodedInteger, unsigned int byteCount, - Signedness s = UNSIGNED); - - ~Integer() {} - - static const Integer& Zero(); - static const Integer& One(); - - Integer& Ref() { return *this; } - - Integer(RandomNumberGenerator& rng, const Integer& min, - const Integer& max); - - static Integer Power2(unsigned int e); - - unsigned int MinEncodedSize(Signedness = UNSIGNED) const; - unsigned int Encode(byte* output, unsigned int outputLen, - Signedness = UNSIGNED) const; - - void Decode(const byte* input, unsigned int inputLen, - Signedness = UNSIGNED); - void Decode(Source&); - - bool IsConvertableToLong() const; - signed long ConvertToLong() const; - - unsigned int BitCount() const; - unsigned int ByteCount() const; - unsigned int WordCount() const; - - bool GetBit(unsigned int i) const; - byte GetByte(unsigned int i) const; - unsigned long GetBits(unsigned int i, unsigned int n) const; - - bool IsZero() const { return !*this; } - bool NotZero() const { return !IsZero(); } - bool IsNegative() const { return sign_ == NEGATIVE; } - bool NotNegative() const { return !IsNegative(); } - bool IsPositive() const { return NotNegative() && NotZero(); } - bool NotPositive() const { return !IsPositive(); } - bool IsEven() const { return GetBit(0) == 0; } - bool IsOdd() const { return GetBit(0) == 1; } - - Integer& operator=(const Integer& t); - Integer& operator+=(const Integer& t); - Integer& operator-=(const Integer& t); - Integer& operator*=(const Integer& t) { return *this = Times(t); } - Integer& operator/=(const Integer& t) - { return *this = DividedBy(t);} - Integer& operator%=(const Integer& t) { return *this = Modulo(t); } - Integer& operator/=(word t) { return *this = DividedBy(t); } - Integer& operator%=(word t) { return *this = Modulo(t); } - Integer& operator<<=(unsigned int); - Integer& operator>>=(unsigned int); - - - void Randomize(RandomNumberGenerator &rng, unsigned int bitcount); - void Randomize(RandomNumberGenerator &rng, const Integer &min, - const Integer &max); - - void SetBit(unsigned int n, bool value = 1); - void SetByte(unsigned int n, byte value); - - void Negate(); - void SetPositive() { sign_ = POSITIVE; } - void SetNegative() { if (!!(*this)) sign_ = NEGATIVE; } - void Swap(Integer& a); - - bool operator!() const; - Integer operator+() const {return *this;} - Integer operator-() const; - Integer& operator++(); - Integer& operator--(); - Integer operator++(int) - { Integer temp = *this; ++*this; return temp; } - Integer operator--(int) - { Integer temp = *this; --*this; return temp; } - - int Compare(const Integer& a) const; - - Integer Plus(const Integer &b) const; - Integer Minus(const Integer &b) const; - Integer Times(const Integer &b) const; - Integer DividedBy(const Integer &b) const; - Integer Modulo(const Integer &b) const; - Integer DividedBy(word b) const; - word Modulo(word b) const; - - Integer operator>>(unsigned int n) const { return Integer(*this)>>=n; } - Integer operator<<(unsigned int n) const { return Integer(*this)<<=n; } - - Integer AbsoluteValue() const; - Integer Doubled() const { return Plus(*this); } - Integer Squared() const { return Times(*this); } - Integer SquareRoot() const; - - bool IsSquare() const; - bool IsUnit() const; - - Integer MultiplicativeInverse() const; - - friend Integer a_times_b_mod_c(const Integer& x, const Integer& y, - const Integer& m); - friend Integer a_exp_b_mod_c(const Integer& x, const Integer& e, - const Integer& m); - - static void Divide(Integer& r, Integer& q, const Integer& a, - const Integer& d); - static void Divide(word& r, Integer& q, const Integer& a, word d); - static void DivideByPowerOf2(Integer& r, Integer& q, const Integer& a, - unsigned int n); - static Integer Gcd(const Integer& a, const Integer& n); - - Integer InverseMod(const Integer& n) const; - word InverseMod(word n) const; - -private: - friend class ModularArithmetic; - friend class MontgomeryRepresentation; - - Integer(word value, unsigned int length); - int PositiveCompare(const Integer& t) const; - - friend void PositiveAdd(Integer& sum, const Integer& a, const Integer& b); - friend void PositiveSubtract(Integer& diff, const Integer& a, - const Integer& b); - friend void PositiveMultiply(Integer& product, const Integer& a, - const Integer& b); - friend void PositiveDivide(Integer& remainder, Integer& quotient, const - Integer& dividend, const Integer& divisor); - AlignedWordBlock reg_; - Sign sign_; -}; - -inline bool operator==(const Integer& a, const Integer& b) - {return a.Compare(b)==0;} -inline bool operator!=(const Integer& a, const Integer& b) - {return a.Compare(b)!=0;} -inline bool operator> (const Integer& a, const Integer& b) - {return a.Compare(b)> 0;} -inline bool operator>=(const Integer& a, const Integer& b) - {return a.Compare(b)>=0;} -inline bool operator< (const Integer& a, const Integer& b) - {return a.Compare(b)< 0;} -inline bool operator<=(const Integer& a, const Integer& b) - {return a.Compare(b)<=0;} - -inline Integer operator+(const Integer &a, const Integer &b) - {return a.Plus(b);} -inline Integer operator-(const Integer &a, const Integer &b) - {return a.Minus(b);} -inline Integer operator*(const Integer &a, const Integer &b) - {return a.Times(b);} -inline Integer operator/(const Integer &a, const Integer &b) - {return a.DividedBy(b);} -inline Integer operator%(const Integer &a, const Integer &b) - {return a.Modulo(b);} -inline Integer operator/(const Integer &a, word b) {return a.DividedBy(b);} -inline word operator%(const Integer &a, word b) {return a.Modulo(b);} - -inline void swap(Integer &a, Integer &b) -{ - a.Swap(b); -} - - -Integer CRT(const Integer& xp, const Integer& p, const Integer& xq, - const Integer& q, const Integer& u); - -inline Integer ModularExponentiation(const Integer& a, const Integer& e, - const Integer& m) -{ - return a_exp_b_mod_c(a, e, m); -} - -Integer ModularRoot(const Integer& a, const Integer& dp, const Integer& dq, - const Integer& p, const Integer& q, const Integer& u); - - - -} // namespace - -#endif // TAO_CRYPT_INTEGER_HPP diff --git a/extra/yassl/taocrypt/include/kernelc.hpp b/extra/yassl/taocrypt/include/kernelc.hpp deleted file mode 100644 index 5d0ceadc4d0..00000000000 --- a/extra/yassl/taocrypt/include/kernelc.hpp +++ /dev/null @@ -1,34 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* kernelc.hpp provides support for C std lib when compiled in kernel mode -*/ - -#ifndef TAOCRYPT_KERNELC_HPP -#define TAOCRYPT_KERNELC_HPP - -#include <linux/types.h> // get right size_t - -// system functions that c++ doesn't like headers for - -extern "C" void* memcpy(void*, const void*, size_t); -extern "C" void* memset(void*, int, size_t); -extern "C" void printk(char *fmt, ...); - - -#endif // TAOCRYPT_KERNELC_HPP diff --git a/extra/yassl/taocrypt/include/md2.hpp b/extra/yassl/taocrypt/include/md2.hpp deleted file mode 100644 index 89226fc93a1..00000000000 --- a/extra/yassl/taocrypt/include/md2.hpp +++ /dev/null @@ -1,65 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* md2.hpp provides MD2 digest support, see RFC 1319 -*/ - -#ifndef TAO_CRYPT_MD2_HPP -#define TAO_CRYPT_MD2_HPP - - -#include "hash.hpp" -#include "block.hpp" - - -namespace TaoCrypt { - - -// MD2 digest -class MD2 : public HASH { -public: - enum { BLOCK_SIZE = 16, DIGEST_SIZE = 16, PAD_SIZE = 16, X_SIZE = 48 }; - MD2(); - - word32 getBlockSize() const { return BLOCK_SIZE; } - word32 getDigestSize() const { return DIGEST_SIZE; } - - void Update(const byte*, word32); - void Final(byte*); - - void Init(); - void Swap(MD2&); -private: - ByteBlock X_, C_, buffer_; - word32 count_; // bytes % PAD_SIZE - - MD2(const MD2&); - MD2& operator=(const MD2&); -}; - -inline void swap(MD2& a, MD2& b) -{ - a.Swap(b); -} - - -} // namespace - -#endif // TAO_CRYPT_MD2_HPP - diff --git a/extra/yassl/taocrypt/include/md4.hpp b/extra/yassl/taocrypt/include/md4.hpp deleted file mode 100644 index a4e87b5ccf5..00000000000 --- a/extra/yassl/taocrypt/include/md4.hpp +++ /dev/null @@ -1,63 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* md4.hpp provides MD4 digest support - * WANRING: MD4 is considered insecure, only use if you have to, e.g., yaSSL - * libcurl supports needs this for NTLM authentication -*/ - -#ifndef TAO_CRYPT_MD4_HPP -#define TAO_CRYPT_MD4_HPP - -#include "hash.hpp" - -namespace TaoCrypt { - - -// MD4 digest -class MD4 : public HASHwithTransform { -public: - enum { BLOCK_SIZE = 64, DIGEST_SIZE = 16, PAD_SIZE = 56, - TAO_BYTE_ORDER = LittleEndianOrder }; // in Bytes - MD4() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) - { Init(); } - ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } - word32 getBlockSize() const { return BLOCK_SIZE; } - word32 getDigestSize() const { return DIGEST_SIZE; } - word32 getPadSize() const { return PAD_SIZE; } - - MD4(const MD4&); - MD4& operator= (const MD4&); - - void Init(); - void Swap(MD4&); -private: - void Transform(); -}; - -inline void swap(MD4& a, MD4& b) -{ - a.Swap(b); -} - - -} // namespace - -#endif // TAO_CRYPT_MD4_HPP - diff --git a/extra/yassl/taocrypt/include/md5.hpp b/extra/yassl/taocrypt/include/md5.hpp deleted file mode 100644 index a065d3d6e52..00000000000 --- a/extra/yassl/taocrypt/include/md5.hpp +++ /dev/null @@ -1,71 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* md5.hpp provides MD5 digest support, see RFC 1321 -*/ - -#ifndef TAO_CRYPT_MD5_HPP -#define TAO_CRYPT_MD5_HPP - -#include "hash.hpp" - - -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_MD5_ASM -#endif - -namespace TaoCrypt { - - -// MD5 digest -class MD5 : public HASHwithTransform { -public: - enum { BLOCK_SIZE = 64, DIGEST_SIZE = 16, PAD_SIZE = 56, - TAO_BYTE_ORDER = LittleEndianOrder }; // in Bytes - MD5() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) - { Init(); } - ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } - word32 getBlockSize() const { return BLOCK_SIZE; } - word32 getDigestSize() const { return DIGEST_SIZE; } - word32 getPadSize() const { return PAD_SIZE; } - - MD5(const MD5&); - MD5& operator= (const MD5&); - -#ifdef DO_MD5_ASM - void Update(const byte*, word32); -#endif - - void Init(); - void Swap(MD5&); -private: - void Transform(); - void AsmTransform(const byte* data, word32 times); -}; - -inline void swap(MD5& a, MD5& b) -{ - a.Swap(b); -} - - -} // namespace - -#endif // TAO_CRYPT_MD5_HPP - diff --git a/extra/yassl/taocrypt/include/misc.hpp b/extra/yassl/taocrypt/include/misc.hpp deleted file mode 100644 index 8147832d28a..00000000000 --- a/extra/yassl/taocrypt/include/misc.hpp +++ /dev/null @@ -1,889 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. - Copyright (c) 2017, MariaDB Corporation. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* based on Wei Dai's misc.h from CryptoPP */ - -#ifndef TAO_CRYPT_MISC_HPP -#define TAO_CRYPT_MISC_HPP - - -#if !defined(DO_TAOCRYPT_KERNEL_MODE) - #include <stdlib.h> - #include <string.h> -#else - #include "kernelc.hpp" -#endif - -#include "types.hpp" -#include "type_traits.hpp" - - - -namespace TaoCrypt { - - -// Delete static singleton holders -void CleanUp(); - - -#ifdef YASSL_PURE_C - - // library allocation - struct new_t {}; // TaoCrypt New type - extern new_t tc; // pass in parameter - - } // namespace TaoCrypt - - void* operator new (size_t, TaoCrypt::new_t); - void* operator new[](size_t, TaoCrypt::new_t); - - void operator delete (void*, TaoCrypt::new_t); - void operator delete[](void*, TaoCrypt::new_t); - - - namespace TaoCrypt { - - template<typename T> - void tcDelete(T* ptr) - { - if (ptr) ptr->~T(); - ::operator delete(ptr, TaoCrypt::tc); - } - - template<typename T> - void tcArrayDelete(T* ptr) - { - // can't do array placement destruction since not tracking size in - // allocation, only allow builtins to use array placement since they - // don't need destructors called - typedef char builtin[IsFundamentalType<T>::Yes ? 1 : -1]; - (void)sizeof(builtin); - - ::operator delete[](ptr, TaoCrypt::tc); - } - - #define NEW_TC new (TaoCrypt::tc) - - - // to resolve compiler generated operator delete on base classes with - // virtual destructors (when on stack) - class virtual_base { - public: - static void operator delete(void*) { } - }; - -#else // YASSL_PURE_C - - - template<typename T> - void tcDelete(T* ptr) - { - delete ptr; - } - - template<typename T> - void tcArrayDelete(T* ptr) - { - delete[] ptr; - } - - #define NEW_TC new - - class virtual_base {}; - - -#endif // YASSL_PURE_C - - -#if defined(_MSC_VER) || defined(__BCPLUSPLUS__) - #define INTEL_INTRINSICS - #define FAST_ROTATE -#elif defined(__MWERKS__) && TARGET_CPU_PPC - #define PPC_INTRINSICS - #define FAST_ROTATE -#elif defined(__GNUC__) && defined(__i386__) - // GCC does peephole optimizations which should result in using rotate - // instructions - #define FAST_ROTATE -#endif - - -// no gas on these systems ?, disable for now -#if defined(__sun__) - #undef TAOCRYPT_DISABLE_X86ASM - #define TAOCRYPT_DISABLE_X86ASM -#endif - -// icc problem with -03 and integer, disable for now -#if defined(__INTEL_COMPILER) - #undef TAOCRYPT_DISABLE_X86ASM - #define TAOCRYPT_DISABLE_X86ASM -#endif - -// indpedent of build system, unless ia32 asm is enabled disable it -#if !defined(TAOCRYPT_ENABLE_X86ASM) - #undef TAOCRYPT_DISABLE_X86ASM - #define TAOCRYPT_DISABLE_X86ASM -#endif - -// Turn on ia32 ASM for Big Integer -// CodeWarrior defines _MSC_VER -#if !defined(TAOCRYPT_DISABLE_X86ASM) && ((defined(_MSC_VER) && \ - !defined(__MWERKS__) && defined(_M_IX86)) || \ - (defined(__GNUC__) && defined(__i386__))) - #define TAOCRYPT_X86ASM_AVAILABLE -#endif - - -#ifdef TAOCRYPT_X86ASM_AVAILABLE - bool HaveCpuId(); - bool IsPentium(); - void CpuId(word32 input, word32 *output); - - extern bool isMMX; -#endif - - - - -// Turn on ia32 ASM for Ciphers and Message Digests -// Seperate define since these are more complex, use member offsets -// and user may want to turn off while leaving Big Integer optos on -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && !defined(DISABLE_TAO_ASM) - #define TAO_ASM -#endif - - -// Extra word in older vtable implementations, for ASM member offset -#if defined(__GNUC__) && __GNUC__ < 3 - #define OLD_GCC_OFFSET -#endif - - -#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) -# define TAOCRYPT_MALLOC_ALIGNMENT_IS_16 -#endif - -#if defined(__linux__) || defined(__sun__) || defined(__CYGWIN__) -# define TAOCRYPT_MEMALIGN_AVAILABLE -#endif - - -#if defined(_WIN32) || defined(__CYGWIN__) - #define TAOCRYPT_WIN32_AVAILABLE -#endif - -#if defined(__unix__) || defined(__MACH__) - #define TAOCRYPT_UNIX_AVAILABLE -#endif - - -// VC60 workaround: it doesn't allow typename in some places -#if defined(_MSC_VER) && (_MSC_VER < 1300) - #define CPP_TYPENAME -#else - #define CPP_TYPENAME typename -#endif - - -#ifdef _MSC_VER - #define TAOCRYPT_NO_VTABLE __declspec(novtable) -#else - #define TAOCRYPT_NO_VTABLE -#endif - - -#ifdef USE_SYS_STL - // use system STL - #define STL_NAMESPACE std -#else - // use mySTL - #define STL_NAMESPACE mySTL -#endif - - -// ***************** DLL related ******************** - -#ifdef TAOCRYPT_WIN32_AVAILABLE - -#ifdef TAOCRYPT_EXPORTS - #define TAOCRYPT_IS_DLL - #define TAOCRYPT_DLL __declspec(dllexport) -#elif defined(TAOCRYPT_IMPORTS) - #define TAOCRYPT_IS_DLL - #define TAOCRYPT_DLL __declspec(dllimport) -#else - #define TAOCRYPT_DLL -#endif // EXPORTS - -#define TAOCRYPT_API __stdcall -#define TAOCRYPT_CDECL __cdecl - -#else // TAOCRYPT_WIN32_AVAILABLE - -#define TAOCRYPT_DLL -#define TAOCRYPT_API -#define TAOCRYPT_CDECL - -#endif // TAOCRYPT_WIN32_AVAILABLE - - -// ****************** tempalte stuff ******************* - - -#if defined(TAOCRYPT_MANUALLY_INSTANTIATE_TEMPLATES) && \ - !defined(TAOCRYPT_IMPORTS) - #define TAOCRYPT_DLL_TEMPLATE_CLASS template class TAOCRYPT_DLL -#elif defined(__MWERKS__) - #define TAOCRYPT_DLL_TEMPLATE_CLASS extern class TAOCRYPT_DLL -#else - #define TAOCRYPT_DLL_TEMPLATE_CLASS extern template class TAOCRYPT_DLL -#endif - - -#if defined(TAOCRYPT_MANUALLY_INSTANTIATE_TEMPLATES) && \ - !defined(TAOCRYPT_EXPORTS) - #define TAOCRYPT_STATIC_TEMPLATE_CLASS template class -#elif defined(__MWERKS__) - #define TAOCRYPT_STATIC_TEMPLATE_CLASS extern class -#else - #define TAOCRYPT_STATIC_TEMPLATE_CLASS extern template class -#endif - - -// ************** compile-time assertion *************** - -template <bool b> -struct CompileAssert -{ - static char dummy[2*b-1]; -}; - -#define TAOCRYPT_COMPILE_ASSERT(assertion) \ - TAOCRYPT_COMPILE_ASSERT_INSTANCE(assertion, __LINE__) - -#if defined(TAOCRYPT_EXPORTS) || defined(TAOCRYPT_IMPORTS) - #define TAOCRYPT_COMPILE_ASSERT_INSTANCE(assertion, instance) -#else - #define TAOCRYPT_COMPILE_ASSERT_INSTANCE(assertion, instance) \ - (void)sizeof(CompileAssert<(assertion)>) -#endif - -#define TAOCRYPT_ASSERT_JOIN(X, Y) TAOCRYPT_DO_ASSERT_JOIN(X, Y) - -#define TAOCRYPT_DO_ASSERT_JOIN(X, Y) X##Y - - -/*************** helpers *****************************/ - -inline unsigned int BitsToBytes(unsigned int bitCount) -{ - return ((bitCount+7)/(8)); -} - -inline unsigned int BytesToWords(unsigned int byteCount) -{ - return ((byteCount+WORD_SIZE-1)/WORD_SIZE); -} - -inline unsigned int BitsToWords(unsigned int bitCount) -{ - return ((bitCount+WORD_BITS-1)/(WORD_BITS)); -} - -inline void CopyWords(word* r, const word* a, word32 n) -{ - for (word32 i = 0; i < n; i++) - r[i] = a[i]; -} - -inline unsigned int CountWords(const word* X, unsigned int N) -{ - while (N && X[N-1]==0) - N--; - return N; -} - -inline void SetWords(word* r, word a, unsigned int n) -{ - for (unsigned int i=0; i<n; i++) - r[i] = a; -} - -enum ByteOrder { LittleEndianOrder = 0, BigEndianOrder = 1 }; -enum CipherDir {ENCRYPTION, DECRYPTION}; - -inline CipherDir ReverseDir(CipherDir dir) -{ - return (dir == ENCRYPTION) ? DECRYPTION : ENCRYPTION; -} - -template <typename ENUM_TYPE, int VALUE> -struct EnumToType -{ - static ENUM_TYPE ToEnum() { return (ENUM_TYPE)VALUE; } -}; - -typedef EnumToType<ByteOrder, LittleEndianOrder> LittleEndian; -typedef EnumToType<ByteOrder, BigEndianOrder> BigEndian; - - -#ifndef BIG_ENDIAN_ORDER - typedef LittleEndian HostByteOrder; -#else - typedef BigEndian HostByteOrder; -#endif - -inline ByteOrder GetHostByteOrder() -{ - return HostByteOrder::ToEnum(); -} - -inline bool HostByteOrderIs(ByteOrder order) -{ - return order == GetHostByteOrder(); -} - - -void xorbuf(byte*, const byte*, unsigned int); - - -template <class T> -inline bool IsPowerOf2(T n) -{ - return n > 0 && (n & (n-1)) == 0; -} - -template <class T1, class T2> -inline T2 ModPowerOf2(T1 a, T2 b) -{ - return T2(a) & (b-1); -} - -template <class T> -inline T RoundDownToMultipleOf(T n, T m) -{ - return n - (IsPowerOf2(m) ? ModPowerOf2(n, m) : (n%m)); -} - -template <class T> -inline T RoundUpToMultipleOf(T n, T m) -{ - return RoundDownToMultipleOf(n+m-1, m); -} - -template <class T> -inline unsigned int GetAlignment(T* dummy = 0) // VC60 workaround -{ -#if (_MSC_VER >= 1300) - return __alignof(T); -#elif defined(__GNUC__) - return __alignof__(T); -#else - return sizeof(T); -#endif -} - -inline bool IsAlignedOn(const void* p, unsigned int alignment) -{ - return IsPowerOf2(alignment) ? ModPowerOf2((size_t)p, alignment) == 0 - : (size_t)p % alignment == 0; -} - -template <class T> -inline bool IsAligned(const void* p, T* dummy = 0) // VC60 workaround -{ - return IsAlignedOn(p, GetAlignment<T>()); -} - - -template <class T> inline T rotlFixed(T x, unsigned int y) -{ - return (x<<y) | (x>>(sizeof(T)*8-y)); -} - -template <class T> inline T rotrFixed(T x, unsigned int y) -{ - return (x>>y) | (x<<(sizeof(T)*8-y)); -} - -#ifdef INTEL_INTRINSICS - -#pragma intrinsic(_lrotl, _lrotr) - -template<> inline word32 rotlFixed(word32 x, word32 y) -{ - return y ? _lrotl(x, y) : x; -} - -template<> inline word32 rotrFixed(word32 x, word32 y) -{ - return y ? _lrotr(x, y) : x; -} - -#endif // INTEL_INTRINSICS - -#ifdef min -#undef min -#endif - - -template <class T> -inline const T& min(const T& a, const T& b) -{ - return a < b ? a : b; -} - - -inline word32 ByteReverse(word32 value) -{ -#ifdef PPC_INTRINSICS - // PPC: load reverse indexed instruction - return (word32)__lwbrx(&value,0); -#elif defined(FAST_ROTATE) - // 5 instructions with rotate instruction, 9 without - return (rotrFixed(value, 8U) & 0xff00ff00) | - (rotlFixed(value, 8U) & 0x00ff00ff); -#else - // 6 instructions with rotate instruction, 8 without - value = ((value & 0xFF00FF00) >> 8) | ((value & 0x00FF00FF) << 8); - return rotlFixed(value, 16U); -#endif -} - - -#ifdef WORD64_AVAILABLE - -inline word64 ByteReverse(word64 value) -{ -#ifdef TAOCRYPT_SLOW_WORD64 - return (word64(ByteReverse(word32(value))) << 32) | - ByteReverse(word32(value>>32)); -#else - value = ((value & W64LIT(0xFF00FF00FF00FF00)) >> 8) | - ((value & W64LIT(0x00FF00FF00FF00FF)) << 8); - value = ((value & W64LIT(0xFFFF0000FFFF0000)) >> 16) | - ((value & W64LIT(0x0000FFFF0000FFFF)) << 16); - return rotlFixed(value, 32U); -#endif -} - -#endif // WORD64_AVAILABLE - - -template <typename T> -inline void ByteReverse(T* out, const T* in, word32 byteCount) -{ - word32 count = byteCount/sizeof(T); - for (word32 i=0; i<count; i++) - out[i] = ByteReverse(in[i]); -} - -inline void ByteReverse(byte* out, const byte* in, word32 byteCount) -{ - word32* o = reinterpret_cast<word32*>(out); - const word32* i = reinterpret_cast<const word32*>(in); - ByteReverse(o, i, byteCount); -} - - -template <class T> -inline T ByteReverseIf(T value, ByteOrder order) -{ - return HostByteOrderIs(order) ? value : ByteReverse(value); -} - - -template <typename T> -inline void ByteReverseIf(T* out, const T* in, word32 bc, ByteOrder order) -{ - if (!HostByteOrderIs(order)) - ByteReverse(out, in, bc); - else if (out != in) - memcpy(out, in, bc); -} - - - -// do Asm Reverse is host is Little and x86asm -#ifdef LITTLE_ENDIAN_ORDER - #ifdef TAOCRYPT_X86ASM_AVAILABLE - #define LittleReverse AsmReverse - #else - #define LittleReverse ByteReverse - #endif -#else - #define LittleReverse -#endif - - -// do Asm Reverse is host is Big and x86asm -#ifdef BIG_ENDIAN_ORDER - #ifdef TAOCRYPT_X86ASM_AVAILABLE - #define BigReverse AsmReverse - #else - #define BigReverse ByteReverse - #endif -#else - #define BigReverse -#endif - - -#ifdef TAOCRYPT_X86ASM_AVAILABLE - - // faster than rotate, use bswap - - inline word32 AsmReverse(word32 wd) - { - #ifdef __GNUC__ - __asm__ - ( - "bswap %1" - : "=r"(wd) - : "0"(wd) - ); - #else - __asm - { - mov eax, wd - bswap eax - mov wd, eax - } - #endif - return wd; - } - -#endif - - -template <class T> -inline void GetUserKey(ByteOrder order, T* out, word32 outlen, const byte* in, - word32 inlen) -{ - const unsigned int U = sizeof(T); - memcpy(out, in, inlen); - memset((byte *)out+inlen, 0, outlen*U-inlen); - ByteReverseIf(out, out, RoundUpToMultipleOf(inlen, U), order); -} - - -#ifdef _MSC_VER - // disable conversion warning - // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy - #pragma warning(disable:4244 4996) -#endif - - -inline byte UnalignedGetWordNonTemplate(ByteOrder order, const byte *block, - byte*) -{ - return block[0]; -} - -inline word16 UnalignedGetWordNonTemplate(ByteOrder order, const byte* block, - word16*) -{ - return (order == BigEndianOrder) - ? word16(block[1] | (word16(block[0]) << 8)) - : word16(block[0] | (word16(block[1]) << 8)); -} - -inline word32 UnalignedGetWordNonTemplate(ByteOrder order, const byte* block, - word32*) -{ - return (order == BigEndianOrder) - ? word32(block[3]) | (word32(block[2]) << 8) | (word32(block[1]) << 16) - | (word32(block[0]) << 24) - : word32(block[0]) | (word32(block[1]) << 8) | (word32(block[2]) << 16) - | (word32(block[3]) << 24); -} - -template <class T> -inline T UnalignedGetWord(ByteOrder order, const byte *block, T* dummy = 0) -{ - return UnalignedGetWordNonTemplate(order, block, dummy); -} - -inline void UnalignedPutWord(ByteOrder order, byte *block, byte value, - const byte *xorBlock = 0) -{ - block[0] = xorBlock ? (value ^ xorBlock[0]) : value; -} - -#define GETBYTE(x, y) byte((x)>>(8*(y))) - -inline void UnalignedPutWord(ByteOrder order, byte *block, word16 value, - const byte *xorBlock = 0) -{ - if (order == BigEndianOrder) - { - block[0] = GETBYTE(value, 1); - block[1] = GETBYTE(value, 0); - } - else - { - block[0] = GETBYTE(value, 0); - block[1] = GETBYTE(value, 1); - } - - if (xorBlock) - { - block[0] ^= xorBlock[0]; - block[1] ^= xorBlock[1]; - } -} - -inline void UnalignedPutWord(ByteOrder order, byte* block, word32 value, - const byte* xorBlock = 0) -{ - if (order == BigEndianOrder) - { - block[0] = GETBYTE(value, 3); - block[1] = GETBYTE(value, 2); - block[2] = GETBYTE(value, 1); - block[3] = GETBYTE(value, 0); - } - else - { - block[0] = GETBYTE(value, 0); - block[1] = GETBYTE(value, 1); - block[2] = GETBYTE(value, 2); - block[3] = GETBYTE(value, 3); - } - - if (xorBlock) - { - block[0] ^= xorBlock[0]; - block[1] ^= xorBlock[1]; - block[2] ^= xorBlock[2]; - block[3] ^= xorBlock[3]; - } -} - - -template <class T> -inline T GetWord(bool assumeAligned, ByteOrder order, const byte *block) -{ - if (assumeAligned) - return ByteReverseIf(*reinterpret_cast<const T *>(block), order); - else - return UnalignedGetWord<T>(order, block); -} - -template <class T> -inline void GetWord(bool assumeAligned, ByteOrder order, T &result, - const byte *block) -{ - result = GetWord<T>(assumeAligned, order, block); -} - -template <class T> -inline void PutWord(bool assumeAligned, ByteOrder order, byte* block, T value, - const byte *xorBlock = 0) -{ - if (assumeAligned) - { - if (xorBlock) - *reinterpret_cast<T *>(block) = ByteReverseIf(value, order) - ^ *reinterpret_cast<const T *>(xorBlock); - else - *reinterpret_cast<T *>(block) = ByteReverseIf(value, order); - } - else - UnalignedPutWord(order, block, value, xorBlock); -} - -template <class T, class B, bool A=true> -class GetBlock -{ -public: - GetBlock(const void *block) - : m_block((const byte *)block) {} - - template <class U> - inline GetBlock<T, B, A> & operator()(U &x) - { - TAOCRYPT_COMPILE_ASSERT(sizeof(U) >= sizeof(T)); - x = GetWord<T>(A, B::ToEnum(), m_block); - m_block += sizeof(T); - return *this; - } - -private: - const byte *m_block; -}; - -template <class T, class B, bool A = true> -class PutBlock -{ -public: - PutBlock(const void *xorBlock, void *block) - : m_xorBlock((const byte *)xorBlock), m_block((byte *)block) {} - - template <class U> - inline PutBlock<T, B, A> & operator()(U x) - { - PutWord(A, B::ToEnum(), m_block, (T)x, m_xorBlock); - m_block += sizeof(T); - if (m_xorBlock) - m_xorBlock += sizeof(T); - return *this; - } - -private: - const byte *m_xorBlock; - byte *m_block; -}; - -/* - XXX MYSQL: Setting A (assumeAligned) to false, - keeping it true might trigger segfault on SPARC. -*/ -template <class T, class B, bool A= false> -struct BlockGetAndPut -{ - // function needed because of C++ grammatical ambiguity between - // expression-statements and declarations - static inline GetBlock<T, B, A> Get(const void *block) - {return GetBlock<T, B, A>(block);} - typedef PutBlock<T, B, A> Put; -}; - - - -template <bool overflow> struct SafeShifter; - -template<> struct SafeShifter<true> -{ - template <class T> - static inline T RightShift(T value, unsigned int bits) - { - return 0; - } - - template <class T> - static inline T LeftShift(T value, unsigned int bits) - { - return 0; - } -}; - -template<> struct SafeShifter<false> -{ - template <class T> - static inline T RightShift(T value, unsigned int bits) - { - return value >> bits; - } - - template <class T> - static inline T LeftShift(T value, unsigned int bits) - { - return value << bits; - } -}; - -template <unsigned int bits, class T> -inline T SafeRightShift(T value) -{ - return SafeShifter<(bits>=(8*sizeof(T)))>::RightShift(value, bits); -} - -template <unsigned int bits, class T> -inline T SafeLeftShift(T value) -{ - return SafeShifter<(bits>=(8*sizeof(T)))>::LeftShift(value, bits); -} - - -inline -word ShiftWordsLeftByBits(word* r, unsigned int n, unsigned int shiftBits) -{ - word u, carry=0; - if (shiftBits) - for (unsigned int i=0; i<n; i++) - { - u = r[i]; - r[i] = (u << shiftBits) | carry; - carry = u >> (WORD_BITS-shiftBits); - } - return carry; -} - - -inline -word ShiftWordsRightByBits(word* r, int n, unsigned int shiftBits) -{ - word u, carry=0; - if (shiftBits) - for (int i=n-1; i>=0; i--) - { - u = r[i]; - r[i] = (u >> shiftBits) | carry; - carry = u << (WORD_BITS-shiftBits); - } - return carry; -} - - -inline -void ShiftWordsLeftByWords(word* r, unsigned int n, unsigned int shiftWords) -{ - shiftWords = min(shiftWords, n); - if (shiftWords) - { - for (unsigned int i=n-1; i>=shiftWords; i--) - r[i] = r[i-shiftWords]; - SetWords(r, 0, shiftWords); - } -} - - -inline -void ShiftWordsRightByWords(word* r, unsigned int n, unsigned int shiftWords) -{ - shiftWords = min(shiftWords, n); - if (shiftWords) - { - for (unsigned int i=0; i+shiftWords<n; i++) - r[i] = r[i+shiftWords]; - SetWords(r+n-shiftWords, 0, shiftWords); - } -} - - -template <class T1, class T2> -inline T1 SaturatingSubtract(T1 a, T2 b) -{ - TAOCRYPT_COMPILE_ASSERT_INSTANCE(T1(-1)>0, 0); // T1 is unsigned type - TAOCRYPT_COMPILE_ASSERT_INSTANCE(T2(-1)>0, 1); // T2 is unsigned type - return T1((a > b) ? (a - b) : 0); -} - - -// declares -unsigned int BytePrecision(word value); -unsigned int BitPrecision(word); -word Crop(word value, unsigned int size); - - - -} // namespace - -#endif // TAO_CRYPT_MISC_HPP diff --git a/extra/yassl/taocrypt/include/modarith.hpp b/extra/yassl/taocrypt/include/modarith.hpp deleted file mode 100644 index e536b5722e3..00000000000 --- a/extra/yassl/taocrypt/include/modarith.hpp +++ /dev/null @@ -1,166 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* based on Wei Dai's modarith.h from CryptoPP */ - - -#ifndef TAO_CRYPT_MODARITH_HPP -#define TAO_CRYPT_MODARITH_HPP - -#include "misc.hpp" -#include "algebra.hpp" - -namespace TaoCrypt { - - -// ModularArithmetic -class ModularArithmetic : public AbstractRing -{ -public: - - typedef int RandomizationParameter; - typedef Integer Element; - - ModularArithmetic(const Integer &modulus = Integer::One()) - : modulus(modulus), result((word)0, modulus.reg_.size()) {} - - ModularArithmetic(const ModularArithmetic &ma) - : AbstractRing(), - modulus(ma.modulus), result((word)0, modulus.reg_.size()) {} - - const Integer& GetModulus() const {return modulus;} - void SetModulus(const Integer &newModulus) - { - modulus = newModulus; - result.reg_.resize(modulus.reg_.size()); - } - - virtual bool IsMontgomeryRepresentation() const {return false;} - - virtual Integer ConvertIn(const Integer &a) const - {return a%modulus;} - - virtual Integer ConvertOut(const Integer &a) const - {return a;} - - const Integer& Half(const Integer &a) const; - - bool Equal(const Integer &a, const Integer &b) const - {return a==b;} - - const Integer& Identity() const - {return Integer::Zero();} - - const Integer& Add(const Integer &a, const Integer &b) const; - - Integer& Accumulate(Integer &a, const Integer &b) const; - - const Integer& Inverse(const Integer &a) const; - - const Integer& Subtract(const Integer &a, const Integer &b) const; - - Integer& Reduce(Integer &a, const Integer &b) const; - - const Integer& Double(const Integer &a) const - {return Add(a, a);} - - const Integer& MultiplicativeIdentity() const - {return Integer::One();} - - const Integer& Multiply(const Integer &a, const Integer &b) const - {return result1 = a*b%modulus;} - - const Integer& Square(const Integer &a) const - {return result1 = a.Squared()%modulus;} - - bool IsUnit(const Integer &a) const - {return Integer::Gcd(a, modulus).IsUnit();} - - const Integer& MultiplicativeInverse(const Integer &a) const - {return result1 = a.InverseMod(modulus);} - - const Integer& Divide(const Integer &a, const Integer &b) const - {return Multiply(a, MultiplicativeInverse(b));} - - Integer CascadeExponentiate(const Integer &x, const Integer &e1, - const Integer &y, const Integer &e2) const; - - void SimultaneousExponentiate(Element *results, const Element &base, - const Integer *exponents, unsigned int exponentsCount) const; - - unsigned int MaxElementBitLength() const - {return (modulus-1).BitCount();} - - unsigned int MaxElementByteLength() const - {return (modulus-1).ByteCount();} - - - static const RandomizationParameter DefaultRandomizationParameter; - -protected: - Integer modulus; - mutable Integer result, result1; - -}; - - - -//! do modular arithmetics in Montgomery representation for increased speed -class MontgomeryRepresentation : public ModularArithmetic -{ -public: - MontgomeryRepresentation(const Integer &modulus); // modulus must be odd - - bool IsMontgomeryRepresentation() const {return true;} - - Integer ConvertIn(const Integer &a) const - {return (a<<(WORD_BITS*modulus.reg_.size()))%modulus;} - - Integer ConvertOut(const Integer &a) const; - - const Integer& MultiplicativeIdentity() const - {return result1 = Integer::Power2(WORD_BITS*modulus.reg_.size())%modulus;} - - const Integer& Multiply(const Integer &a, const Integer &b) const; - - const Integer& Square(const Integer &a) const; - - const Integer& MultiplicativeInverse(const Integer &a) const; - - Integer CascadeExponentiate(const Integer &x, const Integer &e1, - const Integer &y, const Integer &e2) const - {return AbstractRing::CascadeExponentiate(x, e1, y, e2);} - - void SimultaneousExponentiate(Element *results, const Element &base, - const Integer *exponents, unsigned int exponentsCount) const - {AbstractRing::SimultaneousExponentiate(results, base, - exponents, exponentsCount);} - -private: - Integer u; - mutable AlignedWordBlock workspace; -}; - - - - -} // namespace - -#endif // TAO_CRYPT_MODARITH_HPP diff --git a/extra/yassl/taocrypt/include/modes.hpp b/extra/yassl/taocrypt/include/modes.hpp deleted file mode 100644 index 71d2fd908c5..00000000000 --- a/extra/yassl/taocrypt/include/modes.hpp +++ /dev/null @@ -1,155 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. - Copyright (c) 2017, MariaDB Corporation. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* modes.hpp provides ECB and CBC modes for block cipher encryption/decryption -*/ - - -#ifndef TAO_CRYPT_MODES_HPP -#define TAO_CRYPT_MODES_HPP - -#include "misc.hpp" - -namespace TaoCrypt { - - -enum Mode { ECB, CBC }; - - - -// BlockCipher abstraction -template<CipherDir DIR, class T, Mode MODE> -class BlockCipher { -public: - BlockCipher() : cipher_(DIR, MODE) {} - - void Process(byte* c, const byte* p, word32 sz) - { cipher_.Process(c, p, sz); } - void SetKey(const byte* k, word32 sz) - { cipher_.SetKey(k, sz, DIR); } - void SetKey(const byte* k, word32 sz, const byte* iv) - { cipher_.SetKey(k, sz, DIR); cipher_.SetIV(iv); } -private: - T cipher_; - - BlockCipher(const BlockCipher&); // hide copy - BlockCipher& operator=(const BlockCipher&); // and assign -}; - - -// Mode Base for block ciphers, static size -class Mode_BASE : public virtual_base { -public: - enum { MaxBlockSz = 16 }; - - explicit Mode_BASE(unsigned sz, CipherDir dir, Mode mode) - : blockSz_(sz), reg_(reinterpret_cast<byte*>(r_)), - tmp_(reinterpret_cast<byte*>(t_)), dir_(dir), mode_(mode) - {} - virtual ~Mode_BASE() {} - - virtual void Process(byte*, const byte*, word32); - - void SetIV(const byte* iv) { memcpy(reg_, iv, blockSz_); } -protected: - unsigned blockSz_; - byte* reg_; - byte* tmp_; - - word32 r_[MaxBlockSz / sizeof(word32)]; // align reg_ on word32 - word32 t_[MaxBlockSz / sizeof(word32)]; // align tmp_ on word32 - - CipherDir dir_; - Mode mode_; - - void ECB_Process(byte*, const byte*, word32); - void CBC_Encrypt(byte*, const byte*, word32); - void CBC_Decrypt(byte*, const byte*, word32); - - Mode_BASE(const Mode_BASE&); // hide copy - Mode_BASE& operator=(const Mode_BASE&); // and assign - -private: - virtual void ProcessAndXorBlock(const byte*, const byte*, byte*) const = 0; -}; - - -inline void Mode_BASE::Process(byte* out, const byte* in, word32 sz) -{ - if (mode_ == ECB) - ECB_Process(out, in, sz); - else if (mode_ == CBC) { - if (dir_ == ENCRYPTION) - CBC_Encrypt(out, in, sz); - else - CBC_Decrypt(out, in, sz); - } -} - - -// ECB Process blocks -inline void Mode_BASE::ECB_Process(byte* out, const byte* in, word32 sz) -{ - word32 blocks = sz / blockSz_; - - while (blocks--) { - ProcessAndXorBlock(in, 0, out); - out += blockSz_; - in += blockSz_; - } -} - - -// CBC Encrypt -inline void Mode_BASE::CBC_Encrypt(byte* out, const byte* in, word32 sz) -{ - word32 blocks = sz / blockSz_; - - while (blocks--) { - xorbuf(reg_, in, blockSz_); - ProcessAndXorBlock(reg_, 0, reg_); - memcpy(out, reg_, blockSz_); - out += blockSz_; - in += blockSz_; - } -} - - -// CBC Decrypt -inline void Mode_BASE::CBC_Decrypt(byte* out, const byte* in, word32 sz) -{ - word32 blocks = sz / blockSz_; - byte hold[MaxBlockSz]; - - while (blocks--) { - memcpy(tmp_, in, blockSz_); - ProcessAndXorBlock(tmp_, 0, out); - xorbuf(out, reg_, blockSz_); - memcpy(hold, reg_, blockSz_); // swap reg_ and tmp_ - memcpy(reg_, tmp_, blockSz_); - memcpy(tmp_, hold, blockSz_); - out += blockSz_; - in += blockSz_; - } -} - - -} // namespace - -#endif // TAO_CRYPT_MODES_HPP diff --git a/extra/yassl/taocrypt/include/pwdbased.hpp b/extra/yassl/taocrypt/include/pwdbased.hpp deleted file mode 100644 index 57495d01b50..00000000000 --- a/extra/yassl/taocrypt/include/pwdbased.hpp +++ /dev/null @@ -1,91 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* pwdbased.hpp defines PBKDF2 from PKCS #5 -*/ - - -#ifndef TAO_CRYPT_PWDBASED_HPP -#define TAO_CRYPT_PWDBASED_HPP - -#include <string.h> -#include "misc.hpp" -#include "block.hpp" -#include "hmac.hpp" - -namespace TaoCrypt { - - -// From PKCS #5, T must be type suitable for HMAC<T> -template <class T> -class PBKDF2_HMAC { -public: - word32 MaxDerivedKeyLength() const { return 0xFFFFFFFFU;} // avoid overflow - - word32 DeriveKey(byte* derived, word32 dLen, const byte* pwd, word32 pLen, - const byte* salt, word32 sLen, word32 iterations) const; -}; - - - -template <class T> -word32 PBKDF2_HMAC<T>::DeriveKey(byte* derived, word32 dLen, const byte* pwd, - word32 pLen, const byte* salt, word32 sLen, - word32 iterations) const -{ - if (dLen > MaxDerivedKeyLength()) - return 0; - - ByteBlock buffer(T::DIGEST_SIZE); - HMAC<T> hmac; - - hmac.SetKey(pwd, pLen); - - word32 i = 1; - - while (dLen > 0) { - hmac.Update(salt, sLen); - word32 j; - for (j = 0; j < 4; j++) { - byte b = i >> ((3-j)*8); - hmac.Update(&b, 1); - } - hmac.Final(buffer.get_buffer()); - - word32 segmentLen = min(dLen, buffer.size()); - memcpy(derived, buffer.get_buffer(), segmentLen); - - for (j = 1; j < iterations; j++) { - hmac.Update(buffer.get_buffer(), buffer.size()); - hmac.Final(buffer.get_buffer()); - xorbuf(derived, buffer.get_buffer(), segmentLen); - } - derived += segmentLen; - dLen -= segmentLen; - i++; - } - return iterations; -} - - - - -} // naemspace - -#endif // TAO_CRYPT_PWDBASED_HPP diff --git a/extra/yassl/taocrypt/include/rabbit.hpp b/extra/yassl/taocrypt/include/rabbit.hpp deleted file mode 100644 index e9af478fedf..00000000000 --- a/extra/yassl/taocrypt/include/rabbit.hpp +++ /dev/null @@ -1,65 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* rabbit.hpp defines Rabbit -*/ - - -#ifndef TAO_CRYPT_RABBIT_HPP -#define TAO_CRYPT_RABBIT_HPP - -#include "misc.hpp" - -namespace TaoCrypt { - - -// Rabbit encryption and decryption -class Rabbit { -public: - - typedef Rabbit Encryption; - typedef Rabbit Decryption; - - enum RabbitCtx { Master = 0, Work = 1 }; - - Rabbit() {} - - void Process(byte*, const byte*, word32); - void SetKey(const byte*, const byte*); -private: - struct Ctx { - word32 x[8]; - word32 c[8]; - word32 carry; - }; - - Ctx masterCtx_; - Ctx workCtx_; - - void NextState(RabbitCtx); - void SetIV(const byte*); - - Rabbit(const Rabbit&); // hide copy - const Rabbit operator=(const Rabbit&); // and assign -}; - -} // namespace - - -#endif // TAO_CRYPT_RABBIT_HPP - diff --git a/extra/yassl/taocrypt/include/random.hpp b/extra/yassl/taocrypt/include/random.hpp deleted file mode 100644 index 90d38de7943..00000000000 --- a/extra/yassl/taocrypt/include/random.hpp +++ /dev/null @@ -1,85 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* random.hpp provides a crypto secure Random Number Generator using an OS - specific seed -*/ - - -#ifndef TAO_CRYPT_RANDOM_HPP -#define TAO_CRYPT_RANDOM_HPP - -#include "arc4.hpp" -#include "error.hpp" - -namespace TaoCrypt { - - -// OS specific seeder -class OS_Seed { -public: - OS_Seed(); - ~OS_Seed(); - - void GenerateSeed(byte*, word32 sz); - Error GetError() const { return error_; } -private: -#if defined(_WIN32) - #if defined(_WIN64) - typedef unsigned __int64 ProviderHandle; - // type HCRYPTPROV, avoid #include <windows.h> - #else - typedef unsigned long ProviderHandle; - #endif - ProviderHandle handle_; -#else - int fd_; -#endif - Error error_; - - OS_Seed(const OS_Seed&); // hide copy - OS_Seed& operator=(const OS_Seed&); // hide assign -}; - - -// secure Random Nnumber Generator -class RandomNumberGenerator { -public: - RandomNumberGenerator(); - ~RandomNumberGenerator() {} - - void GenerateBlock(byte*, word32 sz); - byte GenerateByte(); - - ErrorNumber GetError() const { return seed_.GetError().What(); } -private: - OS_Seed seed_; - ARC4 cipher_; - - RandomNumberGenerator(const RandomNumberGenerator&); // hide copy - RandomNumberGenerator operator=(const RandomNumberGenerator&); // && assign -}; - - - - -} // namespace - -#endif // TAO_CRYPT_RANDOM_HPP - diff --git a/extra/yassl/taocrypt/include/ripemd.hpp b/extra/yassl/taocrypt/include/ripemd.hpp deleted file mode 100644 index d50a1714232..00000000000 --- a/extra/yassl/taocrypt/include/ripemd.hpp +++ /dev/null @@ -1,70 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* ripemd.hpp provides RIPEMD digest support -*/ - -#ifndef TAO_CRYPT_RIPEMD_HPP -#define TAO_CRYPT_RIPEMD_HPP - -#include "hash.hpp" - - -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_RIPEMD_ASM -#endif - -namespace TaoCrypt { - - -// RIPEMD160 digest -class RIPEMD160 : public HASHwithTransform { -public: - enum { BLOCK_SIZE = 64, DIGEST_SIZE = 20, PAD_SIZE = 56, - TAO_BYTE_ORDER = LittleEndianOrder }; // in Bytes - RIPEMD160() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) - { Init(); } - ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } - word32 getBlockSize() const { return BLOCK_SIZE; } - word32 getDigestSize() const { return DIGEST_SIZE; } - word32 getPadSize() const { return PAD_SIZE; } - - RIPEMD160(const RIPEMD160&); - RIPEMD160& operator= (const RIPEMD160&); - -#ifdef DO_RIPEMD_ASM - void Update(const byte*, word32); -#endif - void Init(); - void Swap(RIPEMD160&); -private: - void Transform(); - void AsmTransform(const byte* data, word32 times); -}; - -inline void swap(RIPEMD160& a, RIPEMD160& b) -{ - a.Swap(b); -} - - -} // namespace - -#endif // TAO_CRYPT_RIPEMD_HPP - diff --git a/extra/yassl/taocrypt/include/rsa.hpp b/extra/yassl/taocrypt/include/rsa.hpp deleted file mode 100644 index 446752c64b6..00000000000 --- a/extra/yassl/taocrypt/include/rsa.hpp +++ /dev/null @@ -1,250 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* rsa.hpp provides RSA ES encrypt/decrypt, SSL (block type 1) sign and verify -*/ - -#ifndef TAO_CRYPT_RSA_HPP -#define TAO_CRYPT_RSA_HPP - -#include "integer.hpp" -#include "random.hpp" - - -namespace TaoCrypt { - -class Source; - - -// Public Key Length helper -class PK_Lengths { - const Integer& image_; -public: - explicit PK_Lengths(const Integer& i) : image_(i) {} - - word32 PaddedBlockBitLength() const {return image_.BitCount() - 1;} - word32 PaddedBlockByteLength() const - {return BitsToBytes(PaddedBlockBitLength());} - - word32 FixedCiphertextLength() const {return image_.ByteCount();} - word32 FixedMaxPlaintextLength() const - {return SaturatingSubtract(PaddedBlockBitLength() / 8, 10U); } -}; - - -// RSA Public Key -class RSA_PublicKey { -protected: - Integer n_; - Integer e_; -public: - RSA_PublicKey() {} - explicit RSA_PublicKey(Source&); - - void Initialize(const Integer& n, const Integer& e) {n_ = n; e_ = e;} - void Initialize(Source&); - - Integer ApplyFunction(const Integer& x) const; - - const Integer& GetModulus() const {return n_;} - const Integer& GetPublicExponent() const {return e_;} - - void SetModulus(const Integer& n) {n_ = n;} - void SetPublicExponent(const Integer& e) {e_ = e;} - - word32 FixedCiphertextLength() - { - return PK_Lengths(n_).FixedCiphertextLength(); - } - - RSA_PublicKey(const RSA_PublicKey& other) : n_(other.n_), e_(other.e_) {} - RSA_PublicKey& operator=(const RSA_PublicKey& that) - { - RSA_PublicKey tmp(that); - Swap(tmp); - return *this; - } - - void Swap(RSA_PublicKey& other) - { - n_.Swap(other.n_); - e_.Swap(other.e_); - } -}; - - -// RSA Private Key -class RSA_PrivateKey : public RSA_PublicKey { - Integer d_; - Integer p_; - Integer q_; - Integer dp_; - Integer dq_; - Integer u_; -public: - RSA_PrivateKey() {} - explicit RSA_PrivateKey(Source&); - - void Initialize(const Integer& n, const Integer& e, const Integer& d, - const Integer& p, const Integer& q, const Integer& dp, - const Integer& dq, const Integer& u) - {n_ = n; e_ = e; d_ = d; p_ = p; q_ = q; dp_ = dp; dq_ = dq; u_ = u;} - void Initialize(Source&); - - Integer CalculateInverse(RandomNumberGenerator&, const Integer&) const; - - const Integer& GetPrime1() const {return p_;} - const Integer& GetPrime2() const {return q_;} - const Integer& GetPrivateExponent() const {return d_;} - const Integer& GetModPrime1PrivateExponent() const {return dp_;} - const Integer& GetModPrime2PrivateExponent() const {return dq_;} - const Integer& GetMultiplicativeInverseOfPrime2ModPrime1() const - {return u_;} - - void SetPrime1(const Integer& p) {p_ = p;} - void SetPrime2(const Integer& q) {q_ = q;} - void SetPrivateExponent(const Integer& d) {d_ = d;} - void SetModPrime1PrivateExponent(const Integer& dp) {dp_ = dp;} - void SetModPrime2PrivateExponent(const Integer& dq) {dq_ = dq;} - void SetMultiplicativeInverseOfPrime2ModPrime1(const Integer& u) {u_ = u;} -private: - RSA_PrivateKey(const RSA_PrivateKey&); // hide copy - RSA_PrivateKey& operator=(const RSA_PrivateKey&); // and assign -}; - - -// block type 2 padding -class RSA_BlockType2 { -public: - void Pad(const byte*, word32, byte*, word32, - RandomNumberGenerator&) const; - word32 UnPad(const byte*, word32, byte*) const; -}; - - -// block type 1 padding -class RSA_BlockType1 { -public: - void Pad(const byte*, word32, byte*, word32, - RandomNumberGenerator&) const; - word32 UnPad(const byte*, word32, byte*) const; -}; - - -// RSA Encryptor, can use any padding -template<class Pad = RSA_BlockType2> -class RSA_Encryptor { - const RSA_PublicKey& key_; - Pad padding_; -public: - explicit RSA_Encryptor(const RSA_PublicKey& k) : key_(k) {} - - void Encrypt(const byte*, word32, byte*, RandomNumberGenerator&); - bool SSL_Verify(const byte* msg, word32 sz, const byte* sig); -}; - - -// RSA Decryptor, can use any padding -template<class Pad = RSA_BlockType2> -class RSA_Decryptor { - const RSA_PrivateKey& key_; - Pad padding_; -public: - explicit RSA_Decryptor(const RSA_PrivateKey& k) : key_(k) {} - - word32 Decrypt(const byte*, word32, byte*, RandomNumberGenerator&); - void SSL_Sign(const byte*, word32, byte*, RandomNumberGenerator&); -}; - - -// Public Encrypt -template<class Pad> -void RSA_Encryptor<Pad>::Encrypt(const byte* plain, word32 sz, byte* cipher, - RandomNumberGenerator& rng) -{ - PK_Lengths lengths(key_.GetModulus()); - if (sz > lengths.FixedMaxPlaintextLength()) - return; - - ByteBlock paddedBlock(lengths.PaddedBlockByteLength()); - padding_.Pad(plain, sz, paddedBlock.get_buffer(), - lengths.PaddedBlockBitLength(), rng); - - key_.ApplyFunction(Integer(paddedBlock.get_buffer(), paddedBlock.size())). - Encode(cipher, lengths.FixedCiphertextLength()); -} - - -// Private Decrypt -template<class Pad> -word32 RSA_Decryptor<Pad>::Decrypt(const byte* cipher, word32 sz, byte* plain, - RandomNumberGenerator& rng) -{ - PK_Lengths lengths(key_.GetModulus()); - - if (sz != lengths.FixedCiphertextLength()) - return 0; - - ByteBlock paddedBlock(lengths.PaddedBlockByteLength()); - Integer x = key_.CalculateInverse(rng, Integer(cipher, - lengths.FixedCiphertextLength()).Ref()); - if (x.ByteCount() > paddedBlock.size()) - x = Integer::Zero(); // don't return false, prevents timing attack - x.Encode(paddedBlock.get_buffer(), paddedBlock.size()); - return padding_.UnPad(paddedBlock.get_buffer(), - lengths.PaddedBlockBitLength(), plain); -} - - -// Private SSL type (block 1) Encrypt -template<class Pad> -void RSA_Decryptor<Pad>::SSL_Sign(const byte* message, word32 sz, byte* sig, - RandomNumberGenerator& rng) -{ - RSA_PublicKey inverse; - inverse.Initialize(key_.GetModulus(), key_.GetPrivateExponent()); - RSA_Encryptor<RSA_BlockType1> enc(inverse); // SSL Type - enc.Encrypt(message, sz, sig, rng); -} - - -word32 SSL_Decrypt(const RSA_PublicKey& key, const byte* sig, byte* plain); - - -// Public SSL type (block 1) Decrypt -template<class Pad> -bool RSA_Encryptor<Pad>::SSL_Verify(const byte* message, word32 sz, - const byte* sig) -{ - ByteBlock plain(PK_Lengths(key_.GetModulus()).FixedMaxPlaintextLength()); - if (SSL_Decrypt(key_, sig, plain.get_buffer()) != sz) - return false; // not right justified or bad padding - - if ( (memcmp(plain.get_buffer(), message, sz)) == 0) - return true; - return false; -} - - -typedef RSA_Encryptor<> RSAES_Encryptor; -typedef RSA_Decryptor<> RSAES_Decryptor; - - -} // namespace - -#endif // TAO_CRYPT_RSA_HPP diff --git a/extra/yassl/taocrypt/include/runtime.hpp b/extra/yassl/taocrypt/include/runtime.hpp deleted file mode 100644 index 90f084320cb..00000000000 --- a/extra/yassl/taocrypt/include/runtime.hpp +++ /dev/null @@ -1,68 +0,0 @@ -/* - Copyright (c) 2005, 2014, Oracle and/or its affiliates - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* runtime.hpp provides C++ runtime support functions when building a pure C - * version of yaSSL, user must define YASSL_PURE_C -*/ - - - -#ifndef yaSSL_NEW_HPP -#define yaSSL_NEW_HPP - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#ifdef __sun - - -// Handler for pure virtual functions -namespace __Crun { - static void pure_error(void) - { - // "Pure virtual method called, Aborted", GCC 4.2 str cmp fix - } -} // namespace __Crun - -#endif // __sun - - -#if defined(__GNUC__) && !(defined(__ICC) || defined(__INTEL_COMPILER)) - -#if __GNUC__ > 2 - -extern "C" { -#if defined(DO_TAOCRYPT_KERNEL_MODE) - #include "kernelc.hpp" -#endif - -/* Disallow inline __cxa_pure_virtual() */ -static int __cxa_pure_virtual() __attribute__((noinline, used)); -static int __cxa_pure_virtual() -{ - // oops, pure virtual called! - return 0; -} - -} // extern "C" - -#endif // __GNUC__ > 2 -#endif // compiler check -#endif // yaSSL_NEW_HPP - diff --git a/extra/yassl/taocrypt/include/sha.hpp b/extra/yassl/taocrypt/include/sha.hpp deleted file mode 100644 index 8b18b7a66ae..00000000000 --- a/extra/yassl/taocrypt/include/sha.hpp +++ /dev/null @@ -1,174 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* sha.hpp provides SHA-1 digests, see RFC 3174 -*/ - -#ifndef TAO_CRYPT_SHA_HPP -#define TAO_CRYPT_SHA_HPP - -#include "hash.hpp" - - -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_SHA_ASM -#endif - -namespace TaoCrypt { - - -// SHA-1 digest -class SHA : public HASHwithTransform { -public: - enum { BLOCK_SIZE = 64, DIGEST_SIZE = 20, PAD_SIZE = 56, - TAO_BYTE_ORDER = BigEndianOrder}; // in Bytes - SHA() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) - { Init(); } - ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } - word32 getBlockSize() const { return BLOCK_SIZE; } - word32 getDigestSize() const { return DIGEST_SIZE; } - word32 getPadSize() const { return PAD_SIZE; } - -#ifdef DO_SHA_ASM - void Update(const byte* data, word32 len); -#endif - void Init(); - - SHA(const SHA&); - SHA& operator= (const SHA&); - - void Swap(SHA&); -private: - void Transform(); - void AsmTransform(const byte* data, word32 times); -}; - - -inline void swap(SHA& a, SHA& b) -{ - a.Swap(b); -} - -// SHA-256 digest -class SHA256 : public HASHwithTransform { -public: - enum { BLOCK_SIZE = 64, DIGEST_SIZE = 32, PAD_SIZE = 56, - TAO_BYTE_ORDER = BigEndianOrder}; // in Bytes - SHA256() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) - { Init(); } - ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } - word32 getBlockSize() const { return BLOCK_SIZE; } - word32 getDigestSize() const { return DIGEST_SIZE; } - word32 getPadSize() const { return PAD_SIZE; } - - void Init(); - - SHA256(const SHA256&); - SHA256& operator= (const SHA256&); - - void Swap(SHA256&); -private: - void Transform(); -}; - - -// SHA-224 digest -class SHA224 : public HASHwithTransform { -public: - enum { BLOCK_SIZE = 64, DIGEST_SIZE = 28, PAD_SIZE = 56, - TAO_BYTE_ORDER = BigEndianOrder}; // in Bytes - SHA224() : HASHwithTransform(SHA256::DIGEST_SIZE /sizeof(word32),BLOCK_SIZE) - { Init(); } - ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } - word32 getBlockSize() const { return BLOCK_SIZE; } - word32 getDigestSize() const { return DIGEST_SIZE; } - word32 getPadSize() const { return PAD_SIZE; } - - void Init(); - - SHA224(const SHA224&); - SHA224& operator= (const SHA224&); - - void Swap(SHA224&); -private: - void Transform(); -}; - - -#ifdef WORD64_AVAILABLE - -// SHA-512 digest -class SHA512 : public HASH64withTransform { -public: - enum { BLOCK_SIZE = 128, DIGEST_SIZE = 64, PAD_SIZE = 112, - TAO_BYTE_ORDER = BigEndianOrder}; // in Bytes - SHA512() : HASH64withTransform(DIGEST_SIZE / sizeof(word64), BLOCK_SIZE) - { Init(); } - ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } - word32 getBlockSize() const { return BLOCK_SIZE; } - word32 getDigestSize() const { return DIGEST_SIZE; } - word32 getPadSize() const { return PAD_SIZE; } - - void Init(); - - SHA512(const SHA512&); - SHA512& operator= (const SHA512&); - - void Swap(SHA512&); -private: - void Transform(); -}; - - -// SHA-384 digest -class SHA384 : public HASH64withTransform { -public: - enum { BLOCK_SIZE = 128, DIGEST_SIZE = 48, PAD_SIZE = 112, - TAO_BYTE_ORDER = BigEndianOrder}; // in Bytes - SHA384() : HASH64withTransform(SHA512::DIGEST_SIZE/ sizeof(word64), - BLOCK_SIZE) - { Init(); } - ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } - word32 getBlockSize() const { return BLOCK_SIZE; } - word32 getDigestSize() const { return DIGEST_SIZE; } - word32 getPadSize() const { return PAD_SIZE; } - - void Init(); - - SHA384(const SHA384&); - SHA384& operator= (const SHA384&); - - void Swap(SHA384&); -private: - void Transform(); -}; - -enum { MAX_SHA2_DIGEST_SIZE = 64 }; // SHA512 - -#else - -enum { MAX_SHA2_DIGEST_SIZE = 32 }; // SHA256 - -#endif // WORD64_AVAILABLE - - -} // namespace - - -#endif // TAO_CRYPT_SHA_HPP - diff --git a/extra/yassl/taocrypt/include/twofish.hpp b/extra/yassl/taocrypt/include/twofish.hpp deleted file mode 100644 index c2b0e6f75ad..00000000000 --- a/extra/yassl/taocrypt/include/twofish.hpp +++ /dev/null @@ -1,95 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* twofish.hpp defines Twofish -*/ - - -#ifndef TAO_CRYPT_TWOFISH_HPP -#define TAO_CRYPT_TWOFISH_HPP - -#include "misc.hpp" -#include "modes.hpp" -#ifdef USE_SYS_STL - #include <algorithm> -#else - #include "algorithm.hpp" -#endif - - -namespace STL = STL_NAMESPACE; - - -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_TWOFISH_ASM -#endif - -namespace TaoCrypt { - -enum { TWOFISH_BLOCK_SIZE = 16 }; - - -// Twofish encryption and decryption, see -class Twofish : public Mode_BASE { -public: - enum { BLOCK_SIZE = TWOFISH_BLOCK_SIZE }; - - Twofish(CipherDir DIR, Mode MODE) - : Mode_BASE(BLOCK_SIZE, DIR, MODE) {} - -#ifdef DO_TWOFISH_ASM - void Process(byte*, const byte*, word32); -#endif - void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION); - void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); } -private: - static const byte q_[2][256]; - static const word32 mds_[4][256]; - - word32 k_[40]; - word32 s_[4][256]; - - static word32 h0(word32 x, const word32 *key, unsigned int kLen); - static word32 h(word32 x, const word32 *key, unsigned int kLen); - - void ProcessAndXorBlock(const byte*, const byte*, byte*) const; - - void encrypt(const byte*, const byte*, byte*) const; - void decrypt(const byte*, const byte*, byte*) const; - - void AsmEncrypt(const byte* inBlock, byte* outBlock) const; - void AsmDecrypt(const byte* inBlock, byte* outBlock) const; - - Twofish(const Twofish&); // hide copy - Twofish& operator=(const Twofish&); // and assign -}; - - -typedef BlockCipher<ENCRYPTION, Twofish, ECB> Twofish_ECB_Encryption; -typedef BlockCipher<DECRYPTION, Twofish, ECB> Twofish_ECB_Decryption; - -typedef BlockCipher<ENCRYPTION, Twofish, CBC> Twofish_CBC_Encryption; -typedef BlockCipher<DECRYPTION, Twofish, CBC> Twofish_CBC_Decryption; - - - -} // naemspace - -#endif // TAO_CRYPT_TWOFISH_HPP - diff --git a/extra/yassl/taocrypt/include/type_traits.hpp b/extra/yassl/taocrypt/include/type_traits.hpp deleted file mode 100644 index f85ae552c18..00000000000 --- a/extra/yassl/taocrypt/include/type_traits.hpp +++ /dev/null @@ -1,78 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* type_traits defines fundamental types - * see discussion in C++ Templates, $19.1 -*/ - - -#ifndef TAO_CRYPT_TYPE_TRAITS_HPP -#define TAO_CRYPT_TYPE_TRAITS_HPP - -#include "types.hpp" - -namespace TaoCrypt { - - -// primary template: in general T is not a fundamental type - -template <typename T> -class IsFundamentalType { - public: - enum { Yes = 0, No = 1 }; -}; - - -// macro to specialize for fundamental types -#define MK_FUNDAMENTAL_TYPE(T) \ - template<> class IsFundamentalType<T> { \ - public: \ - enum { Yes = 1, No = 0 }; \ - }; - - -MK_FUNDAMENTAL_TYPE(void) - -MK_FUNDAMENTAL_TYPE(bool) -MK_FUNDAMENTAL_TYPE( char) -MK_FUNDAMENTAL_TYPE(signed char) -MK_FUNDAMENTAL_TYPE(unsigned char) - -MK_FUNDAMENTAL_TYPE(signed short) -MK_FUNDAMENTAL_TYPE(unsigned short) -MK_FUNDAMENTAL_TYPE(signed int) -MK_FUNDAMENTAL_TYPE(unsigned int) -MK_FUNDAMENTAL_TYPE(signed long) -MK_FUNDAMENTAL_TYPE(unsigned long) - -MK_FUNDAMENTAL_TYPE(float) -MK_FUNDAMENTAL_TYPE( double) -MK_FUNDAMENTAL_TYPE(long double) - -#if defined(WORD64_AVAILABLE) && defined(WORD64_IS_DISTINCT_TYPE) - MK_FUNDAMENTAL_TYPE(word64) -#endif - - -#undef MK_FUNDAMENTAL_TYPE - - -} // namespace - -#endif // TAO_CRYPT_TYPE_TRAITS_HPP diff --git a/extra/yassl/taocrypt/include/types.hpp b/extra/yassl/taocrypt/include/types.hpp deleted file mode 100644 index 97136970e13..00000000000 --- a/extra/yassl/taocrypt/include/types.hpp +++ /dev/null @@ -1,99 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* based on Wei Dai's misc.h from CryptoPP, basic crypt types */ - - -#ifndef TAO_CRYPT_TYPES_HPP -#define TAO_CRYPT_TYPES_HPP - -#ifdef HAVE_CONFIG_H - #include "config.h" -#endif - -namespace TaoCrypt { - - -#if defined(WORDS_BIGENDIAN) || (defined(__MWERKS__) && !defined(__INTEL__)) - #define BIG_ENDIAN_ORDER -#endif - -#ifndef BIG_ENDIAN_ORDER - #define LITTLE_ENDIAN_ORDER -#endif - - -typedef unsigned char byte; -typedef unsigned short word16; -typedef unsigned int word32; - -#if defined(_MSC_VER) || defined(__BCPLUSPLUS__) - #define WORD64_AVAILABLE - #define WORD64_IS_DISTINCT_TYPE - typedef unsigned __int64 word64; - #define W64LIT(x) x##ui64 -#elif SIZEOF_LONG == 8 - #define WORD64_AVAILABLE - typedef unsigned long word64; - #define W64LIT(x) x##LL -#elif SIZEOF_LONG_LONG == 8 - #define WORD64_AVAILABLE - #define WORD64_IS_DISTINCT_TYPE - typedef unsigned long long word64; - #define W64LIT(x) x##LL -#endif - - -// compilers we've found 64-bit multiply insructions for -#if defined(__GNUC__) || defined(_MSC_VER) || defined(__DECCXX) - #if !(defined(__ICC) || defined(__INTEL_COMPILER)) - #define HAVE_64_MULTIPLY - #endif -#endif - - -#if defined(HAVE_64_MULTIPLY) && (defined(__alpha__) || defined(__ia64__) \ - || defined(_ARCH_PPC64) || defined(__mips64) || defined(__x86_64__) \ - || defined(_M_X64) || defined(_M_IA64)) -// These platforms have 64-bit CPU registers. Unfortunately most C++ compilers -// don't allow any way to access the 64-bit by 64-bit multiply instruction -// without using assembly, so in order to use word64 as word, the assembly -// instruction must be defined in Dword::Multiply(). - typedef word32 hword; - typedef word64 word; -#else - #define TAOCRYPT_NATIVE_DWORD_AVAILABLE - #ifdef WORD64_AVAILABLE - #define TAOCRYPT_SLOW_WORD64 - typedef word16 hword; - typedef word32 word; - typedef word64 dword; - #else - typedef byte hword; - typedef word16 word; - typedef word32 dword; - #endif -#endif - -const word32 WORD_SIZE = sizeof(word); -const word32 WORD_BITS = WORD_SIZE * 8; - - -} // namespace - -#endif // TAO_CRYPT_TYPES_HPP diff --git a/extra/yassl/taocrypt/mySTL/algorithm.hpp b/extra/yassl/taocrypt/mySTL/algorithm.hpp deleted file mode 100644 index 06731525bf1..00000000000 --- a/extra/yassl/taocrypt/mySTL/algorithm.hpp +++ /dev/null @@ -1,109 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* mySTL algorithm implements max, min, for_each, swap, find_if, copy, - * copy_backward, fill - */ - -#ifndef mySTL_ALGORITHM_HPP -#define mySTL_ALGORITHM_HPP - - -namespace mySTL { - - -template<typename T> -inline const T& max(const T& a, const T&b) -{ - return a < b ? b : a; -} - - -template<typename T> -inline const T& min(const T& a, const T&b) -{ - return b < a ? b : a; -} - - -template<typename InIter, typename Func> -Func for_each(InIter first, InIter last, Func op) -{ - while (first != last) { - op(*first); - ++first; - } - return op; -} - - -template<typename T> -inline void swap(T& a, T& b) -{ - T tmp = a; - a = b; - b = tmp; -} - - -template<typename InIter, typename Pred> -InIter find_if(InIter first, InIter last, Pred pred) -{ - while (first != last && !pred(*first)) - ++first; - return first; -} - - -template<typename InputIter, typename OutputIter> -inline OutputIter copy(InputIter first, InputIter last, OutputIter place) -{ - while (first != last) { - *place = *first; - ++first; - ++place; - } - return place; -} - - -template<typename InputIter, typename OutputIter> -inline OutputIter -copy_backward(InputIter first, InputIter last, OutputIter place) -{ - while (first != last) - *--place = *--last; - return place; -} - - -template<typename InputIter, typename T> -void fill(InputIter first, InputIter last, const T& v) -{ - while (first != last) { - *first = v; - ++first; - } -} - - -} // namespace mySTL - -#endif // mySTL_ALGORITHM_HPP diff --git a/extra/yassl/taocrypt/mySTL/helpers.hpp b/extra/yassl/taocrypt/mySTL/helpers.hpp deleted file mode 100644 index ec9266ddf2a..00000000000 --- a/extra/yassl/taocrypt/mySTL/helpers.hpp +++ /dev/null @@ -1,154 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* mySTL helpers implements misc constructs for vector and list - * - */ - -#ifndef mySTL_HELPERS_HPP -#define mySTL_HELPERS_HPP - -#include <stdlib.h> -#ifdef _MSC_VER - #include <new> -#endif - -/* - Workaround for the lack of operator new(size_t, void*) - in IBM VA C++ 6.0 - Also used as a workaround to avoid including <new> -*/ - struct Dummy {}; - - inline void* operator new(size_t size, Dummy* d) - { - return static_cast<void*>(d); - } - - // for compilers that want matching delete - inline void operator delete(void* ptr, Dummy* d) - { - } - - typedef Dummy* yassl_pointer; - -namespace mySTL { - - -template <typename T, typename T2> -inline void construct(T* p, const T2& value) -{ - new (reinterpret_cast<yassl_pointer>(p)) T(value); -} - - -template <typename T> -inline void construct(T* p) -{ - new (reinterpret_cast<yassl_pointer>(p)) T(); -} - - -template <typename T> -inline void destroy(T* p) -{ - p->~T(); -} - - -template <typename Iter> -void destroy(Iter first, Iter last) -{ - while (first != last) { - destroy(&*first); - ++first; - } -} - - -template <typename Iter, typename PlaceIter> -PlaceIter uninit_copy(Iter first, Iter last, PlaceIter place) -{ - while (first != last) { - construct(&*place, *first); - ++first; - ++place; - } - return place; -} - - -template <typename PlaceIter, typename Size, typename T> -PlaceIter uninit_fill_n(PlaceIter place, Size n, const T& value) -{ - while (n) { - construct(&*place, value); - --n; - ++place; - } - return place; -} - - -template <typename T> -T* GetArrayMemory(size_t items) -{ - unsigned char* ret; - - #ifdef YASSL_LIB - ret = NEW_YS unsigned char[sizeof(T) * items]; - #else - ret = NEW_TC unsigned char[sizeof(T) * items]; - #endif - - return reinterpret_cast<T*>(ret); -} - - -template <typename T> -void FreeArrayMemory(T* ptr) -{ - unsigned char* p = reinterpret_cast<unsigned char*>(ptr); - - #ifdef YASSL_LIB - yaSSL::ysArrayDelete(p); - #else - TaoCrypt::tcArrayDelete(p); - #endif -} - - - -inline void* GetMemory(size_t bytes) -{ - return GetArrayMemory<unsigned char>(bytes); -} - - -inline void FreeMemory(void* ptr) -{ - FreeArrayMemory(ptr); -} - - - -} // namespace mySTL - -#endif // mySTL_HELPERS_HPP diff --git a/extra/yassl/taocrypt/mySTL/list.hpp b/extra/yassl/taocrypt/mySTL/list.hpp deleted file mode 100644 index c71ebc8def5..00000000000 --- a/extra/yassl/taocrypt/mySTL/list.hpp +++ /dev/null @@ -1,368 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* mySTL list implements a simple list - * - */ - -#ifndef mySTL_LIST_HPP -#define mySTL_LIST_HPP - - -#include "helpers.hpp" - - -namespace mySTL { - - - -template<typename T> -class list { - -#ifdef __SUNPRO_CC -/* - Sun Forte 7 C++ v. 5.4 needs class 'node' public to be visible to - the nested class 'iterator' (a non-standard behaviour). -*/ -public: -#endif - - struct node { - node(T t) : prev_(0), next_(0), value_(t) {} - - node* prev_; - node* next_; - T value_; - }; -public: - list() : head_(0), tail_(0), sz_(0) {} - ~list(); - - void push_front(T); - void pop_front(); - T front() const; - void push_back(T); - void pop_back(); - T back() const; - bool remove(T); - size_t size() const { return sz_; } - bool empty() const { return sz_ == 0; } - - class iterator { - node* current_; - public: - explicit iterator(node* p = 0) : current_(p) {} - - T& operator*() const - { - return current_->value_; - } - - T* operator->() const - { - return &(operator*()); - } - - iterator& operator++() - { - current_ = current_->next_; - return *this; - } - - iterator& operator--() - { - current_ = current_->prev_; - return *this; - } - - iterator operator++(int) - { - iterator tmp = *this; - current_ = current_->next_; - return tmp; - } - - iterator operator--(int) - { - iterator tmp = *this; - current_ = current_->prev_; - return tmp; - } - - bool operator==(const iterator& other) const - { - return current_ == other.current_; - } - - bool operator!=(const iterator& other) const - { - return current_ != other.current_; - } - - friend class list<T>; - }; - - - class reverse_iterator { - node* current_; - public: - explicit reverse_iterator(node* p = 0) : current_(p) {} - - T& operator*() const - { - return current_->value_; - } - - T* operator->() const - { - return &(operator*()); - } - - reverse_iterator& operator++() - { - current_ = current_->prev_; - return *this; - } - - reverse_iterator& operator--() - { - current_ = current_->next_; - return *this; - } - - reverse_iterator operator++(int) - { - reverse_iterator tmp = *this; - current_ = current_->prev_; - return tmp; - } - - reverse_iterator operator--(int) - { - reverse_iterator tmp = *this; - current_ = current_->next_; - return tmp; - } - - bool operator==(const reverse_iterator& other) const - { - return current_ == other.current_; - } - - bool operator!=(const reverse_iterator& other) const - { - return current_ != other.current_; - } - - friend class list<T>; - }; - - bool erase(iterator); - - iterator begin() const { return iterator(head_); } - reverse_iterator rbegin() const { return reverse_iterator(tail_); } - iterator end() const { return iterator(); } - reverse_iterator rend() const { return reverse_iterator(); } - - typedef iterator const_iterator; // for now - - class underflow {}; - class overflow {}; -private: - node* head_; - node* tail_; - size_t sz_; - - node* look_up(T); - - list(const list&); // hide copy - list& operator=(const list&); // and assign -}; - - -template<typename T> -list<T>::~list() -{ - node* start = head_; - node* next_; - - for (; start; start = next_) { - next_ = start->next_; - destroy(start); - FreeMemory(start); - } -} - - -template<typename T> -void list<T>::push_front(T t) -{ - void* mem = GetMemory(sizeof(node)); - node* add = new (reinterpret_cast<yassl_pointer>(mem)) node(t); - - if (head_) { - add->next_ = head_; - head_->prev_ = add; - } - else - tail_ = add; - - head_ = add; - ++sz_; -} - - -template<typename T> -void list<T>::pop_front() -{ - node* front = head_; - - if (head_ == 0) - return; - else if (head_ == tail_) - head_ = tail_ = 0; - else { - head_ = head_->next_; - head_->prev_ = 0; - } - destroy(front); - FreeMemory(front); - --sz_; -} - - -template<typename T> -T list<T>::front() const -{ - if (head_ == 0) return T(); - return head_->value_; -} - - -template<typename T> -void list<T>::push_back(T t) -{ - void* mem = GetMemory(sizeof(node)); - node* add = new (reinterpret_cast<yassl_pointer>(mem)) node(t); - - if (tail_) { - tail_->next_ = add; - add->prev_ = tail_; - } - else - head_ = add; - - tail_ = add; - ++sz_; -} - - -template<typename T> -void list<T>::pop_back() -{ - node* rear = tail_; - - if (tail_ == 0) - return; - else if (tail_ == head_) - tail_ = head_ = 0; - else { - tail_ = tail_->prev_; - tail_->next_ = 0; - } - destroy(rear); - FreeMemory(rear); - --sz_; -} - - -template<typename T> -T list<T>::back() const -{ - if (tail_ == 0) return T(); - return tail_->value_; -} - - -template<typename T> -typename list<T>::node* list<T>::look_up(T t) -{ - node* list = head_; - - if (list == 0) return 0; - - for (; list; list = list->next_) - if (list->value_ == t) - return list; - - return 0; -} - - -template<typename T> -bool list<T>::remove(T t) -{ - node* del = look_up(t); - - if (del == 0) - return false; - else if (del == head_) - pop_front(); - else if (del == tail_) - pop_back(); - else { - del->prev_->next_ = del->next_; - del->next_->prev_ = del->prev_; - - destroy(del); - FreeMemory(del); - --sz_; - } - return true; -} - - -template<typename T> -bool list<T>::erase(iterator iter) -{ - node* del = iter.current_; - - if (del == 0) - return false; - else if (del == head_) - pop_front(); - else if (del == tail_) - pop_back(); - else { - del->prev_->next_ = del->next_; - del->next_->prev_ = del->prev_; - - destroy(del); - FreeMemory(del); - --sz_; - } - return true; -} - - - -} // namespace mySTL - -#endif // mySTL_LIST_HPP diff --git a/extra/yassl/taocrypt/mySTL/memory.hpp b/extra/yassl/taocrypt/mySTL/memory.hpp deleted file mode 100644 index fdd34cda125..00000000000 --- a/extra/yassl/taocrypt/mySTL/memory.hpp +++ /dev/null @@ -1,137 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* mySTL memory implements auto_ptr - * - */ - -#ifndef mySTL_MEMORY_HPP -#define mySTL_MEMORY_HPP - -#include "memory_array.hpp" // for auto_array - -#ifdef _MSC_VER - // disable operator-> warning for builtins - #pragma warning(disable:4284) -#endif - - -namespace mySTL { - - -template<typename T> -struct auto_ptr_ref { - T* ptr_; - explicit auto_ptr_ref(T* p) : ptr_(p) {} -}; - - -template<typename T> -class auto_ptr { - T* ptr_; - - void Destroy() - { - #ifdef YASSL_LIB - yaSSL::ysDelete(ptr_); - #else - TaoCrypt::tcDelete(ptr_); - #endif - } -public: - explicit auto_ptr(T* p = 0) : ptr_(p) {} - - ~auto_ptr() - { - Destroy(); - } - - - auto_ptr(auto_ptr& other) : ptr_(other.release()) {} - - auto_ptr& operator=(auto_ptr& that) - { - if (this != &that) { - Destroy(); - ptr_ = that.release(); - } - return *this; - } - - - T* operator->() const - { - return ptr_; - } - - T& operator*() const - { - return *ptr_; - } - - T* get() const - { - return ptr_; - } - - T* release() - { - T* tmp = ptr_; - ptr_ = 0; - return tmp; - } - - void reset(T* p = 0) - { - if (ptr_ != p) { - Destroy(); - ptr_ = p; - } - } - - // auto_ptr_ref conversions - auto_ptr(auto_ptr_ref<T> ref) : ptr_(ref.ptr_) {} - - auto_ptr& operator=(auto_ptr_ref<T> ref) - { - if (this->ptr_ != ref.ptr_) { - Destroy(); - ptr_ = ref.ptr_; - } - return *this; - } - - template<typename T2> - operator auto_ptr<T2>() - { - return auto_ptr<T2>(this->release()); - } - - template<typename T2> - operator auto_ptr_ref<T2>() - { - return auto_ptr_ref<T2>(this->release()); - } -}; - - -} // namespace mySTL - -#endif // mySTL_MEMORY_HPP diff --git a/extra/yassl/taocrypt/mySTL/memory_array.hpp b/extra/yassl/taocrypt/mySTL/memory_array.hpp deleted file mode 100644 index af4c2cdf232..00000000000 --- a/extra/yassl/taocrypt/mySTL/memory_array.hpp +++ /dev/null @@ -1,136 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* mySTL memory_arry implements auto_array - * - */ - -#ifndef mySTL_MEMORY_ARRAY_HPP -#define mySTL_MEMORY_ARRAY_HPP - - -#ifdef _MSC_VER - // disable operator-> warning for builtins - #pragma warning(disable:4284) -#endif - - -namespace mySTL { - - -template<typename T> -struct auto_array_ref { - T* ptr_; - explicit auto_array_ref(T* p) : ptr_(p) {} -}; - - -template<typename T> -class auto_array { - T* ptr_; - - void Destroy() - { - #ifdef YASSL_LIB - yaSSL::ysArrayDelete(ptr_); - #else - TaoCrypt::tcArrayDelete(ptr_); - #endif - } -public: - explicit auto_array(T* p = 0) : ptr_(p) {} - - ~auto_array() - { - Destroy(); - } - - - auto_array(auto_array& other) : ptr_(other.release()) {} - - auto_array& operator=(auto_array& that) - { - if (this != &that) { - Destroy(); - ptr_ = that.release(); - } - return *this; - } - - - T* operator->() const - { - return ptr_; - } - - T& operator*() const - { - return *ptr_; - } - - T* get() const - { - return ptr_; - } - - T* release() - { - T* tmp = ptr_; - ptr_ = 0; - return tmp; - } - - void reset(T* p = 0) - { - if (ptr_ != p) { - Destroy(); - ptr_ = p; - } - } - - // auto_array_ref conversions - auto_array(auto_array_ref<T> ref) : ptr_(ref.ptr_) {} - - auto_array& operator=(auto_array_ref<T> ref) - { - if (this->ptr_ != ref.ptr_) { - Destroy(); - ptr_ = ref.ptr_; - } - return *this; - } - - template<typename T2> - operator auto_array<T2>() - { - return auto_array<T2>(this->release()); - } - - template<typename T2> - operator auto_array_ref<T2>() - { - return auto_array_ref<T2>(this->release()); - } -}; - - -} // namespace mySTL - -#endif // mySTL_MEMORY_ARRAY_HPP diff --git a/extra/yassl/taocrypt/mySTL/pair.hpp b/extra/yassl/taocrypt/mySTL/pair.hpp deleted file mode 100644 index 9dd97f63bfa..00000000000 --- a/extra/yassl/taocrypt/mySTL/pair.hpp +++ /dev/null @@ -1,59 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* mySTL pair implements pair - * - */ - -#ifndef mySTL_PAIR_HPP -#define mySTL_PAIR_HPP - - - -namespace mySTL { - - -template<typename T1, typename T2> -struct pair { - typedef T1 first_type; - typedef T2 second_type; - - first_type first; - second_type second; - - pair() {} - pair(const T1& t1, const T2& t2) : first(t1), second(t2) {} - - template<typename U1, typename U2> - pair(const pair<U1, U2>& p) : first(p.first), second(p.second) {} -}; - - -template<typename T1, typename T2> -inline pair<T1, T2> make_pair(const T1& a, const T2& b) -{ - return pair<T1, T2>(a, b); -} - - - -} // namespace mySTL - -#endif // mySTL_PAIR_HPP diff --git a/extra/yassl/taocrypt/mySTL/stdexcept.hpp b/extra/yassl/taocrypt/mySTL/stdexcept.hpp deleted file mode 100644 index 8c12b51e130..00000000000 --- a/extra/yassl/taocrypt/mySTL/stdexcept.hpp +++ /dev/null @@ -1,76 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* mySTL memory implements exception, runtime_error - * - */ - -#ifndef mySTL_STDEXCEPT_HPP -#define mySTL_STDEXCEPT_HPP - - -#include <string.h> // strncpy -#include <stdlib.h> // size_t - - -namespace mySTL { - - -class exception { -public: - exception() {} - virtual ~exception() {} // to shut up compiler warnings - - virtual const char* what() const { return ""; } - - // for compiler generated call, never used - static void operator delete(void*) { } -private: - // don't allow dynamic creation of exceptions - static void* operator new(size_t); -}; - - -class named_exception : public exception { -public: - enum { NAME_SIZE = 80 }; - - explicit named_exception(const char* str) - { - strncpy(name_, str, NAME_SIZE); - name_[NAME_SIZE - 1] = 0; - } - - virtual const char* what() const { return name_; } -private: - char name_[NAME_SIZE]; -}; - - -class runtime_error : public named_exception { -public: - explicit runtime_error(const char* str) : named_exception(str) {} -}; - - - - -} // namespace mySTL - -#endif // mySTL_STDEXCEPT_HPP diff --git a/extra/yassl/taocrypt/mySTL/vector.hpp b/extra/yassl/taocrypt/mySTL/vector.hpp deleted file mode 100644 index 0abcf910baf..00000000000 --- a/extra/yassl/taocrypt/mySTL/vector.hpp +++ /dev/null @@ -1,153 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* mySTL vector implements simple vector, w/ swap - * - */ - -#ifndef mySTL_VECTOR_HPP -#define mySTL_VECTOR_HPP - -#include "helpers.hpp" // construct, destory, fill, etc. -#include "algorithm.hpp" // swap - - -namespace mySTL { - - -template <typename T> -struct vector_base { - T* start_; - T* finish_; - T* end_of_storage_; - - vector_base() : start_(0), finish_(0), end_of_storage_(0) {} - vector_base(size_t n) - { - start_ = GetArrayMemory<T>(n); - finish_ = start_; - end_of_storage_ = start_ + n; - } - - ~vector_base() - { - FreeArrayMemory(start_); - } - - void Swap(vector_base& that) - { - swap(start_, that.start_); - swap(finish_, that.finish_); - swap(end_of_storage_, that.end_of_storage_); - } -}; - - - -template <typename T> -class vector { -public: - typedef T* iterator; - typedef const T* const_iterator; - - vector() {} - explicit vector(size_t n) : vec_(n) - { - vec_.finish_ = uninit_fill_n(vec_.start_, n, T()); - } - - ~vector() { destroy(vec_.start_, vec_.finish_); } - - vector(const vector& other) : vec_(other.size()) - { - vec_.finish_ = uninit_copy(other.vec_.start_, other.vec_.finish_, - vec_.start_); - } - - size_t capacity() const { return vec_.end_of_storage_ - vec_.start_; } - - size_t size() const { return vec_.finish_ - vec_.start_; } - - T& operator[](size_t idx) { return *(vec_.start_ + idx); } - const T& operator[](size_t idx) const { return *(vec_.start_ + idx); } - - const T* begin() const { return vec_.start_; } - const T* end() const { return vec_.finish_; } - - void push_back(const T& v) - { - if (vec_.finish_ != vec_.end_of_storage_) { - construct(vec_.finish_, v); - ++vec_.finish_; - } - else { - vector tmp(size() * 2 + 1, *this); - construct(tmp.vec_.finish_, v); - ++tmp.vec_.finish_; - Swap(tmp); - } - } - - void resize(size_t n, const T& v) - { - if (n == size()) return; - - if (n < size()) { - T* first = vec_.start_ + n; - destroy(first, vec_.finish_); - vec_.finish_ -= vec_.finish_ - first; - } - else { - vector tmp(n, *this); - tmp.vec_.finish_ = uninit_fill_n(tmp.vec_.finish_, n - size(), v); - Swap(tmp); - } - } - - void reserve(size_t n) - { - if (capacity() < n) { - vector tmp(n, *this); - Swap(tmp); - } - } - - void Swap(vector& that) - { - vec_.Swap(that.vec_); - } -private: - vector_base<T> vec_; - - vector& operator=(const vector&); // hide assign - - // for growing, n must be bigger than other size - vector(size_t n, const vector& other) : vec_(n) - { - if (n > other.size()) - vec_.finish_ = uninit_copy(other.vec_.start_, other.vec_.finish_, - vec_.start_); - } -}; - - - -} // namespace mySTL - -#endif // mySTL_VECTOR_HPP diff --git a/extra/yassl/taocrypt/src/aes.cpp b/extra/yassl/taocrypt/src/aes.cpp deleted file mode 100644 index 4e4ea849c21..00000000000 --- a/extra/yassl/taocrypt/src/aes.cpp +++ /dev/null @@ -1,1885 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* C++ based on Wei Dai's aes.cpp from CryptoPP */ -/* x86 asm original */ - -#if defined(TAOCRYPT_KERNEL_MODE) - #define DO_TAOCRYPT_KERNEL_MODE -#endif // only some modules now support this - -#include "runtime.hpp" -#include "aes.hpp" - - -namespace TaoCrypt { - - -#if defined(DO_AES_ASM) - -// ia32 optimized version -void AES::Process(byte* out, const byte* in, word32 sz) -{ - if (!isMMX) { - Mode_BASE::Process(out, in, sz); - return; - } - - word32 blocks = sz / BLOCK_SIZE; - - if (mode_ == ECB) - while (blocks--) { - if (dir_ == ENCRYPTION) - AsmEncrypt(in, out, (void*)Te0); - else - AsmDecrypt(in, out, (void*)Td0); - out += BLOCK_SIZE; - in += BLOCK_SIZE; - } - else if (mode_ == CBC) { - if (dir_ == ENCRYPTION) { - while (blocks--) { - r_[0] ^= *(word32*)in; - r_[1] ^= *(word32*)(in + 4); - r_[2] ^= *(word32*)(in + 8); - r_[3] ^= *(word32*)(in + 12); - - AsmEncrypt((byte*)r_, (byte*)r_, (void*)Te0); - - memcpy(out, r_, BLOCK_SIZE); - out += BLOCK_SIZE; - in += BLOCK_SIZE; - } - } - else { - while (blocks--) { - AsmDecrypt(in, out, (void*)Td0); - - *(word32*)out ^= r_[0]; - *(word32*)(out + 4) ^= r_[1]; - *(word32*)(out + 8) ^= r_[2]; - *(word32*)(out + 12) ^= r_[3]; - - memcpy(r_, in, BLOCK_SIZE); - out += BLOCK_SIZE; - in += BLOCK_SIZE; - } - } - } -} - -#endif // DO_AES_ASM - - -void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/) -{ - if (keylen <= 16) - keylen = 16; - else if (keylen >= 32) - keylen = 32; - else if (keylen != 24) - keylen = 24; - - rounds_ = keylen/4 + 6; - - word32 temp, *rk = key_; - unsigned int i=0; - - GetUserKey(BigEndianOrder, rk, keylen/4, userKey, keylen); - - switch(keylen) - { - case 16: - while (true) - { - temp = rk[3]; - rk[4] = rk[0] ^ - (Te2[GETBYTE(temp, 2)] & 0xff000000) ^ - (Te3[GETBYTE(temp, 1)] & 0x00ff0000) ^ - (Te0[GETBYTE(temp, 0)] & 0x0000ff00) ^ - (Te1[GETBYTE(temp, 3)] & 0x000000ff) ^ - rcon_[i]; - rk[5] = rk[1] ^ rk[4]; - rk[6] = rk[2] ^ rk[5]; - rk[7] = rk[3] ^ rk[6]; - if (++i == 10) - break; - rk += 4; - } - break; - - case 24: - while (true) // for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack - { - temp = rk[ 5]; - rk[ 6] = rk[ 0] ^ - (Te2[GETBYTE(temp, 2)] & 0xff000000) ^ - (Te3[GETBYTE(temp, 1)] & 0x00ff0000) ^ - (Te0[GETBYTE(temp, 0)] & 0x0000ff00) ^ - (Te1[GETBYTE(temp, 3)] & 0x000000ff) ^ - rcon_[i]; - rk[ 7] = rk[ 1] ^ rk[ 6]; - rk[ 8] = rk[ 2] ^ rk[ 7]; - rk[ 9] = rk[ 3] ^ rk[ 8]; - if (++i == 8) - break; - rk[10] = rk[ 4] ^ rk[ 9]; - rk[11] = rk[ 5] ^ rk[10]; - rk += 6; - } - break; - - case 32: - while (true) - { - temp = rk[ 7]; - rk[ 8] = rk[ 0] ^ - (Te2[GETBYTE(temp, 2)] & 0xff000000) ^ - (Te3[GETBYTE(temp, 1)] & 0x00ff0000) ^ - (Te0[GETBYTE(temp, 0)] & 0x0000ff00) ^ - (Te1[GETBYTE(temp, 3)] & 0x000000ff) ^ - rcon_[i]; - rk[ 9] = rk[ 1] ^ rk[ 8]; - rk[10] = rk[ 2] ^ rk[ 9]; - rk[11] = rk[ 3] ^ rk[10]; - if (++i == 7) - break; - temp = rk[11]; - rk[12] = rk[ 4] ^ - (Te2[GETBYTE(temp, 3)] & 0xff000000) ^ - (Te3[GETBYTE(temp, 2)] & 0x00ff0000) ^ - (Te0[GETBYTE(temp, 1)] & 0x0000ff00) ^ - (Te1[GETBYTE(temp, 0)] & 0x000000ff); - rk[13] = rk[ 5] ^ rk[12]; - rk[14] = rk[ 6] ^ rk[13]; - rk[15] = rk[ 7] ^ rk[14]; - - rk += 8; - } - break; - } - - if (dir_ == DECRYPTION) - { - unsigned int i, j; - rk = key_; - - /* invert the order of the round keys: */ - for (i = 0, j = 4*rounds_; i < j; i += 4, j -= 4) { - temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; - temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; - temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; - temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; - } - // apply the inverse MixColumn transform to all round keys but the - // first and the last: - for (i = 1; i < rounds_; i++) { - rk += 4; - rk[0] = - Td0[Te1[GETBYTE(rk[0], 3)] & 0xff] ^ - Td1[Te1[GETBYTE(rk[0], 2)] & 0xff] ^ - Td2[Te1[GETBYTE(rk[0], 1)] & 0xff] ^ - Td3[Te1[GETBYTE(rk[0], 0)] & 0xff]; - rk[1] = - Td0[Te1[GETBYTE(rk[1], 3)] & 0xff] ^ - Td1[Te1[GETBYTE(rk[1], 2)] & 0xff] ^ - Td2[Te1[GETBYTE(rk[1], 1)] & 0xff] ^ - Td3[Te1[GETBYTE(rk[1], 0)] & 0xff]; - rk[2] = - Td0[Te1[GETBYTE(rk[2], 3)] & 0xff] ^ - Td1[Te1[GETBYTE(rk[2], 2)] & 0xff] ^ - Td2[Te1[GETBYTE(rk[2], 1)] & 0xff] ^ - Td3[Te1[GETBYTE(rk[2], 0)] & 0xff]; - rk[3] = - Td0[Te1[GETBYTE(rk[3], 3)] & 0xff] ^ - Td1[Te1[GETBYTE(rk[3], 2)] & 0xff] ^ - Td2[Te1[GETBYTE(rk[3], 1)] & 0xff] ^ - Td3[Te1[GETBYTE(rk[3], 0)] & 0xff]; - } - } -} - - -void AES::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out) const -{ - if (dir_ == ENCRYPTION) - encrypt(in, xOr, out); - else - decrypt(in, xOr, out); -} - - -typedef BlockGetAndPut<word32, BigEndian> gpBlock; - - -void AES::encrypt(const byte* inBlock, const byte* xorBlock, - byte* outBlock) const -{ - word32 s0, s1, s2, s3; - word32 t0, t1, t2, t3; - - const word32 *rk = key_; - /* - * map byte array block to cipher state - * and add initial round key: - */ - gpBlock::Get(inBlock)(s0)(s1)(s2)(s3); - s0 ^= rk[0]; - s1 ^= rk[1]; - s2 ^= rk[2]; - s3 ^= rk[3]; - - s0 |= PreFetchTe(); - /* - * Nr - 1 full rounds: - */ - - unsigned int r = rounds_ >> 1; - for (;;) { - t0 = - Te0[GETBYTE(s0, 3)] ^ - Te1[GETBYTE(s1, 2)] ^ - Te2[GETBYTE(s2, 1)] ^ - Te3[GETBYTE(s3, 0)] ^ - rk[4]; - t1 = - Te0[GETBYTE(s1, 3)] ^ - Te1[GETBYTE(s2, 2)] ^ - Te2[GETBYTE(s3, 1)] ^ - Te3[GETBYTE(s0, 0)] ^ - rk[5]; - t2 = - Te0[GETBYTE(s2, 3)] ^ - Te1[GETBYTE(s3, 2)] ^ - Te2[GETBYTE(s0, 1)] ^ - Te3[GETBYTE(s1, 0)] ^ - rk[6]; - t3 = - Te0[GETBYTE(s3, 3)] ^ - Te1[GETBYTE(s0, 2)] ^ - Te2[GETBYTE(s1, 1)] ^ - Te3[GETBYTE(s2, 0)] ^ - rk[7]; - - rk += 8; - if (--r == 0) { - break; - } - - s0 = - Te0[GETBYTE(t0, 3)] ^ - Te1[GETBYTE(t1, 2)] ^ - Te2[GETBYTE(t2, 1)] ^ - Te3[GETBYTE(t3, 0)] ^ - rk[0]; - s1 = - Te0[GETBYTE(t1, 3)] ^ - Te1[GETBYTE(t2, 2)] ^ - Te2[GETBYTE(t3, 1)] ^ - Te3[GETBYTE(t0, 0)] ^ - rk[1]; - s2 = - Te0[GETBYTE(t2, 3)] ^ - Te1[GETBYTE(t3, 2)] ^ - Te2[GETBYTE(t0, 1)] ^ - Te3[GETBYTE(t1, 0)] ^ - rk[2]; - s3 = - Te0[GETBYTE(t3, 3)] ^ - Te1[GETBYTE(t0, 2)] ^ - Te2[GETBYTE(t1, 1)] ^ - Te3[GETBYTE(t2, 0)] ^ - rk[3]; - } - - /* - * apply last round and - * map cipher state to byte array block: - */ - - s0 = - (Te2[GETBYTE(t0, 3)] & 0xff000000) ^ - (Te3[GETBYTE(t1, 2)] & 0x00ff0000) ^ - (Te0[GETBYTE(t2, 1)] & 0x0000ff00) ^ - (Te1[GETBYTE(t3, 0)] & 0x000000ff) ^ - rk[0]; - s1 = - (Te2[GETBYTE(t1, 3)] & 0xff000000) ^ - (Te3[GETBYTE(t2, 2)] & 0x00ff0000) ^ - (Te0[GETBYTE(t3, 1)] & 0x0000ff00) ^ - (Te1[GETBYTE(t0, 0)] & 0x000000ff) ^ - rk[1]; - s2 = - (Te2[GETBYTE(t2, 3)] & 0xff000000) ^ - (Te3[GETBYTE(t3, 2)] & 0x00ff0000) ^ - (Te0[GETBYTE(t0, 1)] & 0x0000ff00) ^ - (Te1[GETBYTE(t1, 0)] & 0x000000ff) ^ - rk[2]; - s3 = - (Te2[GETBYTE(t3, 3)] & 0xff000000) ^ - (Te3[GETBYTE(t0, 2)] & 0x00ff0000) ^ - (Te0[GETBYTE(t1, 1)] & 0x0000ff00) ^ - (Te1[GETBYTE(t2, 0)] & 0x000000ff) ^ - rk[3]; - - - gpBlock::Put(xorBlock, outBlock)(s0)(s1)(s2)(s3); -} - - -void AES::decrypt(const byte* inBlock, const byte* xorBlock, - byte* outBlock) const -{ - word32 s0, s1, s2, s3; - word32 t0, t1, t2, t3; - const word32* rk = key_; - - /* - * map byte array block to cipher state - * and add initial round key: - */ - gpBlock::Get(inBlock)(s0)(s1)(s2)(s3); - s0 ^= rk[0]; - s1 ^= rk[1]; - s2 ^= rk[2]; - s3 ^= rk[3]; - - s0 |= PreFetchTd(); - - /* - * Nr - 1 full rounds: - */ - - unsigned int r = rounds_ >> 1; - for (;;) { - t0 = - Td0[GETBYTE(s0, 3)] ^ - Td1[GETBYTE(s3, 2)] ^ - Td2[GETBYTE(s2, 1)] ^ - Td3[GETBYTE(s1, 0)] ^ - rk[4]; - t1 = - Td0[GETBYTE(s1, 3)] ^ - Td1[GETBYTE(s0, 2)] ^ - Td2[GETBYTE(s3, 1)] ^ - Td3[GETBYTE(s2, 0)] ^ - rk[5]; - t2 = - Td0[GETBYTE(s2, 3)] ^ - Td1[GETBYTE(s1, 2)] ^ - Td2[GETBYTE(s0, 1)] ^ - Td3[GETBYTE(s3, 0)] ^ - rk[6]; - t3 = - Td0[GETBYTE(s3, 3)] ^ - Td1[GETBYTE(s2, 2)] ^ - Td2[GETBYTE(s1, 1)] ^ - Td3[GETBYTE(s0, 0)] ^ - rk[7]; - - rk += 8; - if (--r == 0) { - break; - } - - s0 = - Td0[GETBYTE(t0, 3)] ^ - Td1[GETBYTE(t3, 2)] ^ - Td2[GETBYTE(t2, 1)] ^ - Td3[GETBYTE(t1, 0)] ^ - rk[0]; - s1 = - Td0[GETBYTE(t1, 3)] ^ - Td1[GETBYTE(t0, 2)] ^ - Td2[GETBYTE(t3, 1)] ^ - Td3[GETBYTE(t2, 0)] ^ - rk[1]; - s2 = - Td0[GETBYTE(t2, 3)] ^ - Td1[GETBYTE(t1, 2)] ^ - Td2[GETBYTE(t0, 1)] ^ - Td3[GETBYTE(t3, 0)] ^ - rk[2]; - s3 = - Td0[GETBYTE(t3, 3)] ^ - Td1[GETBYTE(t2, 2)] ^ - Td2[GETBYTE(t1, 1)] ^ - Td3[GETBYTE(t0, 0)] ^ - rk[3]; - } - /* - * apply last round and - * map cipher state to byte array block: - */ - - t0 |= PreFetchCTd4(); - - s0 = - ((word32)CTd4[GETBYTE(t0, 3)] << 24) ^ - ((word32)CTd4[GETBYTE(t3, 2)] << 16) ^ - ((word32)CTd4[GETBYTE(t2, 1)] << 8) ^ - ((word32)CTd4[GETBYTE(t1, 0)]) ^ - rk[0]; - s1 = - ((word32)CTd4[GETBYTE(t1, 3)] << 24) ^ - ((word32)CTd4[GETBYTE(t0, 2)] << 16) ^ - ((word32)CTd4[GETBYTE(t3, 1)] << 8) ^ - ((word32)CTd4[GETBYTE(t2, 0)]) ^ - rk[1]; - s2 = - ((word32)CTd4[GETBYTE(t2, 3)] << 24 ) ^ - ((word32)CTd4[GETBYTE(t1, 2)] << 16 ) ^ - ((word32)CTd4[GETBYTE(t0, 1)] << 8 ) ^ - ((word32)CTd4[GETBYTE(t3, 0)]) ^ - rk[2]; - s3 = - ((word32)CTd4[GETBYTE(t3, 3)] << 24) ^ - ((word32)CTd4[GETBYTE(t2, 2)] << 16) ^ - ((word32)CTd4[GETBYTE(t1, 1)] << 8) ^ - ((word32)CTd4[GETBYTE(t0, 0)]) ^ - rk[3]; - - gpBlock::Put(xorBlock, outBlock)(s0)(s1)(s2)(s3); -} - - -#if defined(DO_AES_ASM) - #ifdef __GNUC__ - #define AS1(x) #x ";" - #define AS2(x, y) #x ", " #y ";" - - #define PROLOG() \ - __asm__ __volatile__ \ - ( \ - ".intel_syntax noprefix;" \ - "push ebx;" \ - "push ebp;" \ - "movd mm7, ebp;" \ - "movd mm4, eax;" \ - "mov ebp, edx;" \ - "sub esp, 4;" - #define EPILOG() \ - "add esp, 4;" \ - "pop ebp;" \ - "pop ebx;" \ - "emms;" \ - ".att_syntax;" \ - : \ - : "c" (this), "S" (inBlock), "d" (boxes), "a" (outBlock) \ - : "%edi", "memory", "cc" \ - ); - - #else - #define AS1(x) __asm x - #define AS2(x, y) __asm x, y - - #define PROLOG() \ - AS1( push ebp ) \ - AS2( mov ebp, esp ) \ - AS2( movd mm3, edi ) \ - AS2( movd mm4, ebx ) \ - AS2( sub esp, 4 ) \ - AS2( movd mm7, ebp ) \ - AS2( mov [ebp - 4], esi ) \ - AS2( mov esi, DWORD PTR [ebp + 8] ) \ - AS2( mov ebp, DWORD PTR [ebp + 16] ) - - // ebp is restored at end - #define EPILOG() \ - AS2( mov esi, [ebp - 4] ) \ - AS2( movd ebx, mm4 ) \ - AS2( movd edi, mm3 ) \ - AS2( mov esp, ebp ) \ - AS1( pop ebp ) \ - AS1( emms ) \ - AS1( ret 12 ) - - - #endif - - -#ifdef _MSC_VER - __declspec(naked) -#else - __attribute__ ((noinline)) -#endif -void AES::AsmEncrypt(const byte* inBlock, byte* outBlock, void* boxes) const -{ - - PROLOG() - - #ifdef OLD_GCC_OFFSET - AS2( mov edx, DWORD PTR [ecx + 60] ) // rounds - AS2( lea edi, [ecx + 64] ) // rk - #else - AS2( mov edx, DWORD PTR [ecx + 56] ) // rounds - AS2( lea edi, [ecx + 60] ) // rk - #endif - - AS1( dec edx ) - AS2( movd mm6, edi ) // save rk - AS2( movd mm5, edx ) // save rounds - - AS2( mov eax, DWORD PTR [esi] ) - AS2( mov ebx, DWORD PTR [esi + 4] ) - AS2( mov ecx, DWORD PTR [esi + 8] ) - AS2( mov edx, DWORD PTR [esi + 12] ) - - AS1( bswap eax ) - AS1( bswap ebx ) - AS1( bswap ecx ) - AS1( bswap edx ) - - AS2( xor eax, DWORD PTR [edi] ) // s0 - AS2( xor ebx, DWORD PTR [edi + 4] ) // s1 - AS2( xor ecx, DWORD PTR [edi + 8] ) // s2 - AS2( xor edx, DWORD PTR [edi + 12] ) // s3 - -#ifdef _MSC_VER - AS1( loop1: ) // loop1 -#else - AS1(1: ) // loop1 -#endif - /* Put0 (mm0) = - Te0[get0,rs 24] ^ - Te1[get1,rs 16] ^ - Te2[get2,rs 8] ^ - Te3[get3,rs 0] - */ - - AS2( mov esi, eax ) - AS2( shr esi, 24 ) - AS2( mov esi, DWORD PTR [ebp + esi*4] ) - - AS2( mov edi, ebx ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] ) - - AS2( movzx edi, ch ) - AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] ) - - AS2( movzx edi, dl ) - AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] ) - - AS2( movd mm0, esi ) - - /* Put1 (mm1) = - Te0[get1,rs 24] ^ - Te1[get2,rs 16] ^ - Te2[get3,rs 8] ^ - Te3[get0,rs 0] - */ - - AS2( mov esi, ebx ) - AS2( shr esi, 24 ) - AS2( mov esi, DWORD PTR [ebp + esi*4] ) - - AS2( mov edi, ecx ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] ) - - AS2( movzx edi, dh ) - AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] ) - - AS2( movzx edi, al ) - AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] ) - - AS2( movd mm1, esi ) - - - /* Put2 (mm2) = - Te0[get2,rs 24] ^ - Te1[get3,rs 16] ^ - Te2[get0,rs 8] ^ - Te3[get1,rs 0] - */ - - AS2( mov esi, ecx ) - AS2( shr esi, 24 ) - AS2( mov esi, DWORD PTR [ebp + esi*4] ) - - AS2( mov edi, edx ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] ) - - AS2( movzx edi, ah ) - AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] ) - - AS2( movzx edi, bl ) - AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] ) - - AS2( movd mm2, esi ) - - /* Put3 (edx) = - Te0[get3,rs 24] ^ - Te1[get0,rs 16] ^ - Te2[get1,rs 8] ^ - Te3[get2,rs 0] - */ - - AS2( mov esi, edx ) - AS2( shr esi, 24 ) - AS2( mov edx, DWORD PTR [ebp + esi*4] ) - - AS2( mov edi, eax ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( xor edx, DWORD PTR [ebp + 1024 + edi*4] ) - - AS2( movzx esi, bh ) - AS2( xor edx, DWORD PTR [ebp + 2048 + esi*4] ) - - AS2( movzx edi, cl ) - AS2( xor edx, DWORD PTR [ebp + 3072 + edi*4] ) - - // xOr - - AS2( movd esi, mm6 ) // rk - - AS2( movd eax, mm0 ) - AS2( add esi, 16 ) - AS2( movd ebx, mm1 ) - AS2( movd mm6, esi ) // save back - AS2( movd ecx, mm2 ) - - AS2( xor eax, DWORD PTR [esi] ) - AS2( xor ebx, DWORD PTR [esi + 4] ) - AS2( movd edi, mm5 ) - AS2( xor ecx, DWORD PTR [esi + 8] ) - AS2( xor edx, DWORD PTR [esi + 12] ) - - AS1( dec edi ) - AS2( movd mm5, edi ) - -#ifdef _MSC_VER - AS1( jnz loop1) // loop1 -#else - AS1( jnz 1b ) // loop1 -#endif - - // last round - /* - Put0 (mm0) = - (Te4[get0, rs24] & 0xff000000) ^ h = 4278190080 - (Te4[get1, rs16] & 0x00ff0000) ^ h = 16711680 - (Te4[get2, rs 8] & 0x0000ff00) ^ h = 65280 - (Te4[get3, rs 0] & 0x000000ff) h = 255 - */ - AS2( mov esi, eax ) - AS2( shr esi, 24 ) - AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] ) - AS2( and esi, 4278190080 ) - - AS2( mov edi, ebx ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 16711680 ) - AS2( xor esi, edi ) - - AS2( movzx edi, ch ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 65280 ) - AS2( xor esi, edi ) - - AS2( movzx edi, dl ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 255 ) - AS2( xor esi, edi ) - - AS2( movd mm0, esi ) - - /* - Put1 (mm1) = - (Te4[get1, rs24] & 0xff000000) ^ h = 4278190080 - (Te4[get2, rs16] & 0x00ff0000) ^ h = 16711680 - (Te4[get3, rs 8] & 0x0000ff00) ^ h = 65280 - (Te4[get0, rs 0] & 0x000000ff) h = 255 - */ - AS2( mov esi, ebx ) - AS2( shr esi, 24 ) - AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] ) - AS2( and esi, 4278190080 ) - - AS2( mov edi, ecx ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 16711680 ) - AS2( xor esi, edi ) - - AS2( movzx edi, dh ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 65280 ) - AS2( xor esi, edi ) - - AS2( movzx edi, al ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 255 ) - AS2( xor esi, edi ) - - AS2( movd mm1, esi ) - - /* - Put2 (mm2) = - (Te4[get2, rs24] & 0xff000000) ^ h = 4278190080 - (Te4[get3, rs16] & 0x00ff0000) ^ h = 16711680 - (Te4[get0, rs 8] & 0x0000ff00) ^ h = 65280 - (Te4[get1, rs 0] & 0x000000ff) h = 255 - */ - AS2( mov esi, ecx ) - AS2( shr esi, 24 ) - AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] ) - AS2( and esi, 4278190080 ) - - AS2( mov edi, edx ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 16711680 ) - AS2( xor esi, edi ) - - AS2( movzx edi, ah ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 65280 ) - AS2( xor esi, edi ) - - AS2( movzx edi, bl ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 255 ) - AS2( xor esi, edi ) - - AS2( movd mm2, esi ) - - /* - Put3 (edx) = - (Te4[get3, rs24] & 0xff000000) ^ h = 4278190080 - (Te4[get0, rs16] & 0x00ff0000) ^ h = 16711680 - (Te4[get1, rs 8] & 0x0000ff00) ^ h = 65280 - (Te4[get2, rs 0] & 0x000000ff) h = 255 - */ - AS2( mov esi, edx ) - AS2( shr esi, 24 ) - AS2( mov edx, DWORD PTR [ebp + 4096 + esi*4] ) - AS2( and edx, 4278190080 ) - - AS2( mov edi, eax ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( mov esi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and esi, 16711680 ) - AS2( xor edx, esi ) - - AS2( movzx esi, bh ) - AS2( mov edi, DWORD PTR [ebp + 4096 + esi*4] ) - AS2( and edi, 65280 ) - AS2( xor edx, edi ) - - AS2( movzx edi, cl ) - AS2( mov esi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and esi, 255 ) - AS2( xor edx, esi ) - - - // xOr - AS2( movd eax, mm0 ) - AS2( movd esi, mm6 ) // rk - AS2( movd ebx, mm1 ) - AS2( add esi, 16 ) - AS2( movd ecx, mm2 ) - - AS2( xor eax, DWORD PTR [esi] ) - AS2( xor ebx, DWORD PTR [esi + 4] ) - AS2( xor ecx, DWORD PTR [esi + 8] ) - AS2( xor edx, DWORD PTR [esi + 12] ) - - // end - AS2( movd ebp, mm7 ) - - // swap - AS1( bswap eax ) - AS1( bswap ebx ) - - // store - #ifdef __GNUC__ - AS2( movd esi, mm4 ) // outBlock - #else - AS2( mov esi, DWORD PTR [ebp + 12] ) // outBlock - #endif - - AS1( bswap ecx ) - AS1( bswap edx ) - - AS2( mov DWORD PTR [esi], eax ) - AS2( mov DWORD PTR [esi + 4], ebx ) - AS2( mov DWORD PTR [esi + 8], ecx ) - AS2( mov DWORD PTR [esi + 12], edx ) - - - EPILOG() -} - - -#ifdef _MSC_VER - __declspec(naked) -#else - __attribute__ ((noinline)) -#endif -void AES::AsmDecrypt(const byte* inBlock, byte* outBlock, void* boxes) const -{ - - PROLOG() - - #ifdef OLD_GCC_OFFSET - AS2( mov edx, DWORD PTR [ecx + 60] ) // rounds - AS2( lea edi, [ecx + 64] ) // rk - #else - AS2( mov edx, DWORD PTR [ecx + 56] ) // rounds - AS2( lea edi, [ecx + 60] ) // rk - #endif - - AS1( dec edx ) - AS2( movd mm6, edi ) // save rk - AS2( movd mm5, edx ) // save rounds - - AS2( mov eax, DWORD PTR [esi] ) - AS2( mov ebx, DWORD PTR [esi + 4] ) - AS2( mov ecx, DWORD PTR [esi + 8] ) - AS2( mov edx, DWORD PTR [esi + 12] ) - - AS1( bswap eax ) - AS1( bswap ebx ) - AS1( bswap ecx ) - AS1( bswap edx ) - - AS2( xor eax, DWORD PTR [edi] ) // s0 - AS2( xor ebx, DWORD PTR [edi + 4] ) // s1 - AS2( xor ecx, DWORD PTR [edi + 8] ) // s2 - AS2( xor edx, DWORD PTR [edi + 12] ) // s3 - - -#ifdef _MSC_VER - AS1( loop2: ) // loop2 -#else - AS1(2: ) // loop2 -#endif - /* Put0 (mm0) = - Td0[GETBYTE(get0, rs24)] ^ - Td1[GETBYTE(get3, rs16)] ^ - Td2[GETBYTE(get2, rs 8)] ^ - Td3[GETBYTE(tet1, )] - */ - AS2( mov esi, eax ) - AS2( shr esi, 24 ) - AS2( mov esi, DWORD PTR [ebp + esi*4] ) - - AS2( mov edi, edx ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] ) - - AS2( movzx edi, ch ) - AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] ) - - AS2( movzx edi, bl ) - AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] ) - - AS2( movd mm0, esi ) - - /* Put1 (mm1) = - Td0[GETBYTE(get1, rs24)] ^ - Td1[GETBYTE(get0, rs16)] ^ - Td2[GETBYTE(get3, rs 8)] ^ - Td3[GETBYTE(tet2, )] - */ - AS2( mov esi, ebx ) - AS2( shr esi, 24 ) - AS2( mov esi, DWORD PTR [ebp + esi*4] ) - - AS2( mov edi, eax ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] ) - - AS2( movzx edi, dh ) - AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] ) - - AS2( movzx edi, cl ) - AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] ) - - AS2( movd mm1, esi ) - - /* Put2 (mm2) = - Td0[GETBYTE(get2, rs24)] ^ - Td1[GETBYTE(get1, rs16)] ^ - Td2[GETBYTE(get0, rs 8)] ^ - Td3[GETBYTE(tet3, )] - */ - AS2( mov esi, ecx ) - AS2( shr esi, 24 ) - AS2( mov esi, DWORD PTR [ebp + esi*4] ) - - AS2( mov edi, ebx ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] ) - - AS2( movzx edi, ah ) - AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] ) - - AS2( movzx edi, dl ) - AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] ) - - AS2( movd mm2, esi ) - - /* Put3 (edx) = - Td0[GETBYTE(get3, rs24)] ^ - Td1[GETBYTE(get2, rs16)] ^ - Td2[GETBYTE(get1, rs 8)] ^ - Td3[GETBYTE(tet0, )] - */ - AS2( mov esi, edx ) - AS2( shr esi, 24 ) - AS2( mov edx, DWORD PTR [ebp + esi*4] ) - - AS2( mov edi, ecx ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( xor edx, DWORD PTR [ebp + 1024 + edi*4] ) - - AS2( movzx esi, bh ) - AS2( xor edx, DWORD PTR [ebp + 2048 + esi*4] ) - - AS2( movzx edi, al ) - AS2( xor edx, DWORD PTR [ebp + 3072 + edi*4] ) - - - // xOr - - AS2( movd esi, mm6 ) // rk - AS2( add esi, 16 ) - AS2( movd mm6, esi ) // save back - - AS2( movd eax, mm0 ) - AS2( movd ebx, mm1 ) - AS2( movd ecx, mm2 ) - - AS2( xor eax, DWORD PTR [esi] ) - AS2( xor ebx, DWORD PTR [esi + 4] ) - AS2( xor ecx, DWORD PTR [esi + 8] ) - AS2( xor edx, DWORD PTR [esi + 12] ) - - AS2( movd edi, mm5 ) - AS1( dec edi ) - AS2( movd mm5, edi ) - -#ifdef _MSC_VER - AS1( jnz loop2) // loop2 -#else - AS1( jnz 2b ) // loop2 -#endif - - // last round - /* - Put0 (mm0) = - (Td4[get0, rs24] & 0xff000000) ^ h = 4278190080 - (Td4[get3, rs16] & 0x00ff0000) ^ h = 16711680 - (Td4[get2, rs 8] & 0x0000ff00) ^ h = 65280 - (Td4[get1, rs 0] & 0x000000ff) h = 255 - */ - AS2( mov esi, eax ) - AS2( shr esi, 24 ) - AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] ) - AS2( and esi, 4278190080 ) - - AS2( mov edi, edx ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 16711680 ) - AS2( xor esi, edi ) - - AS2( movzx edi, ch ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 65280 ) - AS2( xor esi, edi ) - - AS2( movzx edi, bl ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 255 ) - AS2( xor esi, edi ) - - AS2( movd mm0, esi ) - - /* - Put1 (mm1) = - (Td4[get1, rs24] & 0xff000000) ^ h = 4278190080 - (Td4[get0, rs16] & 0x00ff0000) ^ h = 16711680 - (Td4[get3, rs 8] & 0x0000ff00) ^ h = 65280 - (Td4[get2, rs 0] & 0x000000ff) h = 255 - */ - AS2( mov esi, ebx ) - AS2( shr esi, 24 ) - AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] ) - AS2( and esi, 4278190080 ) - - AS2( mov edi, eax ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 16711680 ) - AS2( xor esi, edi ) - - AS2( movzx edi, dh ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 65280 ) - AS2( xor esi, edi ) - - AS2( movzx edi, cl ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 255 ) - AS2( xor esi, edi ) - - AS2( movd mm1, esi ) - - /* - Put2 (mm2) = - (Td4[get2, rs24] & 0xff000000) ^ h = 4278190080 - (Td4[get1, rs16] & 0x00ff0000) ^ h = 16711680 - (Td4[get0, rs 8] & 0x0000ff00) ^ h = 65280 - (Td4[get3, rs 0] & 0x000000ff) h = 255 - */ - AS2( mov esi, ecx ) - AS2( shr esi, 24 ) - AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] ) - AS2( and esi, 4278190080 ) - - AS2( mov edi, ebx ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 16711680 ) - AS2( xor esi, edi ) - - AS2( movzx edi, ah ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 65280 ) - AS2( xor esi, edi ) - - AS2( movzx edi, dl ) - AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and edi, 255 ) - AS2( xor esi, edi ) - - AS2( movd mm2, esi ) - - /* - Put3 (edx) = - (Td4[get3, rs24] & 0xff000000) ^ h = 4278190080 - (Td4[get2, rs16] & 0x00ff0000) ^ h = 16711680 - (Td4[get1, rs 8] & 0x0000ff00) ^ h = 65280 - (Td4[get0, rs 0] & 0x000000ff) h = 255 - */ - AS2( mov esi, edx ) - AS2( shr esi, 24 ) - AS2( mov edx, DWORD PTR [ebp + 4096 + esi*4] ) - AS2( and edx, 4278190080 ) - - AS2( mov edi, ecx ) - AS2( shr edi, 16 ) - AS2( and edi, 255 ) - AS2( mov esi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and esi, 16711680 ) - AS2( xor edx, esi ) - - AS2( movzx esi, bh ) - AS2( mov edi, DWORD PTR [ebp + 4096 + esi*4] ) - AS2( and edi, 65280 ) - AS2( xor edx, edi ) - - AS2( movzx edi, al ) - AS2( mov esi, DWORD PTR [ebp + 4096 + edi*4] ) - AS2( and esi, 255 ) - AS2( xor edx, esi ) - - - // xOr - AS2( movd esi, mm6 ) // rk - AS2( add esi, 16 ) - - AS2( movd eax, mm0 ) - AS2( movd ebx, mm1 ) - AS2( movd ecx, mm2 ) - - AS2( xor eax, DWORD PTR [esi] ) - AS2( xor ebx, DWORD PTR [esi + 4] ) - AS2( xor ecx, DWORD PTR [esi + 8] ) - AS2( xor edx, DWORD PTR [esi + 12] ) - - // end - AS2( movd ebp, mm7 ) - - // swap - AS1( bswap eax ) - AS1( bswap ebx ) - AS1( bswap ecx ) - AS1( bswap edx ) - - // store - #ifdef __GNUC__ - AS2( movd esi, mm4 ) // outBlock - #else - AS2( mov esi, DWORD PTR [ebp + 12] ) // outBlock - #endif - AS2( mov DWORD PTR [esi], eax ) - AS2( mov DWORD PTR [esi + 4], ebx ) - AS2( mov DWORD PTR [esi + 8], ecx ) - AS2( mov DWORD PTR [esi + 12], edx ) - - - EPILOG() -} - - - -#endif // defined(DO_AES_ASM) - - - -const word32 AES::Te[5][256] = { -{ - 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU, - 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U, - 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU, - 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU, - 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U, - 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU, - 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU, - 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU, - 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU, - 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU, - 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U, - 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU, - 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU, - 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U, - 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU, - 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU, - 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU, - 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU, - 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU, - 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U, - 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU, - 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU, - 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU, - 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU, - 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U, - 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U, - 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U, - 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U, - 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU, - 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U, - 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U, - 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU, - 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU, - 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U, - 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U, - 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U, - 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU, - 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U, - 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU, - 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U, - 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU, - 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U, - 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U, - 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU, - 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U, - 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U, - 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U, - 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U, - 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U, - 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U, - 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U, - 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U, - 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU, - 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U, - 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U, - 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U, - 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U, - 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U, - 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U, - 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU, - 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U, - 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U, - 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U, - 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU, -}, -{ - 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU, - 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U, - 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU, - 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U, - 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU, - 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U, - 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU, - 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U, - 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U, - 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU, - 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U, - 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U, - 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U, - 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU, - 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U, - 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U, - 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU, - 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U, - 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U, - 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U, - 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU, - 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU, - 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U, - 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU, - 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU, - 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U, - 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU, - 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U, - 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU, - 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U, - 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U, - 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U, - 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU, - 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U, - 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU, - 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U, - 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU, - 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U, - 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U, - 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU, - 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU, - 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU, - 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U, - 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U, - 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU, - 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U, - 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU, - 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U, - 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU, - 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U, - 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU, - 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU, - 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U, - 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU, - 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U, - 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU, - 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U, - 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U, - 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U, - 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU, - 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU, - 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U, - 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU, - 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U, -}, -{ - 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU, - 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U, - 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU, - 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U, - 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU, - 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U, - 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU, - 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U, - 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U, - 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU, - 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U, - 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U, - 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U, - 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU, - 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U, - 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U, - 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU, - 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U, - 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U, - 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U, - 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU, - 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU, - 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U, - 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU, - 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU, - 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U, - 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU, - 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U, - 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU, - 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U, - 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U, - 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U, - 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU, - 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U, - 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU, - 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U, - 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU, - 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U, - 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U, - 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU, - 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU, - 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU, - 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U, - 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U, - 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU, - 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U, - 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU, - 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U, - 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU, - 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U, - 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU, - 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU, - 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U, - 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU, - 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U, - 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU, - 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U, - 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U, - 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U, - 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU, - 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU, - 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U, - 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU, - 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U, -}, -{ - 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U, - 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U, - 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U, - 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU, - 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU, - 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU, - 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U, - 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU, - 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU, - 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U, - 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U, - 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU, - 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU, - 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU, - 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU, - 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU, - 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U, - 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU, - 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU, - 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U, - 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U, - 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U, - 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U, - 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U, - 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU, - 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U, - 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU, - 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU, - 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U, - 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U, - 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U, - 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU, - 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U, - 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU, - 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU, - 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U, - 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U, - 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU, - 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U, - 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU, - 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U, - 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U, - 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U, - 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U, - 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU, - 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U, - 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU, - 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U, - 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU, - 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U, - 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU, - 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU, - 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU, - 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU, - 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U, - 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U, - 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U, - 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U, - 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U, - 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U, - 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU, - 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U, - 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU, - 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU, -}, -{ - 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU, - 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U, - 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU, - 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U, - 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU, - 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U, - 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU, - 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U, - 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U, - 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU, - 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U, - 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U, - 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U, - 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU, - 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U, - 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U, - 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU, - 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U, - 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U, - 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U, - 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU, - 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU, - 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U, - 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU, - 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU, - 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U, - 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU, - 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U, - 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU, - 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U, - 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U, - 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U, - 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU, - 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U, - 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU, - 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U, - 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU, - 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U, - 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U, - 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU, - 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU, - 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU, - 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U, - 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U, - 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU, - 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U, - 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU, - 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U, - 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU, - 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U, - 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU, - 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU, - 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U, - 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU, - 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U, - 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU, - 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U, - 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U, - 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U, - 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU, - 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU, - 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U, - 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU, - 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U, -} -}; - - -const word32 AES::Td[5][256] = { -{ - 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, - 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, - 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U, - 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU, - 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U, - 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U, - 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU, - 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U, - 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU, - 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U, - 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U, - 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U, - 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U, - 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU, - 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U, - 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU, - 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U, - 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU, - 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U, - 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U, - 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U, - 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU, - 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U, - 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU, - 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U, - 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU, - 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U, - 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU, - 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU, - 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U, - 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU, - 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U, - 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU, - 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U, - 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U, - 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U, - 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU, - 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U, - 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U, - 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU, - 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U, - 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U, - 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U, - 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U, - 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U, - 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU, - 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U, - 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U, - 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U, - 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U, - 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U, - 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU, - 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU, - 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU, - 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU, - 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U, - 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U, - 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU, - 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU, - 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U, - 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU, - 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U, - 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U, - 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U, -}, -{ - 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU, - 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U, - 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU, - 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U, - 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U, - 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U, - 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U, - 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U, - 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U, - 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU, - 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU, - 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU, - 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U, - 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU, - 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U, - 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U, - 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U, - 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU, - 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU, - 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U, - 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU, - 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U, - 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU, - 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU, - 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U, - 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U, - 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U, - 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU, - 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U, - 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU, - 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U, - 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U, - 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U, - 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU, - 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U, - 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U, - 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U, - 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U, - 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U, - 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U, - 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU, - 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU, - 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U, - 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU, - 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U, - 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU, - 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU, - 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U, - 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU, - 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U, - 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U, - 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U, - 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U, - 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U, - 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U, - 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U, - 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU, - 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U, - 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U, - 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU, - 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U, - 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U, - 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U, - 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U, -}, -{ - 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U, - 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U, - 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U, - 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U, - 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU, - 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U, - 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U, - 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U, - 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U, - 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU, - 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U, - 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U, - 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU, - 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U, - 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U, - 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U, - 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U, - 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U, - 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U, - 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU, - - 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U, - 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U, - 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U, - 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U, - 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U, - 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU, - 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU, - 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U, - 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU, - 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U, - 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU, - 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU, - 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU, - 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU, - 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U, - 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U, - 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U, - 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U, - 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U, - 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U, - 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U, - 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU, - 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU, - 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U, - 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U, - 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU, - 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU, - 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U, - 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U, - 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U, - 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U, - 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U, - 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U, - 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U, - 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU, - 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U, - 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U, - 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U, - 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U, - 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U, - 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U, - 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU, - 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U, - 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U, -}, -{ - 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU, - 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU, - 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U, - 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U, - 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU, - 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU, - 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U, - 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU, - 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U, - 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU, - 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U, - 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U, - 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U, - 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U, - 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U, - 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU, - 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU, - 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U, - 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U, - 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU, - 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU, - 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U, - 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U, - 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U, - 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U, - 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU, - 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U, - 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U, - 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU, - 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU, - 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U, - 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U, - 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U, - 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU, - 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U, - 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U, - 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U, - 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U, - 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U, - 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U, - 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U, - 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU, - 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U, - 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U, - 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU, - 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU, - 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U, - 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU, - 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U, - 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U, - 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U, - 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U, - 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U, - 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U, - 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU, - 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU, - 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU, - 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU, - 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U, - 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U, - 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U, - 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU, - 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U, - 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U, -}, -{ - 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U, - 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U, - 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU, - 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU, - 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U, - 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U, - 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U, - 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU, - 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U, - 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU, - 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU, - 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU, - 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U, - 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U, - 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U, - 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U, - 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U, - 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U, - 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU, - 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U, - 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U, - 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU, - 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U, - 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U, - 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U, - 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU, - 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U, - 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U, - 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU, - 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U, - 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U, - 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU, - 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U, - 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU, - 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU, - 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U, - 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U, - 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U, - 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U, - 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU, - 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U, - 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U, - 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU, - 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU, - 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU, - 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U, - 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU, - 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U, - 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U, - 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U, - 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U, - 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU, - 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U, - 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU, - 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU, - 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU, - 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU, - 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U, - 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU, - 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U, - 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU, - 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U, - 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U, - 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU, -} -}; - -const byte AES::CTd4[256] = -{ - 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U, - 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU, - 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U, - 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU, - 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU, - 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU, - 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U, - 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U, - 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U, - 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U, - 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU, - 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U, - 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU, - 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U, - 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U, - 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU, - 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU, - 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U, - 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U, - 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU, - 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U, - 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU, - 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U, - 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U, - 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U, - 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU, - 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU, - 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU, - 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U, - 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U, - 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U, - 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU, -}; - - -const word32* AES::Te0 = AES::Te[0]; -const word32* AES::Te1 = AES::Te[1]; -const word32* AES::Te2 = AES::Te[2]; -const word32* AES::Te3 = AES::Te[3]; - -const word32* AES::Td0 = AES::Td[0]; -const word32* AES::Td1 = AES::Td[1]; -const word32* AES::Td2 = AES::Td[2]; -const word32* AES::Td3 = AES::Td[3]; - - - -} // namespace - diff --git a/extra/yassl/taocrypt/src/aestables.cpp b/extra/yassl/taocrypt/src/aestables.cpp deleted file mode 100644 index 7c6a53bdcd5..00000000000 --- a/extra/yassl/taocrypt/src/aestables.cpp +++ /dev/null @@ -1,36 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* based on Wei Dai's aestables.cpp from CryptoPP */ - -#include "runtime.hpp" -#include "aes.hpp" - - -namespace TaoCrypt { - - -const word32 AES::rcon_[] = { - 0x01000000, 0x02000000, 0x04000000, 0x08000000, - 0x10000000, 0x20000000, 0x40000000, 0x80000000, - 0x1B000000, 0x36000000, - /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ -}; - - -} // namespace diff --git a/extra/yassl/taocrypt/src/algebra.cpp b/extra/yassl/taocrypt/src/algebra.cpp deleted file mode 100644 index f12947a71c4..00000000000 --- a/extra/yassl/taocrypt/src/algebra.cpp +++ /dev/null @@ -1,327 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* based on Wei Dai's algebra.cpp from CryptoPP */ -#undef NDEBUG - -#include "runtime.hpp" -#include "algebra.hpp" -#ifdef USE_SYS_STL - #include <vector> -#else - #include "vector.hpp" -#endif - - -namespace STL = STL_NAMESPACE; - - -namespace TaoCrypt { - - -const Integer& AbstractGroup::Double(const Element &a) const -{ - return Add(a, a); -} - -const Integer& AbstractGroup::Subtract(const Element &a, const Element &b) const -{ - // make copy of a in case Inverse() overwrites it - Element a1(a); - return Add(a1, Inverse(b)); -} - -Integer& AbstractGroup::Accumulate(Element &a, const Element &b) const -{ - return a = Add(a, b); -} - -Integer& AbstractGroup::Reduce(Element &a, const Element &b) const -{ - return a = Subtract(a, b); -} - -const Integer& AbstractRing::Square(const Element &a) const -{ - return Multiply(a, a); -} - - -const Integer& AbstractRing::Divide(const Element &a, const Element &b) const -{ - // make copy of a in case MultiplicativeInverse() overwrites it - Element a1(a); - return Multiply(a1, MultiplicativeInverse(b)); -} - - -const Integer& AbstractEuclideanDomain::Mod(const Element &a, - const Element &b) const -{ - Element q; - DivisionAlgorithm(result, q, a, b); - return result; -} - -const Integer& AbstractEuclideanDomain::Gcd(const Element &a, - const Element &b) const -{ - STL::vector<Element> g(3); - g[0]= b; - g[1]= a; - unsigned int i0=0, i1=1, i2=2; - - while (!Equal(g[i1], this->Identity())) - { - g[i2] = Mod(g[i0], g[i1]); - unsigned int t = i0; i0 = i1; i1 = i2; i2 = t; - } - - return result = g[i0]; -} - - -Integer AbstractGroup::ScalarMultiply(const Element &base, - const Integer &exponent) const -{ - Element result; - SimultaneousMultiply(&result, base, &exponent, 1); - return result; -} - - -Integer AbstractGroup::CascadeScalarMultiply(const Element &x, - const Integer &e1, const Element &y, const Integer &e2) const -{ - const unsigned expLen = max(e1.BitCount(), e2.BitCount()); - if (expLen==0) - return Identity(); - - const unsigned w = (expLen <= 46 ? 1 : (expLen <= 260 ? 2 : 3)); - const unsigned tableSize = 1<<w; - STL::vector<Element> powerTable(tableSize << w); - - powerTable[1] = x; - powerTable[tableSize] = y; - if (w==1) - powerTable[3] = Add(x,y); - else - { - powerTable[2] = Double(x); - powerTable[2*tableSize] = Double(y); - - unsigned i, j; - - for (i=3; i<tableSize; i+=2) - powerTable[i] = Add(powerTable[i-2], powerTable[2]); - for (i=1; i<tableSize; i+=2) - for (j=i+tableSize; j<(tableSize<<w); j+=tableSize) - powerTable[j] = Add(powerTable[j-tableSize], y); - - for (i=3*tableSize; i<(tableSize<<w); i+=2*tableSize) - powerTable[i] = Add(powerTable[i-2*tableSize], - powerTable[2*tableSize]); - for (i=tableSize; i<(tableSize<<w); i+=2*tableSize) - for (j=i+2; j<i+tableSize; j+=2) - powerTable[j] = Add(powerTable[j-1], x); - } - - Element result; - unsigned power1 = 0, power2 = 0, prevPosition = expLen-1; - bool firstTime = true; - - for (int i = expLen-1; i>=0; i--) - { - power1 = 2*power1 + e1.GetBit(i); - power2 = 2*power2 + e2.GetBit(i); - - if (i==0 || 2*power1 >= tableSize || 2*power2 >= tableSize) - { - unsigned squaresBefore = prevPosition-i; - unsigned squaresAfter = 0; - prevPosition = i; - while ((power1 || power2) && power1%2 == 0 && power2%2==0) - { - power1 /= 2; - power2 /= 2; - squaresBefore--; - squaresAfter++; - } - if (firstTime) - { - result = powerTable[(power2<<w) + power1]; - firstTime = false; - } - else - { - while (squaresBefore--) - result = Double(result); - if (power1 || power2) - Accumulate(result, powerTable[(power2<<w) + power1]); - } - while (squaresAfter--) - result = Double(result); - power1 = power2 = 0; - } - } - return result; -} - - -struct WindowSlider -{ - WindowSlider(const Integer &exp, bool fastNegate, - unsigned int windowSizeIn=0) - : exp(exp), windowModulus(Integer::One()), windowSize(windowSizeIn), - windowBegin(0), fastNegate(fastNegate), firstTime(true), - finished(false) - { - if (windowSize == 0) - { - unsigned int expLen = exp.BitCount(); - windowSize = expLen <= 17 ? 1 : (expLen <= 24 ? 2 : - (expLen <= 70 ? 3 : (expLen <= 197 ? 4 : (expLen <= 539 ? 5 : - (expLen <= 1434 ? 6 : 7))))); - } - windowModulus <<= windowSize; - } - - void FindNextWindow() - { - unsigned int expLen = exp.WordCount() * WORD_BITS; - unsigned int skipCount = firstTime ? 0 : windowSize; - firstTime = false; - while (!exp.GetBit(skipCount)) - { - if (skipCount >= expLen) - { - finished = true; - return; - } - skipCount++; - } - - exp >>= skipCount; - windowBegin += skipCount; - expWindow = (unsigned int)(exp % (1LL << windowSize)); - - if (fastNegate && exp.GetBit(windowSize)) - { - negateNext = true; - expWindow = (1 << windowSize) - expWindow; - exp += windowModulus; - } - else - negateNext = false; - } - - Integer exp, windowModulus; - unsigned int windowSize, windowBegin, expWindow; - bool fastNegate, negateNext, firstTime, finished; -}; - - -void AbstractGroup::SimultaneousMultiply(Integer *results, const Integer &base, - const Integer *expBegin, unsigned int expCount) const -{ - STL::vector<STL::vector<Element> > buckets(expCount); - STL::vector<WindowSlider> exponents; - exponents.reserve(expCount); - unsigned int i; - - for (i=0; i<expCount; i++) - { - exponents.push_back(WindowSlider(*expBegin++, InversionIsFast(), 0)); - exponents[i].FindNextWindow(); - buckets[i].resize(size_t(1)<<(exponents[i].windowSize-1), Identity()); - } - - unsigned int expBitPosition = 0; - Element g = base; - bool notDone = true; - - while (notDone) - { - notDone = false; - for (i=0; i<expCount; i++) - { - if (!exponents[i].finished && expBitPosition == - exponents[i].windowBegin) - { - Element &bucket = buckets[i][exponents[i].expWindow/2]; - if (exponents[i].negateNext) - Accumulate(bucket, Inverse(g)); - else - Accumulate(bucket, g); - exponents[i].FindNextWindow(); - } - notDone = notDone || !exponents[i].finished; - } - - if (notDone) - { - g = Double(g); - expBitPosition++; - } - } - - for (i=0; i<expCount; i++) - { - Element &r = *results++; - r = buckets[i][buckets[i].size()-1]; - if (buckets[i].size() > 1) - { - for (size_t j = buckets[i].size()-2; j >= 1; j--) - { - Accumulate(buckets[i][j], buckets[i][j+1]); - Accumulate(r, buckets[i][j]); - } - Accumulate(buckets[i][0], buckets[i][1]); - r = Add(Double(r), buckets[i][0]); - } - } -} - -Integer AbstractRing::Exponentiate(const Element &base, - const Integer &exponent) const -{ - Element result; - SimultaneousExponentiate(&result, base, &exponent, 1); - return result; -} - - -Integer AbstractRing::CascadeExponentiate(const Element &x, - const Integer &e1, const Element &y, const Integer &e2) const -{ - return MultiplicativeGroup().AbstractGroup::CascadeScalarMultiply( - x, e1, y, e2); -} - - -void AbstractRing::SimultaneousExponentiate(Integer *results, - const Integer &base, - const Integer *exponents, unsigned int expCount) const -{ - MultiplicativeGroup().AbstractGroup::SimultaneousMultiply(results, base, - exponents, expCount); -} - - -} // namespace - diff --git a/extra/yassl/taocrypt/src/arc4.cpp b/extra/yassl/taocrypt/src/arc4.cpp deleted file mode 100644 index 6d11f5c113a..00000000000 --- a/extra/yassl/taocrypt/src/arc4.cpp +++ /dev/null @@ -1,243 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* based on Wei Dai's arc4.cpp from CryptoPP */ - -#include "runtime.hpp" -#include "arc4.hpp" - - -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_ARC4_ASM -#endif - - -namespace TaoCrypt { - -void ARC4::SetKey(const byte* key, word32 length) -{ - x_ = 1; - y_ = 0; - - word32 i; - - for (i = 0; i < STATE_SIZE; i++) - state_[i] = i; - - word32 keyIndex = 0, stateIndex = 0; - - for (i = 0; i < STATE_SIZE; i++) { - word32 a = state_[i]; - stateIndex += key[keyIndex] + a; - stateIndex &= 0xFF; - state_[i] = state_[stateIndex]; - state_[stateIndex] = a; - - if (++keyIndex >= length) - keyIndex = 0; - } -} - - -// local -namespace { - -inline unsigned int MakeByte(word32& x, word32& y, byte* s) -{ - word32 a = s[x]; - y = (y+a) & 0xff; - - word32 b = s[y]; - s[x] = b; - s[y] = a; - x = (x+1) & 0xff; - - return s[(a+b) & 0xff]; -} - -} // namespace - - - -void ARC4::Process(byte* out, const byte* in, word32 length) -{ - if (length == 0) return; - -#ifdef DO_ARC4_ASM - if (isMMX) { - AsmProcess(out, in, length); - return; - } -#endif - - byte *const s = state_; - word32 x = x_; - word32 y = y_; - - if (in == out) - while (length--) - *out++ ^= MakeByte(x, y, s); - else - while(length--) - *out++ = *in++ ^ MakeByte(x, y, s); - x_ = x; - y_ = y; -} - - - -#ifdef DO_ARC4_ASM - -#ifdef _MSC_VER - __declspec(naked) -#else - __attribute__ ((noinline)) -#endif -void ARC4::AsmProcess(byte* out, const byte* in, word32 length) -{ -#ifdef __GNUC__ - #define AS1(x) #x ";" - #define AS2(x, y) #x ", " #y ";" - - #define PROLOG() \ - __asm__ __volatile__ \ - ( \ - ".intel_syntax noprefix;" \ - "push ebx;" \ - "push ebp;" \ - "mov ebp, eax;" - #define EPILOG() \ - "pop ebp;" \ - "pop ebx;" \ - "emms;" \ - ".att_syntax;" \ - : \ - : "c" (this), "D" (out), "S" (in), "a" (length) \ - : "%edx", "memory", "cc" \ - ); - -#else - #define AS1(x) __asm x - #define AS2(x, y) __asm x, y - - #define PROLOG() \ - AS1( push ebp ) \ - AS2( mov ebp, esp ) \ - AS2( movd mm3, edi ) \ - AS2( movd mm4, ebx ) \ - AS2( movd mm5, esi ) \ - AS2( movd mm6, ebp ) \ - AS2( mov edi, DWORD PTR [ebp + 8] ) \ - AS2( mov esi, DWORD PTR [ebp + 12] ) \ - AS2( mov ebp, DWORD PTR [ebp + 16] ) - - #define EPILOG() \ - AS2( movd ebp, mm6 ) \ - AS2( movd esi, mm5 ) \ - AS2( movd ebx, mm4 ) \ - AS2( movd edi, mm3 ) \ - AS2( mov esp, ebp ) \ - AS1( pop ebp ) \ - AS1( emms ) \ - AS1( ret 12 ) - -#endif - - PROLOG() - - AS2( sub esp, 4 ) // make room - - AS2( cmp ebp, 0 ) - AS1( jz nothing ) - - AS2( mov [esp], ebp ) // length - - AS2( movzx edx, BYTE PTR [ecx + 1] ) // y - AS2( lea ebp, [ecx + 2] ) // state_ - AS2( movzx ecx, BYTE PTR [ecx] ) // x - - // setup loop - // a = s[x]; - AS2( movzx eax, BYTE PTR [ebp + ecx] ) - - -#ifdef _MSC_VER - AS1( loopStart: ) // loopStart -#else - AS1( 0: ) // loopStart for some gas (need numeric for jump back -#endif - - // y = (y+a) & 0xff; - AS2( add edx, eax ) - AS2( and edx, 255 ) - - // b = s[y]; - AS2( movzx ebx, BYTE PTR [ebp + edx] ) - - // s[x] = b; - AS2( mov [ebp + ecx], bl ) - - // s[y] = a; - AS2( mov [ebp + edx], al ) - - // x = (x+1) & 0xff; - AS1( inc ecx ) - AS2( and ecx, 255 ) - - //return s[(a+b) & 0xff]; - AS2( add eax, ebx ) - AS2( and eax, 255 ) - - AS2( movzx ebx, BYTE PTR [ebp + eax] ) - - // a = s[x]; for next round - AS2( movzx eax, BYTE PTR [ebp + ecx] ) - - // xOr w/ inByte - AS2( xor bl, BYTE PTR [esi] ) - AS1( inc esi ) - - // write to outByte - AS2( mov [edi], bl ) - AS1( inc edi ) - - AS1( dec DWORD PTR [esp] ) -#ifdef _MSC_VER - AS1( jnz loopStart ) // loopStart -#else - AS1( jnz 0b ) // loopStart -#endif - - - // write back to x_ and y_ - AS2( mov [ebp - 2], cl ) - AS2( mov [ebp - 1], dl ) - - -AS1( nothing: ) - - // inline adjust - AS2( add esp, 4 ) // fix room on stack - - EPILOG() -} - -#endif // DO_ARC4_ASM - - -} // namespace diff --git a/extra/yassl/taocrypt/src/asn.cpp b/extra/yassl/taocrypt/src/asn.cpp deleted file mode 100644 index 0a677c4b0f8..00000000000 --- a/extra/yassl/taocrypt/src/asn.cpp +++ /dev/null @@ -1,1344 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* asn.cpp implements ASN1 BER, PublicKey, and x509v3 decoding -*/ - -#include "runtime.hpp" -#include "asn.hpp" -#include "file.hpp" -#include "integer.hpp" -#include "rsa.hpp" -#include "dsa.hpp" -#include "dh.hpp" -#include "md5.hpp" -#include "md2.hpp" -#include "sha.hpp" -#include "coding.hpp" -#include <time.h> // gmtime(); -#include "memory.hpp" // some auto_ptr don't have reset, also need auto_array -#include <assert.h> - -namespace TaoCrypt { - -// like atoi but only use first byte -word32 btoi(byte b) -{ - return b - 0x30; -} - - -// two byte date/time, add to value -void GetTime(int *value, const byte* date, int& i) -{ - *value += btoi(date[i++]) * 10; - *value += btoi(date[i++]); -} - - -void ASN1_TIME_extract(const unsigned char* date, unsigned char format, - tm *t) -{ - int i = 0; - memset(t, 0, sizeof (tm)); - - assert(format == UTC_TIME || format == GENERALIZED_TIME); - - if (format == UTC_TIME) { - if (btoi(date[0]) >= 5) - t->tm_year = 1900; - else - t->tm_year = 2000; - } - else { // format == GENERALIZED_TIME - t->tm_year += btoi(date[i++]) * 1000; - t->tm_year += btoi(date[i++]) * 100; - } - - GetTime(&t->tm_year, date, i); t->tm_year -= 1900; // adjust - GetTime(&t->tm_mon, date, i); t->tm_mon -= 1; // adjust - GetTime(&t->tm_mday, date, i); - GetTime(&t->tm_hour, date, i); - GetTime(&t->tm_min, date, i); - GetTime(&t->tm_sec, date, i); - - assert(date[i] == 'Z'); // only Zulu supported for this profile -} - - -namespace { // locals - - -// to the second -bool operator>(tm& a, tm& b) -{ - if (a.tm_year > b.tm_year) - return true; - - if (a.tm_year == b.tm_year && a.tm_mon > b.tm_mon) - return true; - - if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon && a.tm_mday >b.tm_mday) - return true; - - if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon && - a.tm_mday == b.tm_mday && a.tm_hour > b.tm_hour) - return true; - - if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon && - a.tm_mday == b.tm_mday && a.tm_hour == b.tm_hour && - a.tm_min > b.tm_min) - return true; - - if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon && - a.tm_mday == b.tm_mday && a.tm_hour == b.tm_hour && - a.tm_min == b.tm_min && a.tm_sec > b.tm_sec) - return true; - - return false; -} - - -bool operator<(tm& a, tm&b) -{ - return (b>a); -} - - -// Make sure before and after dates are valid -bool ValidateDate(const byte* date, byte format, CertDecoder::DateType dt) -{ - tm certTime; - time_t ltime = time(0); - tm* localTime = gmtime(<ime); - - ASN1_TIME_extract(date, format, &certTime); - - if (dt == CertDecoder::BEFORE) { - if (*localTime < certTime) - return false; - } - else - if (*localTime > certTime) - return false; - - return true; -} - - -class BadCertificate {}; - -} // local namespace - - - -// used by Integer as well -word32 GetLength(Source& source) -{ - word32 length = 0; - - byte b = source.next(); - if (b >= LONG_LENGTH) { - word32 bytes = b & 0x7F; - - if (source.IsLeft(bytes) == false) return 0; - - while (bytes--) { - b = source.next(); - length = (length << 8) | b; - } - } - else - length = b; - - if (source.IsLeft(length) == false) return 0; - - return length; -} - - -word32 SetLength(word32 length, byte* output) -{ - word32 i = 0; - - if (length < LONG_LENGTH) - output[i++] = length; - else { - output[i++] = BytePrecision(length) | 0x80; - - for (int j = BytePrecision(length); j; --j) { - output[i] = length >> (j - 1) * 8; - i++; - } - } - return i; -} - - -PublicKey::PublicKey(const byte* k, word32 s) : key_(0), sz_(0) -{ - if (s) { - SetSize(s); - SetKey(k); - } -} - - -void PublicKey::SetSize(word32 s) -{ - sz_ = s; - key_ = NEW_TC byte[sz_]; -} - - -void PublicKey::SetKey(const byte* k) -{ - memcpy(key_, k, sz_); -} - - -void PublicKey::AddToEnd(const byte* data, word32 len) -{ - mySTL::auto_array<byte> tmp(NEW_TC byte[sz_ + len]); - - memcpy(tmp.get(), key_, sz_); - memcpy(tmp.get() + sz_, data, len); - - byte* del = 0; - STL::swap(del, key_); - tcArrayDelete(del); - - key_ = tmp.release(); - sz_ += len; -} - - -Signer::Signer(const byte* k, word32 kSz, const char* n, const byte* h) - : key_(k, kSz) -{ - size_t sz = strlen(n); - memcpy(name_, n, sz); - name_[sz] = 0; - - memcpy(hash_, h, SHA::DIGEST_SIZE); -} - -Signer::~Signer() -{ -} - - -Error BER_Decoder::GetError() -{ - return source_.GetError(); -} - - -Integer& BER_Decoder::GetInteger(Integer& integer) -{ - if (!source_.GetError().What()) - integer.Decode(source_); - return integer; -} - - -// Read a Sequence, return length -word32 BER_Decoder::GetSequence() -{ - if (source_.GetError().What()) return 0; - - byte b = source_.next(); - if (b != (SEQUENCE | CONSTRUCTED)) { - source_.SetError(SEQUENCE_E); - return 0; - } - - return GetLength(source_); -} - - -// Read a Sequence, return length -word32 BER_Decoder::GetSet() -{ - if (source_.GetError().What()) return 0; - - byte b = source_.next(); - if (b != (SET | CONSTRUCTED)) { - source_.SetError(SET_E); - return 0; - } - - return GetLength(source_); -} - - -// Read Version, return it -word32 BER_Decoder::GetVersion() -{ - if (source_.GetError().What()) return 0; - - byte b = source_.next(); - if (b != INTEGER) { - source_.SetError(INTEGER_E); - return 0; - } - - b = source_.next(); - if (b != 0x01) { - source_.SetError(VERSION_E); - return 0; - } - - return source_.next(); -} - - -// Read ExplicitVersion, return it or 0 if not there (not an error) -word32 BER_Decoder::GetExplicitVersion() -{ - if (source_.GetError().What()) return 0; - - byte b = source_.next(); - - if (b == (CONTEXT_SPECIFIC | CONSTRUCTED)) { // not an error if not here - source_.next(); - return GetVersion(); - } - else - source_.prev(); // put back - - return 0; -} - - -// Decode a BER encoded RSA Private Key -void RSA_Private_Decoder::Decode(RSA_PrivateKey& key) -{ - ReadHeader(); - if (source_.GetError().What()) return; - // public - key.SetModulus(GetInteger(Integer().Ref())); - key.SetPublicExponent(GetInteger(Integer().Ref())); - - // private - key.SetPrivateExponent(GetInteger(Integer().Ref())); - key.SetPrime1(GetInteger(Integer().Ref())); - key.SetPrime2(GetInteger(Integer().Ref())); - key.SetModPrime1PrivateExponent(GetInteger(Integer().Ref())); - key.SetModPrime2PrivateExponent(GetInteger(Integer().Ref())); - key.SetMultiplicativeInverseOfPrime2ModPrime1(GetInteger(Integer().Ref())); -} - - -void RSA_Private_Decoder::ReadHeader() -{ - GetSequence(); - GetVersion(); -} - - -// Decode a BER encoded DSA Private Key -void DSA_Private_Decoder::Decode(DSA_PrivateKey& key) -{ - ReadHeader(); - if (source_.GetError().What()) return; - // group parameters - key.SetModulus(GetInteger(Integer().Ref())); - key.SetSubGroupOrder(GetInteger(Integer().Ref())); - key.SetSubGroupGenerator(GetInteger(Integer().Ref())); - - // key - key.SetPublicPart(GetInteger(Integer().Ref())); - key.SetPrivatePart(GetInteger(Integer().Ref())); -} - - -void DSA_Private_Decoder::ReadHeader() -{ - GetSequence(); - GetVersion(); -} - - -// Decode a BER encoded RSA Public Key -void RSA_Public_Decoder::Decode(RSA_PublicKey& key) -{ - ReadHeader(); - if (source_.GetError().What()) return; - - ReadHeaderOpenSSL(); // may or may not be - if (source_.GetError().What()) return; - - // public key - key.SetModulus(GetInteger(Integer().Ref())); - key.SetPublicExponent(GetInteger(Integer().Ref())); -} - - -// Read OpenSSL format public header -void RSA_Public_Decoder::ReadHeaderOpenSSL() -{ - byte b = source_.next(); // peek - source_.prev(); - - if (b != INTEGER) { // have OpenSSL public format - GetSequence(); - b = source_.next(); - if (b != OBJECT_IDENTIFIER) { - source_.SetError(OBJECT_ID_E); - return; - } - - word32 len = GetLength(source_); - source_.advance(len); - - b = source_.next(); - if (b == TAG_NULL) { // could have NULL tag and 0 terminator, may not - b = source_.next(); - if (b != 0) { - source_.SetError(EXPECT_0_E); - return; - } - } - else - source_.prev(); // put back - - b = source_.next(); - if (b != BIT_STRING) { - source_.SetError(BIT_STR_E); - return; - } - - len = GetLength(source_); - b = source_.next(); - if (b != 0) // could have 0 - source_.prev(); // put back - - GetSequence(); - } -} - - -void RSA_Public_Decoder::ReadHeader() -{ - GetSequence(); -} - - -// Decode a BER encoded DSA Public Key -void DSA_Public_Decoder::Decode(DSA_PublicKey& key) -{ - ReadHeader(); - if (source_.GetError().What()) return; - - // group parameters - key.SetModulus(GetInteger(Integer().Ref())); - key.SetSubGroupOrder(GetInteger(Integer().Ref())); - key.SetSubGroupGenerator(GetInteger(Integer().Ref())); - - // key - key.SetPublicPart(GetInteger(Integer().Ref())); -} - - -void DSA_Public_Decoder::ReadHeader() -{ - GetSequence(); -} - - -void DH_Decoder::ReadHeader() -{ - GetSequence(); -} - - -// Decode a BER encoded Diffie-Hellman Key -void DH_Decoder::Decode(DH& key) -{ - ReadHeader(); - if (source_.GetError().What()) return; - - // group parms - key.SetP(GetInteger(Integer().Ref())); - key.SetG(GetInteger(Integer().Ref())); -} - - -CertDecoder::CertDecoder(Source& s, bool decode, SignerList* signers, - bool noVerify, CertType ct) - : BER_Decoder(s), certBegin_(0), sigIndex_(0), sigLength_(0), subCnPos_(-1), - subCnLen_(0), issCnPos_(-1), issCnLen_(0), signature_(0), - verify_(!noVerify) -{ - issuer_[0] = 0; - subject_[0] = 0; - - if (decode) - Decode(signers, ct); - -} - - -CertDecoder::~CertDecoder() -{ - tcArrayDelete(signature_); -} - - -// process certificate header, set signature offset -void CertDecoder::ReadHeader() -{ - if (source_.GetError().What()) return; - - GetSequence(); // total - certBegin_ = source_.get_index(); - - sigIndex_ = GetSequence(); // this cert - sigIndex_ += source_.get_index(); - - GetExplicitVersion(); // version - GetInteger(Integer().Ref()); // serial number -} - - -// Decode a x509v3 Certificate -void CertDecoder::Decode(SignerList* signers, CertType ct) -{ - if (source_.GetError().What()) return; - DecodeToKey(); - if (source_.GetError().What()) return; - - if (source_.get_index() != sigIndex_) - source_.set_index(sigIndex_); - - word32 confirmOID = GetAlgoId(); - GetSignature(); - if (source_.GetError().What()) return; - - if ( confirmOID != signatureOID_ ) { - source_.SetError(SIG_OID_E); - return; - } - - if (ct != CA && verify_ && !ValidateSignature(signers)) - source_.SetError(SIG_OTHER_E); -} - - -void CertDecoder::DecodeToKey() -{ - ReadHeader(); - signatureOID_ = GetAlgoId(); - GetName(ISSUER); - GetValidity(); - GetName(SUBJECT); - GetKey(); -} - - -// Read public key -void CertDecoder::GetKey() -{ - if (source_.GetError().What()) return; - - GetSequence(); - keyOID_ = GetAlgoId(); - - if (keyOID_ == RSAk) { - byte b = source_.next(); - if (b != BIT_STRING) { - source_.SetError(BIT_STR_E); - return; - } - b = source_.next(); // length, future - b = source_.next(); - while(b != 0) - b = source_.next(); - } - else if (keyOID_ == DSAk) - ; // do nothing - else { - source_.SetError(UNKNOWN_OID_E); - return; - } - - StoreKey(); - if (keyOID_ == DSAk) - AddDSA(); -} - - -// Save public key -void CertDecoder::StoreKey() -{ - if (source_.GetError().What()) return; - - word32 read = source_.get_index(); - word32 length = GetSequence(); - - read = source_.get_index() - read; - length += read; - - if (source_.GetError().What()) return; - while (read--) source_.prev(); - - if (source_.IsLeft(length) == false) return; - key_.SetSize(length); - key_.SetKey(source_.get_current()); - source_.advance(length); -} - - -// DSA has public key after group -void CertDecoder::AddDSA() -{ - if (source_.GetError().What()) return; - - byte b = source_.next(); - if (b != BIT_STRING) { - source_.SetError(BIT_STR_E); - return; - } - b = source_.next(); // length, future - b = source_.next(); - while(b != 0) - b = source_.next(); - - word32 idx = source_.get_index(); - b = source_.next(); - if (b != INTEGER) { - source_.SetError(INTEGER_E); - return; - } - - word32 length = GetLength(source_); - length += source_.get_index() - idx; - - if (source_.IsLeft(length) == false) return; - - key_.AddToEnd(source_.get_buffer() + idx, length); -} - - -// process algo OID by summing, return it -word32 CertDecoder::GetAlgoId() -{ - if (source_.GetError().What()) return 0; - word32 length = GetSequence(); - - if (source_.GetError().What()) return 0; - - byte b = source_.next(); - if (b != OBJECT_IDENTIFIER) { - source_.SetError(OBJECT_ID_E); - return 0; - } - - length = GetLength(source_); - if (source_.IsLeft(length) == false) return 0; - - word32 oid = 0; - while(length--) - oid += source_.next(); // just sum it up for now - - // could have NULL tag and 0 terminator, but may not - b = source_.next(); - if (b == TAG_NULL) { - b = source_.next(); - if (b != 0) { - source_.SetError(EXPECT_0_E); - return 0; - } - } - else - // go back, didn't have it - b = source_.prev(); - - return oid; -} - - -// read cert signature, store in signature_ -word32 CertDecoder::GetSignature() -{ - if (source_.GetError().What()) return 0; - byte b = source_.next(); - - if (b != BIT_STRING) { - source_.SetError(BIT_STR_E); - return 0; - } - - sigLength_ = GetLength(source_); - if (sigLength_ <= 1 || source_.IsLeft(sigLength_) == false) { - source_.SetError(CONTENT_E); - return 0; - } - - b = source_.next(); - if (b != 0) { - source_.SetError(EXPECT_0_E); - return 0; - } - sigLength_--; - - signature_ = NEW_TC byte[sigLength_]; - memcpy(signature_, source_.get_current(), sigLength_); - source_.advance(sigLength_); - - return sigLength_; -} - - -// read cert digest, store in signature_ -word32 CertDecoder::GetDigest() -{ - if (source_.GetError().What()) return 0; - byte b = source_.next(); - - if (b != OCTET_STRING) { - source_.SetError(OCTET_STR_E); - return 0; - } - - sigLength_ = GetLength(source_); - - signature_ = NEW_TC byte[sigLength_]; - memcpy(signature_, source_.get_current(), sigLength_); - source_.advance(sigLength_); - - return sigLength_; -} - - -// memory length checked add tag to buffer -char* CertDecoder::AddTag(char* ptr, const char* buf_end, const char* tag_name, - word32 tag_name_length, word32 tag_value_length) -{ - if (ptr + tag_name_length + tag_value_length > buf_end) { - source_.SetError(CONTENT_E); - return 0; - } - - memcpy(ptr, tag_name, tag_name_length); - ptr += tag_name_length; - - memcpy(ptr, source_.get_current(), tag_value_length); - ptr += tag_value_length; - - return ptr; -} - - -// process NAME, either issuer or subject -void CertDecoder::GetName(NameType nt) -{ - if (source_.GetError().What()) return; - - SHA sha; - word32 length = GetSequence(); // length of all distinguished names - - if (length >= ASN_NAME_MAX) - return; - if (source_.IsLeft(length) == false) return; - length += source_.get_index(); - - char* ptr; - char* buf_end; - - if (nt == ISSUER) { - ptr = issuer_; - buf_end = ptr + sizeof(issuer_) - 1; // 1 byte for trailing 0 - } - else { - ptr = subject_; - buf_end = ptr + sizeof(subject_) - 1; // 1 byte for trailing 0 - } - - while (source_.get_index() < length) { - GetSet(); - if (source_.GetError().What() == SET_E) { - source_.SetError(NO_ERROR_E); // extensions may only have sequence - source_.prev(); - } - GetSequence(); - - byte b = source_.next(); - if (b != OBJECT_IDENTIFIER) { - source_.SetError(OBJECT_ID_E); - return; - } - - word32 oidSz = GetLength(source_); - if (source_.IsLeft(oidSz) == false) return; - - byte joint[2]; - if (source_.IsLeft(sizeof(joint)) == false) return; - memcpy(joint, source_.get_current(), sizeof(joint)); - - // v1 name types - if (joint[0] == 0x55 && joint[1] == 0x04) { - source_.advance(2); - byte id = source_.next(); - b = source_.next(); // strType - word32 strLen = GetLength(source_); - - if (source_.IsLeft(strLen) == false) return; - - switch (id) { - case COMMON_NAME: - if (!(ptr = AddTag(ptr, buf_end, "/CN=", 4, strLen))) - return; - if (nt == ISSUER) { - issCnPos_ = (int)(ptr - strLen - issuer_); - issCnLen_ = (int)strLen; - } else { - subCnPos_ = (int)(ptr - strLen - subject_); - subCnLen_ = (int)strLen; - } - break; - case SUR_NAME: - if (!(ptr = AddTag(ptr, buf_end, "/SN=", 4, strLen))) - return; - break; - case COUNTRY_NAME: - if (!(ptr = AddTag(ptr, buf_end, "/C=", 3, strLen))) - return; - break; - case LOCALITY_NAME: - if (!(ptr = AddTag(ptr, buf_end, "/L=", 3, strLen))) - return; - break; - case STATE_NAME: - if (!(ptr = AddTag(ptr, buf_end, "/ST=", 4, strLen))) - return; - break; - case ORG_NAME: - if (!(ptr = AddTag(ptr, buf_end, "/O=", 3, strLen))) - return; - break; - case ORGUNIT_NAME: - if (!(ptr = AddTag(ptr, buf_end, "/OU=", 4, strLen))) - return; - break; - } - - sha.Update(source_.get_current(), strLen); - source_.advance(strLen); - } - else { - bool email = false; - if (joint[0] == 0x2a && joint[1] == 0x86) // email id hdr - email = true; - - source_.advance(oidSz + 1); - word32 length = GetLength(source_); - if (source_.IsLeft(length) == false) return; - - if (email) { - if (!(ptr = AddTag(ptr, buf_end, "/emailAddress=", 14, length))) - return; - } - - source_.advance(length); - } - } - - *ptr = 0; - - if (nt == ISSUER) - sha.Final(issuerHash_); - else - sha.Final(subjectHash_); -} - - -// process a Date, either BEFORE or AFTER -void CertDecoder::GetDate(DateType dt) -{ - if (source_.GetError().What()) return; - - byte b = source_.next(); - if (b != UTC_TIME && b != GENERALIZED_TIME) { - source_.SetError(TIME_E); - return; - } - - word32 length = GetLength(source_); - if (source_.IsLeft(length) == false) return; - - byte date[MAX_DATE_SZ]; - if (length > MAX_DATE_SZ || length < MIN_DATE_SZ) { - source_.SetError(DATE_SZ_E); - return; - } - - memcpy(date, source_.get_current(), length); - source_.advance(length); - - if (!ValidateDate(date, b, dt) && verify_) { - if (dt == BEFORE) - source_.SetError(BEFORE_DATE_E); - else - source_.SetError(AFTER_DATE_E); - } - - // save for later use - if (dt == BEFORE) { - memcpy(beforeDate_, date, length); - beforeDate_[length] = 0; - beforeDateType_= b; - } - else { // after - memcpy(afterDate_, date, length); - afterDate_[length] = 0; - afterDateType_= b; - } -} - - -void CertDecoder::GetValidity() -{ - if (source_.GetError().What()) return; - - GetSequence(); - GetDate(BEFORE); - GetDate(AFTER); -} - - -bool CertDecoder::ValidateSelfSignature() -{ - Source pub(key_.GetKey(), key_.size()); - return ConfirmSignature(pub); -} - - -// extract compare signature hash from plain and place into digest -void CertDecoder::GetCompareHash(const byte* plain, word32 sz, byte* digest, - word32 digSz) -{ - if (source_.GetError().What()) return; - - Source s(plain, sz); - CertDecoder dec(s, false); - - dec.GetSequence(); - dec.GetAlgoId(); - dec.GetDigest(); - - if (dec.sigLength_ > digSz) { - source_.SetError(SIG_LEN_E); - return; - } - - memcpy(digest, dec.signature_, dec.sigLength_); -} - - -// validate signature signed by someone else -bool CertDecoder::ValidateSignature(SignerList* signers) -{ - if (!signers) - return false; - - SignerList::iterator first = signers->begin(); - SignerList::iterator last = signers->end(); - - while (first != last) { - if ( memcmp(issuerHash_, (*first)->GetHash(), SHA::DIGEST_SIZE) == 0) { - - const PublicKey& iKey = (*first)->GetPublicKey(); - Source pub(iKey.GetKey(), iKey.size()); - return ConfirmSignature(pub); - } - ++first; - } - return false; -} - - -// confirm certificate signature -bool CertDecoder::ConfirmSignature(Source& pub) -{ - HashType ht; - mySTL::auto_ptr<HASH> hasher; - - if (signatureOID_ == MD5wRSA) { - hasher.reset(NEW_TC MD5); - ht = MD5h; - } - else if (signatureOID_ == MD2wRSA) { - hasher.reset(NEW_TC MD2); - ht = MD2h; - } - else if (signatureOID_ == SHAwRSA || signatureOID_ == SHAwDSA) { - hasher.reset(NEW_TC SHA); - ht = SHAh; - } - else if (signatureOID_ == SHA256wRSA || signatureOID_ == SHA256wDSA) { - hasher.reset(NEW_TC SHA256); - ht = SHA256h; - } -#ifdef WORD64_AVAILABLE - else if (signatureOID_ == SHA384wRSA) { - hasher.reset(NEW_TC SHA384); - ht = SHA384h; - } - else if (signatureOID_ == SHA512wRSA) { - hasher.reset(NEW_TC SHA512); - ht = SHA512h; - } -#endif - else { - source_.SetError(UNKOWN_SIG_E); - return false; - } - - byte digest[MAX_SHA2_DIGEST_SIZE]; // largest size - - hasher->Update(source_.get_buffer() + certBegin_, sigIndex_ - certBegin_); - hasher->Final(digest); - - if (keyOID_ == RSAk) { - // put in ASN.1 signature format - Source build; - Signature_Encoder(digest, hasher->getDigestSize(), ht, build); - - RSA_PublicKey pubKey(pub); - RSAES_Encryptor enc(pubKey); - - if (pubKey.FixedCiphertextLength() != sigLength_) { - source_.SetError(SIG_LEN_E); - return false; - } - - return enc.SSL_Verify(build.get_buffer(), build.size(), signature_); - } - else { // DSA - // extract r and s from sequence - byte seqDecoded[DSA_SIG_SZ]; - memset(seqDecoded, 0, sizeof(seqDecoded)); - DecodeDSA_Signature(seqDecoded, signature_, sigLength_); - - DSA_PublicKey pubKey(pub); - DSA_Verifier ver(pubKey); - - return ver.Verify(digest, seqDecoded); - } -} - - -Signature_Encoder::Signature_Encoder(const byte* dig, word32 digSz, - HashType digOID, Source& source) -{ - // build bottom up - - // Digest - byte digArray[MAX_DIGEST_SZ]; - word32 digestSz = SetDigest(dig, digSz, digArray); - - // AlgoID - byte algoArray[MAX_ALGO_SZ]; - word32 algoSz = SetAlgoID(digOID, algoArray); - - // Sequence - byte seqArray[MAX_SEQ_SZ]; - word32 seqSz = SetSequence(digestSz + algoSz, seqArray); - - source.grow(seqSz + algoSz + digestSz); // make sure enough room - source.add(seqArray, seqSz); - source.add(algoArray, algoSz); - source.add(digArray, digestSz); -} - - - -word32 Signature_Encoder::SetDigest(const byte* d, word32 dSz, byte* output) -{ - output[0] = OCTET_STRING; - output[1] = dSz; - memcpy(&output[2], d, dSz); - - return dSz + 2; -} - - - -word32 DER_Encoder::SetAlgoID(HashType aOID, byte* output) -{ - // adding TAG_NULL and 0 to end - static const byte shaAlgoID[] = { 0x2b, 0x0e, 0x03, 0x02, 0x1a, - 0x05, 0x00 }; - static const byte md5AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x02, 0x05, 0x05, 0x00 }; - static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x02, 0x02, 0x05, 0x00}; - static const byte sha256AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, - 0x04, 0x02, 0x01, 0x05, 0x00 }; - static const byte sha384AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, - 0x04, 0x02, 0x02, 0x05, 0x00 }; - static const byte sha512AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, - 0x04, 0x02, 0x03, 0x05, 0x00 }; - - int algoSz = 0; - const byte* algoName = 0; - - switch (aOID) { - case SHAh: - algoSz = sizeof(shaAlgoID); - algoName = shaAlgoID; - break; - - case SHA256h: - algoSz = sizeof(sha256AlgoID); - algoName = sha256AlgoID; - break; - - case SHA384h: - algoSz = sizeof(sha384AlgoID); - algoName = sha384AlgoID; - break; - - case SHA512h: - algoSz = sizeof(sha512AlgoID); - algoName = sha512AlgoID; - break; - - case MD2h: - algoSz = sizeof(md2AlgoID); - algoName = md2AlgoID; - break; - - case MD5h: - algoSz = sizeof(md5AlgoID); - algoName = md5AlgoID; - break; - - default: - error_.SetError(UNKOWN_HASH_E); - return 0; - } - - - byte ID_Length[MAX_LENGTH_SZ]; - word32 idSz = SetLength(algoSz - 2, ID_Length); // don't include TAG_NULL/0 - - byte seqArray[MAX_SEQ_SZ + 1]; // add object_id to end - word32 seqSz = SetSequence(idSz + algoSz + 1, seqArray); - seqArray[seqSz++] = OBJECT_IDENTIFIER; - - memcpy(output, seqArray, seqSz); - memcpy(output + seqSz, ID_Length, idSz); - memcpy(output + seqSz + idSz, algoName, algoSz); - - return seqSz + idSz + algoSz; -} - - -word32 SetSequence(word32 len, byte* output) -{ - - output[0] = SEQUENCE | CONSTRUCTED; - return SetLength(len, output + 1) + 1; -} - - -word32 EncodeDSA_Signature(const byte* signature, byte* output) -{ - Integer r(signature, 20); - Integer s(signature + 20, 20); - - return EncodeDSA_Signature(r, s, output); -} - - -word32 EncodeDSA_Signature(const Integer& r, const Integer& s, byte* output) -{ - word32 rSz = r.ByteCount(); - word32 sSz = s.ByteCount(); - - byte rLen[MAX_LENGTH_SZ + 1]; - byte sLen[MAX_LENGTH_SZ + 1]; - - rLen[0] = INTEGER; - sLen[0] = INTEGER; - - word32 rLenSz = SetLength(rSz, &rLen[1]) + 1; - word32 sLenSz = SetLength(sSz, &sLen[1]) + 1; - - byte seqArray[MAX_SEQ_SZ]; - - word32 seqSz = SetSequence(rLenSz + rSz + sLenSz + sSz, seqArray); - - // seq - memcpy(output, seqArray, seqSz); - // r - memcpy(output + seqSz, rLen, rLenSz); - r.Encode(output + seqSz + rLenSz, rSz); - // s - memcpy(output + seqSz + rLenSz + rSz, sLen, sLenSz); - s.Encode(output + seqSz + rLenSz + rSz + sLenSz, sSz); - - return seqSz + rLenSz + rSz + sLenSz + sSz; -} - - -// put sequence encoded dsa signature into decoded in 2 20 byte integers -word32 DecodeDSA_Signature(byte* decoded, const byte* encoded, word32 sz) -{ - Source source(encoded, sz); - - if (source.next() != (SEQUENCE | CONSTRUCTED)) { - source.SetError(SEQUENCE_E); - return 0; - } - - GetLength(source); // total - - // r - if (source.next() != INTEGER) { - source.SetError(INTEGER_E); - return 0; - } - word32 rLen = GetLength(source); - if (rLen != 20) { - while (rLen > 20 && source.remaining() > 0) { // zero's at front, eat - source.next(); - --rLen; - } - if (rLen < 20) { // add zero's to front so 20 bytes - word32 tmpLen = rLen; - while (tmpLen < 20) { - decoded[0] = 0; - decoded++; - tmpLen++; - } - } - } - memcpy(decoded, source.get_buffer() + source.get_index(), rLen); - source.advance(rLen); - - // s - if (source.next() != INTEGER) { - source.SetError(INTEGER_E); - return 0; - } - word32 sLen = GetLength(source); - if (sLen != 20) { - while (sLen > 20 && source.remaining() > 0) { - source.next(); // zero's at front, eat - --sLen; - } - if (sLen < 20) { // add zero's to front so 20 bytes - word32 tmpLen = sLen; - while (tmpLen < 20) { - decoded[rLen] = 0; - decoded++; - tmpLen++; - } - } - } - memcpy(decoded + rLen, source.get_buffer() + source.get_index(), sLen); - source.advance(sLen); - - return 40; -} - - -/* -// Get Cert in PEM format from BEGIN to END -int GetCert(Source& source) -{ - char header[] = "-----BEGIN CERTIFICATE-----"; - char footer[] = "-----END CERTIFICATE-----"; - - char* begin = strstr((char*)source.get_buffer(), header); - char* end = strstr((char*)source.get_buffer(), footer); - - if (!begin || !end || begin >= end) return -1; - - end += strlen(footer); - if (*end == '\r') end++; - - Source tmp((byte*)begin, end - begin + 1); - source.Swap(tmp); - - return 0; -} - - - -// Decode a BER encoded PKCS12 structure -void PKCS12_Decoder::Decode() -{ - ReadHeader(); - if (source_.GetError().What()) return; - - // Get AuthSafe - - GetSequence(); - - // get object id - byte obj_id = source_.next(); - if (obj_id != OBJECT_IDENTIFIER) { - source_.SetError(OBJECT_ID_E); - return; - } - - word32 length = GetLength(source_); - - word32 algo_sum = 0; - while (length--) - algo_sum += source_.next(); - - - - - - - // Get MacData optional - // mac digestInfo like certdecoder::getdigest? - // macsalt octet string - // iter integer - -} - - -void PKCS12_Decoder::ReadHeader() -{ - // Gets Version - GetSequence(); - GetVersion(); -} - - -// Get Cert in PEM format from pkcs12 file -int GetPKCS_Cert(const char* password, Source& source) -{ - PKCS12_Decoder pkcs12(source); - pkcs12.Decode(); - - return 0; -} -*/ - - - -} // namespace diff --git a/extra/yassl/taocrypt/src/bftables.cpp b/extra/yassl/taocrypt/src/bftables.cpp deleted file mode 100644 index 088f9778da1..00000000000 --- a/extra/yassl/taocrypt/src/bftables.cpp +++ /dev/null @@ -1,304 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* based on Wei Dai's bfinit.cpp from CryptoPP */ - -#include "runtime.hpp" -#include "blowfish.hpp" - - -namespace TaoCrypt { - -const word32 Blowfish::p_init_[Blowfish::ROUNDS+2] = -{ - 608135816U, 2242054355U, 320440878U, 57701188U, - 2752067618U, 698298832U, 137296536U, 3964562569U, - 1160258022U, 953160567U, 3193202383U, 887688300U, - 3232508343U, 3380367581U, 1065670069U, 3041331479U, - 2450970073U, 2306472731U -} ; - - -const word32 Blowfish::s_init_[4*256] = { - 3509652390U, 2564797868U, 805139163U, 3491422135U, - 3101798381U, 1780907670U, 3128725573U, 4046225305U, - 614570311U, 3012652279U, 134345442U, 2240740374U, - 1667834072U, 1901547113U, 2757295779U, 4103290238U, - 227898511U, 1921955416U, 1904987480U, 2182433518U, - 2069144605U, 3260701109U, 2620446009U, 720527379U, - 3318853667U, 677414384U, 3393288472U, 3101374703U, - 2390351024U, 1614419982U, 1822297739U, 2954791486U, - 3608508353U, 3174124327U, 2024746970U, 1432378464U, - 3864339955U, 2857741204U, 1464375394U, 1676153920U, - 1439316330U, 715854006U, 3033291828U, 289532110U, - 2706671279U, 2087905683U, 3018724369U, 1668267050U, - 732546397U, 1947742710U, 3462151702U, 2609353502U, - 2950085171U, 1814351708U, 2050118529U, 680887927U, - 999245976U, 1800124847U, 3300911131U, 1713906067U, - 1641548236U, 4213287313U, 1216130144U, 1575780402U, - 4018429277U, 3917837745U, 3693486850U, 3949271944U, - 596196993U, 3549867205U, 258830323U, 2213823033U, - 772490370U, 2760122372U, 1774776394U, 2652871518U, - 566650946U, 4142492826U, 1728879713U, 2882767088U, - 1783734482U, 3629395816U, 2517608232U, 2874225571U, - 1861159788U, 326777828U, 3124490320U, 2130389656U, - 2716951837U, 967770486U, 1724537150U, 2185432712U, - 2364442137U, 1164943284U, 2105845187U, 998989502U, - 3765401048U, 2244026483U, 1075463327U, 1455516326U, - 1322494562U, 910128902U, 469688178U, 1117454909U, - 936433444U, 3490320968U, 3675253459U, 1240580251U, - 122909385U, 2157517691U, 634681816U, 4142456567U, - 3825094682U, 3061402683U, 2540495037U, 79693498U, - 3249098678U, 1084186820U, 1583128258U, 426386531U, - 1761308591U, 1047286709U, 322548459U, 995290223U, - 1845252383U, 2603652396U, 3431023940U, 2942221577U, - 3202600964U, 3727903485U, 1712269319U, 422464435U, - 3234572375U, 1170764815U, 3523960633U, 3117677531U, - 1434042557U, 442511882U, 3600875718U, 1076654713U, - 1738483198U, 4213154764U, 2393238008U, 3677496056U, - 1014306527U, 4251020053U, 793779912U, 2902807211U, - 842905082U, 4246964064U, 1395751752U, 1040244610U, - 2656851899U, 3396308128U, 445077038U, 3742853595U, - 3577915638U, 679411651U, 2892444358U, 2354009459U, - 1767581616U, 3150600392U, 3791627101U, 3102740896U, - 284835224U, 4246832056U, 1258075500U, 768725851U, - 2589189241U, 3069724005U, 3532540348U, 1274779536U, - 3789419226U, 2764799539U, 1660621633U, 3471099624U, - 4011903706U, 913787905U, 3497959166U, 737222580U, - 2514213453U, 2928710040U, 3937242737U, 1804850592U, - 3499020752U, 2949064160U, 2386320175U, 2390070455U, - 2415321851U, 4061277028U, 2290661394U, 2416832540U, - 1336762016U, 1754252060U, 3520065937U, 3014181293U, - 791618072U, 3188594551U, 3933548030U, 2332172193U, - 3852520463U, 3043980520U, 413987798U, 3465142937U, - 3030929376U, 4245938359U, 2093235073U, 3534596313U, - 375366246U, 2157278981U, 2479649556U, 555357303U, - 3870105701U, 2008414854U, 3344188149U, 4221384143U, - 3956125452U, 2067696032U, 3594591187U, 2921233993U, - 2428461U, 544322398U, 577241275U, 1471733935U, - 610547355U, 4027169054U, 1432588573U, 1507829418U, - 2025931657U, 3646575487U, 545086370U, 48609733U, - 2200306550U, 1653985193U, 298326376U, 1316178497U, - 3007786442U, 2064951626U, 458293330U, 2589141269U, - 3591329599U, 3164325604U, 727753846U, 2179363840U, - 146436021U, 1461446943U, 4069977195U, 705550613U, - 3059967265U, 3887724982U, 4281599278U, 3313849956U, - 1404054877U, 2845806497U, 146425753U, 1854211946U, - - 1266315497U, 3048417604U, 3681880366U, 3289982499U, - 2909710000U, 1235738493U, 2632868024U, 2414719590U, - 3970600049U, 1771706367U, 1449415276U, 3266420449U, - 422970021U, 1963543593U, 2690192192U, 3826793022U, - 1062508698U, 1531092325U, 1804592342U, 2583117782U, - 2714934279U, 4024971509U, 1294809318U, 4028980673U, - 1289560198U, 2221992742U, 1669523910U, 35572830U, - 157838143U, 1052438473U, 1016535060U, 1802137761U, - 1753167236U, 1386275462U, 3080475397U, 2857371447U, - 1040679964U, 2145300060U, 2390574316U, 1461121720U, - 2956646967U, 4031777805U, 4028374788U, 33600511U, - 2920084762U, 1018524850U, 629373528U, 3691585981U, - 3515945977U, 2091462646U, 2486323059U, 586499841U, - 988145025U, 935516892U, 3367335476U, 2599673255U, - 2839830854U, 265290510U, 3972581182U, 2759138881U, - 3795373465U, 1005194799U, 847297441U, 406762289U, - 1314163512U, 1332590856U, 1866599683U, 4127851711U, - 750260880U, 613907577U, 1450815602U, 3165620655U, - 3734664991U, 3650291728U, 3012275730U, 3704569646U, - 1427272223U, 778793252U, 1343938022U, 2676280711U, - 2052605720U, 1946737175U, 3164576444U, 3914038668U, - 3967478842U, 3682934266U, 1661551462U, 3294938066U, - 4011595847U, 840292616U, 3712170807U, 616741398U, - 312560963U, 711312465U, 1351876610U, 322626781U, - 1910503582U, 271666773U, 2175563734U, 1594956187U, - 70604529U, 3617834859U, 1007753275U, 1495573769U, - 4069517037U, 2549218298U, 2663038764U, 504708206U, - 2263041392U, 3941167025U, 2249088522U, 1514023603U, - 1998579484U, 1312622330U, 694541497U, 2582060303U, - 2151582166U, 1382467621U, 776784248U, 2618340202U, - 3323268794U, 2497899128U, 2784771155U, 503983604U, - 4076293799U, 907881277U, 423175695U, 432175456U, - 1378068232U, 4145222326U, 3954048622U, 3938656102U, - 3820766613U, 2793130115U, 2977904593U, 26017576U, - 3274890735U, 3194772133U, 1700274565U, 1756076034U, - 4006520079U, 3677328699U, 720338349U, 1533947780U, - 354530856U, 688349552U, 3973924725U, 1637815568U, - 332179504U, 3949051286U, 53804574U, 2852348879U, - 3044236432U, 1282449977U, 3583942155U, 3416972820U, - 4006381244U, 1617046695U, 2628476075U, 3002303598U, - 1686838959U, 431878346U, 2686675385U, 1700445008U, - 1080580658U, 1009431731U, 832498133U, 3223435511U, - 2605976345U, 2271191193U, 2516031870U, 1648197032U, - 4164389018U, 2548247927U, 300782431U, 375919233U, - 238389289U, 3353747414U, 2531188641U, 2019080857U, - 1475708069U, 455242339U, 2609103871U, 448939670U, - 3451063019U, 1395535956U, 2413381860U, 1841049896U, - 1491858159U, 885456874U, 4264095073U, 4001119347U, - 1565136089U, 3898914787U, 1108368660U, 540939232U, - 1173283510U, 2745871338U, 3681308437U, 4207628240U, - 3343053890U, 4016749493U, 1699691293U, 1103962373U, - 3625875870U, 2256883143U, 3830138730U, 1031889488U, - 3479347698U, 1535977030U, 4236805024U, 3251091107U, - 2132092099U, 1774941330U, 1199868427U, 1452454533U, - 157007616U, 2904115357U, 342012276U, 595725824U, - 1480756522U, 206960106U, 497939518U, 591360097U, - 863170706U, 2375253569U, 3596610801U, 1814182875U, - 2094937945U, 3421402208U, 1082520231U, 3463918190U, - 2785509508U, 435703966U, 3908032597U, 1641649973U, - 2842273706U, 3305899714U, 1510255612U, 2148256476U, - 2655287854U, 3276092548U, 4258621189U, 236887753U, - 3681803219U, 274041037U, 1734335097U, 3815195456U, - 3317970021U, 1899903192U, 1026095262U, 4050517792U, - 356393447U, 2410691914U, 3873677099U, 3682840055U, - - 3913112168U, 2491498743U, 4132185628U, 2489919796U, - 1091903735U, 1979897079U, 3170134830U, 3567386728U, - 3557303409U, 857797738U, 1136121015U, 1342202287U, - 507115054U, 2535736646U, 337727348U, 3213592640U, - 1301675037U, 2528481711U, 1895095763U, 1721773893U, - 3216771564U, 62756741U, 2142006736U, 835421444U, - 2531993523U, 1442658625U, 3659876326U, 2882144922U, - 676362277U, 1392781812U, 170690266U, 3921047035U, - 1759253602U, 3611846912U, 1745797284U, 664899054U, - 1329594018U, 3901205900U, 3045908486U, 2062866102U, - 2865634940U, 3543621612U, 3464012697U, 1080764994U, - 553557557U, 3656615353U, 3996768171U, 991055499U, - 499776247U, 1265440854U, 648242737U, 3940784050U, - 980351604U, 3713745714U, 1749149687U, 3396870395U, - 4211799374U, 3640570775U, 1161844396U, 3125318951U, - 1431517754U, 545492359U, 4268468663U, 3499529547U, - 1437099964U, 2702547544U, 3433638243U, 2581715763U, - 2787789398U, 1060185593U, 1593081372U, 2418618748U, - 4260947970U, 69676912U, 2159744348U, 86519011U, - 2512459080U, 3838209314U, 1220612927U, 3339683548U, - 133810670U, 1090789135U, 1078426020U, 1569222167U, - 845107691U, 3583754449U, 4072456591U, 1091646820U, - 628848692U, 1613405280U, 3757631651U, 526609435U, - 236106946U, 48312990U, 2942717905U, 3402727701U, - 1797494240U, 859738849U, 992217954U, 4005476642U, - 2243076622U, 3870952857U, 3732016268U, 765654824U, - 3490871365U, 2511836413U, 1685915746U, 3888969200U, - 1414112111U, 2273134842U, 3281911079U, 4080962846U, - 172450625U, 2569994100U, 980381355U, 4109958455U, - 2819808352U, 2716589560U, 2568741196U, 3681446669U, - 3329971472U, 1835478071U, 660984891U, 3704678404U, - 4045999559U, 3422617507U, 3040415634U, 1762651403U, - 1719377915U, 3470491036U, 2693910283U, 3642056355U, - 3138596744U, 1364962596U, 2073328063U, 1983633131U, - 926494387U, 3423689081U, 2150032023U, 4096667949U, - 1749200295U, 3328846651U, 309677260U, 2016342300U, - 1779581495U, 3079819751U, 111262694U, 1274766160U, - 443224088U, 298511866U, 1025883608U, 3806446537U, - 1145181785U, 168956806U, 3641502830U, 3584813610U, - 1689216846U, 3666258015U, 3200248200U, 1692713982U, - 2646376535U, 4042768518U, 1618508792U, 1610833997U, - 3523052358U, 4130873264U, 2001055236U, 3610705100U, - 2202168115U, 4028541809U, 2961195399U, 1006657119U, - 2006996926U, 3186142756U, 1430667929U, 3210227297U, - 1314452623U, 4074634658U, 4101304120U, 2273951170U, - 1399257539U, 3367210612U, 3027628629U, 1190975929U, - 2062231137U, 2333990788U, 2221543033U, 2438960610U, - 1181637006U, 548689776U, 2362791313U, 3372408396U, - 3104550113U, 3145860560U, 296247880U, 1970579870U, - 3078560182U, 3769228297U, 1714227617U, 3291629107U, - 3898220290U, 166772364U, 1251581989U, 493813264U, - 448347421U, 195405023U, 2709975567U, 677966185U, - 3703036547U, 1463355134U, 2715995803U, 1338867538U, - 1343315457U, 2802222074U, 2684532164U, 233230375U, - 2599980071U, 2000651841U, 3277868038U, 1638401717U, - 4028070440U, 3237316320U, 6314154U, 819756386U, - 300326615U, 590932579U, 1405279636U, 3267499572U, - 3150704214U, 2428286686U, 3959192993U, 3461946742U, - 1862657033U, 1266418056U, 963775037U, 2089974820U, - 2263052895U, 1917689273U, 448879540U, 3550394620U, - 3981727096U, 150775221U, 3627908307U, 1303187396U, - 508620638U, 2975983352U, 2726630617U, 1817252668U, - 1876281319U, 1457606340U, 908771278U, 3720792119U, - 3617206836U, 2455994898U, 1729034894U, 1080033504U, - - 976866871U, 3556439503U, 2881648439U, 1522871579U, - 1555064734U, 1336096578U, 3548522304U, 2579274686U, - 3574697629U, 3205460757U, 3593280638U, 3338716283U, - 3079412587U, 564236357U, 2993598910U, 1781952180U, - 1464380207U, 3163844217U, 3332601554U, 1699332808U, - 1393555694U, 1183702653U, 3581086237U, 1288719814U, - 691649499U, 2847557200U, 2895455976U, 3193889540U, - 2717570544U, 1781354906U, 1676643554U, 2592534050U, - 3230253752U, 1126444790U, 2770207658U, 2633158820U, - 2210423226U, 2615765581U, 2414155088U, 3127139286U, - 673620729U, 2805611233U, 1269405062U, 4015350505U, - 3341807571U, 4149409754U, 1057255273U, 2012875353U, - 2162469141U, 2276492801U, 2601117357U, 993977747U, - 3918593370U, 2654263191U, 753973209U, 36408145U, - 2530585658U, 25011837U, 3520020182U, 2088578344U, - 530523599U, 2918365339U, 1524020338U, 1518925132U, - 3760827505U, 3759777254U, 1202760957U, 3985898139U, - 3906192525U, 674977740U, 4174734889U, 2031300136U, - 2019492241U, 3983892565U, 4153806404U, 3822280332U, - 352677332U, 2297720250U, 60907813U, 90501309U, - 3286998549U, 1016092578U, 2535922412U, 2839152426U, - 457141659U, 509813237U, 4120667899U, 652014361U, - 1966332200U, 2975202805U, 55981186U, 2327461051U, - 676427537U, 3255491064U, 2882294119U, 3433927263U, - 1307055953U, 942726286U, 933058658U, 2468411793U, - 3933900994U, 4215176142U, 1361170020U, 2001714738U, - 2830558078U, 3274259782U, 1222529897U, 1679025792U, - 2729314320U, 3714953764U, 1770335741U, 151462246U, - 3013232138U, 1682292957U, 1483529935U, 471910574U, - 1539241949U, 458788160U, 3436315007U, 1807016891U, - 3718408830U, 978976581U, 1043663428U, 3165965781U, - 1927990952U, 4200891579U, 2372276910U, 3208408903U, - 3533431907U, 1412390302U, 2931980059U, 4132332400U, - 1947078029U, 3881505623U, 4168226417U, 2941484381U, - 1077988104U, 1320477388U, 886195818U, 18198404U, - 3786409000U, 2509781533U, 112762804U, 3463356488U, - 1866414978U, 891333506U, 18488651U, 661792760U, - 1628790961U, 3885187036U, 3141171499U, 876946877U, - 2693282273U, 1372485963U, 791857591U, 2686433993U, - 3759982718U, 3167212022U, 3472953795U, 2716379847U, - 445679433U, 3561995674U, 3504004811U, 3574258232U, - 54117162U, 3331405415U, 2381918588U, 3769707343U, - 4154350007U, 1140177722U, 4074052095U, 668550556U, - 3214352940U, 367459370U, 261225585U, 2610173221U, - 4209349473U, 3468074219U, 3265815641U, 314222801U, - 3066103646U, 3808782860U, 282218597U, 3406013506U, - 3773591054U, 379116347U, 1285071038U, 846784868U, - 2669647154U, 3771962079U, 3550491691U, 2305946142U, - 453669953U, 1268987020U, 3317592352U, 3279303384U, - 3744833421U, 2610507566U, 3859509063U, 266596637U, - 3847019092U, 517658769U, 3462560207U, 3443424879U, - 370717030U, 4247526661U, 2224018117U, 4143653529U, - 4112773975U, 2788324899U, 2477274417U, 1456262402U, - 2901442914U, 1517677493U, 1846949527U, 2295493580U, - 3734397586U, 2176403920U, 1280348187U, 1908823572U, - 3871786941U, 846861322U, 1172426758U, 3287448474U, - 3383383037U, 1655181056U, 3139813346U, 901632758U, - 1897031941U, 2986607138U, 3066810236U, 3447102507U, - 1393639104U, 373351379U, 950779232U, 625454576U, - 3124240540U, 4148612726U, 2007998917U, 544563296U, - 2244738638U, 2330496472U, 2058025392U, 1291430526U, - 424198748U, 50039436U, 29584100U, 3605783033U, - 2429876329U, 2791104160U, 1057563949U, 3255363231U, - 3075367218U, 3463963227U, 1469046755U, 985887462U -}; - - - - -} // namespace - diff --git a/extra/yassl/taocrypt/src/blowfish.cpp b/extra/yassl/taocrypt/src/blowfish.cpp deleted file mode 100644 index 45f6fb793f8..00000000000 --- a/extra/yassl/taocrypt/src/blowfish.cpp +++ /dev/null @@ -1,364 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* C++ code based on Wei Dai's blowfish.cpp from CryptoPP */ -/* x86 asm is original */ - - -#if defined(TAOCRYPT_KERNEL_MODE) - #define DO_TAOCRYPT_KERNEL_MODE -#endif // only some modules now support this - - -#include "runtime.hpp" -#include "blowfish.hpp" - - - - - -namespace TaoCrypt { - - -#if defined(DO_BLOWFISH_ASM) - -// ia32 optimized version -void Blowfish::Process(byte* out, const byte* in, word32 sz) -{ - if (!isMMX) { - Mode_BASE::Process(out, in, sz); - return; - } - - word32 blocks = sz / BLOCK_SIZE; - - if (mode_ == ECB) - while (blocks--) { - AsmProcess(in, out); - out += BLOCK_SIZE; - in += BLOCK_SIZE; - } - else if (mode_ == CBC) { - if (dir_ == ENCRYPTION) { - while (blocks--) { - r_[0] ^= *(word32*)in; - r_[1] ^= *(word32*)(in + 4); - - AsmProcess((byte*)r_, (byte*)r_); - - memcpy(out, r_, BLOCK_SIZE); - - out += BLOCK_SIZE; - in += BLOCK_SIZE; - } - } - else { - while (blocks--) { - AsmProcess(in, out); - - *(word32*)out ^= r_[0]; - *(word32*)(out + 4) ^= r_[1]; - - memcpy(r_, in, BLOCK_SIZE); - - out += BLOCK_SIZE; - in += BLOCK_SIZE; - } - } - } -} - -#endif // DO_BLOWFISH_ASM - - -void Blowfish::SetKey(const byte* key_string, word32 keylength, CipherDir dir) -{ - if (keylength < 4) - keylength = 4; - else if (keylength > 56) - keylength = 56; - - unsigned i, j=0, k; - word32 data, dspace[2] = {0, 0}; - - memcpy(pbox_, p_init_, sizeof(p_init_)); - memcpy(sbox_, s_init_, sizeof(s_init_)); - - // Xor key string into encryption key vector - for (i=0 ; i<ROUNDS+2 ; ++i) { - data = 0; - for (k=0 ; k<4 ; ++k ) - data = (data << 8) | key_string[j++ % keylength]; - pbox_[i] ^= data; - } - - crypt_block(dspace, pbox_); - - for (i=0; i<ROUNDS; i+=2) - crypt_block(pbox_ + i, pbox_ + i + 2); - - crypt_block(pbox_ + ROUNDS, sbox_); - - for (i=0; i < 4*256-2; i+=2) - crypt_block(sbox_ + i, sbox_ + i + 2); - - if (dir==DECRYPTION) - for (i=0; i<(ROUNDS+2)/2; i++) - STL::swap(pbox_[i], pbox_[ROUNDS+1-i]); -} - - -#define BFBYTE_0(x) ( x &0xFF) -#define BFBYTE_1(x) ((x>> 8)&0xFF) -#define BFBYTE_2(x) ((x>>16)&0xFF) -#define BFBYTE_3(x) ( x>>24) - - -#define BF_S(Put, Get, I) (\ - Put ^= p[I], \ - tmp = p[18 + BFBYTE_3(Get)], \ - tmp += p[274+ BFBYTE_2(Get)], \ - tmp ^= p[530+ BFBYTE_1(Get)], \ - tmp += p[786+ BFBYTE_0(Get)], \ - Put ^= tmp \ - ) - - -#define BF_ROUNDS \ - BF_S(right, left, 1); \ - BF_S(left, right, 2); \ - BF_S(right, left, 3); \ - BF_S(left, right, 4); \ - BF_S(right, left, 5); \ - BF_S(left, right, 6); \ - BF_S(right, left, 7); \ - BF_S(left, right, 8); \ - BF_S(right, left, 9); \ - BF_S(left, right, 10); \ - BF_S(right, left, 11); \ - BF_S(left, right, 12); \ - BF_S(right, left, 13); \ - BF_S(left, right, 14); \ - BF_S(right, left, 15); \ - BF_S(left, right, 16); - -#define BF_EXTRA_ROUNDS \ - BF_S(right, left, 17); \ - BF_S(left, right, 18); \ - BF_S(right, left, 19); \ - BF_S(left, right, 20); - - -// Used by key setup, no byte swapping -void Blowfish::crypt_block(const word32 in[2], word32 out[2]) const -{ - word32 left = in[0]; - word32 right = in[1]; - - const word32 *const s = sbox_; - const word32* p = pbox_; - - left ^= p[0]; - - // roll back up and use s and p index instead of just p - for (unsigned i = 0; i < ROUNDS / 2; i++) { - right ^= (((s[GETBYTE(left,3)] + s[256+GETBYTE(left,2)]) - ^ s[2*256+GETBYTE(left,1)]) + s[3*256+GETBYTE(left,0)]) - ^ p[2*i+1]; - - left ^= (((s[GETBYTE(right,3)] + s[256+GETBYTE(right,2)]) - ^ s[2*256+GETBYTE(right,1)]) + s[3*256+GETBYTE(right,0)]) - ^ p[2*i+2]; - } - - right ^= p[ROUNDS + 1]; - - out[0] = right; - out[1] = left; -} - - -typedef BlockGetAndPut<word32, BigEndian> gpBlock; - -void Blowfish::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out) - const -{ - word32 left, right; - const word32 *const s = sbox_; - const word32* p = pbox_; - - gpBlock::Get(in)(left)(right); - left ^= p[0]; - - // roll back up and use s and p index instead of just p - for (unsigned i = 0; i < ROUNDS / 2; i++) { - right ^= (((s[GETBYTE(left,3)] + s[256+GETBYTE(left,2)]) - ^ s[2*256+GETBYTE(left,1)]) + s[3*256+GETBYTE(left,0)]) - ^ p[2*i+1]; - - left ^= (((s[GETBYTE(right,3)] + s[256+GETBYTE(right,2)]) - ^ s[2*256+GETBYTE(right,1)]) + s[3*256+GETBYTE(right,0)]) - ^ p[2*i+2]; - } - - right ^= p[ROUNDS + 1]; - - gpBlock::Put(xOr, out)(right)(left); -} - - -#if defined(DO_BLOWFISH_ASM) - #ifdef __GNUC__ - #define AS1(x) #x ";" - #define AS2(x, y) #x ", " #y ";" - - #define PROLOG() \ - __asm__ __volatile__ \ - ( \ - ".intel_syntax noprefix;" \ - "push ebx;" \ - "push ebp;" \ - "movd mm3, eax;" - #define EPILOG() \ - "pop ebp;" \ - "pop ebx;" \ - "emms;" \ - ".att_syntax;" \ - : \ - : "c" (this), "S" (inBlock), "a" (outBlock) \ - : "%edi", "%edx", "memory", "cc" \ - ); - - #else - #define AS1(x) __asm x - #define AS2(x, y) __asm x, y - - #define PROLOG() \ - AS1( push ebp ) \ - AS2( mov ebp, esp ) \ - AS2( movd mm3, edi ) \ - AS2( movd mm4, ebx ) \ - AS2( movd mm5, esi ) \ - AS2( mov esi, DWORD PTR [ebp + 8] ) - - #define EPILOG() \ - AS2( movd esi, mm5 ) \ - AS2( movd ebx, mm4 ) \ - AS2( movd edi, mm3 ) \ - AS2( mov esp, ebp ) \ - AS1( pop ebp ) \ - AS1( emms ) \ - AS1( ret 8 ) - - #endif - - -#define BF_ROUND(P, G, I) \ - /* Put ^= p[I] */ \ - AS2( xor P, [edi + I*4] ) \ - /* tmp = p[18 + BFBYTE_3(Get)] */ \ - AS2( mov ecx, G ) \ - AS2( shr ecx, 16 ) \ - AS2( movzx edx, ch ) \ - AS2( mov esi, [edi + edx*4 + 72] ) \ - /* tmp += p[274+ BFBYTE_2(Get)] */ \ - AS2( movzx ecx, cl ) \ - AS2( add esi, [edi + ecx*4 + 1096] ) \ - /* tmp ^= p[530+ BFBYTE_1(Get)] */ \ - AS2( mov ecx, G ) \ - AS2( movzx edx, ch ) \ - AS2( xor esi, [edi + edx*4 + 2120] ) \ - /* tmp += p[786+ BFBYTE_0(Get)] */ \ - AS2( movzx ecx, cl ) \ - AS2( add esi, [edi + ecx*4 + 3144] ) \ - /* Put ^= tmp */ \ - AS2( xor P, esi ) - - -#ifdef _MSC_VER - __declspec(naked) -#else - __attribute__ ((noinline)) -#endif -void Blowfish::AsmProcess(const byte* inBlock, byte* outBlock) const -{ - PROLOG() - - #ifdef OLD_GCC_OFFSET - AS2( lea edi, [ecx + 60] ) // pbox - #else - AS2( lea edi, [ecx + 56] ) // pbox - #endif - - AS2( mov eax, DWORD PTR [esi] ) - AS2( mov edx, DWORD PTR [edi] ) - AS1( bswap eax ) - - AS2( mov ebx, DWORD PTR [esi + 4] ) - AS2( xor eax, edx ) // left - AS1( bswap ebx ) // right - - - BF_ROUND(ebx, eax, 1) - BF_ROUND(eax, ebx, 2) - BF_ROUND(ebx, eax, 3) - BF_ROUND(eax, ebx, 4) - BF_ROUND(ebx, eax, 5) - BF_ROUND(eax, ebx, 6) - BF_ROUND(ebx, eax, 7) - BF_ROUND(eax, ebx, 8) - BF_ROUND(ebx, eax, 9) - BF_ROUND(eax, ebx, 10) - BF_ROUND(ebx, eax, 11) - BF_ROUND(eax, ebx, 12) - BF_ROUND(ebx, eax, 13) - BF_ROUND(eax, ebx, 14) - BF_ROUND(ebx, eax, 15) - BF_ROUND(eax, ebx, 16) - #if ROUNDS == 20 - BF_ROUND(ebx, eax, 17) - BF_ROUND(eax, ebx, 18) - BF_ROUND(ebx, eax, 19) - BF_ROUND(eax, ebx, 20) - - AS2( xor ebx, [edi + 84] ) // 20 + 1 (x4) - #else - AS2( xor ebx, [edi + 68] ) // 16 + 1 (x4) - #endif - - #ifdef __GNUC__ - AS2( movd edi, mm3 ) // outBlock - #else - AS2( mov edi, [ebp + 12] ) // outBlock - #endif - - AS1( bswap ebx ) - AS1( bswap eax ) - - AS2( mov [edi] , ebx ) - AS2( mov [edi + 4], eax ) - - EPILOG() -} - - -#endif // DO_BLOWFISH_ASM - - -} // namespace - diff --git a/extra/yassl/taocrypt/src/coding.cpp b/extra/yassl/taocrypt/src/coding.cpp deleted file mode 100644 index 85d657c352d..00000000000 --- a/extra/yassl/taocrypt/src/coding.cpp +++ /dev/null @@ -1,266 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* coding.cpp implements hex and base64 encoding/decoing -*/ - -#include "runtime.hpp" -#include "coding.hpp" -#include "file.hpp" - - -namespace TaoCrypt { - - -namespace { // locals - -const byte bad = 0xFF; // invalid encoding - -const byte hexEncode[] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', - 'A', 'B', 'C', 'D', 'E', 'F' - }; - -const byte hexDecode[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, - bad, bad, bad, bad, bad, bad, bad, - 10, 11, 12, 13, 14, 15 - }; // A starts at 0x41 not 0x3A - - -const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', - 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', - 'U', 'V', 'W', 'X', 'Y', 'Z', - 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', - 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', - 'u', 'v', 'w', 'x', 'y', 'z', - '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', - '+', '/' - }; - -const byte base64Decode[] = { 62, bad, bad, bad, 63, // + starts at 0x2B - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, - bad, bad, bad, bad, bad, bad, bad, - 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, - 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, - 20, 21, 22, 23, 24, 25, - bad, bad, bad, bad, bad, bad, - 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, - 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, - 46, 47, 48, 49, 50, 51 - }; - -const byte pad = '='; -const int pemLineSz = 64; - -} // local namespace - - -// Hex Encode -void HexEncoder::Encode() -{ - word32 bytes = plain_.size(); - encoded_.New(bytes * 2); - - word32 i = 0; - - while (bytes--) { - byte p = plain_.next(); - - byte b = p >> 4; - byte b2 = p & 0xF; - - encoded_[i++] = hexEncode[b]; - encoded_[i++] = hexEncode[b2]; - } - - plain_.reset(encoded_); -} - - -// Hex Decode -void HexDecoder::Decode() -{ - word32 bytes = coded_.size(); - decoded_.New(bytes / 2); - - word32 i(0); - - while (bytes) { - byte b = coded_.next() - 0x30; // 0 starts at 0x30 - byte b2 = coded_.next() - 0x30; - - // sanity checks - if (b >= sizeof(hexDecode)/sizeof(hexDecode[0])) { - coded_.SetError(PEM_E); - return; - } - if (b2 >= sizeof(hexDecode)/sizeof(hexDecode[0])) { - coded_.SetError(PEM_E); - return; - } - - b = hexDecode[b]; - b2 = hexDecode[b2]; - - decoded_[i++] = (b << 4) | b2; - bytes -= 2; - } - - coded_.reset(decoded_); -} - - -// Base 64 Encode -void Base64Encoder::Encode() -{ - word32 bytes = plain_.size(); - word32 outSz = (bytes + 3 - 1) / 3 * 4; - - outSz += (outSz + pemLineSz - 1) / pemLineSz; // new lines - encoded_.New(outSz); - - word32 i = 0; - word32 j = 0; - - while (bytes > 2) { - byte b1 = plain_.next(); - byte b2 = plain_.next(); - byte b3 = plain_.next(); - - // encoded idx - byte e1 = b1 >> 2; - byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4); - byte e3 = ((b2 & 0xF) << 2) | (b3 >> 6); - byte e4 = b3 & 0x3F; - - // store - encoded_[i++] = base64Encode[e1]; - encoded_[i++] = base64Encode[e2]; - encoded_[i++] = base64Encode[e3]; - encoded_[i++] = base64Encode[e4]; - - bytes -= 3; - - if ((++j % 16) == 0 && bytes) - encoded_[i++] = '\n'; - } - - // last integral - if (bytes) { - bool twoBytes = (bytes == 2); - - byte b1 = plain_.next(); - byte b2 = (twoBytes) ? plain_.next() : 0; - - byte e1 = b1 >> 2; - byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4); - byte e3 = (b2 & 0xF) << 2; - - encoded_[i++] = base64Encode[e1]; - encoded_[i++] = base64Encode[e2]; - encoded_[i++] = (twoBytes) ? base64Encode[e3] : pad; - encoded_[i++] = pad; - } - - encoded_[i++] = '\n'; - - if (i == outSz) - plain_.reset(encoded_); -} - - -// Base 64 Decode -void Base64Decoder::Decode() -{ - word32 bytes = coded_.size(); - word32 plainSz = bytes - ((bytes + (pemLineSz - 1)) / pemLineSz); - const byte maxIdx = (byte)sizeof(base64Decode) + 0x2B - 1; - plainSz = ((plainSz * 3) / 4) + 3; - decoded_.New(plainSz); - - word32 i = 0; - word32 j = 0; - - while (bytes > 3) { - byte e1 = coded_.next(); - byte e2 = coded_.next(); - byte e3 = coded_.next(); - byte e4 = coded_.next(); - - if (e1 == 0) // end file 0's - break; - - bool pad3 = false; - bool pad4 = false; - if (e3 == pad) - pad3 = true; - if (e4 == pad) - pad4 = true; - - if (e1 < 0x2B || e2 < 0x2B || e3 < 0x2B || e4 < 0x2B) { - coded_.SetError(PEM_E); - return; - } - - if (e1 > maxIdx || e2 > maxIdx || e3 > maxIdx || e4 > maxIdx) { - coded_.SetError(PEM_E); - return; - } - - e1 = base64Decode[e1 - 0x2B]; - e2 = base64Decode[e2 - 0x2B]; - e3 = (e3 == pad) ? 0 : base64Decode[e3 - 0x2B]; - e4 = (e4 == pad) ? 0 : base64Decode[e4 - 0x2B]; - - byte b1 = (e1 << 2) | (e2 >> 4); - byte b2 = ((e2 & 0xF) << 4) | (e3 >> 2); - byte b3 = ((e3 & 0x3) << 6) | e4; - - decoded_[i++] = b1; - if (!pad3) - decoded_[i++] = b2; - if (!pad4) - decoded_[i++] = b3; - else - break; - - bytes -= 4; - if ((++j % 16) == 0) { - byte endLine = coded_.next(); - bytes--; - while (endLine == ' ') { // remove possible whitespace - endLine = coded_.next(); - bytes--; - } - if (endLine == '\r') { - endLine = coded_.next(); - bytes--; - } - if (endLine != '\n') { - coded_.SetError(PEM_E); - return; - } - } - } - - if (i != decoded_.size()) - decoded_.resize(i); - coded_.reset(decoded_); -} - - -} // namespace diff --git a/extra/yassl/taocrypt/src/des.cpp b/extra/yassl/taocrypt/src/des.cpp deleted file mode 100644 index 5b6fd9aa05b..00000000000 --- a/extra/yassl/taocrypt/src/des.cpp +++ /dev/null @@ -1,778 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* C++ part based on Wei Dai's des.cpp from CryptoPP */ -/* x86 asm is original */ - - -#if defined(TAOCRYPT_KERNEL_MODE) - #define DO_TAOCRYPT_KERNEL_MODE -#endif // only some modules now support this - - -#include "runtime.hpp" -#include "des.hpp" -#ifdef USE_SYS_STL - #include <algorithm> -#else - #include "algorithm.hpp" -#endif - - -namespace STL = STL_NAMESPACE; - - - -namespace TaoCrypt { - - -/* permuted choice table (key) */ -static const byte pc1[] = { - 57, 49, 41, 33, 25, 17, 9, - 1, 58, 50, 42, 34, 26, 18, - 10, 2, 59, 51, 43, 35, 27, - 19, 11, 3, 60, 52, 44, 36, - - 63, 55, 47, 39, 31, 23, 15, - 7, 62, 54, 46, 38, 30, 22, - 14, 6, 61, 53, 45, 37, 29, - 21, 13, 5, 28, 20, 12, 4 -}; - -/* number left rotations of pc1 */ -static const byte totrot[] = { - 1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28 -}; - -/* permuted choice key (table) */ -static const byte pc2[] = { - 14, 17, 11, 24, 1, 5, - 3, 28, 15, 6, 21, 10, - 23, 19, 12, 4, 26, 8, - 16, 7, 27, 20, 13, 2, - 41, 52, 31, 37, 47, 55, - 30, 40, 51, 45, 33, 48, - 44, 49, 39, 56, 34, 53, - 46, 42, 50, 36, 29, 32 -}; - -/* End of DES-defined tables */ - -/* bit 0 is left-most in byte */ -static const int bytebit[] = { - 0200,0100,040,020,010,04,02,01 -}; - -const word32 Spbox[8][64] = { -{ -0x01010400,0x00000000,0x00010000,0x01010404, -0x01010004,0x00010404,0x00000004,0x00010000, -0x00000400,0x01010400,0x01010404,0x00000400, -0x01000404,0x01010004,0x01000000,0x00000004, -0x00000404,0x01000400,0x01000400,0x00010400, -0x00010400,0x01010000,0x01010000,0x01000404, -0x00010004,0x01000004,0x01000004,0x00010004, -0x00000000,0x00000404,0x00010404,0x01000000, -0x00010000,0x01010404,0x00000004,0x01010000, -0x01010400,0x01000000,0x01000000,0x00000400, -0x01010004,0x00010000,0x00010400,0x01000004, -0x00000400,0x00000004,0x01000404,0x00010404, -0x01010404,0x00010004,0x01010000,0x01000404, -0x01000004,0x00000404,0x00010404,0x01010400, -0x00000404,0x01000400,0x01000400,0x00000000, -0x00010004,0x00010400,0x00000000,0x01010004}, -{ -0x80108020,0x80008000,0x00008000,0x00108020, -0x00100000,0x00000020,0x80100020,0x80008020, -0x80000020,0x80108020,0x80108000,0x80000000, -0x80008000,0x00100000,0x00000020,0x80100020, -0x00108000,0x00100020,0x80008020,0x00000000, -0x80000000,0x00008000,0x00108020,0x80100000, -0x00100020,0x80000020,0x00000000,0x00108000, -0x00008020,0x80108000,0x80100000,0x00008020, -0x00000000,0x00108020,0x80100020,0x00100000, -0x80008020,0x80100000,0x80108000,0x00008000, -0x80100000,0x80008000,0x00000020,0x80108020, -0x00108020,0x00000020,0x00008000,0x80000000, -0x00008020,0x80108000,0x00100000,0x80000020, -0x00100020,0x80008020,0x80000020,0x00100020, -0x00108000,0x00000000,0x80008000,0x00008020, -0x80000000,0x80100020,0x80108020,0x00108000}, -{ -0x00000208,0x08020200,0x00000000,0x08020008, -0x08000200,0x00000000,0x00020208,0x08000200, -0x00020008,0x08000008,0x08000008,0x00020000, -0x08020208,0x00020008,0x08020000,0x00000208, -0x08000000,0x00000008,0x08020200,0x00000200, -0x00020200,0x08020000,0x08020008,0x00020208, -0x08000208,0x00020200,0x00020000,0x08000208, -0x00000008,0x08020208,0x00000200,0x08000000, -0x08020200,0x08000000,0x00020008,0x00000208, -0x00020000,0x08020200,0x08000200,0x00000000, -0x00000200,0x00020008,0x08020208,0x08000200, -0x08000008,0x00000200,0x00000000,0x08020008, -0x08000208,0x00020000,0x08000000,0x08020208, -0x00000008,0x00020208,0x00020200,0x08000008, -0x08020000,0x08000208,0x00000208,0x08020000, -0x00020208,0x00000008,0x08020008,0x00020200}, -{ -0x00802001,0x00002081,0x00002081,0x00000080, -0x00802080,0x00800081,0x00800001,0x00002001, -0x00000000,0x00802000,0x00802000,0x00802081, -0x00000081,0x00000000,0x00800080,0x00800001, -0x00000001,0x00002000,0x00800000,0x00802001, -0x00000080,0x00800000,0x00002001,0x00002080, -0x00800081,0x00000001,0x00002080,0x00800080, -0x00002000,0x00802080,0x00802081,0x00000081, -0x00800080,0x00800001,0x00802000,0x00802081, -0x00000081,0x00000000,0x00000000,0x00802000, -0x00002080,0x00800080,0x00800081,0x00000001, -0x00802001,0x00002081,0x00002081,0x00000080, -0x00802081,0x00000081,0x00000001,0x00002000, -0x00800001,0x00002001,0x00802080,0x00800081, -0x00002001,0x00002080,0x00800000,0x00802001, -0x00000080,0x00800000,0x00002000,0x00802080}, -{ -0x00000100,0x02080100,0x02080000,0x42000100, -0x00080000,0x00000100,0x40000000,0x02080000, -0x40080100,0x00080000,0x02000100,0x40080100, -0x42000100,0x42080000,0x00080100,0x40000000, -0x02000000,0x40080000,0x40080000,0x00000000, -0x40000100,0x42080100,0x42080100,0x02000100, -0x42080000,0x40000100,0x00000000,0x42000000, -0x02080100,0x02000000,0x42000000,0x00080100, -0x00080000,0x42000100,0x00000100,0x02000000, -0x40000000,0x02080000,0x42000100,0x40080100, -0x02000100,0x40000000,0x42080000,0x02080100, -0x40080100,0x00000100,0x02000000,0x42080000, -0x42080100,0x00080100,0x42000000,0x42080100, -0x02080000,0x00000000,0x40080000,0x42000000, -0x00080100,0x02000100,0x40000100,0x00080000, -0x00000000,0x40080000,0x02080100,0x40000100}, -{ -0x20000010,0x20400000,0x00004000,0x20404010, -0x20400000,0x00000010,0x20404010,0x00400000, -0x20004000,0x00404010,0x00400000,0x20000010, -0x00400010,0x20004000,0x20000000,0x00004010, -0x00000000,0x00400010,0x20004010,0x00004000, -0x00404000,0x20004010,0x00000010,0x20400010, -0x20400010,0x00000000,0x00404010,0x20404000, -0x00004010,0x00404000,0x20404000,0x20000000, -0x20004000,0x00000010,0x20400010,0x00404000, -0x20404010,0x00400000,0x00004010,0x20000010, -0x00400000,0x20004000,0x20000000,0x00004010, -0x20000010,0x20404010,0x00404000,0x20400000, -0x00404010,0x20404000,0x00000000,0x20400010, -0x00000010,0x00004000,0x20400000,0x00404010, -0x00004000,0x00400010,0x20004010,0x00000000, -0x20404000,0x20000000,0x00400010,0x20004010}, -{ -0x00200000,0x04200002,0x04000802,0x00000000, -0x00000800,0x04000802,0x00200802,0x04200800, -0x04200802,0x00200000,0x00000000,0x04000002, -0x00000002,0x04000000,0x04200002,0x00000802, -0x04000800,0x00200802,0x00200002,0x04000800, -0x04000002,0x04200000,0x04200800,0x00200002, -0x04200000,0x00000800,0x00000802,0x04200802, -0x00200800,0x00000002,0x04000000,0x00200800, -0x04000000,0x00200800,0x00200000,0x04000802, -0x04000802,0x04200002,0x04200002,0x00000002, -0x00200002,0x04000000,0x04000800,0x00200000, -0x04200800,0x00000802,0x00200802,0x04200800, -0x00000802,0x04000002,0x04200802,0x04200000, -0x00200800,0x00000000,0x00000002,0x04200802, -0x00000000,0x00200802,0x04200000,0x00000800, -0x04000002,0x04000800,0x00000800,0x00200002}, -{ -0x10001040,0x00001000,0x00040000,0x10041040, -0x10000000,0x10001040,0x00000040,0x10000000, -0x00040040,0x10040000,0x10041040,0x00041000, -0x10041000,0x00041040,0x00001000,0x00000040, -0x10040000,0x10000040,0x10001000,0x00001040, -0x00041000,0x00040040,0x10040040,0x10041000, -0x00001040,0x00000000,0x00000000,0x10040040, -0x10000040,0x10001000,0x00041040,0x00040000, -0x00041040,0x00040000,0x10041000,0x00001000, -0x00000040,0x10040040,0x00001000,0x00041040, -0x10001000,0x00000040,0x10000040,0x10040000, -0x10040040,0x10000000,0x00040000,0x10001040, -0x00000000,0x10041040,0x00040040,0x10000040, -0x10040000,0x10001000,0x10001040,0x00000000, -0x10041040,0x00041000,0x00041000,0x00001040, -0x00001040,0x00040040,0x10000000,0x10041000} -}; - - -void BasicDES::SetKey(const byte* key, word32 /*length*/, CipherDir dir) -{ - byte buffer[56+56+8]; - byte *const pc1m = buffer; /* place to modify pc1 into */ - byte *const pcr = pc1m + 56; /* place to rotate pc1 into */ - byte *const ks = pcr + 56; - register int i,j,l; - int m; - - for (j = 0; j < 56; j++) { /* convert pc1 to bits of key */ - l = pc1[j] - 1; /* integer bit location */ - m = l & 07; /* find bit */ - pc1m[j] = (key[l >> 3] & /* find which key byte l is in */ - bytebit[m]) /* and which bit of that byte */ - ? 1 : 0; /* and store 1-bit result */ - } - for (i = 0; i < 16; i++) { /* key chunk for each iteration */ - memset(ks, 0, 8); /* Clear key schedule */ - for (j = 0; j < 56; j++) /* rotate pc1 the right amount */ - pcr[j] = pc1m[(l = j + totrot[i]) < (j < 28 ? 28 : 56) ? l: l-28]; - /* rotate left and right halves independently */ - for (j = 0; j < 48; j++){ /* select bits individually */ - /* check bit that goes to ks[j] */ - if (pcr[pc2[j] - 1]){ - /* mask it in if it's there */ - l= j % 6; - ks[j/6] |= bytebit[l] >> 2; - } - } - /* Now convert to odd/even interleaved form for use in F */ - k_[2*i] = ((word32)ks[0] << 24) - | ((word32)ks[2] << 16) - | ((word32)ks[4] << 8) - | ((word32)ks[6]); - k_[2*i + 1] = ((word32)ks[1] << 24) - | ((word32)ks[3] << 16) - | ((word32)ks[5] << 8) - | ((word32)ks[7]); - } - - // reverse key schedule order - if (dir == DECRYPTION) - for (i = 0; i < 16; i += 2) { - STL::swap(k_[i], k_[32 - 2 - i]); - STL::swap(k_[i+1], k_[32 - 1 - i]); - } - -} - -static inline void IPERM(word32& left, word32& right) -{ - word32 work; - - right = rotlFixed(right, 4U); - work = (left ^ right) & 0xf0f0f0f0; - left ^= work; - - right = rotrFixed(right^work, 20U); - work = (left ^ right) & 0xffff0000; - left ^= work; - - right = rotrFixed(right^work, 18U); - work = (left ^ right) & 0x33333333; - left ^= work; - - right = rotrFixed(right^work, 6U); - work = (left ^ right) & 0x00ff00ff; - left ^= work; - - right = rotlFixed(right^work, 9U); - work = (left ^ right) & 0xaaaaaaaa; - left = rotlFixed(left^work, 1U); - right ^= work; -} - -static inline void FPERM(word32& left, word32& right) -{ - word32 work; - - right = rotrFixed(right, 1U); - work = (left ^ right) & 0xaaaaaaaa; - right ^= work; - left = rotrFixed(left^work, 9U); - work = (left ^ right) & 0x00ff00ff; - right ^= work; - left = rotlFixed(left^work, 6U); - work = (left ^ right) & 0x33333333; - right ^= work; - left = rotlFixed(left^work, 18U); - work = (left ^ right) & 0xffff0000; - right ^= work; - left = rotlFixed(left^work, 20U); - work = (left ^ right) & 0xf0f0f0f0; - right ^= work; - left = rotrFixed(left^work, 4U); -} - - -void BasicDES::RawProcessBlock(word32& lIn, word32& rIn) const -{ - word32 l = lIn, r = rIn; - const word32* kptr = k_; - - for (unsigned i=0; i<8; i++) - { - word32 work = rotrFixed(r, 4U) ^ kptr[4*i+0]; - l ^= Spbox[6][(work) & 0x3f] - ^ Spbox[4][(work >> 8) & 0x3f] - ^ Spbox[2][(work >> 16) & 0x3f] - ^ Spbox[0][(work >> 24) & 0x3f]; - work = r ^ kptr[4*i+1]; - l ^= Spbox[7][(work) & 0x3f] - ^ Spbox[5][(work >> 8) & 0x3f] - ^ Spbox[3][(work >> 16) & 0x3f] - ^ Spbox[1][(work >> 24) & 0x3f]; - - work = rotrFixed(l, 4U) ^ kptr[4*i+2]; - r ^= Spbox[6][(work) & 0x3f] - ^ Spbox[4][(work >> 8) & 0x3f] - ^ Spbox[2][(work >> 16) & 0x3f] - ^ Spbox[0][(work >> 24) & 0x3f]; - work = l ^ kptr[4*i+3]; - r ^= Spbox[7][(work) & 0x3f] - ^ Spbox[5][(work >> 8) & 0x3f] - ^ Spbox[3][(work >> 16) & 0x3f] - ^ Spbox[1][(work >> 24) & 0x3f]; - } - - lIn = l; rIn = r; -} - - - -typedef BlockGetAndPut<word32, BigEndian> Block; - - -void DES::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out) const -{ - word32 l,r; - Block::Get(in)(l)(r); - IPERM(l,r); - - RawProcessBlock(l, r); - - FPERM(l,r); - Block::Put(xOr, out)(r)(l); -} - - -void DES_EDE2::SetKey(const byte* key, word32 sz, CipherDir dir) -{ - des1_.SetKey(key, sz, dir); - des2_.SetKey(key + 8, sz, ReverseDir(dir)); -} - - -void DES_EDE2::ProcessAndXorBlock(const byte* in, const byte* xOr, - byte* out) const -{ - word32 l,r; - Block::Get(in)(l)(r); - IPERM(l,r); - - des1_.RawProcessBlock(l, r); - des2_.RawProcessBlock(r, l); - des1_.RawProcessBlock(l, r); - - FPERM(l,r); - Block::Put(xOr, out)(r)(l); -} - - -void DES_EDE3::SetKey(const byte* key, word32 sz, CipherDir dir) -{ - des1_.SetKey(key+(dir==ENCRYPTION?0:2*8), sz, dir); - des2_.SetKey(key+8, sz, ReverseDir(dir)); - des3_.SetKey(key+(dir==DECRYPTION?0:2*8), sz, dir); -} - - - -#if defined(DO_DES_ASM) - -// ia32 optimized version -void DES_EDE3::Process(byte* out, const byte* in, word32 sz) -{ - if (!isMMX) { - Mode_BASE::Process(out, in, sz); - return; - } - - word32 blocks = sz / DES_BLOCK_SIZE; - - if (mode_ == CBC) - if (dir_ == ENCRYPTION) - while (blocks--) { - r_[0] ^= *(word32*)in; - r_[1] ^= *(word32*)(in + 4); - - AsmProcess((byte*)r_, (byte*)r_, (void*)Spbox); - - memcpy(out, r_, DES_BLOCK_SIZE); - - in += DES_BLOCK_SIZE; - out += DES_BLOCK_SIZE; - } - else - while (blocks--) { - AsmProcess(in, out, (void*)Spbox); - - *(word32*)out ^= r_[0]; - *(word32*)(out + 4) ^= r_[1]; - - memcpy(r_, in, DES_BLOCK_SIZE); - - out += DES_BLOCK_SIZE; - in += DES_BLOCK_SIZE; - } - else - while (blocks--) { - AsmProcess(in, out, (void*)Spbox); - - out += DES_BLOCK_SIZE; - in += DES_BLOCK_SIZE; - } -} - -#endif // DO_DES_ASM - - -void DES_EDE3::ProcessAndXorBlock(const byte* in, const byte* xOr, - byte* out) const -{ - word32 l,r; - Block::Get(in)(l)(r); - IPERM(l,r); - - des1_.RawProcessBlock(l, r); - des2_.RawProcessBlock(r, l); - des3_.RawProcessBlock(l, r); - - FPERM(l,r); - Block::Put(xOr, out)(r)(l); -} - - -#if defined(DO_DES_ASM) - -/* Uses IPERM algorithm from above - - left is in eax - right is in ebx - - uses ecx -*/ -#define AsmIPERM() \ - AS2( rol ebx, 4 ) \ - AS2( mov ecx, eax ) \ - AS2( xor ecx, ebx ) \ - AS2( and ecx, 0xf0f0f0f0 ) \ - AS2( xor ebx, ecx ) \ - AS2( xor eax, ecx ) \ - AS2( ror ebx, 20 ) \ - AS2( mov ecx, eax ) \ - AS2( xor ecx, ebx ) \ - AS2( and ecx, 0xffff0000 ) \ - AS2( xor ebx, ecx ) \ - AS2( xor eax, ecx ) \ - AS2( ror ebx, 18 ) \ - AS2( mov ecx, eax ) \ - AS2( xor ecx, ebx ) \ - AS2( and ecx, 0x33333333 ) \ - AS2( xor ebx, ecx ) \ - AS2( xor eax, ecx ) \ - AS2( ror ebx, 6 ) \ - AS2( mov ecx, eax ) \ - AS2( xor ecx, ebx ) \ - AS2( and ecx, 0x00ff00ff ) \ - AS2( xor ebx, ecx ) \ - AS2( xor eax, ecx ) \ - AS2( rol ebx, 9 ) \ - AS2( mov ecx, eax ) \ - AS2( xor ecx, ebx ) \ - AS2( and ecx, 0xaaaaaaaa ) \ - AS2( xor eax, ecx ) \ - AS2( rol eax, 1 ) \ - AS2( xor ebx, ecx ) - - -/* Uses FPERM algorithm from above - - left is in eax - right is in ebx - - uses ecx -*/ -#define AsmFPERM() \ - AS2( ror ebx, 1 ) \ - AS2( mov ecx, eax ) \ - AS2( xor ecx, ebx ) \ - AS2( and ecx, 0xaaaaaaaa ) \ - AS2( xor eax, ecx ) \ - AS2( xor ebx, ecx ) \ - AS2( ror eax, 9 ) \ - AS2( mov ecx, ebx ) \ - AS2( xor ecx, eax ) \ - AS2( and ecx, 0x00ff00ff ) \ - AS2( xor eax, ecx ) \ - AS2( xor ebx, ecx ) \ - AS2( rol eax, 6 ) \ - AS2( mov ecx, ebx ) \ - AS2( xor ecx, eax ) \ - AS2( and ecx, 0x33333333 ) \ - AS2( xor eax, ecx ) \ - AS2( xor ebx, ecx ) \ - AS2( rol eax, 18 ) \ - AS2( mov ecx, ebx ) \ - AS2( xor ecx, eax ) \ - AS2( and ecx, 0xffff0000 ) \ - AS2( xor eax, ecx ) \ - AS2( xor ebx, ecx ) \ - AS2( rol eax, 20 ) \ - AS2( mov ecx, ebx ) \ - AS2( xor ecx, eax ) \ - AS2( and ecx, 0xf0f0f0f0 ) \ - AS2( xor eax, ecx ) \ - AS2( xor ebx, ecx ) \ - AS2( ror eax, 4 ) - - - - -/* DesRound implements this algorithm: - - word32 work = rotrFixed(r, 4U) ^ key[0]; - l ^= Spbox[6][(work) & 0x3f] - ^ Spbox[4][(work >> 8) & 0x3f] - ^ Spbox[2][(work >> 16) & 0x3f] - ^ Spbox[0][(work >> 24) & 0x3f]; - work = r ^ key[1]; - l ^= Spbox[7][(work) & 0x3f] - ^ Spbox[5][(work >> 8) & 0x3f] - ^ Spbox[3][(work >> 16) & 0x3f] - ^ Spbox[1][(work >> 24) & 0x3f]; - - work = rotrFixed(l, 4U) ^ key[2]; - r ^= Spbox[6][(work) & 0x3f] - ^ Spbox[4][(work >> 8) & 0x3f] - ^ Spbox[2][(work >> 16) & 0x3f] - ^ Spbox[0][(work >> 24) & 0x3f]; - work = l ^ key[3]; - r ^= Spbox[7][(work) & 0x3f] - ^ Spbox[5][(work >> 8) & 0x3f] - ^ Spbox[3][(work >> 16) & 0x3f] - ^ Spbox[1][(work >> 24) & 0x3f]; - - left is in aex - right is in ebx - key is in edx - - edvances key for next round - - uses ecx, esi, and edi -*/ -#define DesRound() \ - AS2( mov ecx, ebx )\ - AS2( mov esi, DWORD PTR [edx] )\ - AS2( ror ecx, 4 )\ - AS2( xor ecx, esi )\ - AS2( and ecx, 0x3f3f3f3f )\ - AS2( movzx esi, cl )\ - AS2( movzx edi, ch )\ - AS2( xor eax, [ebp + esi*4 + 6*256] )\ - AS2( shr ecx, 16 )\ - AS2( xor eax, [ebp + edi*4 + 4*256] )\ - AS2( movzx esi, cl )\ - AS2( movzx edi, ch )\ - AS2( xor eax, [ebp + esi*4 + 2*256] )\ - AS2( mov esi, DWORD PTR [edx + 4] )\ - AS2( xor eax, [ebp + edi*4] )\ - AS2( mov ecx, ebx )\ - AS2( xor ecx, esi )\ - AS2( and ecx, 0x3f3f3f3f )\ - AS2( movzx esi, cl )\ - AS2( movzx edi, ch )\ - AS2( xor eax, [ebp + esi*4 + 7*256] )\ - AS2( shr ecx, 16 )\ - AS2( xor eax, [ebp + edi*4 + 5*256] )\ - AS2( movzx esi, cl )\ - AS2( movzx edi, ch )\ - AS2( xor eax, [ebp + esi*4 + 3*256] )\ - AS2( mov esi, DWORD PTR [edx + 8] )\ - AS2( xor eax, [ebp + edi*4 + 1*256] )\ - AS2( mov ecx, eax )\ - AS2( ror ecx, 4 )\ - AS2( xor ecx, esi )\ - AS2( and ecx, 0x3f3f3f3f )\ - AS2( movzx esi, cl )\ - AS2( movzx edi, ch )\ - AS2( xor ebx, [ebp + esi*4 + 6*256] )\ - AS2( shr ecx, 16 )\ - AS2( xor ebx, [ebp + edi*4 + 4*256] )\ - AS2( movzx esi, cl )\ - AS2( movzx edi, ch )\ - AS2( xor ebx, [ebp + esi*4 + 2*256] )\ - AS2( mov esi, DWORD PTR [edx + 12] )\ - AS2( xor ebx, [ebp + edi*4] )\ - AS2( mov ecx, eax )\ - AS2( xor ecx, esi )\ - AS2( and ecx, 0x3f3f3f3f )\ - AS2( movzx esi, cl )\ - AS2( movzx edi, ch )\ - AS2( xor ebx, [ebp + esi*4 + 7*256] )\ - AS2( shr ecx, 16 )\ - AS2( xor ebx, [ebp + edi*4 + 5*256] )\ - AS2( movzx esi, cl )\ - AS2( movzx edi, ch )\ - AS2( xor ebx, [ebp + esi*4 + 3*256] )\ - AS2( add edx, 16 )\ - AS2( xor ebx, [ebp + edi*4 + 1*256] ) - - -#ifdef _MSC_VER - __declspec(naked) -#else - __attribute__ ((noinline)) -#endif -void DES_EDE3::AsmProcess(const byte* in, byte* out, void* box) const -{ -#ifdef __GNUC__ - #define AS1(x) #x ";" - #define AS2(x, y) #x ", " #y ";" - - #define PROLOG() \ - __asm__ __volatile__ \ - ( \ - ".intel_syntax noprefix;" \ - "push ebx;" \ - "push ebp;" \ - "movd mm6, ebp;" \ - "movd mm7, ecx;" \ - "mov ebp, eax;" - #define EPILOG() \ - "pop ebp;" \ - "pop ebx;" \ - "emms;" \ - ".att_syntax;" \ - : \ - : "d" (this), "S" (in), "a" (box), "c" (out) \ - : "%edi", "memory", "cc" \ - ); - -#else - #define AS1(x) __asm x - #define AS2(x, y) __asm x, y - - #define PROLOG() \ - AS1( push ebp ) \ - AS2( mov ebp, esp ) \ - AS2( movd mm3, edi ) \ - AS2( movd mm4, ebx ) \ - AS2( movd mm5, esi ) \ - AS2( movd mm6, ebp ) \ - AS2( mov esi, DWORD PTR [ebp + 8] ) \ - AS2( mov edx, ecx ) \ - AS2( mov ebp, DWORD PTR [ebp + 16] ) - - // ebp restored at end - #define EPILOG() \ - AS2( movd edi, mm3 ) \ - AS2( movd ebx, mm4 ) \ - AS2( movd esi, mm5 ) \ - AS2( mov esp, ebp ) \ - AS1( pop ebp ) \ - AS1( emms ) \ - AS1( ret 12 ) - -#endif - - - PROLOG() - - AS2( movd mm2, edx ) - - #ifdef OLD_GCC_OFFSET - AS2( add edx, 60 ) // des1 = des1 key - #else - AS2( add edx, 56 ) // des1 = des1 key - #endif - - AS2( mov eax, DWORD PTR [esi] ) - AS2( mov ebx, DWORD PTR [esi + 4] ) - AS1( bswap eax ) // left - AS1( bswap ebx ) // right - - AsmIPERM() - - DesRound() // 1 - DesRound() // 2 - DesRound() // 3 - DesRound() // 4 - DesRound() // 5 - DesRound() // 6 - DesRound() // 7 - DesRound() // 8 - - // swap left and right - AS2( xchg eax, ebx ) - - DesRound() // 1 - DesRound() // 2 - DesRound() // 3 - DesRound() // 4 - DesRound() // 5 - DesRound() // 6 - DesRound() // 7 - DesRound() // 8 - - // swap left and right - AS2( xchg eax, ebx ) - - DesRound() // 1 - DesRound() // 2 - DesRound() // 3 - DesRound() // 4 - DesRound() // 5 - DesRound() // 6 - DesRound() // 7 - DesRound() // 8 - - AsmFPERM() - - //end - AS2( movd ebp, mm6 ) - - // swap and write out - AS1( bswap ebx ) - AS1( bswap eax ) - -#ifdef __GNUC__ - AS2( movd esi, mm7 ) // outBlock -#else - AS2( mov esi, DWORD PTR [ebp + 12] ) // outBlock -#endif - - AS2( mov DWORD PTR [esi], ebx ) // right first - AS2( mov DWORD PTR [esi + 4], eax ) - - - EPILOG() -} - - - -#endif // defined(DO_DES_ASM) - - -} // namespace diff --git a/extra/yassl/taocrypt/src/dh.cpp b/extra/yassl/taocrypt/src/dh.cpp deleted file mode 100644 index cc677cba458..00000000000 --- a/extra/yassl/taocrypt/src/dh.cpp +++ /dev/null @@ -1,104 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* dh.cpp implements Diffie-Hellman support -*/ - -#include "runtime.hpp" -#include "dh.hpp" -#include "asn.hpp" -#include <math.h> - -namespace TaoCrypt { - - -namespace { // locals - -unsigned int DiscreteLogWorkFactor(unsigned int n) -{ - // assuming discrete log takes about the same time as factoring - if (n<5) - return 0; - else - return (unsigned int)(2.4 * pow((double)n, 1.0/3.0) * - pow(log(double(n)), 2.0/3.0) - 5); -} - -} // namespace locals - - -// Generate a DH Key Pair -void DH::GenerateKeyPair(RandomNumberGenerator& rng, byte* priv, byte* pub) -{ - GeneratePrivate(rng, priv); - GeneratePublic(priv, pub); -} - - -// Generate private value -void DH::GeneratePrivate(RandomNumberGenerator& rng, byte* priv) -{ - Integer x(rng, Integer::One(), min(p_ - 1, - Integer::Power2(2*DiscreteLogWorkFactor(p_.BitCount())) ) ); - x.Encode(priv, p_.ByteCount()); -} - - -// Generate public value -void DH::GeneratePublic(const byte* priv, byte* pub) -{ - const word32 bc(p_.ByteCount()); - Integer x(priv, bc); - Integer y(a_exp_b_mod_c(g_, x, p_)); - y.Encode(pub, bc); -} - - -// Generate Agreement -void DH::Agree(byte* agree, const byte* priv, const byte* otherPub, word32 - otherSz) -{ - const word32 bc(p_.ByteCount()); - Integer x(priv, bc); - Integer y; - if (otherSz) - y.Decode(otherPub, otherSz); - else - y.Decode(otherPub, bc); - - Integer z(a_exp_b_mod_c(y, x, p_)); - z.Encode(agree, bc); -} - - -DH::DH(Source& source) -{ - Initialize(source); -} - - -void DH::Initialize(Source& source) -{ - DH_Decoder decoder(source); - decoder.Decode(*this); -} - - -} // namespace diff --git a/extra/yassl/taocrypt/src/dsa.cpp b/extra/yassl/taocrypt/src/dsa.cpp deleted file mode 100644 index ccdefa46025..00000000000 --- a/extra/yassl/taocrypt/src/dsa.cpp +++ /dev/null @@ -1,274 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -#include "runtime.hpp" -#include "dsa.hpp" -#include "sha.hpp" -#include "asn.hpp" -#include "modarith.hpp" - - -namespace TaoCrypt { - - -void DSA_PublicKey::Swap(DSA_PublicKey& other) -{ - p_.Swap(other.p_); - q_.Swap(other.q_); - g_.Swap(other.g_); - y_.Swap(other.y_); -} - - -DSA_PublicKey::DSA_PublicKey(const DSA_PublicKey& other) - : p_(other.p_), q_(other.q_), g_(other.g_), y_(other.y_) -{} - - -DSA_PublicKey& DSA_PublicKey::operator=(const DSA_PublicKey& that) -{ - DSA_PublicKey tmp(that); - Swap(tmp); - return *this; -} - - -DSA_PublicKey::DSA_PublicKey(Source& source) -{ - Initialize(source); -} - - -void DSA_PublicKey::Initialize(Source& source) -{ - DSA_Public_Decoder decoder(source); - decoder.Decode(*this); -} - - -void DSA_PublicKey::Initialize(const Integer& p, const Integer& q, - const Integer& g, const Integer& y) -{ - p_ = p; - q_ = q; - g_ = g; - y_ = y; -} - - -const Integer& DSA_PublicKey::GetModulus() const -{ - return p_; -} - -const Integer& DSA_PublicKey::GetSubGroupOrder() const -{ - return q_; -} - - -const Integer& DSA_PublicKey::GetSubGroupGenerator() const -{ - return g_; -} - - -const Integer& DSA_PublicKey::GetPublicPart() const -{ - return y_; -} - - -void DSA_PublicKey::SetModulus(const Integer& p) -{ - p_ = p; -} - - -void DSA_PublicKey::SetSubGroupOrder(const Integer& q) -{ - q_ = q; -} - - -void DSA_PublicKey::SetSubGroupGenerator(const Integer& g) -{ - g_ = g; -} - - -void DSA_PublicKey::SetPublicPart(const Integer& y) -{ - y_ = y; -} - - -word32 DSA_PublicKey::SignatureLength() const -{ - return GetSubGroupOrder().ByteCount() * 2; // r and s -} - - - -DSA_PrivateKey::DSA_PrivateKey(Source& source) -{ - Initialize(source); -} - - -void DSA_PrivateKey::Initialize(Source& source) -{ - DSA_Private_Decoder decoder(source); - decoder.Decode(*this); -} - - -void DSA_PrivateKey::Initialize(const Integer& p, const Integer& q, - const Integer& g, const Integer& y, - const Integer& x) -{ - DSA_PublicKey::Initialize(p, q, g, y); - x_ = x; -} - - -const Integer& DSA_PrivateKey::GetPrivatePart() const -{ - return x_; -} - - -void DSA_PrivateKey::SetPrivatePart(const Integer& x) -{ - x_ = x; -} - - -DSA_Signer::DSA_Signer(const DSA_PrivateKey& key) - : key_(key) -{} - - -word32 DSA_Signer::Sign(const byte* sha_digest, byte* sig, - RandomNumberGenerator& rng) -{ - const Integer& p = key_.GetModulus(); - const Integer& q = key_.GetSubGroupOrder(); - const Integer& g = key_.GetSubGroupGenerator(); - const Integer& x = key_.GetPrivatePart(); - byte* tmpPtr = sig; // initial signature output - - Integer k(rng, 1, q - 1); - - r_ = a_exp_b_mod_c(g, k, p); - r_ %= q; - - Integer H(sha_digest, SHA::DIGEST_SIZE); // sha Hash(m) - - Integer kInv = k.InverseMod(q); - s_ = (kInv * (H + x*r_)) % q; - - if (!(!!r_ && !!s_)) - return (word32) -1; - - int rSz = r_.ByteCount(); - int tmpSz = rSz; - - while (tmpSz++ < SHA::DIGEST_SIZE) { - *sig++ = 0; - } - - r_.Encode(sig, rSz); - - sig = tmpPtr + SHA::DIGEST_SIZE; // advance sig output to s - int sSz = s_.ByteCount(); - tmpSz = sSz; - - while (tmpSz++ < SHA::DIGEST_SIZE) { - *sig++ = 0; - } - - s_.Encode(sig, sSz); - - return 40; -} - - -DSA_Verifier::DSA_Verifier(const DSA_PublicKey& key) - : key_(key) -{} - - -bool DSA_Verifier::Verify(const byte* sha_digest, const byte* sig) -{ - const Integer& p = key_.GetModulus(); - const Integer& q = key_.GetSubGroupOrder(); - const Integer& g = key_.GetSubGroupGenerator(); - const Integer& y = key_.GetPublicPart(); - - int sz = q.ByteCount(); - - r_.Decode(sig, sz); - s_.Decode(sig + sz, sz); - - if (r_ >= q || r_ < 1 || s_ >= q || s_ < 1) - return false; - - Integer H(sha_digest, SHA::DIGEST_SIZE); // sha Hash(m) - - Integer w = s_.InverseMod(q); - Integer u1 = (H * w) % q; - Integer u2 = (r_ * w) % q; - - // verify r == ((g^u1 * y^u2) mod p) mod q - ModularArithmetic ma(p); - Integer v = ma.CascadeExponentiate(g, u1, y, u2); - v %= q; - - return r_ == v; -} - - - - -const Integer& DSA_Signer::GetR() const -{ - return r_; -} - - -const Integer& DSA_Signer::GetS() const -{ - return s_; -} - - -const Integer& DSA_Verifier::GetR() const -{ - return r_; -} - - -const Integer& DSA_Verifier::GetS() const -{ - return s_; -} - - -} // namespace diff --git a/extra/yassl/taocrypt/src/file.cpp b/extra/yassl/taocrypt/src/file.cpp deleted file mode 100644 index 5dfc19ca7bd..00000000000 --- a/extra/yassl/taocrypt/src/file.cpp +++ /dev/null @@ -1,116 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* file.cpp implements File Sources and Sinks -*/ - -#include "runtime.hpp" -#include "file.hpp" - - -namespace TaoCrypt { - - -FileSource::FileSource(const char* fname, Source& source) -{ - file_ = fopen(fname, "rb"); - if (file_) get(source); -} - - -FileSource::~FileSource() -{ - if (file_) - fclose(file_); -} - - - -// return size of source from beginning or current position -word32 FileSource::size(bool use_current) -{ - long current = ftell(file_); - long begin = current; - - if (!use_current) { - fseek(file_, 0, SEEK_SET); - begin = ftell(file_); - } - - fseek(file_, 0, SEEK_END); - long end = ftell(file_); - - fseek(file_, current, SEEK_SET); - - return end - begin; -} - - -word32 FileSource::size_left() -{ - return size(true); -} - - -// fill file source from source -word32 FileSource::get(Source& source) -{ - word32 sz(size()); - if (source.size() < sz) - source.grow(sz); - - size_t bytes = fread(source.buffer_.get_buffer(), 1, sz, file_); - - if (bytes == 1) - return sz; - else - return 0; -} - - -FileSink::FileSink(const char* fname, Source& source) -{ - file_ = fopen(fname, "wb"); - if (file_) put(source); -} - - -FileSink::~FileSink() -{ - if (file_) - fclose(file_); -} - - -// fill source from file sink -size_t FileSink::put(Source& source) -{ - return fwrite(source.get_buffer(), 1, source.size(), file_); -} - - -// swap with other and reset to beginning -void Source::reset(ByteBlock& otherBlock) -{ - buffer_.Swap(otherBlock); - current_ = 0; -} - - -} // namespace diff --git a/extra/yassl/taocrypt/src/hash.cpp b/extra/yassl/taocrypt/src/hash.cpp deleted file mode 100644 index 9fa65a36074..00000000000 --- a/extra/yassl/taocrypt/src/hash.cpp +++ /dev/null @@ -1,191 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* hash.cpp implements a base for digest types -*/ - -#include "runtime.hpp" -#include <string.h> - -#include "hash.hpp" - - -namespace TaoCrypt { - - -HASHwithTransform::HASHwithTransform(word32 digSz, word32 buffSz) -{ -} - - -void HASHwithTransform::AddLength(word32 len) -{ - HashLengthType tmp = loLen_; - if ( (loLen_ += len) < tmp) - hiLen_++; // carry low to high - hiLen_ += SafeRightShift<8*sizeof(HashLengthType)>(len); -} - - -// Update digest with data of size len, do in blocks -void HASHwithTransform::Update(const byte* data, word32 len) -{ - // do block size increments - word32 blockSz = getBlockSize(); - byte* local = reinterpret_cast<byte*>(buffer_); - - while (len) { - word32 add = min(len, blockSz - buffLen_); - memcpy(&local[buffLen_], data, add); - - buffLen_ += add; - data += add; - len -= add; - - if (buffLen_ == blockSz) { - ByteReverseIf(local, local, blockSz, getByteOrder()); - Transform(); - AddLength(blockSz); - buffLen_ = 0; - } - } -} - - -// Final process, place digest in hash -void HASHwithTransform::Final(byte* hash) -{ - word32 blockSz = getBlockSize(); - word32 digestSz = getDigestSize(); - word32 padSz = getPadSize(); - ByteOrder order = getByteOrder(); - - AddLength(buffLen_); // before adding pads - HashLengthType preLoLen = GetBitCountLo(); - HashLengthType preHiLen = GetBitCountHi(); - byte* local = reinterpret_cast<byte*>(buffer_); - - local[buffLen_++] = 0x80; // add 1 - - // pad with zeros - if (buffLen_ > padSz) { - memset(&local[buffLen_], 0, blockSz - buffLen_); - buffLen_ += blockSz - buffLen_; - - ByteReverseIf(local, local, blockSz, order); - Transform(); - buffLen_ = 0; - } - memset(&local[buffLen_], 0, padSz - buffLen_); - - ByteReverseIf(local, local, blockSz, order); - - memcpy(&local[padSz], order ? &preHiLen : &preLoLen, sizeof(preLoLen)); - memcpy(&local[padSz+4], order ? &preLoLen : &preHiLen, sizeof(preLoLen)); - - Transform(); - ByteReverseIf(digest_, digest_, digestSz, order); - memcpy(hash, digest_, digestSz); - - Init(); // reset state -} - - -#ifdef WORD64_AVAILABLE - -HASH64withTransform::HASH64withTransform(word32 digSz, word32 buffSz) -{ -} - - -void HASH64withTransform::AddLength(word32 len) -{ - HashLengthType tmp = loLen_; - if ( (loLen_ += len) < tmp) - hiLen_++; // carry low to high - hiLen_ += SafeRightShift<8*sizeof(HashLengthType)>(len); -} - - -// Update digest with data of size len, do in blocks -void HASH64withTransform::Update(const byte* data, word32 len) -{ - // do block size increments - word32 blockSz = getBlockSize(); - byte* local = reinterpret_cast<byte*>(buffer_); - - while (len) { - word32 add = min(len, blockSz - buffLen_); - memcpy(&local[buffLen_], data, add); - - buffLen_ += add; - data += add; - len -= add; - - if (buffLen_ == blockSz) { - ByteReverseIf(buffer_, buffer_, blockSz, getByteOrder()); - Transform(); - AddLength(blockSz); - buffLen_ = 0; - } - } -} - - -// Final process, place digest in hash -void HASH64withTransform::Final(byte* hash) -{ - word32 blockSz = getBlockSize(); - word32 digestSz = getDigestSize(); - word32 padSz = getPadSize(); - ByteOrder order = getByteOrder(); - - AddLength(buffLen_); // before adding pads - HashLengthType preLoLen = GetBitCountLo(); - HashLengthType preHiLen = GetBitCountHi(); - byte* local = reinterpret_cast<byte*>(buffer_); - - local[buffLen_++] = 0x80; // add 1 - - // pad with zeros - if (buffLen_ > padSz) { - memset(&local[buffLen_], 0, blockSz - buffLen_); - buffLen_ += blockSz - buffLen_; - - ByteReverseIf(buffer_, buffer_, blockSz, order); - Transform(); - buffLen_ = 0; - } - memset(&local[buffLen_], 0, padSz - buffLen_); - - ByteReverseIf(buffer_, buffer_, padSz, order); - - buffer_[blockSz / sizeof(word64) - 2] = order ? preHiLen : preLoLen; - buffer_[blockSz / sizeof(word64) - 1] = order ? preLoLen : preHiLen; - - Transform(); - ByteReverseIf(digest_, digest_, digestSz, order); - memcpy(hash, digest_, digestSz); - - Init(); // reset state -} - -#endif // WORD64_AVAILABLE - - -} // namespace diff --git a/extra/yassl/taocrypt/src/hc128.cpp b/extra/yassl/taocrypt/src/hc128.cpp deleted file mode 100644 index 4e1542097d0..00000000000 --- a/extra/yassl/taocrypt/src/hc128.cpp +++ /dev/null @@ -1,317 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -#include "runtime.hpp" -#include "hc128.hpp" - - - -namespace TaoCrypt { - - - - -#ifdef BIG_ENDIAN_ORDER - #define LITTLE32(x) ByteReverse((word32)x) -#else - #define LITTLE32(x) (x) -#endif - - -/*h1 function*/ -#define h1(x, y) { \ - byte a,c; \ - a = (byte) (x); \ - c = (byte) ((x) >> 16); \ - y = (T_[512+a])+(T_[512+256+c]); \ -} - -/*h2 function*/ -#define h2(x, y) { \ - byte a,c; \ - a = (byte) (x); \ - c = (byte) ((x) >> 16); \ - y = (T_[a])+(T_[256+c]); \ -} - -/*one step of HC-128, update P and generate 32 bits keystream*/ -#define step_P(u,v,a,b,c,d,n){ \ - word32 tem0,tem1,tem2,tem3; \ - h1((X_[(d)]),tem3); \ - tem0 = rotrFixed((T_[(v)]),23); \ - tem1 = rotrFixed((X_[(c)]),10); \ - tem2 = rotrFixed((X_[(b)]),8); \ - (T_[(u)]) += tem2+(tem0 ^ tem1); \ - (X_[(a)]) = (T_[(u)]); \ - (n) = tem3 ^ (T_[(u)]) ; \ -} - -/*one step of HC-128, update Q and generate 32 bits keystream*/ -#define step_Q(u,v,a,b,c,d,n){ \ - word32 tem0,tem1,tem2,tem3; \ - h2((Y_[(d)]),tem3); \ - tem0 = rotrFixed((T_[(v)]),(32-23)); \ - tem1 = rotrFixed((Y_[(c)]),(32-10)); \ - tem2 = rotrFixed((Y_[(b)]),(32-8)); \ - (T_[(u)]) += tem2 + (tem0 ^ tem1); \ - (Y_[(a)]) = (T_[(u)]); \ - (n) = tem3 ^ (T_[(u)]) ; \ -} - - -/*16 steps of HC-128, generate 512 bits keystream*/ -void HC128::GenerateKeystream(word32* keystream) -{ - word32 cc,dd; - cc = counter1024_ & 0x1ff; - dd = (cc+16)&0x1ff; - - if (counter1024_ < 512) - { - counter1024_ = (counter1024_ + 16) & 0x3ff; - step_P(cc+0, cc+1, 0, 6, 13,4, keystream[0]); - step_P(cc+1, cc+2, 1, 7, 14,5, keystream[1]); - step_P(cc+2, cc+3, 2, 8, 15,6, keystream[2]); - step_P(cc+3, cc+4, 3, 9, 0, 7, keystream[3]); - step_P(cc+4, cc+5, 4, 10,1, 8, keystream[4]); - step_P(cc+5, cc+6, 5, 11,2, 9, keystream[5]); - step_P(cc+6, cc+7, 6, 12,3, 10,keystream[6]); - step_P(cc+7, cc+8, 7, 13,4, 11,keystream[7]); - step_P(cc+8, cc+9, 8, 14,5, 12,keystream[8]); - step_P(cc+9, cc+10,9, 15,6, 13,keystream[9]); - step_P(cc+10,cc+11,10,0, 7, 14,keystream[10]); - step_P(cc+11,cc+12,11,1, 8, 15,keystream[11]); - step_P(cc+12,cc+13,12,2, 9, 0, keystream[12]); - step_P(cc+13,cc+14,13,3, 10,1, keystream[13]); - step_P(cc+14,cc+15,14,4, 11,2, keystream[14]); - step_P(cc+15,dd+0, 15,5, 12,3, keystream[15]); - } - else - { - counter1024_ = (counter1024_ + 16) & 0x3ff; - step_Q(512+cc+0, 512+cc+1, 0, 6, 13,4, keystream[0]); - step_Q(512+cc+1, 512+cc+2, 1, 7, 14,5, keystream[1]); - step_Q(512+cc+2, 512+cc+3, 2, 8, 15,6, keystream[2]); - step_Q(512+cc+3, 512+cc+4, 3, 9, 0, 7, keystream[3]); - step_Q(512+cc+4, 512+cc+5, 4, 10,1, 8, keystream[4]); - step_Q(512+cc+5, 512+cc+6, 5, 11,2, 9, keystream[5]); - step_Q(512+cc+6, 512+cc+7, 6, 12,3, 10,keystream[6]); - step_Q(512+cc+7, 512+cc+8, 7, 13,4, 11,keystream[7]); - step_Q(512+cc+8, 512+cc+9, 8, 14,5, 12,keystream[8]); - step_Q(512+cc+9, 512+cc+10,9, 15,6, 13,keystream[9]); - step_Q(512+cc+10,512+cc+11,10,0, 7, 14,keystream[10]); - step_Q(512+cc+11,512+cc+12,11,1, 8, 15,keystream[11]); - step_Q(512+cc+12,512+cc+13,12,2, 9, 0, keystream[12]); - step_Q(512+cc+13,512+cc+14,13,3, 10,1, keystream[13]); - step_Q(512+cc+14,512+cc+15,14,4, 11,2, keystream[14]); - step_Q(512+cc+15,512+dd+0, 15,5, 12,3, keystream[15]); - } -} - - -/* The following defines the initialization functions */ -#define f1(x) (rotrFixed((x),7) ^ rotrFixed((x),18) ^ ((x) >> 3)) -#define f2(x) (rotrFixed((x),17) ^ rotrFixed((x),19) ^ ((x) >> 10)) - -/*update table P*/ -#define update_P(u,v,a,b,c,d){ \ - word32 tem0,tem1,tem2,tem3; \ - tem0 = rotrFixed((T_[(v)]),23); \ - tem1 = rotrFixed((X_[(c)]),10); \ - tem2 = rotrFixed((X_[(b)]),8); \ - h1((X_[(d)]),tem3); \ - (T_[(u)]) = ((T_[(u)]) + tem2+(tem0^tem1)) ^ tem3; \ - (X_[(a)]) = (T_[(u)]); \ -} - -/*update table Q*/ -#define update_Q(u,v,a,b,c,d){ \ - word32 tem0,tem1,tem2,tem3; \ - tem0 = rotrFixed((T_[(v)]),(32-23)); \ - tem1 = rotrFixed((Y_[(c)]),(32-10)); \ - tem2 = rotrFixed((Y_[(b)]),(32-8)); \ - h2((Y_[(d)]),tem3); \ - (T_[(u)]) = ((T_[(u)]) + tem2+(tem0^tem1)) ^ tem3; \ - (Y_[(a)]) = (T_[(u)]); \ -} - -/*16 steps of HC-128, without generating keystream, */ -/*but use the outputs to update P and Q*/ -void HC128::SetupUpdate() /*each time 16 steps*/ -{ - word32 cc,dd; - cc = counter1024_ & 0x1ff; - dd = (cc+16)&0x1ff; - - if (counter1024_ < 512) - { - counter1024_ = (counter1024_ + 16) & 0x3ff; - update_P(cc+0, cc+1, 0, 6, 13, 4); - update_P(cc+1, cc+2, 1, 7, 14, 5); - update_P(cc+2, cc+3, 2, 8, 15, 6); - update_P(cc+3, cc+4, 3, 9, 0, 7); - update_P(cc+4, cc+5, 4, 10,1, 8); - update_P(cc+5, cc+6, 5, 11,2, 9); - update_P(cc+6, cc+7, 6, 12,3, 10); - update_P(cc+7, cc+8, 7, 13,4, 11); - update_P(cc+8, cc+9, 8, 14,5, 12); - update_P(cc+9, cc+10,9, 15,6, 13); - update_P(cc+10,cc+11,10,0, 7, 14); - update_P(cc+11,cc+12,11,1, 8, 15); - update_P(cc+12,cc+13,12,2, 9, 0); - update_P(cc+13,cc+14,13,3, 10, 1); - update_P(cc+14,cc+15,14,4, 11, 2); - update_P(cc+15,dd+0, 15,5, 12, 3); - } - else - { - counter1024_ = (counter1024_ + 16) & 0x3ff; - update_Q(512+cc+0, 512+cc+1, 0, 6, 13, 4); - update_Q(512+cc+1, 512+cc+2, 1, 7, 14, 5); - update_Q(512+cc+2, 512+cc+3, 2, 8, 15, 6); - update_Q(512+cc+3, 512+cc+4, 3, 9, 0, 7); - update_Q(512+cc+4, 512+cc+5, 4, 10,1, 8); - update_Q(512+cc+5, 512+cc+6, 5, 11,2, 9); - update_Q(512+cc+6, 512+cc+7, 6, 12,3, 10); - update_Q(512+cc+7, 512+cc+8, 7, 13,4, 11); - update_Q(512+cc+8, 512+cc+9, 8, 14,5, 12); - update_Q(512+cc+9, 512+cc+10,9, 15,6, 13); - update_Q(512+cc+10,512+cc+11,10,0, 7, 14); - update_Q(512+cc+11,512+cc+12,11,1, 8, 15); - update_Q(512+cc+12,512+cc+13,12,2, 9, 0); - update_Q(512+cc+13,512+cc+14,13,3, 10, 1); - update_Q(512+cc+14,512+cc+15,14,4, 11, 2); - update_Q(512+cc+15,512+dd+0, 15,5, 12, 3); - } -} - - -/* for the 128-bit key: key[0]...key[15] -* key[0] is the least significant byte of ctx->key[0] (K_0); -* key[3] is the most significant byte of ctx->key[0] (K_0); -* ... -* key[12] is the least significant byte of ctx->key[3] (K_3) -* key[15] is the most significant byte of ctx->key[3] (K_3) -* -* for the 128-bit iv: iv[0]...iv[15] -* iv[0] is the least significant byte of ctx->iv[0] (IV_0); -* iv[3] is the most significant byte of ctx->iv[0] (IV_0); -* ... -* iv[12] is the least significant byte of ctx->iv[3] (IV_3) -* iv[15] is the most significant byte of ctx->iv[3] (IV_3) -*/ - - - -void HC128::SetIV(const byte* iv) -{ - word32 i; - - for (i = 0; i < (128 >> 5); i++) - iv_[i] = LITTLE32(((word32*)iv)[i]); - - for (; i < 8; i++) iv_[i] = iv_[i-4]; - - /* expand the key and IV into the table T */ - /* (expand the key and IV into the table P and Q) */ - - for (i = 0; i < 8; i++) T_[i] = key_[i]; - for (i = 8; i < 16; i++) T_[i] = iv_[i-8]; - - for (i = 16; i < (256+16); i++) - T_[i] = f2(T_[i-2]) + T_[i-7] + f1(T_[i-15]) + T_[i-16]+i; - - for (i = 0; i < 16; i++) T_[i] = T_[256+i]; - - for (i = 16; i < 1024; i++) - T_[i] = f2(T_[i-2]) + T_[i-7] + f1(T_[i-15]) + T_[i-16]+256+i; - - /* initialize counter1024, X and Y */ - counter1024_ = 0; - for (i = 0; i < 16; i++) X_[i] = T_[512-16+i]; - for (i = 0; i < 16; i++) Y_[i] = T_[512+512-16+i]; - - /* run the cipher 1024 steps before generating the output */ - for (i = 0; i < 64; i++) SetupUpdate(); -} - - -void HC128::SetKey(const byte* key, const byte* iv) -{ - word32 i; - - /* Key size in bits 128 */ - for (i = 0; i < (128 >> 5); i++) - key_[i] = LITTLE32(((word32*)key)[i]); - - for ( ; i < 8 ; i++) key_[i] = key_[i-4]; - - SetIV(iv); -} - - -/* The following defines the encryption of data stream */ -void HC128::Process(byte* output, const byte* input, word32 msglen) -{ - word32 i, keystream[16]; - - for ( ; msglen >= 64; msglen -= 64, input += 64, output += 64) - { - GenerateKeystream(keystream); - - /* unroll loop */ - ((word32*)output)[0] = ((word32*)input)[0] ^ LITTLE32(keystream[0]); - ((word32*)output)[1] = ((word32*)input)[1] ^ LITTLE32(keystream[1]); - ((word32*)output)[2] = ((word32*)input)[2] ^ LITTLE32(keystream[2]); - ((word32*)output)[3] = ((word32*)input)[3] ^ LITTLE32(keystream[3]); - ((word32*)output)[4] = ((word32*)input)[4] ^ LITTLE32(keystream[4]); - ((word32*)output)[5] = ((word32*)input)[5] ^ LITTLE32(keystream[5]); - ((word32*)output)[6] = ((word32*)input)[6] ^ LITTLE32(keystream[6]); - ((word32*)output)[7] = ((word32*)input)[7] ^ LITTLE32(keystream[7]); - ((word32*)output)[8] = ((word32*)input)[8] ^ LITTLE32(keystream[8]); - ((word32*)output)[9] = ((word32*)input)[9] ^ LITTLE32(keystream[9]); - ((word32*)output)[10] = ((word32*)input)[10] ^ LITTLE32(keystream[10]); - ((word32*)output)[11] = ((word32*)input)[11] ^ LITTLE32(keystream[11]); - ((word32*)output)[12] = ((word32*)input)[12] ^ LITTLE32(keystream[12]); - ((word32*)output)[13] = ((word32*)input)[13] ^ LITTLE32(keystream[13]); - ((word32*)output)[14] = ((word32*)input)[14] ^ LITTLE32(keystream[14]); - ((word32*)output)[15] = ((word32*)input)[15] ^ LITTLE32(keystream[15]); - } - - if (msglen > 0) - { - GenerateKeystream(keystream); - -#ifdef BIG_ENDIAN_ORDER - { - word32 wordsLeft = msglen / sizeof(word32); - if (msglen % sizeof(word32)) wordsLeft++; - - ByteReverse(keystream, keystream, wordsLeft * sizeof(word32)); - } -#endif - - for (i = 0; i < msglen; i++) - output[i] = input[i] ^ ((byte*)keystream)[i]; - } - -} - - -} // namespace diff --git a/extra/yassl/taocrypt/src/integer.cpp b/extra/yassl/taocrypt/src/integer.cpp deleted file mode 100644 index 432a0ad20af..00000000000 --- a/extra/yassl/taocrypt/src/integer.cpp +++ /dev/null @@ -1,3892 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - - -/* based on Wei Dai's integer.cpp from CryptoPP */ - -#include "runtime.hpp" -#include "integer.hpp" -#include "modarith.hpp" -#include "asn.hpp" - - - -#ifdef __DECCXX - #include <c_asm.h> // for asm overflow assembly -#endif - -#if defined(_M_X64) || defined(_M_IA64) - #include <intrin.h> -#pragma intrinsic(_umul128) -#endif - - -#ifdef __GNUC__ - #include <signal.h> - #include <setjmp.h> -#endif - - -#ifdef SSE2_INTRINSICS_AVAILABLE - #ifdef __GNUC__ - #include <xmmintrin.h> - #ifdef TAOCRYPT_MEMALIGN_AVAILABLE - #include <malloc.h> - #else - #include <stdlib.h> - #endif - #else - #include <emmintrin.h> - #endif -#elif defined(_MSC_VER) && defined(_M_IX86) -/* #pragma message("You do not seem to have the Visual C++ Processor Pack ") - #pragma message("installed, so use of SSE2 intrinsics will be disabled.") -*/ -#elif defined(__GNUC__) && defined(__i386__) -/* #warning You do not have GCC 3.3 or later, or did not specify the -msse2 \ - compiler option. Use of SSE2 intrinsics will be disabled. -*/ -#endif - - -namespace TaoCrypt { - - -#ifdef SSE2_INTRINSICS_AVAILABLE - -template <class T> -CPP_TYPENAME AlignedAllocator<T>::pointer AlignedAllocator<T>::allocate( - size_type n, const void *) -{ - if (n > this->max_size()) - return 0; - if (n == 0) - return 0; - if (n >= 4) - { - void* p; - #ifdef TAOCRYPT_MM_MALLOC_AVAILABLE - p = _mm_malloc(sizeof(T)*n, 16); - #elif defined(TAOCRYPT_MEMALIGN_AVAILABLE) - p = memalign(16, sizeof(T)*n); - #elif defined(TAOCRYPT_MALLOC_ALIGNMENT_IS_16) - p = malloc(sizeof(T)*n); - #else - p = (byte *)malloc(sizeof(T)*n + 8); - // assume malloc alignment is at least 8 - #endif - - #ifdef TAOCRYPT_NO_ALIGNED_ALLOC - m_pBlock = p; - if (!IsAlignedOn(p, 16)) - { - p = (byte *)p + 8; - } - #endif - - return (T*)p; - } - return NEW_TC T[n]; -} - - -template <class T> -void AlignedAllocator<T>::deallocate(void* p, size_type n) -{ - memset(p, 0, n*sizeof(T)); - if (n >= 4) - { - #ifdef TAOCRYPT_MM_MALLOC_AVAILABLE - _mm_free(p); - #elif defined(TAOCRYPT_NO_ALIGNED_ALLOC) - free(m_pBlock); - m_pBlock = 0; - #else - free(p); - #endif - } - else - tcArrayDelete((T *)p); -} - -#endif // SSE2 - - -// ******** start of integer needs - -// start 5.2.1 adds DWord and Word ******** - -// ******************************************************** - -class DWord { -public: -DWord() {} - -#ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE - explicit DWord(word low) - { - whole_ = low; - } -#else - explicit DWord(word low) - { - halfs_.low = low; - halfs_.high = 0; - } -#endif - - DWord(word low, word high) - { - halfs_.low = low; - halfs_.high = high; - } - - static DWord Multiply(word a, word b) - { - DWord r; - - #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE - r.whole_ = (dword)a * b; - - #elif defined(_M_X64) || defined(_M_IA64) - r.halfs_.low = _umul128(a, b, &r.halfs_.high); - - #elif defined(__alpha__) - r.halfs_.low = a*b; - #ifdef __GNUC__ - __asm__("umulh %1,%2,%0" : "=r" (r.halfs_.high) - : "r" (a), "r" (b)); - #elif defined(__DECCXX) - r.halfs_.high = asm("umulh %a0, %a1, %v0", a, b); - #else - #error unknown alpha compiler - #endif - - #elif defined(__ia64__) - r.halfs_.low = a*b; - __asm__("xmpy.hu %0=%1,%2" : "=f" (r.halfs_.high) - : "f" (a), "f" (b)); - - #elif defined(_ARCH_PPC64) - r.halfs_.low = a*b; - __asm__("mulhdu %0,%1,%2" : "=r" (r.halfs_.high) - : "r" (a), "r" (b) : "cc"); - - #elif defined(__x86_64__) - __asm__("mulq %3" : "=d" (r.halfs_.high), "=a" (r.halfs_.low) : - "a" (a), "rm" (b) : "cc"); - - #elif defined(__mips64) - unsigned __int128 t = (unsigned __int128) a * b; - r.halfs_.high = t >> 64; - r.halfs_.low = (word) t; - - #elif defined(_M_IX86) - // for testing - word64 t = (word64)a * b; - r.halfs_.high = ((word32 *)(&t))[1]; - r.halfs_.low = (word32)t; - #else - #error can not implement DWord - #endif - - return r; - } - - static DWord MultiplyAndAdd(word a, word b, word c) - { - DWord r = Multiply(a, b); - return r += c; - } - - DWord & operator+=(word a) - { - #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE - whole_ = whole_ + a; - #else - halfs_.low += a; - halfs_.high += (halfs_.low < a); - #endif - return *this; - } - - DWord operator+(word a) - { - DWord r; - #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE - r.whole_ = whole_ + a; - #else - r.halfs_.low = halfs_.low + a; - r.halfs_.high = halfs_.high + (r.halfs_.low < a); - #endif - return r; - } - - DWord operator-(DWord a) - { - DWord r; - #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE - r.whole_ = whole_ - a.whole_; - #else - r.halfs_.low = halfs_.low - a.halfs_.low; - r.halfs_.high = halfs_.high - a.halfs_.high - - (r.halfs_.low > halfs_.low); - #endif - return r; - } - - DWord operator-(word a) - { - DWord r; - #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE - r.whole_ = whole_ - a; - #else - r.halfs_.low = halfs_.low - a; - r.halfs_.high = halfs_.high - (r.halfs_.low > halfs_.low); - #endif - return r; - } - - // returns quotient, which must fit in a word - word operator/(word divisor); - - word operator%(word a); - - bool operator!() const - { - #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE - return !whole_; - #else - return !halfs_.high && !halfs_.low; - #endif - } - - word GetLowHalf() const {return halfs_.low;} - word GetHighHalf() const {return halfs_.high;} - word GetHighHalfAsBorrow() const {return 0-halfs_.high;} - -private: - union - { - #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE - dword whole_; - #endif - struct - { - #ifdef LITTLE_ENDIAN_ORDER - word low; - word high; - #else - word high; - word low; - #endif - } halfs_; - }; -}; - - -class Word { -public: - Word() {} - - Word(word value) - { - whole_ = value; - } - - Word(hword low, hword high) - { - whole_ = low | (word(high) << (WORD_BITS/2)); - } - - static Word Multiply(hword a, hword b) - { - Word r; - r.whole_ = (word)a * b; - return r; - } - - Word operator-(Word a) - { - Word r; - r.whole_ = whole_ - a.whole_; - return r; - } - - Word operator-(hword a) - { - Word r; - r.whole_ = whole_ - a; - return r; - } - - // returns quotient, which must fit in a word - hword operator/(hword divisor) - { - return hword(whole_ / divisor); - } - - bool operator!() const - { - return !whole_; - } - - word GetWhole() const {return whole_;} - hword GetLowHalf() const {return hword(whole_);} - hword GetHighHalf() const {return hword(whole_>>(WORD_BITS/2));} - hword GetHighHalfAsBorrow() const {return 0-hword(whole_>>(WORD_BITS/2));} - -private: - word whole_; -}; - - -// dummy is VC60 compiler bug workaround -// do a 3 word by 2 word divide, returns quotient and leaves remainder in A -template <class S, class D> -S DivideThreeWordsByTwo(S* A, S B0, S B1, D* dummy_VC6_WorkAround = 0) -{ - // estimate the quotient: do a 2 S by 1 S divide - S Q; - if (S(B1+1) == 0) - Q = A[2]; - else - Q = D(A[1], A[2]) / S(B1+1); - - // now subtract Q*B from A - D p = D::Multiply(B0, Q); - D u = (D) A[0] - p.GetLowHalf(); - A[0] = u.GetLowHalf(); - u = (D) A[1] - p.GetHighHalf() - u.GetHighHalfAsBorrow() - - D::Multiply(B1, Q); - A[1] = u.GetLowHalf(); - A[2] += u.GetHighHalf(); - - // Q <= actual quotient, so fix it - while (A[2] || A[1] > B1 || (A[1]==B1 && A[0]>=B0)) - { - u = (D) A[0] - B0; - A[0] = u.GetLowHalf(); - u = (D) A[1] - B1 - u.GetHighHalfAsBorrow(); - A[1] = u.GetLowHalf(); - A[2] += u.GetHighHalf(); - Q++; - } - - return Q; -} - - -// do a 4 word by 2 word divide, returns 2 word quotient in Q0 and Q1 -template <class S, class D> -inline D DivideFourWordsByTwo(S *T, const D &Al, const D &Ah, const D &B) -{ - if (!B) // if divisor is 0, we assume divisor==2**(2*WORD_BITS) - return D(Ah.GetLowHalf(), Ah.GetHighHalf()); - else - { - S Q[2]; - T[0] = Al.GetLowHalf(); - T[1] = Al.GetHighHalf(); - T[2] = Ah.GetLowHalf(); - T[3] = Ah.GetHighHalf(); - Q[1] = DivideThreeWordsByTwo<S, D>(T+1, B.GetLowHalf(), - B.GetHighHalf()); - Q[0] = DivideThreeWordsByTwo<S, D>(T, B.GetLowHalf(), B.GetHighHalf()); - return D(Q[0], Q[1]); - } -} - - -// returns quotient, which must fit in a word -inline word DWord::operator/(word a) -{ - #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE - return word(whole_ / a); - #else - hword r[4]; - return DivideFourWordsByTwo<hword, Word>(r, halfs_.low, - halfs_.high, a).GetWhole(); - #endif -} - -inline word DWord::operator%(word a) -{ - #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE - return word(whole_ % a); - #else - if (a < (word(1) << (WORD_BITS/2))) - { - hword h = hword(a); - word r = halfs_.high % h; - r = ((halfs_.low >> (WORD_BITS/2)) + (r << (WORD_BITS/2))) % h; - return hword((hword(halfs_.low) + (r << (WORD_BITS/2))) % h); - } - else - { - hword r[4]; - DivideFourWordsByTwo<hword, Word>(r, halfs_.low, halfs_.high, a); - return Word(r[0], r[1]).GetWhole(); - } - #endif -} - - - -// end 5.2.1 DWord and Word adds - - - - - -static const unsigned int RoundupSizeTable[] = {2, 2, 2, 4, 4, 8, 8, 8, 8}; - -static inline unsigned int RoundupSize(unsigned int n) -{ - if (n<=8) - return RoundupSizeTable[n]; - else if (n<=16) - return 16; - else if (n<=32) - return 32; - else if (n<=64) - return 64; - else return 1U << BitPrecision(n-1); -} - - -static int Compare(const word *A, const word *B, unsigned int N) -{ - while (N--) - if (A[N] > B[N]) - return 1; - else if (A[N] < B[N]) - return -1; - - return 0; -} - -static word Increment(word *A, unsigned int N, word B=1) -{ - word t = A[0]; - A[0] = t+B; - if (A[0] >= t) - return 0; - for (unsigned i=1; i<N; i++) - if (++A[i]) - return 0; - return 1; -} - -static word Decrement(word *A, unsigned int N, word B=1) -{ - word t = A[0]; - A[0] = t-B; - if (A[0] <= t) - return 0; - for (unsigned i=1; i<N; i++) - if (A[i]--) - return 0; - return 1; -} - -static void TwosComplement(word *A, unsigned int N) -{ - Decrement(A, N); - for (unsigned i=0; i<N; i++) - A[i] = ~A[i]; -} - - -static word LinearMultiply(word *C, const word *A, word B, unsigned int N) -{ - word carry=0; - for(unsigned i=0; i<N; i++) - { - DWord p = DWord::MultiplyAndAdd(A[i], B, carry); - C[i] = p.GetLowHalf(); - carry = p.GetHighHalf(); - } - return carry; -} - - -static word AtomicInverseModPower2(word A) -{ - word R=A%8; - - for (unsigned i=3; i<WORD_BITS; i*=2) - R = R*(2-R*A); - - return R; -} - - -// ******************************************************** - -class Portable -{ -public: - static word TAOCRYPT_CDECL Add(word *C, const word *A, const word *B, - unsigned int N); - static word TAOCRYPT_CDECL Subtract(word *C, const word *A, const word*B, - unsigned int N); - static void TAOCRYPT_CDECL Multiply2(word *C, const word *A, const word *B); - static word TAOCRYPT_CDECL Multiply2Add(word *C, - const word *A, const word *B); - static void TAOCRYPT_CDECL Multiply4(word *C, const word *A, const word *B); - static void TAOCRYPT_CDECL Multiply8(word *C, const word *A, const word *B); - static unsigned int TAOCRYPT_CDECL MultiplyRecursionLimit() {return 8;} - - static void TAOCRYPT_CDECL Multiply2Bottom(word *C, const word *A, - const word *B); - static void TAOCRYPT_CDECL Multiply4Bottom(word *C, const word *A, - const word *B); - static void TAOCRYPT_CDECL Multiply8Bottom(word *C, const word *A, - const word *B); - static unsigned int TAOCRYPT_CDECL MultiplyBottomRecursionLimit(){return 8;} - - static void TAOCRYPT_CDECL Square2(word *R, const word *A); - static void TAOCRYPT_CDECL Square4(word *R, const word *A); - static unsigned int TAOCRYPT_CDECL SquareRecursionLimit() {return 4;} -}; - -word Portable::Add(word *C, const word *A, const word *B, unsigned int N) -{ - DWord u(0, 0); - for (unsigned int i = 0; i < N; i+=2) - { - u = DWord(A[i]) + B[i] + u.GetHighHalf(); - C[i] = u.GetLowHalf(); - u = DWord(A[i+1]) + B[i+1] + u.GetHighHalf(); - C[i+1] = u.GetLowHalf(); - } - return u.GetHighHalf(); -} - -word Portable::Subtract(word *C, const word *A, const word *B, unsigned int N) -{ - DWord u(0, 0); - for (unsigned int i = 0; i < N; i+=2) - { - u = (DWord) A[i] - B[i] - u.GetHighHalfAsBorrow(); - C[i] = u.GetLowHalf(); - u = (DWord) A[i+1] - B[i+1] - u.GetHighHalfAsBorrow(); - C[i+1] = u.GetLowHalf(); - } - return 0-u.GetHighHalf(); -} - -void Portable::Multiply2(word *C, const word *A, const word *B) -{ -/* - word s; - dword d; - - if (A1 >= A0) - if (B0 >= B1) - { - s = 0; - d = (dword)(A1-A0)*(B0-B1); - } - else - { - s = (A1-A0); - d = (dword)s*(word)(B0-B1); - } - else - if (B0 > B1) - { - s = (B0-B1); - d = (word)(A1-A0)*(dword)s; - } - else - { - s = 0; - d = (dword)(A0-A1)*(B1-B0); - } -*/ - // this segment is the branchless equivalent of above - word D[4] = {A[1]-A[0], A[0]-A[1], B[0]-B[1], B[1]-B[0]}; - unsigned int ai = A[1] < A[0]; - unsigned int bi = B[0] < B[1]; - unsigned int di = ai & bi; - DWord d = DWord::Multiply(D[di], D[di+2]); - D[1] = D[3] = 0; - unsigned int si = ai + !bi; - word s = D[si]; - - DWord A0B0 = DWord::Multiply(A[0], B[0]); - C[0] = A0B0.GetLowHalf(); - - DWord A1B1 = DWord::Multiply(A[1], B[1]); - DWord t = (DWord) A0B0.GetHighHalf() + A0B0.GetLowHalf() + d.GetLowHalf() - + A1B1.GetLowHalf(); - C[1] = t.GetLowHalf(); - - t = A1B1 + t.GetHighHalf() + A0B0.GetHighHalf() + d.GetHighHalf() - + A1B1.GetHighHalf() - s; - C[2] = t.GetLowHalf(); - C[3] = t.GetHighHalf(); -} - -void Portable::Multiply2Bottom(word *C, const word *A, const word *B) -{ - DWord t = DWord::Multiply(A[0], B[0]); - C[0] = t.GetLowHalf(); - C[1] = t.GetHighHalf() + A[0]*B[1] + A[1]*B[0]; -} - -word Portable::Multiply2Add(word *C, const word *A, const word *B) -{ - word D[4] = {A[1]-A[0], A[0]-A[1], B[0]-B[1], B[1]-B[0]}; - unsigned int ai = A[1] < A[0]; - unsigned int bi = B[0] < B[1]; - unsigned int di = ai & bi; - DWord d = DWord::Multiply(D[di], D[di+2]); - D[1] = D[3] = 0; - unsigned int si = ai + !bi; - word s = D[si]; - - DWord A0B0 = DWord::Multiply(A[0], B[0]); - DWord t = A0B0 + C[0]; - C[0] = t.GetLowHalf(); - - DWord A1B1 = DWord::Multiply(A[1], B[1]); - t = (DWord) t.GetHighHalf() + A0B0.GetLowHalf() + d.GetLowHalf() + - A1B1.GetLowHalf() + C[1]; - C[1] = t.GetLowHalf(); - - t = (DWord) t.GetHighHalf() + A1B1.GetLowHalf() + A0B0.GetHighHalf() + - d.GetHighHalf() + A1B1.GetHighHalf() - s + C[2]; - C[2] = t.GetLowHalf(); - - t = (DWord) t.GetHighHalf() + A1B1.GetHighHalf() + C[3]; - C[3] = t.GetLowHalf(); - return t.GetHighHalf(); -} - - -#define MulAcc(x, y) \ - p = DWord::MultiplyAndAdd(A[x], B[y], c); \ - c = p.GetLowHalf(); \ - p = (DWord) d + p.GetHighHalf(); \ - d = p.GetLowHalf(); \ - e += p.GetHighHalf(); - -#define SaveMulAcc(s, x, y) \ - R[s] = c; \ - p = DWord::MultiplyAndAdd(A[x], B[y], d); \ - c = p.GetLowHalf(); \ - p = (DWord) e + p.GetHighHalf(); \ - d = p.GetLowHalf(); \ - e = p.GetHighHalf(); - -#define SquAcc(x, y) \ - q = DWord::Multiply(A[x], A[y]); \ - p = q + c; \ - c = p.GetLowHalf(); \ - p = (DWord) d + p.GetHighHalf(); \ - d = p.GetLowHalf(); \ - e += p.GetHighHalf(); \ - p = q + c; \ - c = p.GetLowHalf(); \ - p = (DWord) d + p.GetHighHalf(); \ - d = p.GetLowHalf(); \ - e += p.GetHighHalf(); - -#define SaveSquAcc(s, x, y) \ - R[s] = c; \ - q = DWord::Multiply(A[x], A[y]); \ - p = q + d; \ - c = p.GetLowHalf(); \ - p = (DWord) e + p.GetHighHalf(); \ - d = p.GetLowHalf(); \ - e = p.GetHighHalf(); \ - p = q + c; \ - c = p.GetLowHalf(); \ - p = (DWord) d + p.GetHighHalf(); \ - d = p.GetLowHalf(); \ - e += p.GetHighHalf(); - - -void Portable::Multiply4(word *R, const word *A, const word *B) -{ - DWord p; - word c, d, e; - - p = DWord::Multiply(A[0], B[0]); - R[0] = p.GetLowHalf(); - c = p.GetHighHalf(); - d = e = 0; - - MulAcc(0, 1); - MulAcc(1, 0); - - SaveMulAcc(1, 2, 0); - MulAcc(1, 1); - MulAcc(0, 2); - - SaveMulAcc(2, 0, 3); - MulAcc(1, 2); - MulAcc(2, 1); - MulAcc(3, 0); - - SaveMulAcc(3, 3, 1); - MulAcc(2, 2); - MulAcc(1, 3); - - SaveMulAcc(4, 2, 3); - MulAcc(3, 2); - - R[5] = c; - p = DWord::MultiplyAndAdd(A[3], B[3], d); - R[6] = p.GetLowHalf(); - R[7] = e + p.GetHighHalf(); -} - -void Portable::Square2(word *R, const word *A) -{ - DWord p, q; - word c, d, e; - - p = DWord::Multiply(A[0], A[0]); - R[0] = p.GetLowHalf(); - c = p.GetHighHalf(); - d = e = 0; - - SquAcc(0, 1); - - R[1] = c; - p = DWord::MultiplyAndAdd(A[1], A[1], d); - R[2] = p.GetLowHalf(); - R[3] = e + p.GetHighHalf(); -} - -void Portable::Square4(word *R, const word *A) -{ -#ifdef _MSC_VER - // VC60 workaround: MSVC 6.0 has an optimization bug that makes - // (dword)A*B where either A or B has been cast to a dword before - // very expensive. Revisit this function when this - // bug is fixed. - Multiply4(R, A, A); -#else - const word *B = A; - DWord p, q; - word c, d, e; - - p = DWord::Multiply(A[0], A[0]); - R[0] = p.GetLowHalf(); - c = p.GetHighHalf(); - d = e = 0; - - SquAcc(0, 1); - - SaveSquAcc(1, 2, 0); - MulAcc(1, 1); - - SaveSquAcc(2, 0, 3); - SquAcc(1, 2); - - SaveSquAcc(3, 3, 1); - MulAcc(2, 2); - - SaveSquAcc(4, 2, 3); - - R[5] = c; - p = DWord::MultiplyAndAdd(A[3], A[3], d); - R[6] = p.GetLowHalf(); - R[7] = e + p.GetHighHalf(); -#endif -} - -void Portable::Multiply8(word *R, const word *A, const word *B) -{ - DWord p; - word c, d, e; - - p = DWord::Multiply(A[0], B[0]); - R[0] = p.GetLowHalf(); - c = p.GetHighHalf(); - d = e = 0; - - MulAcc(0, 1); - MulAcc(1, 0); - - SaveMulAcc(1, 2, 0); - MulAcc(1, 1); - MulAcc(0, 2); - - SaveMulAcc(2, 0, 3); - MulAcc(1, 2); - MulAcc(2, 1); - MulAcc(3, 0); - - SaveMulAcc(3, 0, 4); - MulAcc(1, 3); - MulAcc(2, 2); - MulAcc(3, 1); - MulAcc(4, 0); - - SaveMulAcc(4, 0, 5); - MulAcc(1, 4); - MulAcc(2, 3); - MulAcc(3, 2); - MulAcc(4, 1); - MulAcc(5, 0); - - SaveMulAcc(5, 0, 6); - MulAcc(1, 5); - MulAcc(2, 4); - MulAcc(3, 3); - MulAcc(4, 2); - MulAcc(5, 1); - MulAcc(6, 0); - - SaveMulAcc(6, 0, 7); - MulAcc(1, 6); - MulAcc(2, 5); - MulAcc(3, 4); - MulAcc(4, 3); - MulAcc(5, 2); - MulAcc(6, 1); - MulAcc(7, 0); - - SaveMulAcc(7, 1, 7); - MulAcc(2, 6); - MulAcc(3, 5); - MulAcc(4, 4); - MulAcc(5, 3); - MulAcc(6, 2); - MulAcc(7, 1); - - SaveMulAcc(8, 2, 7); - MulAcc(3, 6); - MulAcc(4, 5); - MulAcc(5, 4); - MulAcc(6, 3); - MulAcc(7, 2); - - SaveMulAcc(9, 3, 7); - MulAcc(4, 6); - MulAcc(5, 5); - MulAcc(6, 4); - MulAcc(7, 3); - - SaveMulAcc(10, 4, 7); - MulAcc(5, 6); - MulAcc(6, 5); - MulAcc(7, 4); - - SaveMulAcc(11, 5, 7); - MulAcc(6, 6); - MulAcc(7, 5); - - SaveMulAcc(12, 6, 7); - MulAcc(7, 6); - - R[13] = c; - p = DWord::MultiplyAndAdd(A[7], B[7], d); - R[14] = p.GetLowHalf(); - R[15] = e + p.GetHighHalf(); -} - -void Portable::Multiply4Bottom(word *R, const word *A, const word *B) -{ - DWord p; - word c, d, e; - - p = DWord::Multiply(A[0], B[0]); - R[0] = p.GetLowHalf(); - c = p.GetHighHalf(); - d = e = 0; - - MulAcc(0, 1); - MulAcc(1, 0); - - SaveMulAcc(1, 2, 0); - MulAcc(1, 1); - MulAcc(0, 2); - - R[2] = c; - R[3] = d + A[0] * B[3] + A[1] * B[2] + A[2] * B[1] + A[3] * B[0]; -} - -void Portable::Multiply8Bottom(word *R, const word *A, const word *B) -{ - DWord p; - word c, d, e; - - p = DWord::Multiply(A[0], B[0]); - R[0] = p.GetLowHalf(); - c = p.GetHighHalf(); - d = e = 0; - - MulAcc(0, 1); - MulAcc(1, 0); - - SaveMulAcc(1, 2, 0); - MulAcc(1, 1); - MulAcc(0, 2); - - SaveMulAcc(2, 0, 3); - MulAcc(1, 2); - MulAcc(2, 1); - MulAcc(3, 0); - - SaveMulAcc(3, 0, 4); - MulAcc(1, 3); - MulAcc(2, 2); - MulAcc(3, 1); - MulAcc(4, 0); - - SaveMulAcc(4, 0, 5); - MulAcc(1, 4); - MulAcc(2, 3); - MulAcc(3, 2); - MulAcc(4, 1); - MulAcc(5, 0); - - SaveMulAcc(5, 0, 6); - MulAcc(1, 5); - MulAcc(2, 4); - MulAcc(3, 3); - MulAcc(4, 2); - MulAcc(5, 1); - MulAcc(6, 0); - - R[6] = c; - R[7] = d + A[0] * B[7] + A[1] * B[6] + A[2] * B[5] + A[3] * B[4] + - A[4] * B[3] + A[5] * B[2] + A[6] * B[1] + A[7] * B[0]; -} - - -#undef MulAcc -#undef SaveMulAcc -#undef SquAcc -#undef SaveSquAcc - -// optimized - -#ifdef TAOCRYPT_X86ASM_AVAILABLE - -// ************** x86 feature detection *************** - - -#ifdef SSE2_INTRINSICS_AVAILABLE - -#ifndef _MSC_VER - static jmp_buf s_env; - static void SigIllHandler(int) - { - longjmp(s_env, 1); - } -#endif - -static bool HasSSE2() -{ - if (!IsPentium()) - return false; - - word32 cpuid[4]; - CpuId(1, cpuid); - if ((cpuid[3] & (1 << 26)) == 0) - return false; - -#ifdef _MSC_VER - __try - { - __asm xorpd xmm0, xmm0 // executing SSE2 instruction - } - __except (1) - { - return false; - } - return true; -#else - typedef void (*SigHandler)(int); - - SigHandler oldHandler = signal(SIGILL, SigIllHandler); - if (oldHandler == SIG_ERR) - return false; - - bool result = true; - if (setjmp(s_env)) - result = false; - else - __asm __volatile ("xorpd %xmm0, %xmm0"); - - signal(SIGILL, oldHandler); - return result; -#endif -} -#endif // SSE2_INTRINSICS_AVAILABLE - - -static bool IsP4() -{ - if (!IsPentium()) - return false; - - word32 cpuid[4]; - - CpuId(1, cpuid); - return ((cpuid[0] >> 8) & 0xf) == 0xf; -} - -// ************** Pentium/P4 optimizations *************** - -class PentiumOptimized : public Portable -{ -public: - static word TAOCRYPT_CDECL Add(word *C, const word *A, const word *B, - unsigned int N); - static word TAOCRYPT_CDECL Subtract(word *C, const word *A, const word *B, - unsigned int N); - static void TAOCRYPT_CDECL Multiply4(word *C, const word *A, - const word *B); - static void TAOCRYPT_CDECL Multiply8(word *C, const word *A, - const word *B); - static void TAOCRYPT_CDECL Multiply8Bottom(word *C, const word *A, - const word *B); -}; - -class P4Optimized -{ -public: - static word TAOCRYPT_CDECL Add(word *C, const word *A, const word *B, - unsigned int N); - static word TAOCRYPT_CDECL Subtract(word *C, const word *A, const word *B, - unsigned int N); -#ifdef SSE2_INTRINSICS_AVAILABLE - static void TAOCRYPT_CDECL Multiply4(word *C, const word *A, - const word *B); - static void TAOCRYPT_CDECL Multiply8(word *C, const word *A, - const word *B); - static void TAOCRYPT_CDECL Multiply8Bottom(word *C, const word *A, - const word *B); -#endif -}; - -typedef word (TAOCRYPT_CDECL * PAddSub)(word *C, const word *A, const word *B, - unsigned int N); -typedef void (TAOCRYPT_CDECL * PMul)(word *C, const word *A, const word *B); - -static PAddSub s_pAdd, s_pSub; -#ifdef SSE2_INTRINSICS_AVAILABLE -static PMul s_pMul4, s_pMul8, s_pMul8B; -#endif - -static void SetPentiumFunctionPointers() -{ - if (!IsPentium()) - { - s_pAdd = &Portable::Add; - s_pSub = &Portable::Subtract; - } - else if (IsP4()) - { - s_pAdd = &P4Optimized::Add; - s_pSub = &P4Optimized::Subtract; - } - else - { - s_pAdd = &PentiumOptimized::Add; - s_pSub = &PentiumOptimized::Subtract; - } - -#ifdef SSE2_INTRINSICS_AVAILABLE - if (!IsPentium()) - { - s_pMul4 = &Portable::Multiply4; - s_pMul8 = &Portable::Multiply8; - s_pMul8B = &Portable::Multiply8Bottom; - } - else if (HasSSE2()) - { - s_pMul4 = &P4Optimized::Multiply4; - s_pMul8 = &P4Optimized::Multiply8; - s_pMul8B = &P4Optimized::Multiply8Bottom; - } - else - { - s_pMul4 = &PentiumOptimized::Multiply4; - s_pMul8 = &PentiumOptimized::Multiply8; - s_pMul8B = &PentiumOptimized::Multiply8Bottom; - } -#endif -} - -static const char s_RunAtStartupSetPentiumFunctionPointers = - (SetPentiumFunctionPointers(), 0); - - -class LowLevel : public PentiumOptimized -{ -public: - inline static word Add(word *C, const word *A, const word *B, - unsigned int N) - {return s_pAdd(C, A, B, N);} - inline static word Subtract(word *C, const word *A, const word *B, - unsigned int N) - {return s_pSub(C, A, B, N);} - inline static void Square4(word *R, const word *A) - {Multiply4(R, A, A);} -#ifdef SSE2_INTRINSICS_AVAILABLE - inline static void Multiply4(word *C, const word *A, const word *B) - {s_pMul4(C, A, B);} - inline static void Multiply8(word *C, const word *A, const word *B) - {s_pMul8(C, A, B);} - inline static void Multiply8Bottom(word *C, const word *A, const word *B) - {s_pMul8B(C, A, B);} -#endif -}; - -// use some tricks to share assembly code between MSVC and GCC -#ifdef _MSC_VER - #define TAOCRYPT_NAKED __declspec(naked) - #define AS1(x) __asm x - #define AS2(x, y) __asm x, y - #define AddPrologue \ - __asm push ebp \ - __asm push ebx \ - __asm push esi \ - __asm push edi \ - __asm mov ecx, [esp+20] \ - __asm mov edx, [esp+24] \ - __asm mov ebx, [esp+28] \ - __asm mov esi, [esp+32] - #define AddEpilogue \ - __asm pop edi \ - __asm pop esi \ - __asm pop ebx \ - __asm pop ebp \ - __asm ret - #define MulPrologue \ - __asm push ebp \ - __asm push ebx \ - __asm push esi \ - __asm push edi \ - __asm mov ecx, [esp+28] \ - __asm mov esi, [esp+24] \ - __asm push [esp+20] - #define MulEpilogue \ - __asm add esp, 4 \ - __asm pop edi \ - __asm pop esi \ - __asm pop ebx \ - __asm pop ebp \ - __asm ret -#else - #define TAOCRYPT_NAKED - #define AS1(x) #x ";" - #define AS2(x, y) #x ", " #y ";" - #define AddPrologue \ - __asm__ __volatile__ \ - ( \ - "push %%ebx;" /* save this manually, in case of -fPIC */ \ - "mov %2, %%ebx;" \ - ".intel_syntax noprefix;" \ - "push ebp;" - #define AddEpilogue \ - "pop ebp;" \ - ".att_syntax prefix;" \ - "pop %%ebx;" \ - : \ - : "c" (C), "d" (A), "m" (B), "S" (N) \ - : "%edi", "memory", "cc" \ - ); - #define MulPrologue \ - __asm__ __volatile__ \ - ( \ - "push %%ebx;" /* save this manually, in case of -fPIC */ \ - "push %%ebp;" \ - "push %0;" \ - ".intel_syntax noprefix;" - #define MulEpilogue \ - "add esp, 4;" \ - "pop ebp;" \ - "pop ebx;" \ - ".att_syntax prefix;" \ - : \ - : "rm" (Z), "S" (X), "c" (Y) \ - : "%eax", "%edx", "%edi", "memory", "cc" \ - ); -#endif - -TAOCRYPT_NAKED word PentiumOptimized::Add(word *C, const word *A, - const word *B, unsigned int N) -{ - AddPrologue - - // now: ebx = B, ecx = C, edx = A, esi = N - AS2( sub ecx, edx) // hold the distance between C & A so we - // can add this to A to get C - AS2( xor eax, eax) // clear eax - - AS2( sub eax, esi) // eax is a negative index from end of B - AS2( lea ebx, [ebx+4*esi]) // ebx is end of B - - AS2( sar eax, 1) // unit of eax is now dwords; this also - // clears the carry flag - AS1( jz loopendAdd) // if no dwords then nothing to do - - AS1(loopstartAdd:) - AS2( mov esi,[edx]) // load lower word of A - AS2( mov ebp,[edx+4]) // load higher word of A - - AS2( mov edi,[ebx+8*eax]) // load lower word of B - AS2( lea edx,[edx+8]) // advance A and C - - AS2( adc esi,edi) // add lower words - AS2( mov edi,[ebx+8*eax+4]) // load higher word of B - - AS2( adc ebp,edi) // add higher words - AS1( inc eax) // advance B - - AS2( mov [edx+ecx-8],esi) // store lower word result - AS2( mov [edx+ecx-4],ebp) // store higher word result - - AS1( jnz loopstartAdd) // loop until eax overflows and becomes zero - - AS1(loopendAdd:) - AS2( adc eax, 0) // store carry into eax (return result register) - - AddEpilogue -} - -TAOCRYPT_NAKED word PentiumOptimized::Subtract(word *C, const word *A, - const word *B, unsigned int N) -{ - AddPrologue - - // now: ebx = B, ecx = C, edx = A, esi = N - AS2( sub ecx, edx) // hold the distance between C & A so we - // can add this to A to get C - AS2( xor eax, eax) // clear eax - - AS2( sub eax, esi) // eax is a negative index from end of B - AS2( lea ebx, [ebx+4*esi]) // ebx is end of B - - AS2( sar eax, 1) // unit of eax is now dwords; this also - // clears the carry flag - AS1( jz loopendSub) // if no dwords then nothing to do - - AS1(loopstartSub:) - AS2( mov esi,[edx]) // load lower word of A - AS2( mov ebp,[edx+4]) // load higher word of A - - AS2( mov edi,[ebx+8*eax]) // load lower word of B - AS2( lea edx,[edx+8]) // advance A and C - - AS2( sbb esi,edi) // subtract lower words - AS2( mov edi,[ebx+8*eax+4]) // load higher word of B - - AS2( sbb ebp,edi) // subtract higher words - AS1( inc eax) // advance B - - AS2( mov [edx+ecx-8],esi) // store lower word result - AS2( mov [edx+ecx-4],ebp) // store higher word result - - AS1( jnz loopstartSub) // loop until eax overflows and becomes zero - - AS1(loopendSub:) - AS2( adc eax, 0) // store carry into eax (return result register) - - AddEpilogue -} - -// On Pentium 4, the adc and sbb instructions are very expensive, so avoid them. - -TAOCRYPT_NAKED word P4Optimized::Add(word *C, const word *A, const word *B, - unsigned int N) -{ - AddPrologue - - // now: ebx = B, ecx = C, edx = A, esi = N - AS2( xor eax, eax) - AS1( neg esi) - AS1( jz loopendAddP4) // if no dwords then nothing to do - - AS2( mov edi, [edx]) - AS2( mov ebp, [ebx]) - AS1( jmp carry1AddP4) - - AS1(loopstartAddP4:) - AS2( mov edi, [edx+8]) - AS2( add ecx, 8) - AS2( add edx, 8) - AS2( mov ebp, [ebx]) - AS2( add edi, eax) - AS1( jc carry1AddP4) - AS2( xor eax, eax) - - AS1(carry1AddP4:) - AS2( add edi, ebp) - AS2( mov ebp, 1) - AS2( mov [ecx], edi) - AS2( mov edi, [edx+4]) - AS2( cmovc eax, ebp) - AS2( mov ebp, [ebx+4]) - AS2( add ebx, 8) - AS2( add edi, eax) - AS1( jc carry2AddP4) - AS2( xor eax, eax) - - AS1(carry2AddP4:) - AS2( add edi, ebp) - AS2( mov ebp, 1) - AS2( cmovc eax, ebp) - AS2( mov [ecx+4], edi) - AS2( add esi, 2) - AS1( jnz loopstartAddP4) - - AS1(loopendAddP4:) - - AddEpilogue -} - -TAOCRYPT_NAKED word P4Optimized::Subtract(word *C, const word *A, - const word *B, unsigned int N) -{ - AddPrologue - - // now: ebx = B, ecx = C, edx = A, esi = N - AS2( xor eax, eax) - AS1( neg esi) - AS1( jz loopendSubP4) // if no dwords then nothing to do - - AS2( mov edi, [edx]) - AS2( mov ebp, [ebx]) - AS1( jmp carry1SubP4) - - AS1(loopstartSubP4:) - AS2( mov edi, [edx+8]) - AS2( add edx, 8) - AS2( add ecx, 8) - AS2( mov ebp, [ebx]) - AS2( sub edi, eax) - AS1( jc carry1SubP4) - AS2( xor eax, eax) - - AS1(carry1SubP4:) - AS2( sub edi, ebp) - AS2( mov ebp, 1) - AS2( mov [ecx], edi) - AS2( mov edi, [edx+4]) - AS2( cmovc eax, ebp) - AS2( mov ebp, [ebx+4]) - AS2( add ebx, 8) - AS2( sub edi, eax) - AS1( jc carry2SubP4) - AS2( xor eax, eax) - - AS1(carry2SubP4:) - AS2( sub edi, ebp) - AS2( mov ebp, 1) - AS2( cmovc eax, ebp) - AS2( mov [ecx+4], edi) - AS2( add esi, 2) - AS1( jnz loopstartSubP4) - - AS1(loopendSubP4:) - - AddEpilogue -} - -// multiply assembly code originally contributed by Leonard Janke - -#define MulStartup \ - AS2(xor ebp, ebp) \ - AS2(xor edi, edi) \ - AS2(xor ebx, ebx) - -#define MulShiftCarry \ - AS2(mov ebp, edx) \ - AS2(mov edi, ebx) \ - AS2(xor ebx, ebx) - -#define MulAccumulateBottom(i,j) \ - AS2(mov eax, [ecx+4*j]) \ - AS2(imul eax, dword ptr [esi+4*i]) \ - AS2(add ebp, eax) - -#define MulAccumulate(i,j) \ - AS2(mov eax, [ecx+4*j]) \ - AS1(mul dword ptr [esi+4*i]) \ - AS2(add ebp, eax) \ - AS2(adc edi, edx) \ - AS2(adc bl, bh) - -#define MulStoreDigit(i) \ - AS2(mov edx, edi) \ - AS2(mov edi, [esp]) \ - AS2(mov [edi+4*i], ebp) - -#define MulLastDiagonal(digits) \ - AS2(mov eax, [ecx+4*(digits-1)]) \ - AS1(mul dword ptr [esi+4*(digits-1)]) \ - AS2(add ebp, eax) \ - AS2(adc edx, edi) \ - AS2(mov edi, [esp]) \ - AS2(mov [edi+4*(2*digits-2)], ebp) \ - AS2(mov [edi+4*(2*digits-1)], edx) - -TAOCRYPT_NAKED void PentiumOptimized::Multiply4(word* Z, const word* X, - const word* Y) -{ - MulPrologue - // now: [esp] = Z, esi = X, ecx = Y - MulStartup - MulAccumulate(0,0) - MulStoreDigit(0) - MulShiftCarry - - MulAccumulate(1,0) - MulAccumulate(0,1) - MulStoreDigit(1) - MulShiftCarry - - MulAccumulate(2,0) - MulAccumulate(1,1) - MulAccumulate(0,2) - MulStoreDigit(2) - MulShiftCarry - - MulAccumulate(3,0) - MulAccumulate(2,1) - MulAccumulate(1,2) - MulAccumulate(0,3) - MulStoreDigit(3) - MulShiftCarry - - MulAccumulate(3,1) - MulAccumulate(2,2) - MulAccumulate(1,3) - MulStoreDigit(4) - MulShiftCarry - - MulAccumulate(3,2) - MulAccumulate(2,3) - MulStoreDigit(5) - MulShiftCarry - - MulLastDiagonal(4) - MulEpilogue -} - -TAOCRYPT_NAKED void PentiumOptimized::Multiply8(word* Z, const word* X, - const word* Y) -{ - MulPrologue - // now: [esp] = Z, esi = X, ecx = Y - MulStartup - MulAccumulate(0,0) - MulStoreDigit(0) - MulShiftCarry - - MulAccumulate(1,0) - MulAccumulate(0,1) - MulStoreDigit(1) - MulShiftCarry - - MulAccumulate(2,0) - MulAccumulate(1,1) - MulAccumulate(0,2) - MulStoreDigit(2) - MulShiftCarry - - MulAccumulate(3,0) - MulAccumulate(2,1) - MulAccumulate(1,2) - MulAccumulate(0,3) - MulStoreDigit(3) - MulShiftCarry - - MulAccumulate(4,0) - MulAccumulate(3,1) - MulAccumulate(2,2) - MulAccumulate(1,3) - MulAccumulate(0,4) - MulStoreDigit(4) - MulShiftCarry - - MulAccumulate(5,0) - MulAccumulate(4,1) - MulAccumulate(3,2) - MulAccumulate(2,3) - MulAccumulate(1,4) - MulAccumulate(0,5) - MulStoreDigit(5) - MulShiftCarry - - MulAccumulate(6,0) - MulAccumulate(5,1) - MulAccumulate(4,2) - MulAccumulate(3,3) - MulAccumulate(2,4) - MulAccumulate(1,5) - MulAccumulate(0,6) - MulStoreDigit(6) - MulShiftCarry - - MulAccumulate(7,0) - MulAccumulate(6,1) - MulAccumulate(5,2) - MulAccumulate(4,3) - MulAccumulate(3,4) - MulAccumulate(2,5) - MulAccumulate(1,6) - MulAccumulate(0,7) - MulStoreDigit(7) - MulShiftCarry - - MulAccumulate(7,1) - MulAccumulate(6,2) - MulAccumulate(5,3) - MulAccumulate(4,4) - MulAccumulate(3,5) - MulAccumulate(2,6) - MulAccumulate(1,7) - MulStoreDigit(8) - MulShiftCarry - - MulAccumulate(7,2) - MulAccumulate(6,3) - MulAccumulate(5,4) - MulAccumulate(4,5) - MulAccumulate(3,6) - MulAccumulate(2,7) - MulStoreDigit(9) - MulShiftCarry - - MulAccumulate(7,3) - MulAccumulate(6,4) - MulAccumulate(5,5) - MulAccumulate(4,6) - MulAccumulate(3,7) - MulStoreDigit(10) - MulShiftCarry - - MulAccumulate(7,4) - MulAccumulate(6,5) - MulAccumulate(5,6) - MulAccumulate(4,7) - MulStoreDigit(11) - MulShiftCarry - - MulAccumulate(7,5) - MulAccumulate(6,6) - MulAccumulate(5,7) - MulStoreDigit(12) - MulShiftCarry - - MulAccumulate(7,6) - MulAccumulate(6,7) - MulStoreDigit(13) - MulShiftCarry - - MulLastDiagonal(8) - MulEpilogue -} - -TAOCRYPT_NAKED void PentiumOptimized::Multiply8Bottom(word* Z, const word* X, - const word* Y) -{ - MulPrologue - // now: [esp] = Z, esi = X, ecx = Y - MulStartup - MulAccumulate(0,0) - MulStoreDigit(0) - MulShiftCarry - - MulAccumulate(1,0) - MulAccumulate(0,1) - MulStoreDigit(1) - MulShiftCarry - - MulAccumulate(2,0) - MulAccumulate(1,1) - MulAccumulate(0,2) - MulStoreDigit(2) - MulShiftCarry - - MulAccumulate(3,0) - MulAccumulate(2,1) - MulAccumulate(1,2) - MulAccumulate(0,3) - MulStoreDigit(3) - MulShiftCarry - - MulAccumulate(4,0) - MulAccumulate(3,1) - MulAccumulate(2,2) - MulAccumulate(1,3) - MulAccumulate(0,4) - MulStoreDigit(4) - MulShiftCarry - - MulAccumulate(5,0) - MulAccumulate(4,1) - MulAccumulate(3,2) - MulAccumulate(2,3) - MulAccumulate(1,4) - MulAccumulate(0,5) - MulStoreDigit(5) - MulShiftCarry - - MulAccumulate(6,0) - MulAccumulate(5,1) - MulAccumulate(4,2) - MulAccumulate(3,3) - MulAccumulate(2,4) - MulAccumulate(1,5) - MulAccumulate(0,6) - MulStoreDigit(6) - MulShiftCarry - - MulAccumulateBottom(7,0) - MulAccumulateBottom(6,1) - MulAccumulateBottom(5,2) - MulAccumulateBottom(4,3) - MulAccumulateBottom(3,4) - MulAccumulateBottom(2,5) - MulAccumulateBottom(1,6) - MulAccumulateBottom(0,7) - MulStoreDigit(7) - MulEpilogue -} - -#undef AS1 -#undef AS2 - -#else // not x86 - no processor specific code at this layer - -typedef Portable LowLevel; - -#endif - -#ifdef SSE2_INTRINSICS_AVAILABLE - -#ifdef __GNUC__ -#define TAOCRYPT_FASTCALL -#else -#define TAOCRYPT_FASTCALL __fastcall -#endif - -static void TAOCRYPT_FASTCALL P4_Mul(__m128i *C, const __m128i *A, - const __m128i *B) -{ - __m128i a3210 = _mm_load_si128(A); - __m128i b3210 = _mm_load_si128(B); - - __m128i sum; - - __m128i z = _mm_setzero_si128(); - __m128i a2b2_a0b0 = _mm_mul_epu32(a3210, b3210); - C[0] = a2b2_a0b0; - - __m128i a3120 = _mm_shuffle_epi32(a3210, _MM_SHUFFLE(3, 1, 2, 0)); - __m128i b3021 = _mm_shuffle_epi32(b3210, _MM_SHUFFLE(3, 0, 2, 1)); - __m128i a1b0_a0b1 = _mm_mul_epu32(a3120, b3021); - __m128i a1b0 = _mm_unpackhi_epi32(a1b0_a0b1, z); - __m128i a0b1 = _mm_unpacklo_epi32(a1b0_a0b1, z); - C[1] = _mm_add_epi64(a1b0, a0b1); - - __m128i a31 = _mm_srli_epi64(a3210, 32); - __m128i b31 = _mm_srli_epi64(b3210, 32); - __m128i a3b3_a1b1 = _mm_mul_epu32(a31, b31); - C[6] = a3b3_a1b1; - - __m128i a1b1 = _mm_unpacklo_epi32(a3b3_a1b1, z); - __m128i b3012 = _mm_shuffle_epi32(b3210, _MM_SHUFFLE(3, 0, 1, 2)); - __m128i a2b0_a0b2 = _mm_mul_epu32(a3210, b3012); - __m128i a0b2 = _mm_unpacklo_epi32(a2b0_a0b2, z); - __m128i a2b0 = _mm_unpackhi_epi32(a2b0_a0b2, z); - sum = _mm_add_epi64(a1b1, a0b2); - C[2] = _mm_add_epi64(sum, a2b0); - - __m128i a2301 = _mm_shuffle_epi32(a3210, _MM_SHUFFLE(2, 3, 0, 1)); - __m128i b2103 = _mm_shuffle_epi32(b3210, _MM_SHUFFLE(2, 1, 0, 3)); - __m128i a3b0_a1b2 = _mm_mul_epu32(a2301, b3012); - __m128i a2b1_a0b3 = _mm_mul_epu32(a3210, b2103); - __m128i a3b0 = _mm_unpackhi_epi32(a3b0_a1b2, z); - __m128i a1b2 = _mm_unpacklo_epi32(a3b0_a1b2, z); - __m128i a2b1 = _mm_unpackhi_epi32(a2b1_a0b3, z); - __m128i a0b3 = _mm_unpacklo_epi32(a2b1_a0b3, z); - __m128i sum1 = _mm_add_epi64(a3b0, a1b2); - sum = _mm_add_epi64(a2b1, a0b3); - C[3] = _mm_add_epi64(sum, sum1); - - __m128i a3b1_a1b3 = _mm_mul_epu32(a2301, b2103); - __m128i a2b2 = _mm_unpackhi_epi32(a2b2_a0b0, z); - __m128i a3b1 = _mm_unpackhi_epi32(a3b1_a1b3, z); - __m128i a1b3 = _mm_unpacklo_epi32(a3b1_a1b3, z); - sum = _mm_add_epi64(a2b2, a3b1); - C[4] = _mm_add_epi64(sum, a1b3); - - __m128i a1302 = _mm_shuffle_epi32(a3210, _MM_SHUFFLE(1, 3, 0, 2)); - __m128i b1203 = _mm_shuffle_epi32(b3210, _MM_SHUFFLE(1, 2, 0, 3)); - __m128i a3b2_a2b3 = _mm_mul_epu32(a1302, b1203); - __m128i a3b2 = _mm_unpackhi_epi32(a3b2_a2b3, z); - __m128i a2b3 = _mm_unpacklo_epi32(a3b2_a2b3, z); - C[5] = _mm_add_epi64(a3b2, a2b3); -} - -void P4Optimized::Multiply4(word *C, const word *A, const word *B) -{ - __m128i temp[7]; - const word *w = (word *)temp; - const __m64 *mw = (__m64 *)w; - - P4_Mul(temp, (__m128i *)A, (__m128i *)B); - - C[0] = w[0]; - - __m64 s1, s2; - - __m64 w1 = _mm_cvtsi32_si64(w[1]); - __m64 w4 = mw[2]; - __m64 w6 = mw[3]; - __m64 w8 = mw[4]; - __m64 w10 = mw[5]; - __m64 w12 = mw[6]; - __m64 w14 = mw[7]; - __m64 w16 = mw[8]; - __m64 w18 = mw[9]; - __m64 w20 = mw[10]; - __m64 w22 = mw[11]; - __m64 w26 = _mm_cvtsi32_si64(w[26]); - - s1 = _mm_add_si64(w1, w4); - C[1] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s2 = _mm_add_si64(w6, w8); - s1 = _mm_add_si64(s1, s2); - C[2] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s2 = _mm_add_si64(w10, w12); - s1 = _mm_add_si64(s1, s2); - C[3] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s2 = _mm_add_si64(w14, w16); - s1 = _mm_add_si64(s1, s2); - C[4] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s2 = _mm_add_si64(w18, w20); - s1 = _mm_add_si64(s1, s2); - C[5] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s2 = _mm_add_si64(w22, w26); - s1 = _mm_add_si64(s1, s2); - C[6] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - C[7] = _mm_cvtsi64_si32(s1) + w[27]; - _mm_empty(); -} - -void P4Optimized::Multiply8(word *C, const word *A, const word *B) -{ - __m128i temp[28]; - const word *w = (word *)temp; - const __m64 *mw = (__m64 *)w; - const word *x = (word *)temp+7*4; - const __m64 *mx = (__m64 *)x; - const word *y = (word *)temp+7*4*2; - const __m64 *my = (__m64 *)y; - const word *z = (word *)temp+7*4*3; - const __m64 *mz = (__m64 *)z; - - P4_Mul(temp, (__m128i *)A, (__m128i *)B); - - P4_Mul(temp+7, (__m128i *)A+1, (__m128i *)B); - - P4_Mul(temp+14, (__m128i *)A, (__m128i *)B+1); - - P4_Mul(temp+21, (__m128i *)A+1, (__m128i *)B+1); - - C[0] = w[0]; - - __m64 s1, s2, s3, s4; - - __m64 w1 = _mm_cvtsi32_si64(w[1]); - __m64 w4 = mw[2]; - __m64 w6 = mw[3]; - __m64 w8 = mw[4]; - __m64 w10 = mw[5]; - __m64 w12 = mw[6]; - __m64 w14 = mw[7]; - __m64 w16 = mw[8]; - __m64 w18 = mw[9]; - __m64 w20 = mw[10]; - __m64 w22 = mw[11]; - __m64 w26 = _mm_cvtsi32_si64(w[26]); - __m64 w27 = _mm_cvtsi32_si64(w[27]); - - __m64 x0 = _mm_cvtsi32_si64(x[0]); - __m64 x1 = _mm_cvtsi32_si64(x[1]); - __m64 x4 = mx[2]; - __m64 x6 = mx[3]; - __m64 x8 = mx[4]; - __m64 x10 = mx[5]; - __m64 x12 = mx[6]; - __m64 x14 = mx[7]; - __m64 x16 = mx[8]; - __m64 x18 = mx[9]; - __m64 x20 = mx[10]; - __m64 x22 = mx[11]; - __m64 x26 = _mm_cvtsi32_si64(x[26]); - __m64 x27 = _mm_cvtsi32_si64(x[27]); - - __m64 y0 = _mm_cvtsi32_si64(y[0]); - __m64 y1 = _mm_cvtsi32_si64(y[1]); - __m64 y4 = my[2]; - __m64 y6 = my[3]; - __m64 y8 = my[4]; - __m64 y10 = my[5]; - __m64 y12 = my[6]; - __m64 y14 = my[7]; - __m64 y16 = my[8]; - __m64 y18 = my[9]; - __m64 y20 = my[10]; - __m64 y22 = my[11]; - __m64 y26 = _mm_cvtsi32_si64(y[26]); - __m64 y27 = _mm_cvtsi32_si64(y[27]); - - __m64 z0 = _mm_cvtsi32_si64(z[0]); - __m64 z1 = _mm_cvtsi32_si64(z[1]); - __m64 z4 = mz[2]; - __m64 z6 = mz[3]; - __m64 z8 = mz[4]; - __m64 z10 = mz[5]; - __m64 z12 = mz[6]; - __m64 z14 = mz[7]; - __m64 z16 = mz[8]; - __m64 z18 = mz[9]; - __m64 z20 = mz[10]; - __m64 z22 = mz[11]; - __m64 z26 = _mm_cvtsi32_si64(z[26]); - - s1 = _mm_add_si64(w1, w4); - C[1] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s2 = _mm_add_si64(w6, w8); - s1 = _mm_add_si64(s1, s2); - C[2] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s2 = _mm_add_si64(w10, w12); - s1 = _mm_add_si64(s1, s2); - C[3] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(x0, y0); - s2 = _mm_add_si64(w14, w16); - s1 = _mm_add_si64(s1, s3); - s1 = _mm_add_si64(s1, s2); - C[4] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(x1, y1); - s4 = _mm_add_si64(x4, y4); - s1 = _mm_add_si64(s1, w18); - s3 = _mm_add_si64(s3, s4); - s1 = _mm_add_si64(s1, w20); - s1 = _mm_add_si64(s1, s3); - C[5] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(x6, y6); - s4 = _mm_add_si64(x8, y8); - s1 = _mm_add_si64(s1, w22); - s3 = _mm_add_si64(s3, s4); - s1 = _mm_add_si64(s1, w26); - s1 = _mm_add_si64(s1, s3); - C[6] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(x10, y10); - s4 = _mm_add_si64(x12, y12); - s1 = _mm_add_si64(s1, w27); - s3 = _mm_add_si64(s3, s4); - s1 = _mm_add_si64(s1, s3); - C[7] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(x14, y14); - s4 = _mm_add_si64(x16, y16); - s1 = _mm_add_si64(s1, z0); - s3 = _mm_add_si64(s3, s4); - s1 = _mm_add_si64(s1, s3); - C[8] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(x18, y18); - s4 = _mm_add_si64(x20, y20); - s1 = _mm_add_si64(s1, z1); - s3 = _mm_add_si64(s3, s4); - s1 = _mm_add_si64(s1, z4); - s1 = _mm_add_si64(s1, s3); - C[9] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(x22, y22); - s4 = _mm_add_si64(x26, y26); - s1 = _mm_add_si64(s1, z6); - s3 = _mm_add_si64(s3, s4); - s1 = _mm_add_si64(s1, z8); - s1 = _mm_add_si64(s1, s3); - C[10] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(x27, y27); - s1 = _mm_add_si64(s1, z10); - s1 = _mm_add_si64(s1, z12); - s1 = _mm_add_si64(s1, s3); - C[11] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(z14, z16); - s1 = _mm_add_si64(s1, s3); - C[12] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(z18, z20); - s1 = _mm_add_si64(s1, s3); - C[13] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(z22, z26); - s1 = _mm_add_si64(s1, s3); - C[14] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - C[15] = z[27] + _mm_cvtsi64_si32(s1); - _mm_empty(); -} - -void P4Optimized::Multiply8Bottom(word *C, const word *A, const word *B) -{ - __m128i temp[21]; - const word *w = (word *)temp; - const __m64 *mw = (__m64 *)w; - const word *x = (word *)temp+7*4; - const __m64 *mx = (__m64 *)x; - const word *y = (word *)temp+7*4*2; - const __m64 *my = (__m64 *)y; - - P4_Mul(temp, (__m128i *)A, (__m128i *)B); - - P4_Mul(temp+7, (__m128i *)A+1, (__m128i *)B); - - P4_Mul(temp+14, (__m128i *)A, (__m128i *)B+1); - - C[0] = w[0]; - - __m64 s1, s2, s3, s4; - - __m64 w1 = _mm_cvtsi32_si64(w[1]); - __m64 w4 = mw[2]; - __m64 w6 = mw[3]; - __m64 w8 = mw[4]; - __m64 w10 = mw[5]; - __m64 w12 = mw[6]; - __m64 w14 = mw[7]; - __m64 w16 = mw[8]; - __m64 w18 = mw[9]; - __m64 w20 = mw[10]; - __m64 w22 = mw[11]; - __m64 w26 = _mm_cvtsi32_si64(w[26]); - - __m64 x0 = _mm_cvtsi32_si64(x[0]); - __m64 x1 = _mm_cvtsi32_si64(x[1]); - __m64 x4 = mx[2]; - __m64 x6 = mx[3]; - __m64 x8 = mx[4]; - - __m64 y0 = _mm_cvtsi32_si64(y[0]); - __m64 y1 = _mm_cvtsi32_si64(y[1]); - __m64 y4 = my[2]; - __m64 y6 = my[3]; - __m64 y8 = my[4]; - - s1 = _mm_add_si64(w1, w4); - C[1] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s2 = _mm_add_si64(w6, w8); - s1 = _mm_add_si64(s1, s2); - C[2] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s2 = _mm_add_si64(w10, w12); - s1 = _mm_add_si64(s1, s2); - C[3] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(x0, y0); - s2 = _mm_add_si64(w14, w16); - s1 = _mm_add_si64(s1, s3); - s1 = _mm_add_si64(s1, s2); - C[4] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(x1, y1); - s4 = _mm_add_si64(x4, y4); - s1 = _mm_add_si64(s1, w18); - s3 = _mm_add_si64(s3, s4); - s1 = _mm_add_si64(s1, w20); - s1 = _mm_add_si64(s1, s3); - C[5] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - s3 = _mm_add_si64(x6, y6); - s4 = _mm_add_si64(x8, y8); - s1 = _mm_add_si64(s1, w22); - s3 = _mm_add_si64(s3, s4); - s1 = _mm_add_si64(s1, w26); - s1 = _mm_add_si64(s1, s3); - C[6] = _mm_cvtsi64_si32(s1); - s1 = _mm_srli_si64(s1, 32); - - C[7] = _mm_cvtsi64_si32(s1) + w[27] + x[10] + y[10] + x[12] + y[12]; - _mm_empty(); -} - -#endif // #ifdef SSE2_INTRINSICS_AVAILABLE - -// end optimized - -// ******************************************************** - -#define A0 A -#define A1 (A+N2) -#define B0 B -#define B1 (B+N2) - -#define T0 T -#define T1 (T+N2) -#define T2 (T+N) -#define T3 (T+N+N2) - -#define R0 R -#define R1 (R+N2) -#define R2 (R+N) -#define R3 (R+N+N2) - -//VC60 workaround: compiler bug triggered without the extra dummy parameters - -// R[2*N] - result = A*B -// T[2*N] - temporary work space -// A[N] --- multiplier -// B[N] --- multiplicant - - -void RecursiveMultiply(word *R, word *T, const word *A, const word *B, - unsigned int N) -{ - if (LowLevel::MultiplyRecursionLimit() >= 8 && N==8) - LowLevel::Multiply8(R, A, B); - else if (LowLevel::MultiplyRecursionLimit() >= 4 && N==4) - LowLevel::Multiply4(R, A, B); - else if (N==2) - LowLevel::Multiply2(R, A, B); - else - { - const unsigned int N2 = N/2; - int carry; - - int aComp = Compare(A0, A1, N2); - int bComp = Compare(B0, B1, N2); - - switch (2*aComp + aComp + bComp) - { - case -4: - LowLevel::Subtract(R0, A1, A0, N2); - LowLevel::Subtract(R1, B0, B1, N2); - RecursiveMultiply(T0, T2, R0, R1, N2); - LowLevel::Subtract(T1, T1, R0, N2); - carry = -1; - break; - case -2: - LowLevel::Subtract(R0, A1, A0, N2); - LowLevel::Subtract(R1, B0, B1, N2); - RecursiveMultiply(T0, T2, R0, R1, N2); - carry = 0; - break; - case 2: - LowLevel::Subtract(R0, A0, A1, N2); - LowLevel::Subtract(R1, B1, B0, N2); - RecursiveMultiply(T0, T2, R0, R1, N2); - carry = 0; - break; - case 4: - LowLevel::Subtract(R0, A1, A0, N2); - LowLevel::Subtract(R1, B0, B1, N2); - RecursiveMultiply(T0, T2, R0, R1, N2); - LowLevel::Subtract(T1, T1, R1, N2); - carry = -1; - break; - default: - SetWords(T0, 0, N); - carry = 0; - } - - RecursiveMultiply(R0, T2, A0, B0, N2); - RecursiveMultiply(R2, T2, A1, B1, N2); - - // now T[01] holds (A1-A0)*(B0-B1),R[01] holds A0*B0, R[23] holds A1*B1 - - carry += LowLevel::Add(T0, T0, R0, N); - carry += LowLevel::Add(T0, T0, R2, N); - carry += LowLevel::Add(R1, R1, T0, N); - - Increment(R3, N2, carry); - } -} - - -void RecursiveSquare(word *R, word *T, const word *A, unsigned int N) -{ - if (LowLevel::SquareRecursionLimit() >= 4 && N==4) - LowLevel::Square4(R, A); - else if (N==2) - LowLevel::Square2(R, A); - else - { - const unsigned int N2 = N/2; - - RecursiveSquare(R0, T2, A0, N2); - RecursiveSquare(R2, T2, A1, N2); - RecursiveMultiply(T0, T2, A0, A1, N2); - - word carry = LowLevel::Add(R1, R1, T0, N); - carry += LowLevel::Add(R1, R1, T0, N); - Increment(R3, N2, carry); - } -} - - -// R[N] - bottom half of A*B -// T[N] - temporary work space -// A[N] - multiplier -// B[N] - multiplicant - - -void RecursiveMultiplyBottom(word *R, word *T, const word *A, const word *B, - unsigned int N) -{ - if (LowLevel::MultiplyBottomRecursionLimit() >= 8 && N==8) - LowLevel::Multiply8Bottom(R, A, B); - else if (LowLevel::MultiplyBottomRecursionLimit() >= 4 && N==4) - LowLevel::Multiply4Bottom(R, A, B); - else if (N==2) - LowLevel::Multiply2Bottom(R, A, B); - else - { - const unsigned int N2 = N/2; - - RecursiveMultiply(R, T, A0, B0, N2); - RecursiveMultiplyBottom(T0, T1, A1, B0, N2); - LowLevel::Add(R1, R1, T0, N2); - RecursiveMultiplyBottom(T0, T1, A0, B1, N2); - LowLevel::Add(R1, R1, T0, N2); - } -} - - -void RecursiveMultiplyTop(word *R, word *T, const word *L, const word *A, - const word *B, unsigned int N) -{ - if (N==4) - { - LowLevel::Multiply4(T, A, B); - memcpy(R, T+4, 4*WORD_SIZE); - } - else if (N==2) - { - LowLevel::Multiply2(T, A, B); - memcpy(R, T+2, 2*WORD_SIZE); - } - else - { - const unsigned int N2 = N/2; - int carry; - - int aComp = Compare(A0, A1, N2); - int bComp = Compare(B0, B1, N2); - - switch (2*aComp + aComp + bComp) - { - case -4: - LowLevel::Subtract(R0, A1, A0, N2); - LowLevel::Subtract(R1, B0, B1, N2); - RecursiveMultiply(T0, T2, R0, R1, N2); - LowLevel::Subtract(T1, T1, R0, N2); - carry = -1; - break; - case -2: - LowLevel::Subtract(R0, A1, A0, N2); - LowLevel::Subtract(R1, B0, B1, N2); - RecursiveMultiply(T0, T2, R0, R1, N2); - carry = 0; - break; - case 2: - LowLevel::Subtract(R0, A0, A1, N2); - LowLevel::Subtract(R1, B1, B0, N2); - RecursiveMultiply(T0, T2, R0, R1, N2); - carry = 0; - break; - case 4: - LowLevel::Subtract(R0, A1, A0, N2); - LowLevel::Subtract(R1, B0, B1, N2); - RecursiveMultiply(T0, T2, R0, R1, N2); - LowLevel::Subtract(T1, T1, R1, N2); - carry = -1; - break; - default: - SetWords(T0, 0, N); - carry = 0; - } - - RecursiveMultiply(T2, R0, A1, B1, N2); - - // now T[01] holds (A1-A0)*(B0-B1), T[23] holds A1*B1 - - word c2 = LowLevel::Subtract(R0, L+N2, L, N2); - c2 += LowLevel::Subtract(R0, R0, T0, N2); - word t = (Compare(R0, T2, N2) == -1); - - carry += t; - carry += Increment(R0, N2, c2+t); - carry += LowLevel::Add(R0, R0, T1, N2); - carry += LowLevel::Add(R0, R0, T3, N2); - - CopyWords(R1, T3, N2); - Increment(R1, N2, carry); - } -} - - -inline word Add(word *C, const word *A, const word *B, unsigned int N) -{ - return LowLevel::Add(C, A, B, N); -} - -inline word Subtract(word *C, const word *A, const word *B, unsigned int N) -{ - return LowLevel::Subtract(C, A, B, N); -} - -inline void Multiply(word *R, word *T, const word *A, const word *B, - unsigned int N) -{ - RecursiveMultiply(R, T, A, B, N); -} - -inline void Square(word *R, word *T, const word *A, unsigned int N) -{ - RecursiveSquare(R, T, A, N); -} - - -void AsymmetricMultiply(word *R, word *T, const word *A, unsigned int NA, - const word *B, unsigned int NB) -{ - if (NA == NB) - { - if (A == B) - Square(R, T, A, NA); - else - Multiply(R, T, A, B, NA); - - return; - } - - if (NA > NB) - { - STL::swap(A, B); - STL::swap(NA, NB); - } - - if (NA==2 && !A[1]) - { - switch (A[0]) - { - case 0: - SetWords(R, 0, NB+2); - return; - case 1: - CopyWords(R, B, NB); - R[NB] = R[NB+1] = 0; - return; - default: - R[NB] = LinearMultiply(R, B, A[0], NB); - R[NB+1] = 0; - return; - } - } - - Multiply(R, T, A, B, NA); - CopyWords(T+2*NA, R+NA, NA); - - unsigned i; - - for (i=2*NA; i<NB; i+=2*NA) - Multiply(T+NA+i, T, A, B+i, NA); - for (i=NA; i<NB; i+=2*NA) - Multiply(R+i, T, A, B+i, NA); - - if (Add(R+NA, R+NA, T+2*NA, NB-NA)) - Increment(R+NB, NA); -} - - -void PositiveMultiply(Integer& product, const Integer& a, const Integer& b) -{ - unsigned int aSize = RoundupSize(a.WordCount()); - unsigned int bSize = RoundupSize(b.WordCount()); - - product.reg_.CleanNew(RoundupSize(aSize + bSize)); - product.sign_ = Integer::POSITIVE; - - AlignedWordBlock workspace(aSize + bSize); - AsymmetricMultiply(product.reg_.get_buffer(), workspace.get_buffer(), - a.reg_.get_buffer(), aSize, b.reg_.get_buffer(), bSize); -} - -void Multiply(Integer &product, const Integer &a, const Integer &b) -{ - PositiveMultiply(product, a, b); - - if (a.NotNegative() != b.NotNegative()) - product.Negate(); -} - - -static inline unsigned int EvenWordCount(const word *X, unsigned int N) -{ - while (N && X[N-2]==0 && X[N-1]==0) - N-=2; - return N; -} - - -unsigned int AlmostInverse(word *R, word *T, const word *A, unsigned int NA, - const word *M, unsigned int N) -{ - word *b = T; - word *c = T+N; - word *f = T+2*N; - word *g = T+3*N; - unsigned int bcLen=2, fgLen=EvenWordCount(M, N); - unsigned int k=0, s=0; - - SetWords(T, 0, 3*N); - b[0]=1; - CopyWords(f, A, NA); - CopyWords(g, M, N); - - while (1) - { - word t=f[0]; - while (!t) - { - if (EvenWordCount(f, fgLen)==0) - { - SetWords(R, 0, N); - return 0; - } - - ShiftWordsRightByWords(f, fgLen, 1); - if (c[bcLen-1]) bcLen+=2; - ShiftWordsLeftByWords(c, bcLen, 1); - k+=WORD_BITS; - t=f[0]; - } - - unsigned int i=0; - while (t%2 == 0) - { - t>>=1; - i++; - } - k+=i; - - if (t==1 && f[1]==0 && EvenWordCount(f, fgLen)==2) - { - if (s%2==0) - CopyWords(R, b, N); - else - Subtract(R, M, b, N); - return k; - } - - ShiftWordsRightByBits(f, fgLen, i); - t=ShiftWordsLeftByBits(c, bcLen, i); - if (t) - { - c[bcLen] = t; - bcLen+=2; - } - - if (f[fgLen-2]==0 && g[fgLen-2]==0 && f[fgLen-1]==0 && g[fgLen-1]==0) - fgLen-=2; - - if (Compare(f, g, fgLen)==-1) - { - STL::swap(f, g); - STL::swap(b, c); - s++; - } - - Subtract(f, f, g, fgLen); - - if (Add(b, b, c, bcLen)) - { - b[bcLen] = 1; - bcLen+=2; - } - } -} - -// R[N] - result = A/(2^k) mod M -// A[N] - input -// M[N] - modulus - -void DivideByPower2Mod(word *R, const word *A, unsigned int k, const word *M, - unsigned int N) -{ - CopyWords(R, A, N); - - while (k--) - { - if (R[0]%2==0) - ShiftWordsRightByBits(R, N, 1); - else - { - word carry = Add(R, R, M, N); - ShiftWordsRightByBits(R, N, 1); - R[N-1] += carry<<(WORD_BITS-1); - } - } -} - -// R[N] - result = A*(2^k) mod M -// A[N] - input -// M[N] - modulus - -void MultiplyByPower2Mod(word *R, const word *A, unsigned int k, const word *M, - unsigned int N) -{ - CopyWords(R, A, N); - - while (k--) - if (ShiftWordsLeftByBits(R, N, 1) || Compare(R, M, N)>=0) - Subtract(R, R, M, N); -} - - -// ********** end of integer needs - - -Integer::Integer() - : reg_(2), sign_(POSITIVE) -{ - reg_[0] = reg_[1] = 0; -} - - -Integer::Integer(const Integer& t) - : reg_(RoundupSize(t.WordCount())), sign_(t.sign_) -{ - CopyWords(reg_.get_buffer(), t.reg_.get_buffer(), reg_.size()); -} - - -Integer::Integer(signed long value) - : reg_(2) -{ - if (value >= 0) - sign_ = POSITIVE; - else - { - sign_ = NEGATIVE; - value = -value; - } - reg_[0] = word(value); - reg_[1] = word(SafeRightShift<WORD_BITS, unsigned long>(value)); -} - - -Integer::Integer(Sign s, word high, word low) - : reg_(2), sign_(s) -{ - reg_[0] = low; - reg_[1] = high; -} - - -Integer::Integer(word value, unsigned int length) - : reg_(RoundupSize(length)), sign_(POSITIVE) -{ - reg_[0] = value; - SetWords(reg_ + 1, 0, reg_.size() - 1); -} - - -Integer::Integer(const byte *encodedInteger, unsigned int byteCount, - Signedness s) -{ - Decode(encodedInteger, byteCount, s); -} - -class BadBER {}; - -// BER Decode Source -Integer::Integer(Source& source) - : reg_(2), sign_(POSITIVE) -{ - Decode(source); -} - -void Integer::Decode(Source& source) -{ - byte b = source.next(); - if (b != INTEGER) { - source.SetError(INTEGER_E); - return; - } - - word32 length = GetLength(source); - if (length == 0 || source.GetError().What()) return; - - if ( (b = source.next()) == 0x00) - length--; - else - source.prev(); - - if (source.IsLeft(length) == false) return; - - unsigned int words = (length + WORD_SIZE - 1) / WORD_SIZE; - words = RoundupSize(words); - if (words > reg_.size()) reg_.CleanNew(words); - - for (int j = length; j > 0; j--) { - b = source.next(); - reg_ [(j-1) / WORD_SIZE] |= (word)b << ((j-1) % WORD_SIZE) * 8; - } -} - - -void Integer::Decode(const byte* input, unsigned int inputLen, Signedness s) -{ - unsigned int idx(0); - byte b = 0; - if (inputLen>0) - b = input[idx]; // peek - sign_ = ((s==SIGNED) && (b & 0x80)) ? NEGATIVE : POSITIVE; - - while (inputLen>0 && (sign_==POSITIVE ? b==0 : b==0xff)) - { - idx++; // skip - if (--inputLen>0) - b = input[idx]; // peek - } - - reg_.CleanNew(RoundupSize(BytesToWords(inputLen))); - - for (unsigned int i=inputLen; i > 0; i--) - { - b = input[idx++]; - reg_[(i-1)/WORD_SIZE] |= (word)b << ((i-1)%WORD_SIZE)*8; - } - - if (sign_ == NEGATIVE) - { - for (unsigned i=inputLen; i<reg_.size()*WORD_SIZE; i++) - reg_[i/WORD_SIZE] |= (word)0xff << (i%WORD_SIZE)*8; - TwosComplement(reg_.get_buffer(), reg_.size()); - } -} - - -unsigned int Integer::Encode(byte* output, unsigned int outputLen, - Signedness signedness) const -{ - unsigned int idx(0); - if (signedness == UNSIGNED || NotNegative()) - { - for (unsigned int i=outputLen; i > 0; i--) - output[idx++] = GetByte(i-1); - } - else - { - // take two's complement of *this - Integer temp = Integer::Power2(8*max(ByteCount(), outputLen)) + *this; - for (unsigned i=0; i<outputLen; i++) - output[idx++] = temp.GetByte(outputLen-i-1); - } - return outputLen; -} - - -static Integer* zero = 0; - -const Integer &Integer::Zero() -{ - if (!zero) - zero = NEW_TC Integer; - return *zero; -} - - -static Integer* one = 0; - -const Integer &Integer::One() -{ - if (!one) - one = NEW_TC Integer(1,2); - return *one; -} - - -// Clean up static singleton holders, not a leak, but helpful to have gone -// when checking for leaks -void CleanUp() -{ - tcDelete(one); - tcDelete(zero); - - // In case user calls more than once, prevent seg fault - one = 0; - zero = 0; -} - -Integer::Integer(RandomNumberGenerator& rng, const Integer& min, - const Integer& max) -{ - Randomize(rng, min, max); -} - - -void Integer::Randomize(RandomNumberGenerator& rng, unsigned int nbits) -{ - const unsigned int nbytes = nbits/8 + 1; - ByteBlock buf(nbytes); - rng.GenerateBlock(buf.get_buffer(), nbytes); - if (nbytes) - buf[0] = (byte)Crop(buf[0], nbits % 8); - Decode(buf.get_buffer(), nbytes, UNSIGNED); -} - -void Integer::Randomize(RandomNumberGenerator& rng, const Integer& min, - const Integer& max) -{ - Integer range = max - min; - const unsigned int nbits = range.BitCount(); - - do - { - Randomize(rng, nbits); - } - while (*this > range); - - *this += min; -} - - -Integer Integer::Power2(unsigned int e) -{ - Integer r((word)0, BitsToWords(e + 1)); - r.SetBit(e); - return r; -} - - -void Integer::SetBit(unsigned int n, bool value) -{ - if (value) - { - reg_.CleanGrow(RoundupSize(BitsToWords(n + 1))); - reg_[n / WORD_BITS] |= (word(1) << (n % WORD_BITS)); - } - else - { - if (n / WORD_BITS < reg_.size()) - reg_[n / WORD_BITS] &= ~(word(1) << (n % WORD_BITS)); - } -} - - -void Integer::SetByte(unsigned int n, byte value) -{ - reg_.CleanGrow(RoundupSize(BytesToWords(n+1))); - reg_[n/WORD_SIZE] &= ~(word(0xff) << 8*(n%WORD_SIZE)); - reg_[n/WORD_SIZE] |= (word(value) << 8*(n%WORD_SIZE)); -} - - -void Integer::Negate() -{ - if (!!(*this)) // don't flip sign if *this==0 - sign_ = Sign(1 - sign_); -} - - -bool Integer::operator!() const -{ - return IsNegative() ? false : (reg_[0]==0 && WordCount()==0); -} - - -Integer& Integer::operator=(const Integer& t) -{ - if (this != &t) - { - reg_.New(RoundupSize(t.WordCount())); - CopyWords(reg_.get_buffer(), t.reg_.get_buffer(), reg_.size()); - sign_ = t.sign_; - } - return *this; -} - - -Integer& Integer::operator+=(const Integer& t) -{ - reg_.CleanGrow(t.reg_.size()); - if (NotNegative()) - { - if (t.NotNegative()) - PositiveAdd(*this, *this, t); - else - PositiveSubtract(*this, *this, t); - } - else - { - if (t.NotNegative()) - PositiveSubtract(*this, t, *this); - else - { - PositiveAdd(*this, *this, t); - sign_ = Integer::NEGATIVE; - } - } - return *this; -} - - -Integer Integer::operator-() const -{ - Integer result(*this); - result.Negate(); - return result; -} - - -Integer& Integer::operator-=(const Integer& t) -{ - reg_.CleanGrow(t.reg_.size()); - if (NotNegative()) - { - if (t.NotNegative()) - PositiveSubtract(*this, *this, t); - else - PositiveAdd(*this, *this, t); - } - else - { - if (t.NotNegative()) - { - PositiveAdd(*this, *this, t); - sign_ = Integer::NEGATIVE; - } - else - PositiveSubtract(*this, t, *this); - } - return *this; -} - - -Integer& Integer::operator++() -{ - if (NotNegative()) - { - if (Increment(reg_.get_buffer(), reg_.size())) - { - reg_.CleanGrow(2*reg_.size()); - reg_[reg_.size()/2]=1; - } - } - else - { - word borrow = Decrement(reg_.get_buffer(), reg_.size()); - (void)borrow; // shut up compiler - if (WordCount()==0) - *this = Zero(); - } - return *this; -} - -Integer& Integer::operator--() -{ - if (IsNegative()) - { - if (Increment(reg_.get_buffer(), reg_.size())) - { - reg_.CleanGrow(2*reg_.size()); - reg_[reg_.size()/2]=1; - } - } - else - { - if (Decrement(reg_.get_buffer(), reg_.size())) - *this = -One(); - } - return *this; -} - - -Integer& Integer::operator<<=(unsigned int n) -{ - const unsigned int wordCount = WordCount(); - const unsigned int shiftWords = n / WORD_BITS; - const unsigned int shiftBits = n % WORD_BITS; - - reg_.CleanGrow(RoundupSize(wordCount+BitsToWords(n))); - ShiftWordsLeftByWords(reg_.get_buffer(), wordCount + shiftWords, - shiftWords); - ShiftWordsLeftByBits(reg_+shiftWords, wordCount+BitsToWords(shiftBits), - shiftBits); - return *this; -} - -Integer& Integer::operator>>=(unsigned int n) -{ - const unsigned int wordCount = WordCount(); - const unsigned int shiftWords = n / WORD_BITS; - const unsigned int shiftBits = n % WORD_BITS; - - ShiftWordsRightByWords(reg_.get_buffer(), wordCount, shiftWords); - if (wordCount > shiftWords) - ShiftWordsRightByBits(reg_.get_buffer(), wordCount-shiftWords, - shiftBits); - if (IsNegative() && WordCount()==0) // avoid -0 - *this = Zero(); - return *this; -} - - -void PositiveAdd(Integer& sum, const Integer& a, const Integer& b) -{ - word carry; - if (a.reg_.size() == b.reg_.size()) - carry = Add(sum.reg_.get_buffer(), a.reg_.get_buffer(), - b.reg_.get_buffer(), a.reg_.size()); - else if (a.reg_.size() > b.reg_.size()) - { - carry = Add(sum.reg_.get_buffer(), a.reg_.get_buffer(), - b.reg_.get_buffer(), b.reg_.size()); - CopyWords(sum.reg_+b.reg_.size(), a.reg_+b.reg_.size(), - a.reg_.size()-b.reg_.size()); - carry = Increment(sum.reg_+b.reg_.size(), a.reg_.size()-b.reg_.size(), - carry); - } - else - { - carry = Add(sum.reg_.get_buffer(), a.reg_.get_buffer(), - b.reg_.get_buffer(), a.reg_.size()); - CopyWords(sum.reg_+a.reg_.size(), b.reg_+a.reg_.size(), - b.reg_.size()-a.reg_.size()); - carry = Increment(sum.reg_+a.reg_.size(), b.reg_.size()-a.reg_.size(), - carry); - } - - if (carry) - { - sum.reg_.CleanGrow(2*sum.reg_.size()); - sum.reg_[sum.reg_.size()/2] = 1; - } - sum.sign_ = Integer::POSITIVE; -} - -void PositiveSubtract(Integer &diff, const Integer &a, const Integer& b) -{ - unsigned aSize = a.WordCount(); - aSize += aSize%2; - unsigned bSize = b.WordCount(); - bSize += bSize%2; - - if (aSize == bSize) - { - if (Compare(a.reg_.get_buffer(), b.reg_.get_buffer(), aSize) >= 0) - { - Subtract(diff.reg_.get_buffer(), a.reg_.get_buffer(), - b.reg_.get_buffer(), aSize); - diff.sign_ = Integer::POSITIVE; - } - else - { - Subtract(diff.reg_.get_buffer(), b.reg_.get_buffer(), - a.reg_.get_buffer(), aSize); - diff.sign_ = Integer::NEGATIVE; - } - } - else if (aSize > bSize) - { - word borrow = Subtract(diff.reg_.get_buffer(), a.reg_.get_buffer(), - b.reg_.get_buffer(), bSize); - CopyWords(diff.reg_+bSize, a.reg_+bSize, aSize-bSize); - borrow = Decrement(diff.reg_+bSize, aSize-bSize, borrow); - diff.sign_ = Integer::POSITIVE; - } - else - { - word borrow = Subtract(diff.reg_.get_buffer(), b.reg_.get_buffer(), - a.reg_.get_buffer(), aSize); - CopyWords(diff.reg_+aSize, b.reg_+aSize, bSize-aSize); - borrow = Decrement(diff.reg_+aSize, bSize-aSize, borrow); - diff.sign_ = Integer::NEGATIVE; - } -} - - -unsigned int Integer::MinEncodedSize(Signedness signedness) const -{ - unsigned int outputLen = max(1U, ByteCount()); - if (signedness == UNSIGNED) - return outputLen; - if (NotNegative() && (GetByte(outputLen-1) & 0x80)) - outputLen++; - if (IsNegative() && *this < -Power2(outputLen*8-1)) - outputLen++; - return outputLen; -} - - -int Integer::Compare(const Integer& t) const -{ - if (NotNegative()) - { - if (t.NotNegative()) - return PositiveCompare(t); - else - return 1; - } - else - { - if (t.NotNegative()) - return -1; - else - return -PositiveCompare(t); - } -} - - -int Integer::PositiveCompare(const Integer& t) const -{ - unsigned size = WordCount(), tSize = t.WordCount(); - - if (size == tSize) - return TaoCrypt::Compare(reg_.get_buffer(), t.reg_.get_buffer(), size); - else - return size > tSize ? 1 : -1; -} - - -bool Integer::GetBit(unsigned int n) const -{ - if (n/WORD_BITS >= reg_.size()) - return 0; - else - return bool((reg_[n/WORD_BITS] >> (n % WORD_BITS)) & 1); -} - - -unsigned long Integer::GetBits(unsigned int i, unsigned int n) const -{ - unsigned long v = 0; - for (unsigned int j=0; j<n; j++) - v |= GetBit(i+j) << j; - return v; -} - - -byte Integer::GetByte(unsigned int n) const -{ - if (n/WORD_SIZE >= reg_.size()) - return 0; - else - return byte(reg_[n/WORD_SIZE] >> ((n%WORD_SIZE)*8)); -} - - -unsigned int Integer::BitCount() const -{ - unsigned wordCount = WordCount(); - if (wordCount) - return (wordCount-1)*WORD_BITS + BitPrecision(reg_[wordCount-1]); - else - return 0; -} - - -unsigned int Integer::ByteCount() const -{ - unsigned wordCount = WordCount(); - if (wordCount) - return (wordCount-1)*WORD_SIZE + BytePrecision(reg_[wordCount-1]); - else - return 0; -} - - -unsigned int Integer::WordCount() const -{ - return CountWords(reg_.get_buffer(), reg_.size()); -} - - -bool Integer::IsConvertableToLong() const -{ - if (ByteCount() > sizeof(long)) - return false; - - unsigned long value = reg_[0]; - value += SafeLeftShift<WORD_BITS, unsigned long>(reg_[1]); - - if (sign_ == POSITIVE) - return (signed long)value >= 0; - else - return -(signed long)value < 0; -} - - -signed long Integer::ConvertToLong() const -{ - unsigned long value = reg_[0]; - value += SafeLeftShift<WORD_BITS, unsigned long>(reg_[1]); - return sign_ == POSITIVE ? value : -(signed long)value; -} - - -void Integer::Swap(Integer& a) -{ - reg_.Swap(a.reg_); - STL::swap(sign_, a.sign_); -} - - -Integer Integer::Plus(const Integer& b) const -{ - Integer sum((word)0, max(reg_.size(), b.reg_.size())); - if (NotNegative()) - { - if (b.NotNegative()) - PositiveAdd(sum, *this, b); - else - PositiveSubtract(sum, *this, b); - } - else - { - if (b.NotNegative()) - PositiveSubtract(sum, b, *this); - else - { - PositiveAdd(sum, *this, b); - sum.sign_ = Integer::NEGATIVE; - } - } - return sum; -} - - -Integer Integer::Minus(const Integer& b) const -{ - Integer diff((word)0, max(reg_.size(), b.reg_.size())); - if (NotNegative()) - { - if (b.NotNegative()) - PositiveSubtract(diff, *this, b); - else - PositiveAdd(diff, *this, b); - } - else - { - if (b.NotNegative()) - { - PositiveAdd(diff, *this, b); - diff.sign_ = Integer::NEGATIVE; - } - else - PositiveSubtract(diff, b, *this); - } - return diff; -} - - -Integer Integer::Times(const Integer &b) const -{ - Integer product; - Multiply(product, *this, b); - return product; -} - - -#undef A0 -#undef A1 -#undef B0 -#undef B1 - -#undef T0 -#undef T1 -#undef T2 -#undef T3 - -#undef R0 -#undef R1 -#undef R2 -#undef R3 - - -static inline void AtomicDivide(word *Q, const word *A, const word *B) -{ - word T[4]; - DWord q = DivideFourWordsByTwo<word, DWord>(T, DWord(A[0], A[1]), - DWord(A[2], A[3]), DWord(B[0], B[1])); - Q[0] = q.GetLowHalf(); - Q[1] = q.GetHighHalf(); - -#ifndef NDEBUG - if (B[0] || B[1]) - { - // multiply quotient and divisor and add remainder, make sure it - // equals dividend - word P[4]; - Portable::Multiply2(P, Q, B); - Add(P, P, T, 4); - } -#endif -} - - -// for use by Divide(), corrects the underestimated quotient {Q1,Q0} -static void CorrectQuotientEstimate(word *R, word *T, word *Q, const word *B, - unsigned int N) -{ - if (Q[1]) - { - T[N] = T[N+1] = 0; - unsigned i; - for (i=0; i<N; i+=4) - LowLevel::Multiply2(T+i, Q, B+i); - for (i=2; i<N; i+=4) - if (LowLevel::Multiply2Add(T+i, Q, B+i)) - T[i+5] += (++T[i+4]==0); - } - else - { - T[N] = LinearMultiply(T, B, Q[0], N); - T[N+1] = 0; - } - - word borrow = Subtract(R, R, T, N+2); - (void)borrow; // shut up compiler - - while (R[N] || Compare(R, B, N) >= 0) - { - R[N] -= Subtract(R, R, B, N); - Q[1] += (++Q[0]==0); - } -} - -// R[NB] -------- remainder = A%B -// Q[NA-NB+2] --- quotient = A/B -// T[NA+2*NB+4] - temp work space -// A[NA] -------- dividend -// B[NB] -------- divisor - - -void Divide(word* R, word* Q, word* T, const word* A, unsigned int NA, - const word* B, unsigned int NB) -{ - // set up temporary work space - word *const TA=T; - word *const TB=T+NA+2; - word *const TP=T+NA+2+NB; - - // copy B into TB and normalize it so that TB has highest bit set to 1 - unsigned shiftWords = (B[NB-1]==0); - TB[0] = TB[NB-1] = 0; - CopyWords(TB+shiftWords, B, NB-shiftWords); - unsigned shiftBits = WORD_BITS - BitPrecision(TB[NB-1]); - ShiftWordsLeftByBits(TB, NB, shiftBits); - - // copy A into TA and normalize it - TA[0] = TA[NA] = TA[NA+1] = 0; - CopyWords(TA+shiftWords, A, NA); - ShiftWordsLeftByBits(TA, NA+2, shiftBits); - - if (TA[NA+1]==0 && TA[NA] <= 1) - { - Q[NA-NB+1] = Q[NA-NB] = 0; - while (TA[NA] || Compare(TA+NA-NB, TB, NB) >= 0) - { - TA[NA] -= Subtract(TA+NA-NB, TA+NA-NB, TB, NB); - ++Q[NA-NB]; - } - } - else - { - NA+=2; - } - - word BT[2]; - BT[0] = TB[NB-2] + 1; - BT[1] = TB[NB-1] + (BT[0]==0); - - // start reducing TA mod TB, 2 words at a time - for (unsigned i=NA-2; i>=NB; i-=2) - { - AtomicDivide(Q+i-NB, TA+i-2, BT); - CorrectQuotientEstimate(TA+i-NB, TP, Q+i-NB, TB, NB); - } - - // copy TA into R, and denormalize it - CopyWords(R, TA+shiftWords, NB); - ShiftWordsRightByBits(R, NB, shiftBits); -} - - -void PositiveDivide(Integer& remainder, Integer& quotient, - const Integer& a, const Integer& b) -{ - unsigned aSize = a.WordCount(); - unsigned bSize = b.WordCount(); - - if (a.PositiveCompare(b) == -1) - { - remainder = a; - remainder.sign_ = Integer::POSITIVE; - quotient = Integer::Zero(); - return; - } - - aSize += aSize%2; // round up to next even number - bSize += bSize%2; - - remainder.reg_.CleanNew(RoundupSize(bSize)); - remainder.sign_ = Integer::POSITIVE; - quotient.reg_.CleanNew(RoundupSize(aSize-bSize+2)); - quotient.sign_ = Integer::POSITIVE; - - AlignedWordBlock T(aSize+2*bSize+4); - Divide(remainder.reg_.get_buffer(), quotient.reg_.get_buffer(), - T.get_buffer(), a.reg_.get_buffer(), aSize, b.reg_.get_buffer(), - bSize); -} - -void Integer::Divide(Integer &remainder, Integer "ient, - const Integer ÷nd, const Integer &divisor) -{ - PositiveDivide(remainder, quotient, dividend, divisor); - - if (dividend.IsNegative()) - { - quotient.Negate(); - if (remainder.NotZero()) - { - --quotient; - remainder = divisor.AbsoluteValue() - remainder; - } - } - - if (divisor.IsNegative()) - quotient.Negate(); -} - -void Integer::DivideByPowerOf2(Integer &r, Integer &q, const Integer &a, - unsigned int n) -{ - q = a; - q >>= n; - - const unsigned int wordCount = BitsToWords(n); - if (wordCount <= a.WordCount()) - { - r.reg_.resize(RoundupSize(wordCount)); - CopyWords(r.reg_.get_buffer(), a.reg_.get_buffer(), wordCount); - SetWords(r.reg_+wordCount, 0, r.reg_.size()-wordCount); - if (n % WORD_BITS != 0) - r.reg_[wordCount-1] %= (word(1) << (n % WORD_BITS)); - } - else - { - r.reg_.resize(RoundupSize(a.WordCount())); - CopyWords(r.reg_.get_buffer(), a.reg_.get_buffer(), r.reg_.size()); - } - r.sign_ = POSITIVE; - - if (a.IsNegative() && r.NotZero()) - { - --q; - r = Power2(n) - r; - } -} - -Integer Integer::DividedBy(const Integer &b) const -{ - Integer remainder, quotient; - Integer::Divide(remainder, quotient, *this, b); - return quotient; -} - -Integer Integer::Modulo(const Integer &b) const -{ - Integer remainder, quotient; - Integer::Divide(remainder, quotient, *this, b); - return remainder; -} - -void Integer::Divide(word &remainder, Integer "ient, - const Integer ÷nd, word divisor) -{ - if ((divisor & (divisor-1)) == 0) // divisor is a power of 2 - { - quotient = dividend >> (BitPrecision(divisor)-1); - remainder = dividend.reg_[0] & (divisor-1); - return; - } - - unsigned int i = dividend.WordCount(); - quotient.reg_.CleanNew(RoundupSize(i)); - remainder = 0; - while (i--) - { - quotient.reg_[i] = DWord(dividend.reg_[i], remainder) / divisor; - remainder = DWord(dividend.reg_[i], remainder) % divisor; - } - - if (dividend.NotNegative()) - quotient.sign_ = POSITIVE; - else - { - quotient.sign_ = NEGATIVE; - if (remainder) - { - --quotient; - remainder = divisor - remainder; - } - } -} - -Integer Integer::DividedBy(word b) const -{ - word remainder; - Integer quotient; - Integer::Divide(remainder, quotient, *this, b); - return quotient; -} - -word Integer::Modulo(word divisor) const -{ - word remainder; - - if ((divisor & (divisor-1)) == 0) // divisor is a power of 2 - remainder = reg_[0] & (divisor-1); - else - { - unsigned int i = WordCount(); - - if (divisor <= 5) - { - DWord sum(0, 0); - while (i--) - sum += reg_[i]; - remainder = sum % divisor; - } - else - { - remainder = 0; - while (i--) - remainder = DWord(reg_[i], remainder) % divisor; - } - } - - if (IsNegative() && remainder) - remainder = divisor - remainder; - - return remainder; -} - - -Integer Integer::AbsoluteValue() const -{ - Integer result(*this); - result.sign_ = POSITIVE; - return result; -} - - -Integer Integer::SquareRoot() const -{ - if (!IsPositive()) - return Zero(); - - // overestimate square root - Integer x, y = Power2((BitCount()+1)/2); - - do - { - x = y; - y = (x + *this/x) >> 1; - } while (y<x); - - return x; -} - -bool Integer::IsSquare() const -{ - Integer r = SquareRoot(); - return *this == r.Squared(); -} - -bool Integer::IsUnit() const -{ - return (WordCount() == 1) && (reg_[0] == 1); -} - -Integer Integer::MultiplicativeInverse() const -{ - return IsUnit() ? *this : Zero(); -} - -Integer a_times_b_mod_c(const Integer &x, const Integer& y, const Integer& m) -{ - return x*y%m; -} - -Integer a_exp_b_mod_c(const Integer &x, const Integer& e, const Integer& m) -{ - ModularArithmetic mr(m); - return mr.Exponentiate(x, e); -} - -Integer Integer::Gcd(const Integer &a, const Integer &b) -{ - return EuclideanDomainOf().Gcd(a, b); -} - -Integer Integer::InverseMod(const Integer &m) const -{ - if (IsNegative() || *this>=m) - return (*this%m).InverseMod(m); - - if (m.IsEven()) - { - if (!m || IsEven()) - return Zero(); // no inverse - if (*this == One()) - return One(); - - Integer u = m.InverseMod(*this); - return !u ? Zero() : (m*(*this-u)+1)/(*this); - } - - AlignedWordBlock T(m.reg_.size() * 4); - Integer r((word)0, m.reg_.size()); - unsigned k = AlmostInverse(r.reg_.get_buffer(), T.get_buffer(), - reg_.get_buffer(), reg_.size(), - m.reg_.get_buffer(), m.reg_.size()); - DivideByPower2Mod(r.reg_.get_buffer(), r.reg_.get_buffer(), k, - m.reg_.get_buffer(), m.reg_.size()); - return r; -} - -word Integer::InverseMod(const word mod) const -{ - word g0 = mod, g1 = *this % mod; - word v0 = 0, v1 = 1; - word y; - - while (g1) - { - if (g1 == 1) - return v1; - y = g0 / g1; - g0 = g0 % g1; - v0 += y * v1; - - if (!g0) - break; - if (g0 == 1) - return mod-v0; - y = g1 / g0; - g1 = g1 % g0; - v1 += y * v0; - } - return 0; -} - -// ********* ModArith stuff - -const Integer& ModularArithmetic::Half(const Integer &a) const -{ - if (a.reg_.size()==modulus.reg_.size()) - { - TaoCrypt::DivideByPower2Mod(result.reg_.begin(), a.reg_.begin(), 1, - modulus.reg_.begin(), a.reg_.size()); - return result; - } - else - return result1 = (a.IsEven() ? (a >> 1) : ((a+modulus) >> 1)); -} - -const Integer& ModularArithmetic::Add(const Integer &a, const Integer &b) const -{ - if (a.reg_.size()==modulus.reg_.size() && - b.reg_.size()==modulus.reg_.size()) - { - if (TaoCrypt::Add(result.reg_.begin(), a.reg_.begin(), b.reg_.begin(), - a.reg_.size()) - || Compare(result.reg_.get_buffer(), modulus.reg_.get_buffer(), - a.reg_.size()) >= 0) - { - TaoCrypt::Subtract(result.reg_.begin(), result.reg_.begin(), - modulus.reg_.begin(), a.reg_.size()); - } - return result; - } - else - { - result1 = a+b; - if (result1 >= modulus) - result1 -= modulus; - return result1; - } -} - -Integer& ModularArithmetic::Accumulate(Integer &a, const Integer &b) const -{ - if (a.reg_.size()==modulus.reg_.size() && - b.reg_.size()==modulus.reg_.size()) - { - if (TaoCrypt::Add(a.reg_.get_buffer(), a.reg_.get_buffer(), - b.reg_.get_buffer(), a.reg_.size()) - || Compare(a.reg_.get_buffer(), modulus.reg_.get_buffer(), - a.reg_.size()) >= 0) - { - TaoCrypt::Subtract(a.reg_.get_buffer(), a.reg_.get_buffer(), - modulus.reg_.get_buffer(), a.reg_.size()); - } - } - else - { - a+=b; - if (a>=modulus) - a-=modulus; - } - - return a; -} - -const Integer& ModularArithmetic::Subtract(const Integer &a, - const Integer &b) const -{ - if (a.reg_.size()==modulus.reg_.size() && - b.reg_.size()==modulus.reg_.size()) - { - if (TaoCrypt::Subtract(result.reg_.begin(), a.reg_.begin(), - b.reg_.begin(), a.reg_.size())) - TaoCrypt::Add(result.reg_.begin(), result.reg_.begin(), - modulus.reg_.begin(), a.reg_.size()); - return result; - } - else - { - result1 = a-b; - if (result1.IsNegative()) - result1 += modulus; - return result1; - } -} - -Integer& ModularArithmetic::Reduce(Integer &a, const Integer &b) const -{ - if (a.reg_.size()==modulus.reg_.size() && - b.reg_.size()==modulus.reg_.size()) - { - if (TaoCrypt::Subtract(a.reg_.get_buffer(), a.reg_.get_buffer(), - b.reg_.get_buffer(), a.reg_.size())) - TaoCrypt::Add(a.reg_.get_buffer(), a.reg_.get_buffer(), - modulus.reg_.get_buffer(), a.reg_.size()); - } - else - { - a-=b; - if (a.IsNegative()) - a+=modulus; - } - - return a; -} - -const Integer& ModularArithmetic::Inverse(const Integer &a) const -{ - if (!a) - return a; - - CopyWords(result.reg_.begin(), modulus.reg_.begin(), modulus.reg_.size()); - if (TaoCrypt::Subtract(result.reg_.begin(), result.reg_.begin(), - a.reg_.begin(), a.reg_.size())) - Decrement(result.reg_.begin()+a.reg_.size(), 1, - modulus.reg_.size()-a.reg_.size()); - - return result; -} - -Integer ModularArithmetic::CascadeExponentiate(const Integer &x, - const Integer &e1, const Integer &y, const Integer &e2) const -{ - if (modulus.IsOdd()) - { - MontgomeryRepresentation dr(modulus); - return dr.ConvertOut(dr.CascadeExponentiate(dr.ConvertIn(x), e1, - dr.ConvertIn(y), e2)); - } - else - return AbstractRing::CascadeExponentiate(x, e1, y, e2); -} - -void ModularArithmetic::SimultaneousExponentiate(Integer *results, - const Integer &base, const Integer *exponents, - unsigned int exponentsCount) const -{ - if (modulus.IsOdd()) - { - MontgomeryRepresentation dr(modulus); - dr.SimultaneousExponentiate(results, dr.ConvertIn(base), exponents, - exponentsCount); - for (unsigned int i=0; i<exponentsCount; i++) - results[i] = dr.ConvertOut(results[i]); - } - else - AbstractRing::SimultaneousExponentiate(results, base, - exponents, exponentsCount); -} - - -// ******************************************************** - -#define A0 A -#define A1 (A+N2) -#define B0 B -#define B1 (B+N2) - -#define T0 T -#define T1 (T+N2) -#define T2 (T+N) -#define T3 (T+N+N2) - -#define R0 R -#define R1 (R+N2) -#define R2 (R+N) -#define R3 (R+N+N2) - - -inline void MultiplyBottom(word *R, word *T, const word *A, const word *B, - unsigned int N) -{ - RecursiveMultiplyBottom(R, T, A, B, N); -} - -inline void MultiplyTop(word *R, word *T, const word *L, const word *A, - const word *B, unsigned int N) -{ - RecursiveMultiplyTop(R, T, L, A, B, N); -} - - -// R[N] --- result = X/(2**(WORD_BITS*N)) mod M -// T[3*N] - temporary work space -// X[2*N] - number to be reduced -// M[N] --- modulus -// U[N] --- multiplicative inverse of M mod 2**(WORD_BITS*N) - -void MontgomeryReduce(word *R, word *T, const word *X, const word *M, - const word *U, unsigned int N) -{ - MultiplyBottom(R, T, X, U, N); - MultiplyTop(T, T+N, X, R, M, N); - word borrow = Subtract(T, X+N, T, N); - // defend against timing attack by doing this Add even when not needed - word carry = Add(T+N, T, M, N); - (void)carry; // shut up compiler - CopyWords(R, T + (borrow ? N : 0), N); -} - -// R[N] ----- result = A inverse mod 2**(WORD_BITS*N) -// T[3*N/2] - temporary work space -// A[N] ----- an odd number as input - -void RecursiveInverseModPower2(word *R, word *T, const word *A, unsigned int N) -{ - if (N==2) - { - T[0] = AtomicInverseModPower2(A[0]); - T[1] = 0; - LowLevel::Multiply2Bottom(T+2, T, A); - TwosComplement(T+2, 2); - Increment(T+2, 2, 2); - LowLevel::Multiply2Bottom(R, T, T+2); - } - else - { - const unsigned int N2 = N/2; - RecursiveInverseModPower2(R0, T0, A0, N2); - T0[0] = 1; - SetWords(T0+1, 0, N2-1); - MultiplyTop(R1, T1, T0, R0, A0, N2); - MultiplyBottom(T0, T1, R0, A1, N2); - Add(T0, R1, T0, N2); - TwosComplement(T0, N2); - MultiplyBottom(R1, T1, R0, T0, N2); - } -} - - -#undef A0 -#undef A1 -#undef B0 -#undef B1 - -#undef T0 -#undef T1 -#undef T2 -#undef T3 - -#undef R0 -#undef R1 -#undef R2 -#undef R3 - - -// modulus must be odd -MontgomeryRepresentation::MontgomeryRepresentation(const Integer &m) - : ModularArithmetic(m), - u((word)0, modulus.reg_.size()), - workspace(5*modulus.reg_.size()) -{ - RecursiveInverseModPower2(u.reg_.get_buffer(), workspace.get_buffer(), - modulus.reg_.get_buffer(), modulus.reg_.size()); -} - -const Integer& MontgomeryRepresentation::Multiply(const Integer &a, - const Integer &b) const -{ - word *const T = workspace.begin(); - word *const R = result.reg_.begin(); - const unsigned int N = modulus.reg_.size(); - - AsymmetricMultiply(T, T+2*N, a.reg_.get_buffer(), a.reg_.size(), - b.reg_.get_buffer(), b.reg_.size()); - SetWords(T+a.reg_.size()+b.reg_.size(),0, 2*N-a.reg_.size()-b.reg_.size()); - MontgomeryReduce(R, T+2*N, T, modulus.reg_.get_buffer(), - u.reg_.get_buffer(), N); - return result; -} - -const Integer& MontgomeryRepresentation::Square(const Integer &a) const -{ - word *const T = workspace.begin(); - word *const R = result.reg_.begin(); - const unsigned int N = modulus.reg_.size(); - - TaoCrypt::Square(T, T+2*N, a.reg_.get_buffer(), a.reg_.size()); - SetWords(T+2*a.reg_.size(), 0, 2*N-2*a.reg_.size()); - MontgomeryReduce(R, T+2*N, T, modulus.reg_.get_buffer(), - u.reg_.get_buffer(), N); - return result; -} - -Integer MontgomeryRepresentation::ConvertOut(const Integer &a) const -{ - word *const T = workspace.begin(); - word *const R = result.reg_.begin(); - const unsigned int N = modulus.reg_.size(); - - CopyWords(T, a.reg_.get_buffer(), a.reg_.size()); - SetWords(T+a.reg_.size(), 0, 2*N-a.reg_.size()); - MontgomeryReduce(R, T+2*N, T, modulus.reg_.get_buffer(), - u.reg_.get_buffer(), N); - return result; -} - -const Integer& MontgomeryRepresentation::MultiplicativeInverse( - const Integer &a) const -{ -// return (EuclideanMultiplicativeInverse(a, modulus)<< -// (2*WORD_BITS*modulus.reg_.size()))%modulus; - word *const T = workspace.begin(); - word *const R = result.reg_.begin(); - const unsigned int N = modulus.reg_.size(); - - CopyWords(T, a.reg_.get_buffer(), a.reg_.size()); - SetWords(T+a.reg_.size(), 0, 2*N-a.reg_.size()); - MontgomeryReduce(R, T+2*N, T, modulus.reg_.get_buffer(), - u.reg_.get_buffer(), N); - unsigned k = AlmostInverse(R, T, R, N, modulus.reg_.get_buffer(), N); - -// cout << "k=" << k << " N*32=" << 32*N << endl; - - if (k>N*WORD_BITS) - DivideByPower2Mod(R, R, k-N*WORD_BITS, modulus.reg_.get_buffer(), N); - else - MultiplyByPower2Mod(R, R, N*WORD_BITS-k, modulus.reg_.get_buffer(), N); - - return result; -} - - -// mod Root stuff -Integer ModularRoot(const Integer &a, const Integer &dp, const Integer &dq, - const Integer &p, const Integer &q, const Integer &u) -{ - Integer p2 = ModularExponentiation((a % p), dp, p); - Integer q2 = ModularExponentiation((a % q), dq, q); - return CRT(p2, p, q2, q, u); -} - -Integer CRT(const Integer &xp, const Integer &p, const Integer &xq, - const Integer &q, const Integer &u) -{ - // isn't operator overloading great? - return p * (u * (xq-xp) % q) + xp; -} - -} // namespace - diff --git a/extra/yassl/taocrypt/src/make.bat b/extra/yassl/taocrypt/src/make.bat deleted file mode 100755 index 6572d7f354a..00000000000 --- a/extra/yassl/taocrypt/src/make.bat +++ /dev/null @@ -1,53 +0,0 @@ -REM Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. -REM -REM This program is free software; you can redistribute it and/or modify -REM it under the terms of the GNU General Public License as published by -REM the Free Software Foundation; version 2 of the License. -REM -REM This program is distributed in the hope that it will be useful, -REM but WITHOUT ANY WARRANTY; without even the implied warranty of -REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -REM GNU General Public License for more details. -REM -REM You should have received a copy of the GNU General Public License -REM along with this program; if not, write to the Free Software -REM Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA - -REM quick and dirty build file for testing different MSDEVs -setlocal - -set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2 - -cl %myFLAGS% aes.cpp -cl %myFLAGS% aestables.cpp -cl %myFLAGS% algebra.cpp -cl %myFLAGS% arc4.cpp - -cl %myFLAGS% asn.cpp -cl %myFLAGS% bftables.cpp -cl %myFLAGS% blowfish.cpp -cl %myFLAGS% coding.cpp - -cl %myFLAGS% des.cpp -cl %myFLAGS% dh.cpp -cl %myFLAGS% dsa.cpp -cl %myFLAGS% file.cpp - -cl %myFLAGS% hash.cpp -cl %myFLAGS% integer.cpp -cl %myFLAGS% md2.cpp -cl %myFLAGS% md4.cpp -cl %myFLAGS% md5.cpp - -cl %myFLAGS% misc.cpp -cl %myFLAGS% random.cpp -cl %myFLAGS% ripemd.cpp -cl %myFLAGS% rsa.cpp - -cl %myFLAGS% sha.cpp -cl %myFLAGS% template_instnt.cpp -cl %myFLAGS% tftables.cpp -cl %myFLAGS% twofish.cpp - -link.exe -lib /out:taocrypt.lib aes.obj aestables.obj algebra.obj arc4.obj asn.obj bftables.obj blowfish.obj coding.obj des.obj dh.obj dsa.obj file.obj hash.obj integer.obj md2.obj md4.obj md5.obj misc.obj random.obj ripemd.obj rsa.obj sha.obj template_instnt.obj tftables.obj twofish.obj - diff --git a/extra/yassl/taocrypt/src/md2.cpp b/extra/yassl/taocrypt/src/md2.cpp deleted file mode 100644 index b1a7190d1f8..00000000000 --- a/extra/yassl/taocrypt/src/md2.cpp +++ /dev/null @@ -1,126 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* based on Wei Dai's md2.cpp from CryptoPP */ - -#include "runtime.hpp" -#include "md2.hpp" -#include <string.h> - -namespace TaoCrypt { - - -MD2::MD2() - : X_(X_SIZE), C_(BLOCK_SIZE), buffer_(BLOCK_SIZE) -{ - Init(); -} - -void MD2::Init() -{ - memset(X_.get_buffer(), 0, X_SIZE); - memset(C_.get_buffer(), 0, BLOCK_SIZE); - memset(buffer_.get_buffer(), 0, BLOCK_SIZE); - count_ = 0; -} - - -void MD2::Update(const byte* data, word32 len) -{ - - static const byte S[256] = - { - 41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6, - 19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188, - 76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24, - 138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251, - 245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63, - 148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50, - 39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165, - 181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210, - 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157, - 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27, - 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15, - 85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197, - 234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65, - 129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123, - 8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233, - 203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228, - 166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237, - 31, 26, 219, 153, 141, 51, 159, 17, 131, 20 - }; - - while (len) { - word32 L = (PAD_SIZE - count_) < len ? (PAD_SIZE - count_) : len; - memcpy(buffer_.get_buffer() + count_, data, L); - count_ += L; - data += L; - len -= L; - - if (count_==PAD_SIZE) { - count_ = 0; - memcpy(X_.get_buffer() + PAD_SIZE, buffer_.get_buffer(), PAD_SIZE); - byte t = C_[15]; - - int i; - for(i = 0; i < PAD_SIZE; i++) { - X_[32 + i] = X_[PAD_SIZE + i] ^ X_[i]; - t = C_[i] ^= S[buffer_[i] ^ t]; - } - - t=0; - for(i = 0; i < 18; i++) { - for(int j = 0; j < X_SIZE; j += 8) { - t = X_[j+0] ^= S[t]; - t = X_[j+1] ^= S[t]; - t = X_[j+2] ^= S[t]; - t = X_[j+3] ^= S[t]; - t = X_[j+4] ^= S[t]; - t = X_[j+5] ^= S[t]; - t = X_[j+6] ^= S[t]; - t = X_[j+7] ^= S[t]; - } - t = (t + i) & 0xFF; - } - } - } -} - - -void MD2::Final(byte *hash) -{ - byte padding[BLOCK_SIZE]; - word32 padLen = PAD_SIZE - count_; - - for (word32 i = 0; i < padLen; i++) - padding[i] = static_cast<byte>(padLen); - - Update(padding, padLen); - Update(C_.get_buffer(), BLOCK_SIZE); - - memcpy(hash, X_.get_buffer(), DIGEST_SIZE); - - Init(); -} - - - - -} // namespace diff --git a/extra/yassl/taocrypt/src/md4.cpp b/extra/yassl/taocrypt/src/md4.cpp deleted file mode 100644 index 02613fcf1e3..00000000000 --- a/extra/yassl/taocrypt/src/md4.cpp +++ /dev/null @@ -1,157 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* based on Wei Dai's md4.cpp from CryptoPP */ - -#include "runtime.hpp" -#include "md4.hpp" -#ifdef USE_SYS_STL - #include <algorithm> -#else - #include "algorithm.hpp" -#endif - - -namespace STL = STL_NAMESPACE; - - -namespace TaoCrypt { - -void MD4::Init() -{ - digest_[0] = 0x67452301L; - digest_[1] = 0xefcdab89L; - digest_[2] = 0x98badcfeL; - digest_[3] = 0x10325476L; - - buffLen_ = 0; - loLen_ = 0; - hiLen_ = 0; -} - - -MD4::MD4(const MD4& that) : HASHwithTransform(DIGEST_SIZE / sizeof(word32), - BLOCK_SIZE) -{ - buffLen_ = that.buffLen_; - loLen_ = that.loLen_; - hiLen_ = that.hiLen_; - - memcpy(digest_, that.digest_, DIGEST_SIZE); - memcpy(buffer_, that.buffer_, BLOCK_SIZE); -} - -MD4& MD4::operator= (const MD4& that) -{ - MD4 tmp(that); - Swap(tmp); - - return *this; -} - - -void MD4::Swap(MD4& other) -{ - STL::swap(loLen_, other.loLen_); - STL::swap(hiLen_, other.hiLen_); - STL::swap(buffLen_, other.buffLen_); - - memcpy(digest_, other.digest_, DIGEST_SIZE); - memcpy(buffer_, other.buffer_, BLOCK_SIZE); -} - - -void MD4::Transform() -{ -#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) -#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) -#define H(x, y, z) ((x) ^ (y) ^ (z)) - - word32 A, B, C, D; - - A = digest_[0]; - B = digest_[1]; - C = digest_[2]; - D = digest_[3]; - -#define function(a,b,c,d,k,s) a=rotlFixed(a+F(b,c,d)+buffer_[k],s); - function(A,B,C,D, 0, 3); - function(D,A,B,C, 1, 7); - function(C,D,A,B, 2,11); - function(B,C,D,A, 3,19); - function(A,B,C,D, 4, 3); - function(D,A,B,C, 5, 7); - function(C,D,A,B, 6,11); - function(B,C,D,A, 7,19); - function(A,B,C,D, 8, 3); - function(D,A,B,C, 9, 7); - function(C,D,A,B,10,11); - function(B,C,D,A,11,19); - function(A,B,C,D,12, 3); - function(D,A,B,C,13, 7); - function(C,D,A,B,14,11); - function(B,C,D,A,15,19); - -#undef function -#define function(a,b,c,d,k,s) a=rotlFixed(a+G(b,c,d)+buffer_[k]+0x5a827999,s); - function(A,B,C,D, 0, 3); - function(D,A,B,C, 4, 5); - function(C,D,A,B, 8, 9); - function(B,C,D,A,12,13); - function(A,B,C,D, 1, 3); - function(D,A,B,C, 5, 5); - function(C,D,A,B, 9, 9); - function(B,C,D,A,13,13); - function(A,B,C,D, 2, 3); - function(D,A,B,C, 6, 5); - function(C,D,A,B,10, 9); - function(B,C,D,A,14,13); - function(A,B,C,D, 3, 3); - function(D,A,B,C, 7, 5); - function(C,D,A,B,11, 9); - function(B,C,D,A,15,13); - -#undef function -#define function(a,b,c,d,k,s) a=rotlFixed(a+H(b,c,d)+buffer_[k]+0x6ed9eba1,s); - function(A,B,C,D, 0, 3); - function(D,A,B,C, 8, 9); - function(C,D,A,B, 4,11); - function(B,C,D,A,12,15); - function(A,B,C,D, 2, 3); - function(D,A,B,C,10, 9); - function(C,D,A,B, 6,11); - function(B,C,D,A,14,15); - function(A,B,C,D, 1, 3); - function(D,A,B,C, 9, 9); - function(C,D,A,B, 5,11); - function(B,C,D,A,13,15); - function(A,B,C,D, 3, 3); - function(D,A,B,C,11, 9); - function(C,D,A,B, 7,11); - function(B,C,D,A,15,15); - - digest_[0] += A; - digest_[1] += B; - digest_[2] += C; - digest_[3] += D; -} - - -} // namespace - diff --git a/extra/yassl/taocrypt/src/md5.cpp b/extra/yassl/taocrypt/src/md5.cpp deleted file mode 100644 index b68be738e83..00000000000 --- a/extra/yassl/taocrypt/src/md5.cpp +++ /dev/null @@ -1,506 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* based on Wei Dai's md5.cpp from CryptoPP */ - -#include "runtime.hpp" -#include "md5.hpp" -#ifdef USE_SYS_STL - #include <algorithm> -#else - #include "algorithm.hpp" -#endif - - -namespace STL = STL_NAMESPACE; - - - -namespace TaoCrypt { - -void MD5::Init() -{ - digest_[0] = 0x67452301L; - digest_[1] = 0xefcdab89L; - digest_[2] = 0x98badcfeL; - digest_[3] = 0x10325476L; - - buffLen_ = 0; - loLen_ = 0; - hiLen_ = 0; -} - - -MD5::MD5(const MD5& that) : HASHwithTransform(DIGEST_SIZE / sizeof(word32), - BLOCK_SIZE) -{ - buffLen_ = that.buffLen_; - loLen_ = that.loLen_; - hiLen_ = that.hiLen_; - - memcpy(digest_, that.digest_, DIGEST_SIZE); - memcpy(buffer_, that.buffer_, BLOCK_SIZE); -} - -MD5& MD5::operator= (const MD5& that) -{ - MD5 tmp(that); - Swap(tmp); - - return *this; -} - - -void MD5::Swap(MD5& other) -{ - STL::swap(loLen_, other.loLen_); - STL::swap(hiLen_, other.hiLen_); - STL::swap(buffLen_, other.buffLen_); - - memcpy(digest_, other.digest_, DIGEST_SIZE); - memcpy(buffer_, other.buffer_, BLOCK_SIZE); -} - - -#ifdef DO_MD5_ASM - -// Update digest with data of size len -void MD5::Update(const byte* data, word32 len) -{ - if (!isMMX) { - HASHwithTransform::Update(data, len); - return; - } - - byte* local = reinterpret_cast<byte*>(buffer_); - - // remove buffered data if possible - if (buffLen_) { - word32 add = min(len, BLOCK_SIZE - buffLen_); - memcpy(&local[buffLen_], data, add); - - buffLen_ += add; - data += add; - len -= add; - - if (buffLen_ == BLOCK_SIZE) { - Transform(); - AddLength(BLOCK_SIZE); - buffLen_ = 0; - } - } - - // at once for asm - if (buffLen_ == 0) { - word32 times = len / BLOCK_SIZE; - if (times) { - AsmTransform(data, times); - const word32 add = BLOCK_SIZE * times; - AddLength(add); - len -= add; - data += add; - } - } - - // cache any data left - if (len) { - memcpy(&local[buffLen_], data, len); - buffLen_ += len; - } -} - - - - -/* - // w = rotlFixed(w + f(x, y, z) + index[edi] + data, s) + x -#define ASMMD5STEP(f, w, x, y, z, index, data, s) \ - f(x, y, z) \ - AS2( mov ebp, [edi + index * 4] ) \ - AS2( lea w, [esi + w + data] ) \ - AS2( add w, ebp ) \ - AS2( rol w, s ) \ - AS2( add w, x ) - - - // F1(x, y, z) (z ^ (x & (y ^ z))) - // place in esi -#define ASMF1(x, y, z) \ - AS2( mov esi, y ) \ - AS2( xor esi, z ) \ - AS2( and esi, x ) \ - AS2( xor esi, z ) - - -#define ASMF2(x, y, z) ASMF1(z, x, y) - - - // F3(x ^ y ^ z) - // place in esi -#define ASMF3(x, y, z) \ - AS2( mov esi, x ) \ - AS2( xor esi, y ) \ - AS2( xor esi, z ) - - - - // F4(x, y, z) (y ^ (x | ~z)) - // place in esi -#define ASMF4(x, y, z) \ - AS2( mov esi, z ) \ - AS1( not esi ) \ - AS2( or esi, x ) \ - AS2( xor esi, y ) -*/ - - - // combine above ASMMD5STEP(f w/ each f ASMF1 - F4 - - // esi already set up, after using set for next round - // ebp already set up, set up using next round index - -#define MD5STEP1(w, x, y, z, index, data, s) \ - AS2( xor esi, z ) \ - AS2( and esi, x ) \ - AS2( lea w, [ebp + w + data] ) \ - AS2( xor esi, z ) \ - AS2( add w, esi ) \ - AS2( mov esi, x ) \ - AS2( rol w, s ) \ - AS2( mov ebp, [edi + index * 4] ) \ - AS2( add w, x ) - -#define MD5STEP2(w, x, y, z, index, data, s) \ - AS2( xor esi, x ) \ - AS2( and esi, z ) \ - AS2( lea w, [ebp + w + data] ) \ - AS2( xor esi, y ) \ - AS2( add w, esi ) \ - AS2( mov esi, x ) \ - AS2( rol w, s ) \ - AS2( mov ebp, [edi + index * 4] ) \ - AS2( add w, x ) - - -#define MD5STEP3(w, x, y, z, index, data, s) \ - AS2( xor esi, z ) \ - AS2( lea w, [ebp + w + data] ) \ - AS2( xor esi, x ) \ - AS2( add w, esi ) \ - AS2( mov esi, x ) \ - AS2( rol w, s ) \ - AS2( mov ebp, [edi + index * 4] ) \ - AS2( add w, x ) - - -#define MD5STEP4(w, x, y, z, index, data, s) \ - AS2( or esi, x ) \ - AS2( lea w, [ebp + w + data] ) \ - AS2( xor esi, y ) \ - AS2( add w, esi ) \ - AS2( mov esi, y ) \ - AS2( rol w, s ) \ - AS1( not esi ) \ - AS2( mov ebp, [edi + index * 4] ) \ - AS2( add w, x ) - - - -#ifdef _MSC_VER - __declspec(naked) -#else - __attribute__ ((noinline)) -#endif -void MD5::AsmTransform(const byte* data, word32 times) -{ -#ifdef __GNUC__ - #define AS1(x) #x ";" - #define AS2(x, y) #x ", " #y ";" - - #define PROLOG() \ - __asm__ __volatile__ \ - ( \ - ".intel_syntax noprefix;" \ - "push ebx;" \ - "push ebp;" - #define EPILOG() \ - "pop ebp;" \ - "pop ebx;" \ - "emms;" \ - ".att_syntax;" \ - : \ - : "c" (this), "D" (data), "a" (times) \ - : "%esi", "%edx", "memory", "cc" \ - ); - -#else - #define AS1(x) __asm x - #define AS2(x, y) __asm x, y - - #define PROLOG() \ - AS1( push ebp ) \ - AS2( mov ebp, esp ) \ - AS2( movd mm3, edi ) \ - AS2( movd mm4, ebx ) \ - AS2( movd mm5, esi ) \ - AS2( movd mm6, ebp ) \ - AS2( mov edi, DWORD PTR [ebp + 8] ) \ - AS2( mov eax, DWORD PTR [ebp + 12] ) - - #define EPILOG() \ - AS2( movd ebp, mm6 ) \ - AS2( movd esi, mm5 ) \ - AS2( movd ebx, mm4 ) \ - AS2( movd edi, mm3 ) \ - AS2( mov esp, ebp ) \ - AS1( pop ebp ) \ - AS1( emms ) \ - AS1( ret 8 ) - -#endif - - - PROLOG() - - AS2( mov esi, ecx ) - - #ifdef OLD_GCC_OFFSET - AS2( add esi, 20 ) // digest_[0] - #else - AS2( add esi, 16 ) // digest_[0] - #endif - - AS2( movd mm2, eax ) // store times_ - AS2( movd mm1, esi ) // store digest_ - - AS2( mov eax, [esi] ) // a - AS2( mov ebx, [esi + 4] ) // b - AS2( mov ecx, [esi + 8] ) // c - AS2( mov edx, [esi + 12] ) // d - -#ifdef _MSC_VER - AS1( loopStart: ) // loopStart -#else - AS1( 0: ) // loopStart for some gas (need numeric for jump back -#endif - - // set up - AS2( mov esi, ecx ) - AS2( mov ebp, [edi] ) - - MD5STEP1( eax, ebx, ecx, edx, 1, 0xd76aa478, 7) - MD5STEP1( edx, eax, ebx, ecx, 2, 0xe8c7b756, 12) - MD5STEP1( ecx, edx, eax, ebx, 3, 0x242070db, 17) - MD5STEP1( ebx, ecx, edx, eax, 4, 0xc1bdceee, 22) - MD5STEP1( eax, ebx, ecx, edx, 5, 0xf57c0faf, 7) - MD5STEP1( edx, eax, ebx, ecx, 6, 0x4787c62a, 12) - MD5STEP1( ecx, edx, eax, ebx, 7, 0xa8304613, 17) - MD5STEP1( ebx, ecx, edx, eax, 8, 0xfd469501, 22) - MD5STEP1( eax, ebx, ecx, edx, 9, 0x698098d8, 7) - MD5STEP1( edx, eax, ebx, ecx, 10, 0x8b44f7af, 12) - MD5STEP1( ecx, edx, eax, ebx, 11, 0xffff5bb1, 17) - MD5STEP1( ebx, ecx, edx, eax, 12, 0x895cd7be, 22) - MD5STEP1( eax, ebx, ecx, edx, 13, 0x6b901122, 7) - MD5STEP1( edx, eax, ebx, ecx, 14, 0xfd987193, 12) - MD5STEP1( ecx, edx, eax, ebx, 15, 0xa679438e, 17) - MD5STEP1( ebx, ecx, edx, eax, 1, 0x49b40821, 22) - - MD5STEP2( eax, ebx, ecx, edx, 6, 0xf61e2562, 5) - MD5STEP2( edx, eax, ebx, ecx, 11, 0xc040b340, 9) - MD5STEP2( ecx, edx, eax, ebx, 0, 0x265e5a51, 14) - MD5STEP2( ebx, ecx, edx, eax, 5, 0xe9b6c7aa, 20) - MD5STEP2( eax, ebx, ecx, edx, 10, 0xd62f105d, 5) - MD5STEP2( edx, eax, ebx, ecx, 15, 0x02441453, 9) - MD5STEP2( ecx, edx, eax, ebx, 4, 0xd8a1e681, 14) - MD5STEP2( ebx, ecx, edx, eax, 9, 0xe7d3fbc8, 20) - MD5STEP2( eax, ebx, ecx, edx, 14, 0x21e1cde6, 5) - MD5STEP2( edx, eax, ebx, ecx, 3, 0xc33707d6, 9) - MD5STEP2( ecx, edx, eax, ebx, 8, 0xf4d50d87, 14) - MD5STEP2( ebx, ecx, edx, eax, 13, 0x455a14ed, 20) - MD5STEP2( eax, ebx, ecx, edx, 2, 0xa9e3e905, 5) - MD5STEP2( edx, eax, ebx, ecx, 7, 0xfcefa3f8, 9) - MD5STEP2( ecx, edx, eax, ebx, 12, 0x676f02d9, 14) - MD5STEP2( ebx, ecx, edx, eax, 5, 0x8d2a4c8a, 20) - - MD5STEP3( eax, ebx, ecx, edx, 8, 0xfffa3942, 4) - MD5STEP3( edx, eax, ebx, ecx, 11, 0x8771f681, 11) - MD5STEP3( ecx, edx, eax, ebx, 14, 0x6d9d6122, 16) - MD5STEP3( ebx, ecx, edx, eax, 1, 0xfde5380c, 23) - MD5STEP3( eax, ebx, ecx, edx, 4, 0xa4beea44, 4) - MD5STEP3( edx, eax, ebx, ecx, 7, 0x4bdecfa9, 11) - MD5STEP3( ecx, edx, eax, ebx, 10, 0xf6bb4b60, 16) - MD5STEP3( ebx, ecx, edx, eax, 13, 0xbebfbc70, 23) - MD5STEP3( eax, ebx, ecx, edx, 0, 0x289b7ec6, 4) - MD5STEP3( edx, eax, ebx, ecx, 3, 0xeaa127fa, 11) - MD5STEP3( ecx, edx, eax, ebx, 6, 0xd4ef3085, 16) - MD5STEP3( ebx, ecx, edx, eax, 9, 0x04881d05, 23) - MD5STEP3( eax, ebx, ecx, edx, 12, 0xd9d4d039, 4) - MD5STEP3( edx, eax, ebx, ecx, 15, 0xe6db99e5, 11) - MD5STEP3( ecx, edx, eax, ebx, 2, 0x1fa27cf8, 16) - MD5STEP3( ebx, ecx, edx, eax, 0, 0xc4ac5665, 23) - - // setup - AS2( mov esi, edx ) - AS1( not esi ) - - MD5STEP4( eax, ebx, ecx, edx, 7, 0xf4292244, 6) - MD5STEP4( edx, eax, ebx, ecx, 14, 0x432aff97, 10) - MD5STEP4( ecx, edx, eax, ebx, 5, 0xab9423a7, 15) - MD5STEP4( ebx, ecx, edx, eax, 12, 0xfc93a039, 21) - MD5STEP4( eax, ebx, ecx, edx, 3, 0x655b59c3, 6) - MD5STEP4( edx, eax, ebx, ecx, 10, 0x8f0ccc92, 10) - MD5STEP4( ecx, edx, eax, ebx, 1, 0xffeff47d, 15) - MD5STEP4( ebx, ecx, edx, eax, 8, 0x85845dd1, 21) - MD5STEP4( eax, ebx, ecx, edx, 15, 0x6fa87e4f, 6) - MD5STEP4( edx, eax, ebx, ecx, 6, 0xfe2ce6e0, 10) - MD5STEP4( ecx, edx, eax, ebx, 13, 0xa3014314, 15) - MD5STEP4( ebx, ecx, edx, eax, 4, 0x4e0811a1, 21) - MD5STEP4( eax, ebx, ecx, edx, 11, 0xf7537e82, 6) - MD5STEP4( edx, eax, ebx, ecx, 2, 0xbd3af235, 10) - MD5STEP4( ecx, edx, eax, ebx, 9, 0x2ad7d2bb, 15) - MD5STEP4( ebx, ecx, edx, eax, 9, 0xeb86d391, 21) - - AS2( movd esi, mm1 ) // digest_ - - AS2( add [esi], eax ) // write out - AS2( add [esi + 4], ebx ) - AS2( add [esi + 8], ecx ) - AS2( add [esi + 12], edx ) - - AS2( add edi, 64 ) - - AS2( mov eax, [esi] ) - AS2( mov ebx, [esi + 4] ) - AS2( mov ecx, [esi + 8] ) - AS2( mov edx, [esi + 12] ) - - AS2( movd ebp, mm2 ) // times - AS1( dec ebp ) - AS2( movd mm2, ebp ) -#ifdef _MSC_VER - AS1( jnz loopStart ) // loopStart -#else - AS1( jnz 0b ) // loopStart -#endif - - - EPILOG() -} - - -#endif // DO_MD5_ASM - - -void MD5::Transform() -{ -#define F1(x, y, z) (z ^ (x & (y ^ z))) -#define F2(x, y, z) F1(z, x, y) -#define F3(x, y, z) (x ^ y ^ z) -#define F4(x, y, z) (y ^ (x | ~z)) - -#define MD5STEP(f, w, x, y, z, data, s) \ - w = rotlFixed(w + f(x, y, z) + data, s) + x - - // Copy context->state[] to working vars - word32 a = digest_[0]; - word32 b = digest_[1]; - word32 c = digest_[2]; - word32 d = digest_[3]; - - MD5STEP(F1, a, b, c, d, buffer_[0] + 0xd76aa478, 7); - MD5STEP(F1, d, a, b, c, buffer_[1] + 0xe8c7b756, 12); - MD5STEP(F1, c, d, a, b, buffer_[2] + 0x242070db, 17); - MD5STEP(F1, b, c, d, a, buffer_[3] + 0xc1bdceee, 22); - MD5STEP(F1, a, b, c, d, buffer_[4] + 0xf57c0faf, 7); - MD5STEP(F1, d, a, b, c, buffer_[5] + 0x4787c62a, 12); - MD5STEP(F1, c, d, a, b, buffer_[6] + 0xa8304613, 17); - MD5STEP(F1, b, c, d, a, buffer_[7] + 0xfd469501, 22); - MD5STEP(F1, a, b, c, d, buffer_[8] + 0x698098d8, 7); - MD5STEP(F1, d, a, b, c, buffer_[9] + 0x8b44f7af, 12); - MD5STEP(F1, c, d, a, b, buffer_[10] + 0xffff5bb1, 17); - MD5STEP(F1, b, c, d, a, buffer_[11] + 0x895cd7be, 22); - MD5STEP(F1, a, b, c, d, buffer_[12] + 0x6b901122, 7); - MD5STEP(F1, d, a, b, c, buffer_[13] + 0xfd987193, 12); - MD5STEP(F1, c, d, a, b, buffer_[14] + 0xa679438e, 17); - MD5STEP(F1, b, c, d, a, buffer_[15] + 0x49b40821, 22); - - MD5STEP(F2, a, b, c, d, buffer_[1] + 0xf61e2562, 5); - MD5STEP(F2, d, a, b, c, buffer_[6] + 0xc040b340, 9); - MD5STEP(F2, c, d, a, b, buffer_[11] + 0x265e5a51, 14); - MD5STEP(F2, b, c, d, a, buffer_[0] + 0xe9b6c7aa, 20); - MD5STEP(F2, a, b, c, d, buffer_[5] + 0xd62f105d, 5); - MD5STEP(F2, d, a, b, c, buffer_[10] + 0x02441453, 9); - MD5STEP(F2, c, d, a, b, buffer_[15] + 0xd8a1e681, 14); - MD5STEP(F2, b, c, d, a, buffer_[4] + 0xe7d3fbc8, 20); - MD5STEP(F2, a, b, c, d, buffer_[9] + 0x21e1cde6, 5); - MD5STEP(F2, d, a, b, c, buffer_[14] + 0xc33707d6, 9); - MD5STEP(F2, c, d, a, b, buffer_[3] + 0xf4d50d87, 14); - MD5STEP(F2, b, c, d, a, buffer_[8] + 0x455a14ed, 20); - MD5STEP(F2, a, b, c, d, buffer_[13] + 0xa9e3e905, 5); - MD5STEP(F2, d, a, b, c, buffer_[2] + 0xfcefa3f8, 9); - MD5STEP(F2, c, d, a, b, buffer_[7] + 0x676f02d9, 14); - MD5STEP(F2, b, c, d, a, buffer_[12] + 0x8d2a4c8a, 20); - - MD5STEP(F3, a, b, c, d, buffer_[5] + 0xfffa3942, 4); - MD5STEP(F3, d, a, b, c, buffer_[8] + 0x8771f681, 11); - MD5STEP(F3, c, d, a, b, buffer_[11] + 0x6d9d6122, 16); - MD5STEP(F3, b, c, d, a, buffer_[14] + 0xfde5380c, 23); - MD5STEP(F3, a, b, c, d, buffer_[1] + 0xa4beea44, 4); - MD5STEP(F3, d, a, b, c, buffer_[4] + 0x4bdecfa9, 11); - MD5STEP(F3, c, d, a, b, buffer_[7] + 0xf6bb4b60, 16); - MD5STEP(F3, b, c, d, a, buffer_[10] + 0xbebfbc70, 23); - MD5STEP(F3, a, b, c, d, buffer_[13] + 0x289b7ec6, 4); - MD5STEP(F3, d, a, b, c, buffer_[0] + 0xeaa127fa, 11); - MD5STEP(F3, c, d, a, b, buffer_[3] + 0xd4ef3085, 16); - MD5STEP(F3, b, c, d, a, buffer_[6] + 0x04881d05, 23); - MD5STEP(F3, a, b, c, d, buffer_[9] + 0xd9d4d039, 4); - MD5STEP(F3, d, a, b, c, buffer_[12] + 0xe6db99e5, 11); - MD5STEP(F3, c, d, a, b, buffer_[15] + 0x1fa27cf8, 16); - MD5STEP(F3, b, c, d, a, buffer_[2] + 0xc4ac5665, 23); - - MD5STEP(F4, a, b, c, d, buffer_[0] + 0xf4292244, 6); - MD5STEP(F4, d, a, b, c, buffer_[7] + 0x432aff97, 10); - MD5STEP(F4, c, d, a, b, buffer_[14] + 0xab9423a7, 15); - MD5STEP(F4, b, c, d, a, buffer_[5] + 0xfc93a039, 21); - MD5STEP(F4, a, b, c, d, buffer_[12] + 0x655b59c3, 6); - MD5STEP(F4, d, a, b, c, buffer_[3] + 0x8f0ccc92, 10); - MD5STEP(F4, c, d, a, b, buffer_[10] + 0xffeff47d, 15); - MD5STEP(F4, b, c, d, a, buffer_[1] + 0x85845dd1, 21); - MD5STEP(F4, a, b, c, d, buffer_[8] + 0x6fa87e4f, 6); - MD5STEP(F4, d, a, b, c, buffer_[15] + 0xfe2ce6e0, 10); - MD5STEP(F4, c, d, a, b, buffer_[6] + 0xa3014314, 15); - MD5STEP(F4, b, c, d, a, buffer_[13] + 0x4e0811a1, 21); - MD5STEP(F4, a, b, c, d, buffer_[4] + 0xf7537e82, 6); - MD5STEP(F4, d, a, b, c, buffer_[11] + 0xbd3af235, 10); - MD5STEP(F4, c, d, a, b, buffer_[2] + 0x2ad7d2bb, 15); - MD5STEP(F4, b, c, d, a, buffer_[9] + 0xeb86d391, 21); - - // Add the working vars back into digest state[] - digest_[0] += a; - digest_[1] += b; - digest_[2] += c; - digest_[3] += d; - - // Wipe variables - a = b = c = d = 0; -} - - -} // namespace - diff --git a/extra/yassl/taocrypt/src/misc.cpp b/extra/yassl/taocrypt/src/misc.cpp deleted file mode 100644 index 41249bcf373..00000000000 --- a/extra/yassl/taocrypt/src/misc.cpp +++ /dev/null @@ -1,296 +0,0 @@ -/* - Copyright (c) 2005, 2012, Oracle and/or its affiliates - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* based on Wei Dai's misc.cpp from CryptoPP */ - - -#include "runtime.hpp" -#include "misc.hpp" - - -#ifdef __GNUC__ - #include <signal.h> - #include <setjmp.h> -#endif - -#ifdef USE_SYS_STL - #include <algorithm> -#else - #include "algorithm.hpp" -#endif - -namespace STL = STL_NAMESPACE; - - -#ifdef YASSL_PURE_C - - void* operator new(size_t sz, TaoCrypt::new_t) - { - void* ptr = malloc(sz ? sz : 1); - if (!ptr) abort(); - - return ptr; - } - - - void operator delete(void* ptr, TaoCrypt::new_t) - { - if (ptr) free(ptr); - } - - - void* operator new[](size_t sz, TaoCrypt::new_t nt) - { - return ::operator new(sz, nt); - } - - - void operator delete[](void* ptr, TaoCrypt::new_t nt) - { - ::operator delete(ptr, nt); - } - - - /* uncomment to test - // make sure not using globals anywhere by forgetting to use overloaded - void* operator new(size_t sz); - - void operator delete(void* ptr); - - void* operator new[](size_t sz); - - void operator delete[](void* ptr); - */ - - - namespace TaoCrypt { - - new_t tc; // for library new - - } - -#if defined(__ICC) || defined(__INTEL_COMPILER) - -extern "C" { - - int __cxa_pure_virtual() { - return 0; - } - -} // extern "C" - -#endif - -#endif // YASSL_PURE_C - - -namespace TaoCrypt { - - -inline void XorWords(word* r, const word* a, unsigned int n) -{ - for (unsigned int i=0; i<n; i++) - r[i] ^= a[i]; -} - - -void xorbuf(byte* buf, const byte* mask, unsigned int count) -{ - if (((size_t)buf | (size_t)mask | count) % WORD_SIZE == 0) - XorWords((word *)buf, (const word *)mask, count/WORD_SIZE); - else - { - for (unsigned int i=0; i<count; i++) - buf[i] ^= mask[i]; - } -} - - -unsigned int BytePrecision(word value) -{ - unsigned int i; - for (i=sizeof(value); i; --i) - if (value >> (i-1)*8) - break; - - return i; -} - - -unsigned int BitPrecision(word value) -{ - if (!value) - return 0; - - unsigned int l = 0, - h = 8 * sizeof(value); - - while (h-l > 1) - { - unsigned int t = (l+h)/2; - if (value >> t) - l = t; - else - h = t; - } - - return h; -} - - -word Crop(word value, unsigned int size) -{ - if (size < 8*sizeof(value)) - return (value & ((1L << size) - 1)); - else - return value; -} - - - -#ifdef TAOCRYPT_X86ASM_AVAILABLE - -#ifdef NOT_USED -#ifndef _MSC_VER - static jmp_buf s_env; - static void SigIllHandler(int) - { - longjmp(s_env, 1); - } -#endif -#endif - -bool HaveCpuId() -{ -#ifdef _MSC_VER - __try - { - __asm - { - mov eax, 0 - cpuid - } - } - __except (1) - { - return false; - } - return true; -#else - word32 eax, ebx; - __asm__ __volatile - ( - /* Put EFLAGS in eax and ebx */ - "pushf;" - "pushf;" - "pop %0;" - "movl %0,%1;" - - /* Flip the cpuid bit and store back in EFLAGS */ - "xorl $0x200000,%0;" - "push %0;" - "popf;" - - /* Read EFLAGS again */ - "pushf;" - "pop %0;" - "popf" - : "=r" (eax), "=r" (ebx) - : - : "cc" - ); - - if (eax == ebx) - return false; - return true; -#endif -} - - -void CpuId(word32 input, word32 *output) -{ -#ifdef __GNUC__ - __asm__ - ( - // save ebx in case -fPIC is being used - "push %%ebx; cpuid; mov %%ebx, %%edi; pop %%ebx" - : "=a" (output[0]), "=D" (output[1]), "=c" (output[2]), "=d"(output[3]) - : "a" (input) - ); -#else - __asm - { - mov eax, input - cpuid - mov edi, output - mov [edi], eax - mov [edi+4], ebx - mov [edi+8], ecx - mov [edi+12], edx - } -#endif -} - - -bool IsPentium() -{ - if (!HaveCpuId()) - return false; - - word32 cpuid[4]; - - CpuId(0, cpuid); - STL::swap(cpuid[2], cpuid[3]); - if (memcmp(cpuid+1, "GenuineIntel", 12) != 0) - return false; - - CpuId(1, cpuid); - byte family = ((cpuid[0] >> 8) & 0xf); - if (family < 5) - return false; - - return true; -} - - - -static bool IsMmx() -{ - if (!IsPentium()) - return false; - - word32 cpuid[4]; - - CpuId(1, cpuid); - if ((cpuid[3] & (1 << 23)) == 0) - return false; - - return true; -} - - -bool isMMX = IsMmx(); - - -#endif // TAOCRYPT_X86ASM_AVAILABLE - - - - -} // namespace - diff --git a/extra/yassl/taocrypt/src/rabbit.cpp b/extra/yassl/taocrypt/src/rabbit.cpp deleted file mode 100644 index d0d4b0ef3ba..00000000000 --- a/extra/yassl/taocrypt/src/rabbit.cpp +++ /dev/null @@ -1,255 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -#include "runtime.hpp" -#include "rabbit.hpp" - - - -namespace TaoCrypt { - - -#define U32V(x) (word32)(x) - - -#ifdef BIG_ENDIAN_ORDER - #define LITTLE32(x) ByteReverse((word32)x) -#else - #define LITTLE32(x) (x) -#endif - - -// local -namespace { - - -/* Square a 32-bit unsigned integer to obtain the 64-bit result and return */ -/* the upper 32 bits XOR the lower 32 bits */ -word32 RABBIT_g_func(word32 x) -{ - /* Temporary variables */ - word32 a, b, h, l; - - /* Construct high and low argument for squaring */ - a = x&0xFFFF; - b = x>>16; - - /* Calculate high and low result of squaring */ - h = (((U32V(a*a)>>17) + U32V(a*b))>>15) + b*b; - l = x*x; - - /* Return high XOR low */ - return U32V(h^l); -} - - -} // namespace local - - -/* Calculate the next internal state */ -void Rabbit::NextState(RabbitCtx which) -{ - /* Temporary variables */ - word32 g[8], c_old[8], i; - - Ctx* ctx; - - if (which == Master) - ctx = &masterCtx_; - else - ctx = &workCtx_; - - /* Save old counter values */ - for (i=0; i<8; i++) - c_old[i] = ctx->c[i]; - - /* Calculate new counter values */ - ctx->c[0] = U32V(ctx->c[0] + 0x4D34D34D + ctx->carry); - ctx->c[1] = U32V(ctx->c[1] + 0xD34D34D3 + (ctx->c[0] < c_old[0])); - ctx->c[2] = U32V(ctx->c[2] + 0x34D34D34 + (ctx->c[1] < c_old[1])); - ctx->c[3] = U32V(ctx->c[3] + 0x4D34D34D + (ctx->c[2] < c_old[2])); - ctx->c[4] = U32V(ctx->c[4] + 0xD34D34D3 + (ctx->c[3] < c_old[3])); - ctx->c[5] = U32V(ctx->c[5] + 0x34D34D34 + (ctx->c[4] < c_old[4])); - ctx->c[6] = U32V(ctx->c[6] + 0x4D34D34D + (ctx->c[5] < c_old[5])); - ctx->c[7] = U32V(ctx->c[7] + 0xD34D34D3 + (ctx->c[6] < c_old[6])); - ctx->carry = (ctx->c[7] < c_old[7]); - - /* Calculate the g-values */ - for (i=0;i<8;i++) - g[i] = RABBIT_g_func(U32V(ctx->x[i] + ctx->c[i])); - - /* Calculate new state values */ - ctx->x[0] = U32V(g[0] + rotlFixed(g[7],16) + rotlFixed(g[6], 16)); - ctx->x[1] = U32V(g[1] + rotlFixed(g[0], 8) + g[7]); - ctx->x[2] = U32V(g[2] + rotlFixed(g[1],16) + rotlFixed(g[0], 16)); - ctx->x[3] = U32V(g[3] + rotlFixed(g[2], 8) + g[1]); - ctx->x[4] = U32V(g[4] + rotlFixed(g[3],16) + rotlFixed(g[2], 16)); - ctx->x[5] = U32V(g[5] + rotlFixed(g[4], 8) + g[3]); - ctx->x[6] = U32V(g[6] + rotlFixed(g[5],16) + rotlFixed(g[4], 16)); - ctx->x[7] = U32V(g[7] + rotlFixed(g[6], 8) + g[5]); -} - - -/* IV setup */ -void Rabbit::SetIV(const byte* iv) -{ - /* Temporary variables */ - word32 i0, i1, i2, i3, i; - - /* Generate four subvectors */ - i0 = LITTLE32(*(word32*)(iv+0)); - i2 = LITTLE32(*(word32*)(iv+4)); - i1 = (i0>>16) | (i2&0xFFFF0000); - i3 = (i2<<16) | (i0&0x0000FFFF); - - /* Modify counter values */ - workCtx_.c[0] = masterCtx_.c[0] ^ i0; - workCtx_.c[1] = masterCtx_.c[1] ^ i1; - workCtx_.c[2] = masterCtx_.c[2] ^ i2; - workCtx_.c[3] = masterCtx_.c[3] ^ i3; - workCtx_.c[4] = masterCtx_.c[4] ^ i0; - workCtx_.c[5] = masterCtx_.c[5] ^ i1; - workCtx_.c[6] = masterCtx_.c[6] ^ i2; - workCtx_.c[7] = masterCtx_.c[7] ^ i3; - - /* Copy state variables */ - for (i=0; i<8; i++) - workCtx_.x[i] = masterCtx_.x[i]; - workCtx_.carry = masterCtx_.carry; - - /* Iterate the system four times */ - for (i=0; i<4; i++) - NextState(Work); -} - - -/* Key setup */ -void Rabbit::SetKey(const byte* key, const byte* iv) -{ - /* Temporary variables */ - word32 k0, k1, k2, k3, i; - - /* Generate four subkeys */ - k0 = LITTLE32(*(word32*)(key+ 0)); - k1 = LITTLE32(*(word32*)(key+ 4)); - k2 = LITTLE32(*(word32*)(key+ 8)); - k3 = LITTLE32(*(word32*)(key+12)); - - /* Generate initial state variables */ - masterCtx_.x[0] = k0; - masterCtx_.x[2] = k1; - masterCtx_.x[4] = k2; - masterCtx_.x[6] = k3; - masterCtx_.x[1] = U32V(k3<<16) | (k2>>16); - masterCtx_.x[3] = U32V(k0<<16) | (k3>>16); - masterCtx_.x[5] = U32V(k1<<16) | (k0>>16); - masterCtx_.x[7] = U32V(k2<<16) | (k1>>16); - - /* Generate initial counter values */ - masterCtx_.c[0] = rotlFixed(k2, 16); - masterCtx_.c[2] = rotlFixed(k3, 16); - masterCtx_.c[4] = rotlFixed(k0, 16); - masterCtx_.c[6] = rotlFixed(k1, 16); - masterCtx_.c[1] = (k0&0xFFFF0000) | (k1&0xFFFF); - masterCtx_.c[3] = (k1&0xFFFF0000) | (k2&0xFFFF); - masterCtx_.c[5] = (k2&0xFFFF0000) | (k3&0xFFFF); - masterCtx_.c[7] = (k3&0xFFFF0000) | (k0&0xFFFF); - - /* Clear carry bit */ - masterCtx_.carry = 0; - - /* Iterate the system four times */ - for (i=0; i<4; i++) - NextState(Master); - - /* Modify the counters */ - for (i=0; i<8; i++) - masterCtx_.c[i] ^= masterCtx_.x[(i+4)&0x7]; - - /* Copy master instance to work instance */ - for (i=0; i<8; i++) { - workCtx_.x[i] = masterCtx_.x[i]; - workCtx_.c[i] = masterCtx_.c[i]; - } - workCtx_.carry = masterCtx_.carry; - - if (iv) SetIV(iv); -} - - -/* Encrypt/decrypt a message of any size */ -void Rabbit::Process(byte* output, const byte* input, word32 msglen) -{ - /* Temporary variables */ - word32 i; - - /* Encrypt/decrypt all full blocks */ - while (msglen >= 16) { - /* Iterate the system */ - NextState(Work); - - /* Encrypt/decrypt 16 bytes of data */ - *(word32*)(output+ 0) = *(word32*)(input+ 0) ^ - LITTLE32(workCtx_.x[0] ^ (workCtx_.x[5]>>16) ^ - U32V(workCtx_.x[3]<<16)); - *(word32*)(output+ 4) = *(word32*)(input+ 4) ^ - LITTLE32(workCtx_.x[2] ^ (workCtx_.x[7]>>16) ^ - U32V(workCtx_.x[5]<<16)); - *(word32*)(output+ 8) = *(word32*)(input+ 8) ^ - LITTLE32(workCtx_.x[4] ^ (workCtx_.x[1]>>16) ^ - U32V(workCtx_.x[7]<<16)); - *(word32*)(output+12) = *(word32*)(input+12) ^ - LITTLE32(workCtx_.x[6] ^ (workCtx_.x[3]>>16) ^ - U32V(workCtx_.x[1]<<16)); - - /* Increment pointers and decrement length */ - input += 16; - output += 16; - msglen -= 16; - } - - /* Encrypt/decrypt remaining data */ - if (msglen) { - - word32 tmp[4]; - byte* buffer = (byte*)tmp; - - memset(tmp, 0, sizeof(tmp)); /* help static analysis */ - - /* Iterate the system */ - NextState(Work); - - /* Generate 16 bytes of pseudo-random data */ - tmp[0] = LITTLE32(workCtx_.x[0] ^ - (workCtx_.x[5]>>16) ^ U32V(workCtx_.x[3]<<16)); - tmp[1] = LITTLE32(workCtx_.x[2] ^ - (workCtx_.x[7]>>16) ^ U32V(workCtx_.x[5]<<16)); - tmp[2] = LITTLE32(workCtx_.x[4] ^ - (workCtx_.x[1]>>16) ^ U32V(workCtx_.x[7]<<16)); - tmp[3] = LITTLE32(workCtx_.x[6] ^ - (workCtx_.x[3]>>16) ^ U32V(workCtx_.x[1]<<16)); - - /* Encrypt/decrypt the data */ - for (i=0; i<msglen; i++) - output[i] = input[i] ^ buffer[i]; - } -} - - -} // namespace diff --git a/extra/yassl/taocrypt/src/random.cpp b/extra/yassl/taocrypt/src/random.cpp deleted file mode 100644 index 6bca7eaa933..00000000000 --- a/extra/yassl/taocrypt/src/random.cpp +++ /dev/null @@ -1,138 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* random.cpp implements a crypto secure Random Number Generator using an OS - specific seed, switch to /dev/random for more security but may block -*/ - -#include "runtime.hpp" -#include "random.hpp" -#include <string.h> -#include <time.h> - -#if defined(_WIN32) - #include <windows.h> - #include <wincrypt.h> -#else - #include <errno.h> - #include <fcntl.h> - #include <unistd.h> -#endif // _WIN32 - -namespace TaoCrypt { - - -// Get seed and key cipher -RandomNumberGenerator::RandomNumberGenerator() -{ - byte key[32]; - byte junk[256]; - - seed_.GenerateSeed(key, sizeof(key)); - cipher_.SetKey(key, sizeof(key)); - GenerateBlock(junk, sizeof(junk)); // rid initial state -} - - -// place a generated block in output -void RandomNumberGenerator::GenerateBlock(byte* output, word32 sz) -{ - memset(output, 0, sz); - cipher_.Process(output, output, sz); -} - - -byte RandomNumberGenerator::GenerateByte() -{ - byte b; - GenerateBlock(&b, 1); - - return b; -} - - -#if defined(_WIN32) - -/* The OS_Seed implementation for windows */ - -OS_Seed::OS_Seed() -{ - if(!CryptAcquireContext(&handle_, 0, 0, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT)) - error_.SetError(WINCRYPT_E); -} - - -OS_Seed::~OS_Seed() -{ - CryptReleaseContext(handle_, 0); -} - - -void OS_Seed::GenerateSeed(byte* output, word32 sz) -{ - if (!CryptGenRandom(handle_, sz, output)) - error_.SetError(CRYPTGEN_E); -} - - -#else - -/* The default OS_Seed implementation */ - -OS_Seed::OS_Seed() -{ - fd_ = open("/dev/urandom",O_RDONLY); - if (fd_ == -1) { - fd_ = open("/dev/random",O_RDONLY); - if (fd_ == -1) - error_.SetError(OPEN_RAN_E); - } -} - - -OS_Seed::~OS_Seed() -{ - close(fd_); -} - - -// may block -void OS_Seed::GenerateSeed(byte* output, word32 sz) -{ - while (sz) { - int len = read(fd_, output, sz); - if (len == -1) { - error_.SetError(READ_RAN_E); - return; - } - - sz -= len; - output += len; - - if (sz) - sleep(1); - } -} - -#endif // _WIN32 - - - -} // namespace diff --git a/extra/yassl/taocrypt/src/ripemd.cpp b/extra/yassl/taocrypt/src/ripemd.cpp deleted file mode 100644 index 04b8f82ffcc..00000000000 --- a/extra/yassl/taocrypt/src/ripemd.cpp +++ /dev/null @@ -1,844 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - - -/* based on Wei Dai's ripemd.cpp from CryptoPP */ - -#include "runtime.hpp" -#include "ripemd.hpp" -#ifdef USE_SYS_STL - #include <algorithm> -#else - #include "algorithm.hpp" -#endif - - -namespace STL = STL_NAMESPACE; - - - -namespace TaoCrypt { - -void RIPEMD160::Init() -{ - digest_[0] = 0x67452301L; - digest_[1] = 0xefcdab89L; - digest_[2] = 0x98badcfeL; - digest_[3] = 0x10325476L; - digest_[4] = 0xc3d2e1f0L; - - buffLen_ = 0; - loLen_ = 0; - hiLen_ = 0; -} - - -RIPEMD160::RIPEMD160(const RIPEMD160& that) - : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) -{ - buffLen_ = that.buffLen_; - loLen_ = that.loLen_; - hiLen_ = that.hiLen_; - - memcpy(digest_, that.digest_, DIGEST_SIZE); - memcpy(buffer_, that.buffer_, BLOCK_SIZE); -} - - -RIPEMD160& RIPEMD160::operator= (const RIPEMD160& that) -{ - RIPEMD160 tmp(that); - Swap(tmp); - - return *this; -} - - -void RIPEMD160::Swap(RIPEMD160& other) -{ - STL::swap(loLen_, other.loLen_); - STL::swap(hiLen_, other.hiLen_); - STL::swap(buffLen_, other.buffLen_); - - memcpy(digest_, other.digest_, DIGEST_SIZE); - memcpy(buffer_, other.buffer_, BLOCK_SIZE); -} - - -#ifdef DO_RIPEMD_ASM - -// Update digest with data of size len -void RIPEMD160::Update(const byte* data, word32 len) -{ - if (!isMMX) { - HASHwithTransform::Update(data, len); - return; - } - - byte* local = reinterpret_cast<byte*>(buffer_); - - // remove buffered data if possible - if (buffLen_) { - word32 add = min(len, BLOCK_SIZE - buffLen_); - memcpy(&local[buffLen_], data, add); - - buffLen_ += add; - data += add; - len -= add; - - if (buffLen_ == BLOCK_SIZE) { - Transform(); - AddLength(BLOCK_SIZE); - buffLen_ = 0; - } - } - - // all at once for asm - if (buffLen_ == 0) { - word32 times = len / BLOCK_SIZE; - if (times) { - AsmTransform(data, times); - const word32 add = BLOCK_SIZE * times; - AddLength(add); - len -= add; - data += add; - } - } - - // cache any data left - if (len) { - memcpy(&local[buffLen_], data, len); - buffLen_ += len; - } -} - -#endif // DO_RIPEMD_ASM - - -// for all -#define F(x, y, z) (x ^ y ^ z) -#define G(x, y, z) (z ^ (x & (y^z))) -#define H(x, y, z) (z ^ (x | ~y)) -#define I(x, y, z) (y ^ (z & (x^y))) -#define J(x, y, z) (x ^ (y | ~z)) - -#define k0 0 -#define k1 0x5a827999 -#define k2 0x6ed9eba1 -#define k3 0x8f1bbcdc -#define k4 0xa953fd4e -#define k5 0x50a28be6 -#define k6 0x5c4dd124 -#define k7 0x6d703ef3 -#define k8 0x7a6d76e9 -#define k9 0 - -// for 160 and 320 -#define Subround(f, a, b, c, d, e, x, s, k) \ - a += f(b, c, d) + x + k;\ - a = rotlFixed((word32)a, s) + e;\ - c = rotlFixed((word32)c, 10U) - - -void RIPEMD160::Transform() -{ - unsigned long a1, b1, c1, d1, e1, a2, b2, c2, d2, e2; - a1 = a2 = digest_[0]; - b1 = b2 = digest_[1]; - c1 = c2 = digest_[2]; - d1 = d2 = digest_[3]; - e1 = e2 = digest_[4]; - - Subround(F, a1, b1, c1, d1, e1, buffer_[ 0], 11, k0); - Subround(F, e1, a1, b1, c1, d1, buffer_[ 1], 14, k0); - Subround(F, d1, e1, a1, b1, c1, buffer_[ 2], 15, k0); - Subround(F, c1, d1, e1, a1, b1, buffer_[ 3], 12, k0); - Subround(F, b1, c1, d1, e1, a1, buffer_[ 4], 5, k0); - Subround(F, a1, b1, c1, d1, e1, buffer_[ 5], 8, k0); - Subround(F, e1, a1, b1, c1, d1, buffer_[ 6], 7, k0); - Subround(F, d1, e1, a1, b1, c1, buffer_[ 7], 9, k0); - Subround(F, c1, d1, e1, a1, b1, buffer_[ 8], 11, k0); - Subround(F, b1, c1, d1, e1, a1, buffer_[ 9], 13, k0); - Subround(F, a1, b1, c1, d1, e1, buffer_[10], 14, k0); - Subround(F, e1, a1, b1, c1, d1, buffer_[11], 15, k0); - Subround(F, d1, e1, a1, b1, c1, buffer_[12], 6, k0); - Subround(F, c1, d1, e1, a1, b1, buffer_[13], 7, k0); - Subround(F, b1, c1, d1, e1, a1, buffer_[14], 9, k0); - Subround(F, a1, b1, c1, d1, e1, buffer_[15], 8, k0); - - Subround(G, e1, a1, b1, c1, d1, buffer_[ 7], 7, k1); - Subround(G, d1, e1, a1, b1, c1, buffer_[ 4], 6, k1); - Subround(G, c1, d1, e1, a1, b1, buffer_[13], 8, k1); - Subround(G, b1, c1, d1, e1, a1, buffer_[ 1], 13, k1); - Subround(G, a1, b1, c1, d1, e1, buffer_[10], 11, k1); - Subround(G, e1, a1, b1, c1, d1, buffer_[ 6], 9, k1); - Subround(G, d1, e1, a1, b1, c1, buffer_[15], 7, k1); - Subround(G, c1, d1, e1, a1, b1, buffer_[ 3], 15, k1); - Subround(G, b1, c1, d1, e1, a1, buffer_[12], 7, k1); - Subround(G, a1, b1, c1, d1, e1, buffer_[ 0], 12, k1); - Subround(G, e1, a1, b1, c1, d1, buffer_[ 9], 15, k1); - Subround(G, d1, e1, a1, b1, c1, buffer_[ 5], 9, k1); - Subround(G, c1, d1, e1, a1, b1, buffer_[ 2], 11, k1); - Subround(G, b1, c1, d1, e1, a1, buffer_[14], 7, k1); - Subround(G, a1, b1, c1, d1, e1, buffer_[11], 13, k1); - Subround(G, e1, a1, b1, c1, d1, buffer_[ 8], 12, k1); - - Subround(H, d1, e1, a1, b1, c1, buffer_[ 3], 11, k2); - Subround(H, c1, d1, e1, a1, b1, buffer_[10], 13, k2); - Subround(H, b1, c1, d1, e1, a1, buffer_[14], 6, k2); - Subround(H, a1, b1, c1, d1, e1, buffer_[ 4], 7, k2); - Subround(H, e1, a1, b1, c1, d1, buffer_[ 9], 14, k2); - Subround(H, d1, e1, a1, b1, c1, buffer_[15], 9, k2); - Subround(H, c1, d1, e1, a1, b1, buffer_[ 8], 13, k2); - Subround(H, b1, c1, d1, e1, a1, buffer_[ 1], 15, k2); - Subround(H, a1, b1, c1, d1, e1, buffer_[ 2], 14, k2); - Subround(H, e1, a1, b1, c1, d1, buffer_[ 7], 8, k2); - Subround(H, d1, e1, a1, b1, c1, buffer_[ 0], 13, k2); - Subround(H, c1, d1, e1, a1, b1, buffer_[ 6], 6, k2); - Subround(H, b1, c1, d1, e1, a1, buffer_[13], 5, k2); - Subround(H, a1, b1, c1, d1, e1, buffer_[11], 12, k2); - Subround(H, e1, a1, b1, c1, d1, buffer_[ 5], 7, k2); - Subround(H, d1, e1, a1, b1, c1, buffer_[12], 5, k2); - - Subround(I, c1, d1, e1, a1, b1, buffer_[ 1], 11, k3); - Subround(I, b1, c1, d1, e1, a1, buffer_[ 9], 12, k3); - Subround(I, a1, b1, c1, d1, e1, buffer_[11], 14, k3); - Subround(I, e1, a1, b1, c1, d1, buffer_[10], 15, k3); - Subround(I, d1, e1, a1, b1, c1, buffer_[ 0], 14, k3); - Subround(I, c1, d1, e1, a1, b1, buffer_[ 8], 15, k3); - Subround(I, b1, c1, d1, e1, a1, buffer_[12], 9, k3); - Subround(I, a1, b1, c1, d1, e1, buffer_[ 4], 8, k3); - Subround(I, e1, a1, b1, c1, d1, buffer_[13], 9, k3); - Subround(I, d1, e1, a1, b1, c1, buffer_[ 3], 14, k3); - Subround(I, c1, d1, e1, a1, b1, buffer_[ 7], 5, k3); - Subround(I, b1, c1, d1, e1, a1, buffer_[15], 6, k3); - Subround(I, a1, b1, c1, d1, e1, buffer_[14], 8, k3); - Subround(I, e1, a1, b1, c1, d1, buffer_[ 5], 6, k3); - Subround(I, d1, e1, a1, b1, c1, buffer_[ 6], 5, k3); - Subround(I, c1, d1, e1, a1, b1, buffer_[ 2], 12, k3); - - Subround(J, b1, c1, d1, e1, a1, buffer_[ 4], 9, k4); - Subround(J, a1, b1, c1, d1, e1, buffer_[ 0], 15, k4); - Subround(J, e1, a1, b1, c1, d1, buffer_[ 5], 5, k4); - Subround(J, d1, e1, a1, b1, c1, buffer_[ 9], 11, k4); - Subround(J, c1, d1, e1, a1, b1, buffer_[ 7], 6, k4); - Subround(J, b1, c1, d1, e1, a1, buffer_[12], 8, k4); - Subround(J, a1, b1, c1, d1, e1, buffer_[ 2], 13, k4); - Subround(J, e1, a1, b1, c1, d1, buffer_[10], 12, k4); - Subround(J, d1, e1, a1, b1, c1, buffer_[14], 5, k4); - Subround(J, c1, d1, e1, a1, b1, buffer_[ 1], 12, k4); - Subround(J, b1, c1, d1, e1, a1, buffer_[ 3], 13, k4); - Subround(J, a1, b1, c1, d1, e1, buffer_[ 8], 14, k4); - Subround(J, e1, a1, b1, c1, d1, buffer_[11], 11, k4); - Subround(J, d1, e1, a1, b1, c1, buffer_[ 6], 8, k4); - Subround(J, c1, d1, e1, a1, b1, buffer_[15], 5, k4); - Subround(J, b1, c1, d1, e1, a1, buffer_[13], 6, k4); - - Subround(J, a2, b2, c2, d2, e2, buffer_[ 5], 8, k5); - Subround(J, e2, a2, b2, c2, d2, buffer_[14], 9, k5); - Subround(J, d2, e2, a2, b2, c2, buffer_[ 7], 9, k5); - Subround(J, c2, d2, e2, a2, b2, buffer_[ 0], 11, k5); - Subround(J, b2, c2, d2, e2, a2, buffer_[ 9], 13, k5); - Subround(J, a2, b2, c2, d2, e2, buffer_[ 2], 15, k5); - Subround(J, e2, a2, b2, c2, d2, buffer_[11], 15, k5); - Subround(J, d2, e2, a2, b2, c2, buffer_[ 4], 5, k5); - Subround(J, c2, d2, e2, a2, b2, buffer_[13], 7, k5); - Subround(J, b2, c2, d2, e2, a2, buffer_[ 6], 7, k5); - Subround(J, a2, b2, c2, d2, e2, buffer_[15], 8, k5); - Subround(J, e2, a2, b2, c2, d2, buffer_[ 8], 11, k5); - Subround(J, d2, e2, a2, b2, c2, buffer_[ 1], 14, k5); - Subround(J, c2, d2, e2, a2, b2, buffer_[10], 14, k5); - Subround(J, b2, c2, d2, e2, a2, buffer_[ 3], 12, k5); - Subround(J, a2, b2, c2, d2, e2, buffer_[12], 6, k5); - - Subround(I, e2, a2, b2, c2, d2, buffer_[ 6], 9, k6); - Subround(I, d2, e2, a2, b2, c2, buffer_[11], 13, k6); - Subround(I, c2, d2, e2, a2, b2, buffer_[ 3], 15, k6); - Subround(I, b2, c2, d2, e2, a2, buffer_[ 7], 7, k6); - Subround(I, a2, b2, c2, d2, e2, buffer_[ 0], 12, k6); - Subround(I, e2, a2, b2, c2, d2, buffer_[13], 8, k6); - Subround(I, d2, e2, a2, b2, c2, buffer_[ 5], 9, k6); - Subround(I, c2, d2, e2, a2, b2, buffer_[10], 11, k6); - Subround(I, b2, c2, d2, e2, a2, buffer_[14], 7, k6); - Subround(I, a2, b2, c2, d2, e2, buffer_[15], 7, k6); - Subround(I, e2, a2, b2, c2, d2, buffer_[ 8], 12, k6); - Subround(I, d2, e2, a2, b2, c2, buffer_[12], 7, k6); - Subround(I, c2, d2, e2, a2, b2, buffer_[ 4], 6, k6); - Subround(I, b2, c2, d2, e2, a2, buffer_[ 9], 15, k6); - Subround(I, a2, b2, c2, d2, e2, buffer_[ 1], 13, k6); - Subround(I, e2, a2, b2, c2, d2, buffer_[ 2], 11, k6); - - Subround(H, d2, e2, a2, b2, c2, buffer_[15], 9, k7); - Subround(H, c2, d2, e2, a2, b2, buffer_[ 5], 7, k7); - Subround(H, b2, c2, d2, e2, a2, buffer_[ 1], 15, k7); - Subround(H, a2, b2, c2, d2, e2, buffer_[ 3], 11, k7); - Subround(H, e2, a2, b2, c2, d2, buffer_[ 7], 8, k7); - Subround(H, d2, e2, a2, b2, c2, buffer_[14], 6, k7); - Subround(H, c2, d2, e2, a2, b2, buffer_[ 6], 6, k7); - Subround(H, b2, c2, d2, e2, a2, buffer_[ 9], 14, k7); - Subround(H, a2, b2, c2, d2, e2, buffer_[11], 12, k7); - Subround(H, e2, a2, b2, c2, d2, buffer_[ 8], 13, k7); - Subround(H, d2, e2, a2, b2, c2, buffer_[12], 5, k7); - Subround(H, c2, d2, e2, a2, b2, buffer_[ 2], 14, k7); - Subround(H, b2, c2, d2, e2, a2, buffer_[10], 13, k7); - Subround(H, a2, b2, c2, d2, e2, buffer_[ 0], 13, k7); - Subround(H, e2, a2, b2, c2, d2, buffer_[ 4], 7, k7); - Subround(H, d2, e2, a2, b2, c2, buffer_[13], 5, k7); - - Subround(G, c2, d2, e2, a2, b2, buffer_[ 8], 15, k8); - Subround(G, b2, c2, d2, e2, a2, buffer_[ 6], 5, k8); - Subround(G, a2, b2, c2, d2, e2, buffer_[ 4], 8, k8); - Subround(G, e2, a2, b2, c2, d2, buffer_[ 1], 11, k8); - Subround(G, d2, e2, a2, b2, c2, buffer_[ 3], 14, k8); - Subround(G, c2, d2, e2, a2, b2, buffer_[11], 14, k8); - Subround(G, b2, c2, d2, e2, a2, buffer_[15], 6, k8); - Subround(G, a2, b2, c2, d2, e2, buffer_[ 0], 14, k8); - Subround(G, e2, a2, b2, c2, d2, buffer_[ 5], 6, k8); - Subround(G, d2, e2, a2, b2, c2, buffer_[12], 9, k8); - Subround(G, c2, d2, e2, a2, b2, buffer_[ 2], 12, k8); - Subround(G, b2, c2, d2, e2, a2, buffer_[13], 9, k8); - Subround(G, a2, b2, c2, d2, e2, buffer_[ 9], 12, k8); - Subround(G, e2, a2, b2, c2, d2, buffer_[ 7], 5, k8); - Subround(G, d2, e2, a2, b2, c2, buffer_[10], 15, k8); - Subround(G, c2, d2, e2, a2, b2, buffer_[14], 8, k8); - - Subround(F, b2, c2, d2, e2, a2, buffer_[12], 8, k9); - Subround(F, a2, b2, c2, d2, e2, buffer_[15], 5, k9); - Subround(F, e2, a2, b2, c2, d2, buffer_[10], 12, k9); - Subround(F, d2, e2, a2, b2, c2, buffer_[ 4], 9, k9); - Subround(F, c2, d2, e2, a2, b2, buffer_[ 1], 12, k9); - Subround(F, b2, c2, d2, e2, a2, buffer_[ 5], 5, k9); - Subround(F, a2, b2, c2, d2, e2, buffer_[ 8], 14, k9); - Subround(F, e2, a2, b2, c2, d2, buffer_[ 7], 6, k9); - Subround(F, d2, e2, a2, b2, c2, buffer_[ 6], 8, k9); - Subround(F, c2, d2, e2, a2, b2, buffer_[ 2], 13, k9); - Subround(F, b2, c2, d2, e2, a2, buffer_[13], 6, k9); - Subround(F, a2, b2, c2, d2, e2, buffer_[14], 5, k9); - Subround(F, e2, a2, b2, c2, d2, buffer_[ 0], 15, k9); - Subround(F, d2, e2, a2, b2, c2, buffer_[ 3], 13, k9); - Subround(F, c2, d2, e2, a2, b2, buffer_[ 9], 11, k9); - Subround(F, b2, c2, d2, e2, a2, buffer_[11], 11, k9); - - c1 = digest_[1] + c1 + d2; - digest_[1] = digest_[2] + d1 + e2; - digest_[2] = digest_[3] + e1 + a2; - digest_[3] = digest_[4] + a1 + b2; - digest_[4] = digest_[0] + b1 + c2; - digest_[0] = c1; -} - - -#ifdef DO_RIPEMD_ASM - -/* - // F(x ^ y ^ z) - // place in esi -#define ASMF(x, y, z) \ - AS2( mov esi, x ) \ - AS2( xor esi, y ) \ - AS2( xor esi, z ) - - - // G(z ^ (x & (y^z))) - // place in esi -#define ASMG(x, y, z) \ - AS2( mov esi, z ) \ - AS2( xor esi, y ) \ - AS2( and esi, x ) \ - AS2( xor esi, z ) - - - // H(z ^ (x | ~y)) - // place in esi -#define ASMH(x, y, z) \ - AS2( mov esi, y ) \ - AS1( not esi ) \ - AS2( or esi, x ) \ - AS2( xor esi, z ) - - - // I(y ^ (z & (x^y))) - // place in esi -#define ASMI(x, y, z) \ - AS2( mov esi, y ) \ - AS2( xor esi, x ) \ - AS2( and esi, z ) \ - AS2( xor esi, y ) - - - // J(x ^ (y | ~z))) - // place in esi -#define ASMJ(x, y, z) \ - AS2( mov esi, z ) \ - AS1( not esi ) \ - AS2( or esi, y ) \ - AS2( xor esi, x ) - - -// for 160 and 320 -// #define ASMSubround(f, a, b, c, d, e, i, s, k) -// a += f(b, c, d) + data[i] + k; -// a = rotlFixed((word32)a, s) + e; -// c = rotlFixed((word32)c, 10U) - -#define ASMSubround(f, a, b, c, d, e, index, s, k) \ - // a += f(b, c, d) + data[i] + k \ - AS2( mov esp, [edi + index * 4] ) \ - f(b, c, d) \ - AS2( add esi, k ) \ - AS2( add esi, esp ) \ - AS2( add a, esi ) \ - // a = rotlFixed((word32)a, s) + e \ - AS2( rol a, s ) \ - AS2( rol c, 10 ) \ - // c = rotlFixed((word32)c, 10U) \ - AS2( add a, e ) -*/ - - -// combine F into subround w/ setup -// esi already has c, setup for next round when done -// esp already has edi[index], setup for next round when done - -#define ASMSubroundF(a, b, c, d, e, index, s) \ - /* a += (b ^ c ^ d) + data[i] + k */ \ - AS2( xor esi, b ) \ - AS2( add a, [edi + index * 4] ) \ - AS2( xor esi, d ) \ - AS2( add a, esi ) \ - /* a = rotlFixed((word32)a, s) + e */ \ - AS2( mov esi, b ) \ - AS2( rol a, s ) \ - /* c = rotlFixed((word32)c, 10U) */ \ - AS2( rol c, 10 ) \ - AS2( add a, e ) - - -// combine G into subround w/ setup -// esi already has c, setup for next round when done -// esp already has edi[index], setup for next round when done - -#define ASMSubroundG(a, b, c, d, e, index, s, k) \ - /* a += (d ^ (b & (c^d))) + data[i] + k */ \ - AS2( xor esi, d ) \ - AS2( and esi, b ) \ - AS2( add a, [edi + index * 4] ) \ - AS2( xor esi, d ) \ - AS2( lea a, [esi + a + k] ) \ - /* a = rotlFixed((word32)a, s) + e */ \ - AS2( mov esi, b ) \ - AS2( rol a, s ) \ - /* c = rotlFixed((word32)c, 10U) */ \ - AS2( rol c, 10 ) \ - AS2( add a, e ) - - -// combine H into subround w/ setup -// esi already has c, setup for next round when done -// esp already has edi[index], setup for next round when done - -#define ASMSubroundH(a, b, c, d, e, index, s, k) \ - /* a += (d ^ (b | ~c)) + data[i] + k */ \ - AS1( not esi ) \ - AS2( or esi, b ) \ - AS2( add a, [edi + index * 4] ) \ - AS2( xor esi, d ) \ - AS2( lea a, [esi + a + k] ) \ - /* a = rotlFixed((word32)a, s) + e */ \ - AS2( mov esi, b ) \ - AS2( rol a, s ) \ - /* c = rotlFixed((word32)c, 10U) */ \ - AS2( rol c, 10 ) \ - AS2( add a, e ) - - -// combine I into subround w/ setup -// esi already has c, setup for next round when done -// esp already has edi[index], setup for next round when done - -#define ASMSubroundI(a, b, c, d, e, index, s, k) \ - /* a += (c ^ (d & (b^c))) + data[i] + k */ \ - AS2( xor esi, b ) \ - AS2( and esi, d ) \ - AS2( add a, [edi + index * 4] ) \ - AS2( xor esi, c ) \ - AS2( lea a, [esi + a + k] ) \ - /* a = rotlFixed((word32)a, s) + e */ \ - AS2( mov esi, b ) \ - AS2( rol a, s ) \ - /* c = rotlFixed((word32)c, 10U) */ \ - AS2( rol c, 10 ) \ - AS2( add a, e ) - - -// combine J into subround w/ setup -// esi already has d, setup for next round when done -// esp already has edi[index], setup for next round when done - -#define ASMSubroundJ(a, b, c, d, e, index, s, k) \ - /* a += (b ^ (c | ~d))) + data[i] + k */ \ - AS1( not esi ) \ - AS2( or esi, c ) \ - /* c = rotlFixed((word32)c, 10U) */ \ - AS2( add a, [edi + index * 4] ) \ - AS2( xor esi, b ) \ - AS2( rol c, 10 ) \ - AS2( lea a, [esi + a + k] ) \ - /* a = rotlFixed((word32)a, s) + e */ \ - AS2( rol a, s ) \ - AS2( mov esi, c ) \ - AS2( add a, e ) - - -#ifdef _MSC_VER - __declspec(naked) -#else - __attribute__ ((noinline)) -#endif -void RIPEMD160::AsmTransform(const byte* data, word32 times) -{ -#ifdef __GNUC__ - #define AS1(x) #x ";" - #define AS2(x, y) #x ", " #y ";" - - #define PROLOG() \ - __asm__ __volatile__ \ - ( \ - ".intel_syntax noprefix;" \ - "push ebx;" \ - "push ebp;" - #define EPILOG() \ - "pop ebp;" \ - "pop ebx;" \ - "emms;" \ - ".att_syntax;" \ - : \ - : "c" (this), "D" (data), "d" (times) \ - : "%esi", "%eax", "memory", "cc" \ - ); - -#else - #define AS1(x) __asm x - #define AS2(x, y) __asm x, y - - #define PROLOG() \ - AS1( push ebp ) \ - AS2( mov ebp, esp ) \ - AS2( movd mm3, edi ) \ - AS2( movd mm4, ebx ) \ - AS2( movd mm5, esi ) \ - AS2( movd mm6, ebp ) \ - AS2( mov edi, DWORD PTR [ebp + 8] ) \ - AS2( mov edx, DWORD PTR [ebp + 12] ) - - #define EPILOG() \ - AS2( movd ebp, mm6 ) \ - AS2( movd esi, mm5 ) \ - AS2( movd ebx, mm4 ) \ - AS2( movd edi, mm3 ) \ - AS2( mov esp, ebp ) \ - AS1( pop ebp ) \ - AS1( emms ) \ - AS1( ret 8 ) - -#endif - - PROLOG() - - #ifdef OLD_GCC_OFFSET - AS2( lea esi, [ecx + 20] ) // digest_[0] - #else - AS2( lea esi, [ecx + 16] ) // digest_[0] - #endif - - AS2( sub esp, 24 ) // make room for tmp a1 - e1 - AS2( movd mm1, esi ) // store digest_ - -#ifdef _MSC_VER - AS1( loopStart: ) // loopStart -#else - AS1( 0: ) // loopStart for some gas (need numeric for jump back -#endif - - AS2( movd mm2, edx ) // store times_ - - AS2( mov eax, [esi] ) // a1 - AS2( mov ebx, [esi + 4] ) // b1 - AS2( mov ecx, [esi + 8] ) // c1 - AS2( mov edx, [esi + 12] ) // d1 - AS2( mov ebp, [esi + 16] ) // e1 - - // setup - AS2( mov esi, ecx ) - - ASMSubroundF( eax, ebx, ecx, edx, ebp, 0, 11) - ASMSubroundF( ebp, eax, ebx, ecx, edx, 1, 14) - ASMSubroundF( edx, ebp, eax, ebx, ecx, 2, 15) - ASMSubroundF( ecx, edx, ebp, eax, ebx, 3, 12) - ASMSubroundF( ebx, ecx, edx, ebp, eax, 4, 5) - ASMSubroundF( eax, ebx, ecx, edx, ebp, 5, 8) - ASMSubroundF( ebp, eax, ebx, ecx, edx, 6, 7) - ASMSubroundF( edx, ebp, eax, ebx, ecx, 7, 9) - ASMSubroundF( ecx, edx, ebp, eax, ebx, 8, 11) - ASMSubroundF( ebx, ecx, edx, ebp, eax, 9, 13) - ASMSubroundF( eax, ebx, ecx, edx, ebp, 10, 14) - ASMSubroundF( ebp, eax, ebx, ecx, edx, 11, 15) - ASMSubroundF( edx, ebp, eax, ebx, ecx, 12, 6) - ASMSubroundF( ecx, edx, ebp, eax, ebx, 13, 7) - ASMSubroundF( ebx, ecx, edx, ebp, eax, 14, 9) - ASMSubroundF( eax, ebx, ecx, edx, ebp, 15, 8) - - ASMSubroundG( ebp, eax, ebx, ecx, edx, 7, 7, k1) - ASMSubroundG( edx, ebp, eax, ebx, ecx, 4, 6, k1) - ASMSubroundG( ecx, edx, ebp, eax, ebx, 13, 8, k1) - ASMSubroundG( ebx, ecx, edx, ebp, eax, 1, 13, k1) - ASMSubroundG( eax, ebx, ecx, edx, ebp, 10, 11, k1) - ASMSubroundG( ebp, eax, ebx, ecx, edx, 6, 9, k1) - ASMSubroundG( edx, ebp, eax, ebx, ecx, 15, 7, k1) - ASMSubroundG( ecx, edx, ebp, eax, ebx, 3, 15, k1) - ASMSubroundG( ebx, ecx, edx, ebp, eax, 12, 7, k1) - ASMSubroundG( eax, ebx, ecx, edx, ebp, 0, 12, k1) - ASMSubroundG( ebp, eax, ebx, ecx, edx, 9, 15, k1) - ASMSubroundG( edx, ebp, eax, ebx, ecx, 5, 9, k1) - ASMSubroundG( ecx, edx, ebp, eax, ebx, 2, 11, k1) - ASMSubroundG( ebx, ecx, edx, ebp, eax, 14, 7, k1) - ASMSubroundG( eax, ebx, ecx, edx, ebp, 11, 13, k1) - ASMSubroundG( ebp, eax, ebx, ecx, edx, 8, 12, k1) - - ASMSubroundH( edx, ebp, eax, ebx, ecx, 3, 11, k2) - ASMSubroundH( ecx, edx, ebp, eax, ebx, 10, 13, k2) - ASMSubroundH( ebx, ecx, edx, ebp, eax, 14, 6, k2) - ASMSubroundH( eax, ebx, ecx, edx, ebp, 4, 7, k2) - ASMSubroundH( ebp, eax, ebx, ecx, edx, 9, 14, k2) - ASMSubroundH( edx, ebp, eax, ebx, ecx, 15, 9, k2) - ASMSubroundH( ecx, edx, ebp, eax, ebx, 8, 13, k2) - ASMSubroundH( ebx, ecx, edx, ebp, eax, 1, 15, k2) - ASMSubroundH( eax, ebx, ecx, edx, ebp, 2, 14, k2) - ASMSubroundH( ebp, eax, ebx, ecx, edx, 7, 8, k2) - ASMSubroundH( edx, ebp, eax, ebx, ecx, 0, 13, k2) - ASMSubroundH( ecx, edx, ebp, eax, ebx, 6, 6, k2) - ASMSubroundH( ebx, ecx, edx, ebp, eax, 13, 5, k2) - ASMSubroundH( eax, ebx, ecx, edx, ebp, 11, 12, k2) - ASMSubroundH( ebp, eax, ebx, ecx, edx, 5, 7, k2) - ASMSubroundH( edx, ebp, eax, ebx, ecx, 12, 5, k2) - - ASMSubroundI( ecx, edx, ebp, eax, ebx, 1, 11, k3) - ASMSubroundI( ebx, ecx, edx, ebp, eax, 9, 12, k3) - ASMSubroundI( eax, ebx, ecx, edx, ebp, 11, 14, k3) - ASMSubroundI( ebp, eax, ebx, ecx, edx, 10, 15, k3) - ASMSubroundI( edx, ebp, eax, ebx, ecx, 0, 14, k3) - ASMSubroundI( ecx, edx, ebp, eax, ebx, 8, 15, k3) - ASMSubroundI( ebx, ecx, edx, ebp, eax, 12, 9, k3) - ASMSubroundI( eax, ebx, ecx, edx, ebp, 4, 8, k3) - ASMSubroundI( ebp, eax, ebx, ecx, edx, 13, 9, k3) - ASMSubroundI( edx, ebp, eax, ebx, ecx, 3, 14, k3) - ASMSubroundI( ecx, edx, ebp, eax, ebx, 7, 5, k3) - ASMSubroundI( ebx, ecx, edx, ebp, eax, 15, 6, k3) - ASMSubroundI( eax, ebx, ecx, edx, ebp, 14, 8, k3) - ASMSubroundI( ebp, eax, ebx, ecx, edx, 5, 6, k3) - ASMSubroundI( edx, ebp, eax, ebx, ecx, 6, 5, k3) - ASMSubroundI( ecx, edx, ebp, eax, ebx, 2, 12, k3) - - // setup - AS2( mov esi, ebp ) - - ASMSubroundJ( ebx, ecx, edx, ebp, eax, 4, 9, k4) - ASMSubroundJ( eax, ebx, ecx, edx, ebp, 0, 15, k4) - ASMSubroundJ( ebp, eax, ebx, ecx, edx, 5, 5, k4) - ASMSubroundJ( edx, ebp, eax, ebx, ecx, 9, 11, k4) - ASMSubroundJ( ecx, edx, ebp, eax, ebx, 7, 6, k4) - ASMSubroundJ( ebx, ecx, edx, ebp, eax, 12, 8, k4) - ASMSubroundJ( eax, ebx, ecx, edx, ebp, 2, 13, k4) - ASMSubroundJ( ebp, eax, ebx, ecx, edx, 10, 12, k4) - ASMSubroundJ( edx, ebp, eax, ebx, ecx, 14, 5, k4) - ASMSubroundJ( ecx, edx, ebp, eax, ebx, 1, 12, k4) - ASMSubroundJ( ebx, ecx, edx, ebp, eax, 3, 13, k4) - ASMSubroundJ( eax, ebx, ecx, edx, ebp, 8, 14, k4) - ASMSubroundJ( ebp, eax, ebx, ecx, edx, 11, 11, k4) - ASMSubroundJ( edx, ebp, eax, ebx, ecx, 6, 8, k4) - ASMSubroundJ( ecx, edx, ebp, eax, ebx, 15, 5, k4) - ASMSubroundJ( ebx, ecx, edx, ebp, eax, 13, 6, k4) - - // store a1 - e1 on stack - AS2( movd esi, mm1 ) // digest_ - - AS2( mov [esp], eax ) - AS2( mov [esp + 4], ebx ) - AS2( mov [esp + 8], ecx ) - AS2( mov [esp + 12], edx ) - AS2( mov [esp + 16], ebp ) - - AS2( mov eax, [esi] ) // a2 - AS2( mov ebx, [esi + 4] ) // b2 - AS2( mov ecx, [esi + 8] ) // c2 - AS2( mov edx, [esi + 12] ) // d2 - AS2( mov ebp, [esi + 16] ) // e2 - - - // setup - AS2( mov esi, edx ) - - ASMSubroundJ( eax, ebx, ecx, edx, ebp, 5, 8, k5) - ASMSubroundJ( ebp, eax, ebx, ecx, edx, 14, 9, k5) - ASMSubroundJ( edx, ebp, eax, ebx, ecx, 7, 9, k5) - ASMSubroundJ( ecx, edx, ebp, eax, ebx, 0, 11, k5) - ASMSubroundJ( ebx, ecx, edx, ebp, eax, 9, 13, k5) - ASMSubroundJ( eax, ebx, ecx, edx, ebp, 2, 15, k5) - ASMSubroundJ( ebp, eax, ebx, ecx, edx, 11, 15, k5) - ASMSubroundJ( edx, ebp, eax, ebx, ecx, 4, 5, k5) - ASMSubroundJ( ecx, edx, ebp, eax, ebx, 13, 7, k5) - ASMSubroundJ( ebx, ecx, edx, ebp, eax, 6, 7, k5) - ASMSubroundJ( eax, ebx, ecx, edx, ebp, 15, 8, k5) - ASMSubroundJ( ebp, eax, ebx, ecx, edx, 8, 11, k5) - ASMSubroundJ( edx, ebp, eax, ebx, ecx, 1, 14, k5) - ASMSubroundJ( ecx, edx, ebp, eax, ebx, 10, 14, k5) - ASMSubroundJ( ebx, ecx, edx, ebp, eax, 3, 12, k5) - ASMSubroundJ( eax, ebx, ecx, edx, ebp, 12, 6, k5) - - // setup - AS2( mov esi, ebx ) - - ASMSubroundI( ebp, eax, ebx, ecx, edx, 6, 9, k6) - ASMSubroundI( edx, ebp, eax, ebx, ecx, 11, 13, k6) - ASMSubroundI( ecx, edx, ebp, eax, ebx, 3, 15, k6) - ASMSubroundI( ebx, ecx, edx, ebp, eax, 7, 7, k6) - ASMSubroundI( eax, ebx, ecx, edx, ebp, 0, 12, k6) - ASMSubroundI( ebp, eax, ebx, ecx, edx, 13, 8, k6) - ASMSubroundI( edx, ebp, eax, ebx, ecx, 5, 9, k6) - ASMSubroundI( ecx, edx, ebp, eax, ebx, 10, 11, k6) - ASMSubroundI( ebx, ecx, edx, ebp, eax, 14, 7, k6) - ASMSubroundI( eax, ebx, ecx, edx, ebp, 15, 7, k6) - ASMSubroundI( ebp, eax, ebx, ecx, edx, 8, 12, k6) - ASMSubroundI( edx, ebp, eax, ebx, ecx, 12, 7, k6) - ASMSubroundI( ecx, edx, ebp, eax, ebx, 4, 6, k6) - ASMSubroundI( ebx, ecx, edx, ebp, eax, 9, 15, k6) - ASMSubroundI( eax, ebx, ecx, edx, ebp, 1, 13, k6) - ASMSubroundI( ebp, eax, ebx, ecx, edx, 2, 11, k6) - - ASMSubroundH( edx, ebp, eax, ebx, ecx, 15, 9, k7) - ASMSubroundH( ecx, edx, ebp, eax, ebx, 5, 7, k7) - ASMSubroundH( ebx, ecx, edx, ebp, eax, 1, 15, k7) - ASMSubroundH( eax, ebx, ecx, edx, ebp, 3, 11, k7) - ASMSubroundH( ebp, eax, ebx, ecx, edx, 7, 8, k7) - ASMSubroundH( edx, ebp, eax, ebx, ecx, 14, 6, k7) - ASMSubroundH( ecx, edx, ebp, eax, ebx, 6, 6, k7) - ASMSubroundH( ebx, ecx, edx, ebp, eax, 9, 14, k7) - ASMSubroundH( eax, ebx, ecx, edx, ebp, 11, 12, k7) - ASMSubroundH( ebp, eax, ebx, ecx, edx, 8, 13, k7) - ASMSubroundH( edx, ebp, eax, ebx, ecx, 12, 5, k7) - ASMSubroundH( ecx, edx, ebp, eax, ebx, 2, 14, k7) - ASMSubroundH( ebx, ecx, edx, ebp, eax, 10, 13, k7) - ASMSubroundH( eax, ebx, ecx, edx, ebp, 0, 13, k7) - ASMSubroundH( ebp, eax, ebx, ecx, edx, 4, 7, k7) - ASMSubroundH( edx, ebp, eax, ebx, ecx, 13, 5, k7) - - ASMSubroundG( ecx, edx, ebp, eax, ebx, 8, 15, k8) - ASMSubroundG( ebx, ecx, edx, ebp, eax, 6, 5, k8) - ASMSubroundG( eax, ebx, ecx, edx, ebp, 4, 8, k8) - ASMSubroundG( ebp, eax, ebx, ecx, edx, 1, 11, k8) - ASMSubroundG( edx, ebp, eax, ebx, ecx, 3, 14, k8) - ASMSubroundG( ecx, edx, ebp, eax, ebx, 11, 14, k8) - ASMSubroundG( ebx, ecx, edx, ebp, eax, 15, 6, k8) - ASMSubroundG( eax, ebx, ecx, edx, ebp, 0, 14, k8) - ASMSubroundG( ebp, eax, ebx, ecx, edx, 5, 6, k8) - ASMSubroundG( edx, ebp, eax, ebx, ecx, 12, 9, k8) - ASMSubroundG( ecx, edx, ebp, eax, ebx, 2, 12, k8) - ASMSubroundG( ebx, ecx, edx, ebp, eax, 13, 9, k8) - ASMSubroundG( eax, ebx, ecx, edx, ebp, 9, 12, k8) - ASMSubroundG( ebp, eax, ebx, ecx, edx, 7, 5, k8) - ASMSubroundG( edx, ebp, eax, ebx, ecx, 10, 15, k8) - ASMSubroundG( ecx, edx, ebp, eax, ebx, 14, 8, k8) - - ASMSubroundF( ebx, ecx, edx, ebp, eax, 12, 8) - ASMSubroundF( eax, ebx, ecx, edx, ebp, 15, 5) - ASMSubroundF( ebp, eax, ebx, ecx, edx, 10, 12) - ASMSubroundF( edx, ebp, eax, ebx, ecx, 4, 9) - ASMSubroundF( ecx, edx, ebp, eax, ebx, 1, 12) - ASMSubroundF( ebx, ecx, edx, ebp, eax, 5, 5) - ASMSubroundF( eax, ebx, ecx, edx, ebp, 8, 14) - ASMSubroundF( ebp, eax, ebx, ecx, edx, 7, 6) - ASMSubroundF( edx, ebp, eax, ebx, ecx, 6, 8) - ASMSubroundF( ecx, edx, ebp, eax, ebx, 2, 13) - ASMSubroundF( ebx, ecx, edx, ebp, eax, 13, 6) - ASMSubroundF( eax, ebx, ecx, edx, ebp, 14, 5) - ASMSubroundF( ebp, eax, ebx, ecx, edx, 0, 15) - ASMSubroundF( edx, ebp, eax, ebx, ecx, 3, 13) - ASMSubroundF( ecx, edx, ebp, eax, ebx, 9, 11) - ASMSubroundF( ebx, ecx, edx, ebp, eax, 11, 11) - - // advance data and store for next round - AS2( add edi, 64 ) - AS2( movd esi, mm1 ) // digest_ - AS2( movd mm0, edi ) // store - - // now edi as tmp - - // c1 = digest_[1] + c1 + d2; - AS2( add [esp + 8], edx ) // + d2 - AS2( mov edi, [esi + 4] ) // digest_[1] - AS2( add [esp + 8], edi ) - - // digest_[1] = digest_[2] + d1 + e2; - AS2( mov [esi + 4], ebp ) // e2 - AS2( mov edi, [esp + 12] ) // d1 - AS2( add edi, [esi + 8] ) // digest_[2] - AS2( add [esi + 4], edi ) - - // digest_[2] = digest_[3] + e1 + a2; - AS2( mov [esi + 8], eax ) // a2 - AS2( mov edi, [esp + 16] ) // e1 - AS2( add edi, [esi + 12] ) // digest_[3] - AS2( add [esi + 8], edi ) - - // digest_[3] = digest_[4] + a1 + b2; - AS2( mov [esi + 12], ebx ) // b2 - AS2( mov edi, [esp] ) // a1 - AS2( add edi, [esi + 16] ) // digest_[4] - AS2( add [esi + 12], edi ) - - // digest_[4] = digest_[0] + b1 + c2; - AS2( mov [esi + 16], ecx ) // c2 - AS2( mov edi, [esp + 4] ) // b1 - AS2( add edi, [esi] ) // digest_[0] - AS2( add [esi + 16], edi ) - - // digest_[0] = c1; - AS2( mov edi, [esp + 8] ) // c1 - AS2( mov [esi], edi ) - - // setup for loop back - AS2( movd edx, mm2 ) // times - AS2( movd edi, mm0 ) // data, already advanced - AS1( dec edx ) -#ifdef _MSC_VER - AS1( jnz loopStart ) // loopStart -#else - AS1( jnz 0b ) // loopStart -#endif - - // inline adjust - AS2( add esp, 24 ) // fix room on stack - - EPILOG() -} - - -#endif // DO_RIPEMD_ASM - - -} // namespace TaoCrypt diff --git a/extra/yassl/taocrypt/src/rsa.cpp b/extra/yassl/taocrypt/src/rsa.cpp deleted file mode 100644 index e458a1adb21..00000000000 --- a/extra/yassl/taocrypt/src/rsa.cpp +++ /dev/null @@ -1,215 +0,0 @@ -/* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* based on Wei Dai's rsa.cpp from CryptoPP */ - -#include "runtime.hpp" -#include "rsa.hpp" -#include "asn.hpp" -#include "modarith.hpp" - - - -namespace TaoCrypt { - - -Integer RSA_PublicKey::ApplyFunction(const Integer& x) const -{ - return a_exp_b_mod_c(x, e_, n_); -} - - -RSA_PublicKey::RSA_PublicKey(Source& source) -{ - Initialize(source); -} - - -void RSA_PublicKey::Initialize(Source& source) -{ - RSA_Public_Decoder decoder(source); - decoder.Decode(*this); -} - - -Integer RSA_PrivateKey::CalculateInverse(RandomNumberGenerator& rng, - const Integer& x) const -{ - ModularArithmetic modn(n_); - - Integer r(rng, Integer::One(), n_ - Integer::One()); - Integer re = modn.Exponentiate(r, e_); - re = modn.Multiply(re, x); // blind - - // here we follow the notation of PKCS #1 and let u=q inverse mod p - // but in ModRoot, u=p inverse mod q, so we reverse the order of p and q - - Integer y = ModularRoot(re, dq_, dp_, q_, p_, u_); - y = modn.Divide(y, r); // unblind - - return y; -} - - -RSA_PrivateKey::RSA_PrivateKey(Source& source) -{ - Initialize(source); -} - - -void RSA_PrivateKey::Initialize(Source& source) -{ - RSA_Private_Decoder decoder(source); - decoder.Decode(*this); -} - - -void RSA_BlockType2::Pad(const byte *input, word32 inputLen, byte *pkcsBlock, - word32 pkcsBlockLen, RandomNumberGenerator& rng) const -{ - // convert from bit length to byte length - if (pkcsBlockLen % 8 != 0) - { - pkcsBlock[0] = 0; - pkcsBlock++; - } - pkcsBlockLen /= 8; - - pkcsBlock[0] = 2; // block type 2 - - // pad with non-zero random bytes - word32 padLen = pkcsBlockLen - inputLen - 1; - rng.GenerateBlock(&pkcsBlock[1], padLen); - for (word32 i = 1; i < padLen; i++) - if (pkcsBlock[i] == 0) pkcsBlock[i] = 0x01; - - pkcsBlock[pkcsBlockLen-inputLen-1] = 0; // separator - memcpy(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen); -} - -word32 RSA_BlockType2::UnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen, - byte *output) const -{ - bool invalid = false; - unsigned int maxOutputLen = SaturatingSubtract(pkcsBlockLen / 8, 10U); - - // convert from bit length to byte length - if (pkcsBlockLen % 8 != 0) - { - invalid = (pkcsBlock[0] != 0) || invalid; - pkcsBlock++; - } - pkcsBlockLen /= 8; - - // Require block type 2. - invalid = (pkcsBlock[0] != 2) || invalid; - - // skip past the padding until we find the separator - unsigned i=1; - while (i<pkcsBlockLen && pkcsBlock[i++]) { // null body - } - if (!(i==pkcsBlockLen || pkcsBlock[i-1]==0)) - return 0; - - unsigned int outputLen = pkcsBlockLen - i; - invalid = (outputLen > maxOutputLen) || invalid; - - if (invalid) - return 0; - - memcpy (output, pkcsBlock+i, outputLen); - return outputLen; -} - - -void RSA_BlockType1::Pad(const byte* input, word32 inputLen, byte* pkcsBlock, - word32 pkcsBlockLen, RandomNumberGenerator&) const -{ - // sanity checks - if (input == NULL || pkcsBlock == NULL) - return; - - // convert from bit length to byte length - if (pkcsBlockLen % 8 != 0) - { - pkcsBlock[0] = 0; - pkcsBlock++; - } - pkcsBlockLen /= 8; - - pkcsBlock[0] = 1; // block type 1 for SSL - - // pad with 0xff bytes - memset(&pkcsBlock[1], 0xFF, pkcsBlockLen - inputLen - 2); - - pkcsBlock[pkcsBlockLen-inputLen-1] = 0; // separator - memcpy(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen); -} - - -word32 RSA_BlockType1::UnPad(const byte* pkcsBlock, word32 pkcsBlockLen, - byte* output) const -{ - bool invalid = false; - unsigned int maxOutputLen = SaturatingSubtract(pkcsBlockLen / 8, 10U); - - // convert from bit length to byte length - if (pkcsBlockLen % 8 != 0) - { - invalid = (pkcsBlock[0] != 0) || invalid; - pkcsBlock++; - } - pkcsBlockLen /= 8; - - // Require block type 1 for SSL. - invalid = (pkcsBlock[0] != 1) || invalid; - - // skip past the padding until we find the separator - unsigned i=1; - while (i<pkcsBlockLen && pkcsBlock[i++] == 0xFF) { // null body - } - if (!(i==pkcsBlockLen || pkcsBlock[i-1]==0)) - return 0; - - unsigned int outputLen = pkcsBlockLen - i; - invalid = (outputLen > maxOutputLen) || invalid; - - if (invalid) - return 0; - - memcpy(output, pkcsBlock+i, outputLen); - return outputLen; -} - - -word32 SSL_Decrypt(const RSA_PublicKey& key, const byte* sig, byte* plain) -{ - PK_Lengths lengths(key.GetModulus()); - - ByteBlock paddedBlock(BitsToBytes(lengths.PaddedBlockBitLength())); - Integer x = key.ApplyFunction(Integer(sig, - lengths.FixedCiphertextLength())); - if (x.ByteCount() > paddedBlock.size()) - x = Integer::Zero(); - x.Encode(paddedBlock.get_buffer(), paddedBlock.size()); - return RSA_BlockType1().UnPad(paddedBlock.get_buffer(), - lengths.PaddedBlockBitLength(), plain); -} - - -} // namespace diff --git a/extra/yassl/taocrypt/src/sha.cpp b/extra/yassl/taocrypt/src/sha.cpp deleted file mode 100644 index e7ba5582d38..00000000000 --- a/extra/yassl/taocrypt/src/sha.cpp +++ /dev/null @@ -1,1033 +0,0 @@ -/* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* based on Wei Dai's sha.cpp from CryptoPP */ - -#include "runtime.hpp" -#include <string.h> -#include "sha.hpp" -#ifdef USE_SYS_STL - #include <algorithm> -#else - #include "algorithm.hpp" -#endif - - -namespace STL = STL_NAMESPACE; - - - -namespace TaoCrypt { - -#define blk0(i) (W[i] = buffer_[i]) -#define blk1(i) (W[i&15] = \ - rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1)) - -#define f1(x,y,z) (z^(x &(y^z))) -#define f2(x,y,z) (x^y^z) -#define f3(x,y,z) ((x&y)|(z&(x|y))) -#define f4(x,y,z) (x^y^z) - -// (R0+R1), R2, R3, R4 are the different operations used in SHA1 -#define R0(v,w,x,y,z,i) z+= f1(w,x,y) + blk0(i) + 0x5A827999+ \ - rotlFixed(v,5); w = rotlFixed(w,30); -#define R1(v,w,x,y,z,i) z+= f1(w,x,y) + blk1(i) + 0x5A827999+ \ - rotlFixed(v,5); w = rotlFixed(w,30); -#define R2(v,w,x,y,z,i) z+= f2(w,x,y) + blk1(i) + 0x6ED9EBA1+ \ - rotlFixed(v,5); w = rotlFixed(w,30); -#define R3(v,w,x,y,z,i) z+= f3(w,x,y) + blk1(i) + 0x8F1BBCDC+ \ - rotlFixed(v,5); w = rotlFixed(w,30); -#define R4(v,w,x,y,z,i) z+= f4(w,x,y) + blk1(i) + 0xCA62C1D6+ \ - rotlFixed(v,5); w = rotlFixed(w,30); - - -void SHA::Init() -{ - digest_[0] = 0x67452301L; - digest_[1] = 0xEFCDAB89L; - digest_[2] = 0x98BADCFEL; - digest_[3] = 0x10325476L; - digest_[4] = 0xC3D2E1F0L; - - buffLen_ = 0; - loLen_ = 0; - hiLen_ = 0; -} - -void SHA256::Init() -{ - digest_[0] = 0x6A09E667L; - digest_[1] = 0xBB67AE85L; - digest_[2] = 0x3C6EF372L; - digest_[3] = 0xA54FF53AL; - digest_[4] = 0x510E527FL; - digest_[5] = 0x9B05688CL; - digest_[6] = 0x1F83D9ABL; - digest_[7] = 0x5BE0CD19L; - - buffLen_ = 0; - loLen_ = 0; - hiLen_ = 0; -} - - -void SHA224::Init() -{ - digest_[0] = 0xc1059ed8; - digest_[1] = 0x367cd507; - digest_[2] = 0x3070dd17; - digest_[3] = 0xf70e5939; - digest_[4] = 0xffc00b31; - digest_[5] = 0x68581511; - digest_[6] = 0x64f98fa7; - digest_[7] = 0xbefa4fa4; - - buffLen_ = 0; - loLen_ = 0; - hiLen_ = 0; -} - - -#ifdef WORD64_AVAILABLE - -void SHA512::Init() -{ - digest_[0] = W64LIT(0x6a09e667f3bcc908); - digest_[1] = W64LIT(0xbb67ae8584caa73b); - digest_[2] = W64LIT(0x3c6ef372fe94f82b); - digest_[3] = W64LIT(0xa54ff53a5f1d36f1); - digest_[4] = W64LIT(0x510e527fade682d1); - digest_[5] = W64LIT(0x9b05688c2b3e6c1f); - digest_[6] = W64LIT(0x1f83d9abfb41bd6b); - digest_[7] = W64LIT(0x5be0cd19137e2179); - - buffLen_ = 0; - loLen_ = 0; - hiLen_ = 0; -} - - -void SHA384::Init() -{ - digest_[0] = W64LIT(0xcbbb9d5dc1059ed8); - digest_[1] = W64LIT(0x629a292a367cd507); - digest_[2] = W64LIT(0x9159015a3070dd17); - digest_[3] = W64LIT(0x152fecd8f70e5939); - digest_[4] = W64LIT(0x67332667ffc00b31); - digest_[5] = W64LIT(0x8eb44a8768581511); - digest_[6] = W64LIT(0xdb0c2e0d64f98fa7); - digest_[7] = W64LIT(0x47b5481dbefa4fa4); - - buffLen_ = 0; - loLen_ = 0; - hiLen_ = 0; -} - -#endif // WORD64_AVAILABLE - - -SHA::SHA(const SHA& that) : HASHwithTransform(DIGEST_SIZE / sizeof(word32), - BLOCK_SIZE) -{ - buffLen_ = that.buffLen_; - loLen_ = that.loLen_; - hiLen_ = that.hiLen_; - - memcpy(digest_, that.digest_, DIGEST_SIZE); - memcpy(buffer_, that.buffer_, BLOCK_SIZE); -} - - -SHA256::SHA256(const SHA256& that) : HASHwithTransform(DIGEST_SIZE / - sizeof(word32), BLOCK_SIZE) -{ - buffLen_ = that.buffLen_; - loLen_ = that.loLen_; - hiLen_ = that.hiLen_; - - memcpy(digest_, that.digest_, DIGEST_SIZE); - memcpy(buffer_, that.buffer_, BLOCK_SIZE); -} - - -SHA224::SHA224(const SHA224& that) : HASHwithTransform(SHA256::DIGEST_SIZE / - sizeof(word32), BLOCK_SIZE) -{ - buffLen_ = that.buffLen_; - loLen_ = that.loLen_; - hiLen_ = that.hiLen_; - - memcpy(digest_, that.digest_, DIGEST_SIZE); - memcpy(buffer_, that.buffer_, BLOCK_SIZE); -} - - -#ifdef WORD64_AVAILABLE - -SHA512::SHA512(const SHA512& that) : HASH64withTransform(DIGEST_SIZE / - sizeof(word64), BLOCK_SIZE) -{ - buffLen_ = that.buffLen_; - loLen_ = that.loLen_; - hiLen_ = that.hiLen_; - - memcpy(digest_, that.digest_, DIGEST_SIZE); - memcpy(buffer_, that.buffer_, BLOCK_SIZE); -} - - -SHA384::SHA384(const SHA384& that) : HASH64withTransform(SHA512::DIGEST_SIZE / - sizeof(word64), BLOCK_SIZE) -{ - buffLen_ = that.buffLen_; - loLen_ = that.loLen_; - hiLen_ = that.hiLen_; - - memcpy(digest_, that.digest_, DIGEST_SIZE); - memcpy(buffer_, that.buffer_, BLOCK_SIZE); -} - -#endif // WORD64_AVAILABLE - - -SHA& SHA::operator= (const SHA& that) -{ - SHA tmp(that); - Swap(tmp); - - return *this; -} - - -SHA256& SHA256::operator= (const SHA256& that) -{ - SHA256 tmp(that); - Swap(tmp); - - return *this; -} - - -SHA224& SHA224::operator= (const SHA224& that) -{ - SHA224 tmp(that); - Swap(tmp); - - return *this; -} - - -#ifdef WORD64_AVAILABLE - -SHA512& SHA512::operator= (const SHA512& that) -{ - SHA512 tmp(that); - Swap(tmp); - - return *this; -} - - -SHA384& SHA384::operator= (const SHA384& that) -{ - SHA384 tmp(that); - Swap(tmp); - - return *this; -} - -#endif // WORD64_AVAILABLE - - -void SHA::Swap(SHA& other) -{ - STL::swap(loLen_, other.loLen_); - STL::swap(hiLen_, other.hiLen_); - STL::swap(buffLen_, other.buffLen_); - - memcpy(digest_, other.digest_, DIGEST_SIZE); - memcpy(buffer_, other.buffer_, BLOCK_SIZE); -} - - -void SHA256::Swap(SHA256& other) -{ - STL::swap(loLen_, other.loLen_); - STL::swap(hiLen_, other.hiLen_); - STL::swap(buffLen_, other.buffLen_); - - memcpy(digest_, other.digest_, DIGEST_SIZE); - memcpy(buffer_, other.buffer_, BLOCK_SIZE); -} - - -void SHA224::Swap(SHA224& other) -{ - STL::swap(loLen_, other.loLen_); - STL::swap(hiLen_, other.hiLen_); - STL::swap(buffLen_, other.buffLen_); - - memcpy(digest_, other.digest_, DIGEST_SIZE); - memcpy(buffer_, other.buffer_, BLOCK_SIZE); -} - - -#ifdef WORD64_AVAILABLE - -void SHA512::Swap(SHA512& other) -{ - STL::swap(loLen_, other.loLen_); - STL::swap(hiLen_, other.hiLen_); - STL::swap(buffLen_, other.buffLen_); - - memcpy(digest_, other.digest_, DIGEST_SIZE); - memcpy(buffer_, other.buffer_, BLOCK_SIZE); -} - - -void SHA384::Swap(SHA384& other) -{ - STL::swap(loLen_, other.loLen_); - STL::swap(hiLen_, other.hiLen_); - STL::swap(buffLen_, other.buffLen_); - - memcpy(digest_, other.digest_, DIGEST_SIZE); - memcpy(buffer_, other.buffer_, BLOCK_SIZE); -} - -#endif // WORD64_AVIALABLE - - -#ifdef DO_SHA_ASM - -// Update digest with data of size len -void SHA::Update(const byte* data, word32 len) -{ - if (!isMMX) { - HASHwithTransform::Update(data, len); - return; - } - - byte* local = reinterpret_cast<byte*>(buffer_); - - // remove buffered data if possible - if (buffLen_) { - word32 add = min(len, BLOCK_SIZE - buffLen_); - memcpy(&local[buffLen_], data, add); - - buffLen_ += add; - data += add; - len -= add; - - if (buffLen_ == BLOCK_SIZE) { - ByteReverse(local, local, BLOCK_SIZE); - Transform(); - AddLength(BLOCK_SIZE); - buffLen_ = 0; - } - } - - // all at once for asm - if (buffLen_ == 0) { - word32 times = len / BLOCK_SIZE; - if (times) { - AsmTransform(data, times); - const word32 add = BLOCK_SIZE * times; - AddLength(add); - len -= add; - data += add; - } - } - - // cache any data left - if (len) { - memcpy(&local[buffLen_], data, len); - buffLen_ += len; - } -} - -#endif // DO_SHA_ASM - - -void SHA::Transform() -{ - word32 W[BLOCK_SIZE / sizeof(word32)]; - - // Copy context->state[] to working vars - word32 a = digest_[0]; - word32 b = digest_[1]; - word32 c = digest_[2]; - word32 d = digest_[3]; - word32 e = digest_[4]; - - // 4 rounds of 20 operations each. Loop unrolled. - R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); - R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7); - R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11); - R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15); - - R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19); - - R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23); - R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27); - R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31); - R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35); - R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39); - - R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43); - R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47); - R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51); - R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55); - R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59); - - R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63); - R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67); - R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); - R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); - R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); - - // Add the working vars back into digest state[] - digest_[0] += a; - digest_[1] += b; - digest_[2] += c; - digest_[3] += d; - digest_[4] += e; - - // Wipe variables - a = b = c = d = e = 0; - memset(W, 0, sizeof(W)); -} - - -#define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15])) - -#define Ch(x,y,z) (z^(x&(y^z))) -#define Maj(x,y,z) ((x&y)|(z&(x|y))) - -#define a(i) T[(0-i)&7] -#define b(i) T[(1-i)&7] -#define c(i) T[(2-i)&7] -#define d(i) T[(3-i)&7] -#define e(i) T[(4-i)&7] -#define f(i) T[(5-i)&7] -#define g(i) T[(6-i)&7] -#define h(i) T[(7-i)&7] - -#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+K[i+j]+(j?blk2(i):blk0(i));\ - d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i)) - -// for SHA256 -#define S0(x) (rotrFixed(x,2)^rotrFixed(x,13)^rotrFixed(x,22)) -#define S1(x) (rotrFixed(x,6)^rotrFixed(x,11)^rotrFixed(x,25)) -#define s0(x) (rotrFixed(x,7)^rotrFixed(x,18)^(x>>3)) -#define s1(x) (rotrFixed(x,17)^rotrFixed(x,19)^(x>>10)) - - -static const word32 K256[64] = { - 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, - 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, - 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, - 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, - 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, - 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, - 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, - 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, - 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, - 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, - 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, - 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, - 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, - 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, - 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, - 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 -}; - - -static void Transform256(word32* digest_, word32* buffer_) -{ - const word32* K = K256; - - word32 W[16]; - word32 T[8]; - - // Copy digest to working vars - memcpy(T, digest_, sizeof(T)); - - // 64 operations, partially loop unrolled - for (unsigned int j = 0; j < 64; j += 16) { - R( 0); R( 1); R( 2); R( 3); - R( 4); R( 5); R( 6); R( 7); - R( 8); R( 9); R(10); R(11); - R(12); R(13); R(14); R(15); - } - - // Add the working vars back into digest - digest_[0] += a(0); - digest_[1] += b(0); - digest_[2] += c(0); - digest_[3] += d(0); - digest_[4] += e(0); - digest_[5] += f(0); - digest_[6] += g(0); - digest_[7] += h(0); - - // Wipe variables - memset(W, 0, sizeof(W)); - memset(T, 0, sizeof(T)); -} - - -// undef for 256 -#undef S0 -#undef S1 -#undef s0 -#undef s1 - - -void SHA256::Transform() -{ - Transform256(digest_, buffer_); -} - - -void SHA224::Transform() -{ - Transform256(digest_, buffer_); -} - - -#ifdef WORD64_AVAILABLE - -static const word64 K512[80] = { - W64LIT(0x428a2f98d728ae22), W64LIT(0x7137449123ef65cd), - W64LIT(0xb5c0fbcfec4d3b2f), W64LIT(0xe9b5dba58189dbbc), - W64LIT(0x3956c25bf348b538), W64LIT(0x59f111f1b605d019), - W64LIT(0x923f82a4af194f9b), W64LIT(0xab1c5ed5da6d8118), - W64LIT(0xd807aa98a3030242), W64LIT(0x12835b0145706fbe), - W64LIT(0x243185be4ee4b28c), W64LIT(0x550c7dc3d5ffb4e2), - W64LIT(0x72be5d74f27b896f), W64LIT(0x80deb1fe3b1696b1), - W64LIT(0x9bdc06a725c71235), W64LIT(0xc19bf174cf692694), - W64LIT(0xe49b69c19ef14ad2), W64LIT(0xefbe4786384f25e3), - W64LIT(0x0fc19dc68b8cd5b5), W64LIT(0x240ca1cc77ac9c65), - W64LIT(0x2de92c6f592b0275), W64LIT(0x4a7484aa6ea6e483), - W64LIT(0x5cb0a9dcbd41fbd4), W64LIT(0x76f988da831153b5), - W64LIT(0x983e5152ee66dfab), W64LIT(0xa831c66d2db43210), - W64LIT(0xb00327c898fb213f), W64LIT(0xbf597fc7beef0ee4), - W64LIT(0xc6e00bf33da88fc2), W64LIT(0xd5a79147930aa725), - W64LIT(0x06ca6351e003826f), W64LIT(0x142929670a0e6e70), - W64LIT(0x27b70a8546d22ffc), W64LIT(0x2e1b21385c26c926), - W64LIT(0x4d2c6dfc5ac42aed), W64LIT(0x53380d139d95b3df), - W64LIT(0x650a73548baf63de), W64LIT(0x766a0abb3c77b2a8), - W64LIT(0x81c2c92e47edaee6), W64LIT(0x92722c851482353b), - W64LIT(0xa2bfe8a14cf10364), W64LIT(0xa81a664bbc423001), - W64LIT(0xc24b8b70d0f89791), W64LIT(0xc76c51a30654be30), - W64LIT(0xd192e819d6ef5218), W64LIT(0xd69906245565a910), - W64LIT(0xf40e35855771202a), W64LIT(0x106aa07032bbd1b8), - W64LIT(0x19a4c116b8d2d0c8), W64LIT(0x1e376c085141ab53), - W64LIT(0x2748774cdf8eeb99), W64LIT(0x34b0bcb5e19b48a8), - W64LIT(0x391c0cb3c5c95a63), W64LIT(0x4ed8aa4ae3418acb), - W64LIT(0x5b9cca4f7763e373), W64LIT(0x682e6ff3d6b2b8a3), - W64LIT(0x748f82ee5defb2fc), W64LIT(0x78a5636f43172f60), - W64LIT(0x84c87814a1f0ab72), W64LIT(0x8cc702081a6439ec), - W64LIT(0x90befffa23631e28), W64LIT(0xa4506cebde82bde9), - W64LIT(0xbef9a3f7b2c67915), W64LIT(0xc67178f2e372532b), - W64LIT(0xca273eceea26619c), W64LIT(0xd186b8c721c0c207), - W64LIT(0xeada7dd6cde0eb1e), W64LIT(0xf57d4f7fee6ed178), - W64LIT(0x06f067aa72176fba), W64LIT(0x0a637dc5a2c898a6), - W64LIT(0x113f9804bef90dae), W64LIT(0x1b710b35131c471b), - W64LIT(0x28db77f523047d84), W64LIT(0x32caab7b40c72493), - W64LIT(0x3c9ebe0a15c9bebc), W64LIT(0x431d67c49c100d4c), - W64LIT(0x4cc5d4becb3e42b6), W64LIT(0x597f299cfc657e2a), - W64LIT(0x5fcb6fab3ad6faec), W64LIT(0x6c44198c4a475817) -}; - - -// for SHA512 -#define S0(x) (rotrFixed(x,28)^rotrFixed(x,34)^rotrFixed(x,39)) -#define S1(x) (rotrFixed(x,14)^rotrFixed(x,18)^rotrFixed(x,41)) -#define s0(x) (rotrFixed(x,1)^rotrFixed(x,8)^(x>>7)) -#define s1(x) (rotrFixed(x,19)^rotrFixed(x,61)^(x>>6)) - - -static void Transform512(word64* digest_, word64* buffer_) -{ - const word64* K = K512; - - word64 W[16]; - word64 T[8]; - - // Copy digest to working vars - memcpy(T, digest_, sizeof(T)); - - // 64 operations, partially loop unrolled - for (unsigned int j = 0; j < 80; j += 16) { - R( 0); R( 1); R( 2); R( 3); - R( 4); R( 5); R( 6); R( 7); - R( 8); R( 9); R(10); R(11); - R(12); R(13); R(14); R(15); - } - - // Add the working vars back into digest - - digest_[0] += a(0); - digest_[1] += b(0); - digest_[2] += c(0); - digest_[3] += d(0); - digest_[4] += e(0); - digest_[5] += f(0); - digest_[6] += g(0); - digest_[7] += h(0); - - // Wipe variables - memset(W, 0, sizeof(W)); - memset(T, 0, sizeof(T)); -} - - -void SHA512::Transform() -{ - Transform512(digest_, buffer_); -} - - -void SHA384::Transform() -{ - Transform512(digest_, buffer_); -} - -#endif // WORD64_AVIALABLE - - -#ifdef DO_SHA_ASM - -// f1(x,y,z) (z^(x &(y^z))) -// place in esi -#define ASMf1(x,y,z) \ - AS2( mov esi, y ) \ - AS2( xor esi, z ) \ - AS2( and esi, x ) \ - AS2( xor esi, z ) - - -// R0(v,w,x,y,z,i) = -// z+= f1(w,x,y) + W[i] + 0x5A827999 + rotlFixed(v,5); -// w = rotlFixed(w,30); - -// use esi for f -// use edi as tmp - - -#define ASMR0(v,w,x,y,z,i) \ - AS2( mov esi, x ) \ - AS2( mov edi, [esp + i * 4] ) \ - AS2( xor esi, y ) \ - AS2( and esi, w ) \ - AS2( lea z, [edi + z + 0x5A827999] ) \ - AS2( mov edi, v ) \ - AS2( xor esi, y ) \ - AS2( rol edi, 5 ) \ - AS2( add z, esi ) \ - AS2( rol w, 30 ) \ - AS2( add z, edi ) - - -/* Some macro stuff, but older gas ( < 2,16 ) can't process &, so do by hand - % won't work on gas at all - -#define xstr(s) str(s) -#define str(s) #s - -#define WOFF1(a) ( a & 15) -#define WOFF2(a) ((a + 2) & 15) -#define WOFF3(a) ((a + 8) & 15) -#define WOFF4(a) ((a + 13) & 15) - -#ifdef __GNUC__ - #define WGET1(i) asm("mov esp, [edi - "xstr(WOFF1(i))" * 4] "); - #define WGET2(i) asm("xor esp, [edi - "xstr(WOFF2(i))" * 4] "); - #define WGET3(i) asm("xor esp, [edi - "xstr(WOFF3(i))" * 4] "); - #define WGET4(i) asm("xor esp, [edi - "xstr(WOFF4(i))" * 4] "); - #define WPUT1(i) asm("mov [edi - "xstr(WOFF1(i))" * 4], esp "); -#else - #define WGET1(i) AS2( mov esp, [edi - WOFF1(i) * 4] ) - #define WGET2(i) AS2( xor esp, [edi - WOFF2(i) * 4] ) - #define WGET3(i) AS2( xor esp, [edi - WOFF3(i) * 4] ) - #define WGET4(i) AS2( xor esp, [edi - WOFF4(i) * 4] ) - #define WPUT1(i) AS2( mov [edi - WOFF1(i) * 4], esp ) -#endif -*/ - -// ASMR1 = ASMR0 but use esp for W calcs - -#define ASMR1(v,w,x,y,z,i,W1,W2,W3,W4) \ - AS2( mov edi, [esp + W1 * 4] ) \ - AS2( mov esi, x ) \ - AS2( xor edi, [esp + W2 * 4] ) \ - AS2( xor esi, y ) \ - AS2( xor edi, [esp + W3 * 4] ) \ - AS2( and esi, w ) \ - AS2( xor edi, [esp + W4 * 4] ) \ - AS2( rol edi, 1 ) \ - AS2( xor esi, y ) \ - AS2( mov [esp + W1 * 4], edi ) \ - AS2( lea z, [edi + z + 0x5A827999] ) \ - AS2( mov edi, v ) \ - AS2( rol edi, 5 ) \ - AS2( add z, esi ) \ - AS2( rol w, 30 ) \ - AS2( add z, edi ) - - -// ASMR2 = ASMR1 but f is xor, xor instead - -#define ASMR2(v,w,x,y,z,i,W1,W2,W3,W4) \ - AS2( mov edi, [esp + W1 * 4] ) \ - AS2( mov esi, x ) \ - AS2( xor edi, [esp + W2 * 4] ) \ - AS2( xor esi, y ) \ - AS2( xor edi, [esp + W3 * 4] ) \ - AS2( xor esi, w ) \ - AS2( xor edi, [esp + W4 * 4] ) \ - AS2( rol edi, 1 ) \ - AS2( add z, esi ) \ - AS2( mov [esp + W1 * 4], edi ) \ - AS2( lea z, [edi + z + 0x6ED9EBA1] ) \ - AS2( mov edi, v ) \ - AS2( rol edi, 5 ) \ - AS2( rol w, 30 ) \ - AS2( add z, edi ) - - -// ASMR3 = ASMR2 but f is (x&y)|(z&(x|y)) -// which is (w&x)|(y&(w|x)) - -#define ASMR3(v,w,x,y,z,i,W1,W2,W3,W4) \ - AS2( mov edi, [esp + W1 * 4] ) \ - AS2( mov esi, x ) \ - AS2( xor edi, [esp + W2 * 4] ) \ - AS2( or esi, w ) \ - AS2( xor edi, [esp + W3 * 4] ) \ - AS2( and esi, y ) \ - AS2( xor edi, [esp + W4 * 4] ) \ - AS2( movd mm0, esi ) \ - AS2( rol edi, 1 ) \ - AS2( mov esi, x ) \ - AS2( mov [esp + W1 * 4], edi ) \ - AS2( and esi, w ) \ - AS2( lea z, [edi + z + 0x8F1BBCDC] ) \ - AS2( movd edi, mm0 ) \ - AS2( or esi, edi ) \ - AS2( mov edi, v ) \ - AS2( rol edi, 5 ) \ - AS2( add z, esi ) \ - AS2( rol w, 30 ) \ - AS2( add z, edi ) - - -// ASMR4 = ASMR2 but different constant - -#define ASMR4(v,w,x,y,z,i,W1,W2,W3,W4) \ - AS2( mov edi, [esp + W1 * 4] ) \ - AS2( mov esi, x ) \ - AS2( xor edi, [esp + W2 * 4] ) \ - AS2( xor esi, y ) \ - AS2( xor edi, [esp + W3 * 4] ) \ - AS2( xor esi, w ) \ - AS2( xor edi, [esp + W4 * 4] ) \ - AS2( rol edi, 1 ) \ - AS2( add z, esi ) \ - AS2( mov [esp + W1 * 4], edi ) \ - AS2( lea z, [edi + z + 0xCA62C1D6] ) \ - AS2( mov edi, v ) \ - AS2( rol edi, 5 ) \ - AS2( rol w, 30 ) \ - AS2( add z, edi ) - - -#ifdef _MSC_VER - __declspec(naked) -#else - __attribute__ ((noinline)) -#endif -void SHA::AsmTransform(const byte* data, word32 times) -{ -#ifdef __GNUC__ - #define AS1(x) #x ";" - #define AS2(x, y) #x ", " #y ";" - - #define PROLOG() \ - __asm__ __volatile__ \ - ( \ - ".intel_syntax noprefix;" \ - "push ebx;" \ - "push ebp;" - #define EPILOG() \ - "pop ebp;" \ - "pop ebx;" \ - "emms;" \ - ".att_syntax;" \ - : \ - : "c" (this), "D" (data), "a" (times) \ - : "%esi", "%edx", "memory", "cc" \ - ); - -#else - #define AS1(x) __asm x - #define AS2(x, y) __asm x, y - - #define PROLOG() \ - AS1( push ebp ) \ - AS2( mov ebp, esp ) \ - AS2( movd mm3, edi ) \ - AS2( movd mm4, ebx ) \ - AS2( movd mm5, esi ) \ - AS2( movd mm6, ebp ) \ - AS2( mov edi, data ) \ - AS2( mov eax, times ) - - #define EPILOG() \ - AS2( movd ebp, mm6 ) \ - AS2( movd esi, mm5 ) \ - AS2( movd ebx, mm4 ) \ - AS2( movd edi, mm3 ) \ - AS2( mov esp, ebp ) \ - AS1( pop ebp ) \ - AS1( emms ) \ - AS1( ret 8 ) -#endif - - PROLOG() - - AS2( mov esi, ecx ) - - #ifdef OLD_GCC_OFFSET - AS2( add esi, 20 ) // digest_[0] - #else - AS2( add esi, 16 ) // digest_[0] - #endif - - AS2( movd mm2, eax ) // store times_ - AS2( movd mm1, esi ) // store digest_ - - AS2( sub esp, 68 ) // make room on stack - -#ifdef _MSC_VER - AS1( loopStart: ) // loopStart -#else - AS1( 0: ) // loopStart for some gas (need numeric for jump back -#endif - - // byte reverse 16 words of input, 4 at a time, put on stack for W[] - - // part 1 - AS2( mov eax, [edi] ) - AS2( mov ebx, [edi + 4] ) - AS2( mov ecx, [edi + 8] ) - AS2( mov edx, [edi + 12] ) - - AS1( bswap eax ) - AS1( bswap ebx ) - AS1( bswap ecx ) - AS1( bswap edx ) - - AS2( mov [esp], eax ) - AS2( mov [esp + 4], ebx ) - AS2( mov [esp + 8], ecx ) - AS2( mov [esp + 12], edx ) - - // part 2 - AS2( mov eax, [edi + 16] ) - AS2( mov ebx, [edi + 20] ) - AS2( mov ecx, [edi + 24] ) - AS2( mov edx, [edi + 28] ) - - AS1( bswap eax ) - AS1( bswap ebx ) - AS1( bswap ecx ) - AS1( bswap edx ) - - AS2( mov [esp + 16], eax ) - AS2( mov [esp + 20], ebx ) - AS2( mov [esp + 24], ecx ) - AS2( mov [esp + 28], edx ) - - - // part 3 - AS2( mov eax, [edi + 32] ) - AS2( mov ebx, [edi + 36] ) - AS2( mov ecx, [edi + 40] ) - AS2( mov edx, [edi + 44] ) - - AS1( bswap eax ) - AS1( bswap ebx ) - AS1( bswap ecx ) - AS1( bswap edx ) - - AS2( mov [esp + 32], eax ) - AS2( mov [esp + 36], ebx ) - AS2( mov [esp + 40], ecx ) - AS2( mov [esp + 44], edx ) - - - // part 4 - AS2( mov eax, [edi + 48] ) - AS2( mov ebx, [edi + 52] ) - AS2( mov ecx, [edi + 56] ) - AS2( mov edx, [edi + 60] ) - - AS1( bswap eax ) - AS1( bswap ebx ) - AS1( bswap ecx ) - AS1( bswap edx ) - - AS2( mov [esp + 48], eax ) - AS2( mov [esp + 52], ebx ) - AS2( mov [esp + 56], ecx ) - AS2( mov [esp + 60], edx ) - - AS2( mov [esp + 64], edi ) // store edi for end - - // read from digest_ - AS2( mov eax, [esi] ) // a1 - AS2( mov ebx, [esi + 4] ) // b1 - AS2( mov ecx, [esi + 8] ) // c1 - AS2( mov edx, [esi + 12] ) // d1 - AS2( mov ebp, [esi + 16] ) // e1 - - - ASMR0(eax, ebx, ecx, edx, ebp, 0) - ASMR0(ebp, eax, ebx, ecx, edx, 1) - ASMR0(edx, ebp, eax, ebx, ecx, 2) - ASMR0(ecx, edx, ebp, eax, ebx, 3) - ASMR0(ebx, ecx, edx, ebp, eax, 4) - ASMR0(eax, ebx, ecx, edx, ebp, 5) - ASMR0(ebp, eax, ebx, ecx, edx, 6) - ASMR0(edx, ebp, eax, ebx, ecx, 7) - ASMR0(ecx, edx, ebp, eax, ebx, 8) - ASMR0(ebx, ecx, edx, ebp, eax, 9) - ASMR0(eax, ebx, ecx, edx, ebp, 10) - ASMR0(ebp, eax, ebx, ecx, edx, 11) - ASMR0(edx, ebp, eax, ebx, ecx, 12) - ASMR0(ecx, edx, ebp, eax, ebx, 13) - ASMR0(ebx, ecx, edx, ebp, eax, 14) - ASMR0(eax, ebx, ecx, edx, ebp, 15) - - ASMR1(ebp, eax, ebx, ecx, edx, 16, 0, 2, 8, 13) - ASMR1(edx, ebp, eax, ebx, ecx, 17, 1, 3, 9, 14) - ASMR1(ecx, edx, ebp, eax, ebx, 18, 2, 4, 10, 15) - ASMR1(ebx, ecx, edx, ebp, eax, 19, 3, 5, 11, 0) - - ASMR2(eax, ebx, ecx, edx, ebp, 20, 4, 6, 12, 1) - ASMR2(ebp, eax, ebx, ecx, edx, 21, 5, 7, 13, 2) - ASMR2(edx, ebp, eax, ebx, ecx, 22, 6, 8, 14, 3) - ASMR2(ecx, edx, ebp, eax, ebx, 23, 7, 9, 15, 4) - ASMR2(ebx, ecx, edx, ebp, eax, 24, 8, 10, 0, 5) - ASMR2(eax, ebx, ecx, edx, ebp, 25, 9, 11, 1, 6) - ASMR2(ebp, eax, ebx, ecx, edx, 26, 10, 12, 2, 7) - ASMR2(edx, ebp, eax, ebx, ecx, 27, 11, 13, 3, 8) - ASMR2(ecx, edx, ebp, eax, ebx, 28, 12, 14, 4, 9) - ASMR2(ebx, ecx, edx, ebp, eax, 29, 13, 15, 5, 10) - ASMR2(eax, ebx, ecx, edx, ebp, 30, 14, 0, 6, 11) - ASMR2(ebp, eax, ebx, ecx, edx, 31, 15, 1, 7, 12) - ASMR2(edx, ebp, eax, ebx, ecx, 32, 0, 2, 8, 13) - ASMR2(ecx, edx, ebp, eax, ebx, 33, 1, 3, 9, 14) - ASMR2(ebx, ecx, edx, ebp, eax, 34, 2, 4, 10, 15) - ASMR2(eax, ebx, ecx, edx, ebp, 35, 3, 5, 11, 0) - ASMR2(ebp, eax, ebx, ecx, edx, 36, 4, 6, 12, 1) - ASMR2(edx, ebp, eax, ebx, ecx, 37, 5, 7, 13, 2) - ASMR2(ecx, edx, ebp, eax, ebx, 38, 6, 8, 14, 3) - ASMR2(ebx, ecx, edx, ebp, eax, 39, 7, 9, 15, 4) - - - ASMR3(eax, ebx, ecx, edx, ebp, 40, 8, 10, 0, 5) - ASMR3(ebp, eax, ebx, ecx, edx, 41, 9, 11, 1, 6) - ASMR3(edx, ebp, eax, ebx, ecx, 42, 10, 12, 2, 7) - ASMR3(ecx, edx, ebp, eax, ebx, 43, 11, 13, 3, 8) - ASMR3(ebx, ecx, edx, ebp, eax, 44, 12, 14, 4, 9) - ASMR3(eax, ebx, ecx, edx, ebp, 45, 13, 15, 5, 10) - ASMR3(ebp, eax, ebx, ecx, edx, 46, 14, 0, 6, 11) - ASMR3(edx, ebp, eax, ebx, ecx, 47, 15, 1, 7, 12) - ASMR3(ecx, edx, ebp, eax, ebx, 48, 0, 2, 8, 13) - ASMR3(ebx, ecx, edx, ebp, eax, 49, 1, 3, 9, 14) - ASMR3(eax, ebx, ecx, edx, ebp, 50, 2, 4, 10, 15) - ASMR3(ebp, eax, ebx, ecx, edx, 51, 3, 5, 11, 0) - ASMR3(edx, ebp, eax, ebx, ecx, 52, 4, 6, 12, 1) - ASMR3(ecx, edx, ebp, eax, ebx, 53, 5, 7, 13, 2) - ASMR3(ebx, ecx, edx, ebp, eax, 54, 6, 8, 14, 3) - ASMR3(eax, ebx, ecx, edx, ebp, 55, 7, 9, 15, 4) - ASMR3(ebp, eax, ebx, ecx, edx, 56, 8, 10, 0, 5) - ASMR3(edx, ebp, eax, ebx, ecx, 57, 9, 11, 1, 6) - ASMR3(ecx, edx, ebp, eax, ebx, 58, 10, 12, 2, 7) - ASMR3(ebx, ecx, edx, ebp, eax, 59, 11, 13, 3, 8) - - ASMR4(eax, ebx, ecx, edx, ebp, 60, 12, 14, 4, 9) - ASMR4(ebp, eax, ebx, ecx, edx, 61, 13, 15, 5, 10) - ASMR4(edx, ebp, eax, ebx, ecx, 62, 14, 0, 6, 11) - ASMR4(ecx, edx, ebp, eax, ebx, 63, 15, 1, 7, 12) - ASMR4(ebx, ecx, edx, ebp, eax, 64, 0, 2, 8, 13) - ASMR4(eax, ebx, ecx, edx, ebp, 65, 1, 3, 9, 14) - ASMR4(ebp, eax, ebx, ecx, edx, 66, 2, 4, 10, 15) - ASMR4(edx, ebp, eax, ebx, ecx, 67, 3, 5, 11, 0) - ASMR4(ecx, edx, ebp, eax, ebx, 68, 4, 6, 12, 1) - ASMR4(ebx, ecx, edx, ebp, eax, 69, 5, 7, 13, 2) - ASMR4(eax, ebx, ecx, edx, ebp, 70, 6, 8, 14, 3) - ASMR4(ebp, eax, ebx, ecx, edx, 71, 7, 9, 15, 4) - ASMR4(edx, ebp, eax, ebx, ecx, 72, 8, 10, 0, 5) - ASMR4(ecx, edx, ebp, eax, ebx, 73, 9, 11, 1, 6) - ASMR4(ebx, ecx, edx, ebp, eax, 74, 10, 12, 2, 7) - ASMR4(eax, ebx, ecx, edx, ebp, 75, 11, 13, 3, 8) - ASMR4(ebp, eax, ebx, ecx, edx, 76, 12, 14, 4, 9) - ASMR4(edx, ebp, eax, ebx, ecx, 77, 13, 15, 5, 10) - ASMR4(ecx, edx, ebp, eax, ebx, 78, 14, 0, 6, 11) - ASMR4(ebx, ecx, edx, ebp, eax, 79, 15, 1, 7, 12) - - - AS2( movd esi, mm1 ) // digest_ - - AS2( add [esi], eax ) // write out - AS2( add [esi + 4], ebx ) - AS2( add [esi + 8], ecx ) - AS2( add [esi + 12], edx ) - AS2( add [esi + 16], ebp ) - - // setup next round - AS2( movd ebp, mm2 ) // times - - AS2( mov edi, DWORD PTR [esp + 64] ) // data - - AS2( add edi, 64 ) // next round of data - AS2( mov [esp + 64], edi ) // restore - - AS1( dec ebp ) - AS2( movd mm2, ebp ) -#ifdef _MSC_VER - AS1( jnz loopStart ) // loopStart -#else - AS1( jnz 0b ) // loopStart -#endif - - // inline adjust - AS2( add esp, 68 ) // fix room on stack - - EPILOG() -} - - -#endif // DO_SHA_ASM - -} // namespace diff --git a/extra/yassl/taocrypt/src/tftables.cpp b/extra/yassl/taocrypt/src/tftables.cpp deleted file mode 100644 index 1dd4a846abd..00000000000 --- a/extra/yassl/taocrypt/src/tftables.cpp +++ /dev/null @@ -1,350 +0,0 @@ -/* - Copyright (C) 2000-2007 MySQL AB - Use is subject to license terms - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* based on Wei Dai's tftables.cpp from CryptoPP */ - -#include "runtime.hpp" -#include "twofish.hpp" - - -namespace TaoCrypt { - - -const byte Twofish::q_[2][256] = { -{ - 0xA9, 0x67, 0xB3, 0xE8, 0x04, 0xFD, 0xA3, 0x76, 0x9A, 0x92, 0x80, 0x78, - 0xE4, 0xDD, 0xD1, 0x38, 0x0D, 0xC6, 0x35, 0x98, 0x18, 0xF7, 0xEC, 0x6C, - 0x43, 0x75, 0x37, 0x26, 0xFA, 0x13, 0x94, 0x48, 0xF2, 0xD0, 0x8B, 0x30, - 0x84, 0x54, 0xDF, 0x23, 0x19, 0x5B, 0x3D, 0x59, 0xF3, 0xAE, 0xA2, 0x82, - 0x63, 0x01, 0x83, 0x2E, 0xD9, 0x51, 0x9B, 0x7C, 0xA6, 0xEB, 0xA5, 0xBE, - 0x16, 0x0C, 0xE3, 0x61, 0xC0, 0x8C, 0x3A, 0xF5, 0x73, 0x2C, 0x25, 0x0B, - 0xBB, 0x4E, 0x89, 0x6B, 0x53, 0x6A, 0xB4, 0xF1, 0xE1, 0xE6, 0xBD, 0x45, - 0xE2, 0xF4, 0xB6, 0x66, 0xCC, 0x95, 0x03, 0x56, 0xD4, 0x1C, 0x1E, 0xD7, - 0xFB, 0xC3, 0x8E, 0xB5, 0xE9, 0xCF, 0xBF, 0xBA, 0xEA, 0x77, 0x39, 0xAF, - 0x33, 0xC9, 0x62, 0x71, 0x81, 0x79, 0x09, 0xAD, 0x24, 0xCD, 0xF9, 0xD8, - 0xE5, 0xC5, 0xB9, 0x4D, 0x44, 0x08, 0x86, 0xE7, 0xA1, 0x1D, 0xAA, 0xED, - 0x06, 0x70, 0xB2, 0xD2, 0x41, 0x7B, 0xA0, 0x11, 0x31, 0xC2, 0x27, 0x90, - 0x20, 0xF6, 0x60, 0xFF, 0x96, 0x5C, 0xB1, 0xAB, 0x9E, 0x9C, 0x52, 0x1B, - 0x5F, 0x93, 0x0A, 0xEF, 0x91, 0x85, 0x49, 0xEE, 0x2D, 0x4F, 0x8F, 0x3B, - 0x47, 0x87, 0x6D, 0x46, 0xD6, 0x3E, 0x69, 0x64, 0x2A, 0xCE, 0xCB, 0x2F, - 0xFC, 0x97, 0x05, 0x7A, 0xAC, 0x7F, 0xD5, 0x1A, 0x4B, 0x0E, 0xA7, 0x5A, - 0x28, 0x14, 0x3F, 0x29, 0x88, 0x3C, 0x4C, 0x02, 0xB8, 0xDA, 0xB0, 0x17, - 0x55, 0x1F, 0x8A, 0x7D, 0x57, 0xC7, 0x8D, 0x74, 0xB7, 0xC4, 0x9F, 0x72, - 0x7E, 0x15, 0x22, 0x12, 0x58, 0x07, 0x99, 0x34, 0x6E, 0x50, 0xDE, 0x68, - 0x65, 0xBC, 0xDB, 0xF8, 0xC8, 0xA8, 0x2B, 0x40, 0xDC, 0xFE, 0x32, 0xA4, - 0xCA, 0x10, 0x21, 0xF0, 0xD3, 0x5D, 0x0F, 0x00, 0x6F, 0x9D, 0x36, 0x42, - 0x4A, 0x5E, 0xC1, 0xE0 -}, -{ - 0x75, 0xF3, 0xC6, 0xF4, 0xDB, 0x7B, 0xFB, 0xC8, 0x4A, 0xD3, 0xE6, 0x6B, - 0x45, 0x7D, 0xE8, 0x4B, 0xD6, 0x32, 0xD8, 0xFD, 0x37, 0x71, 0xF1, 0xE1, - 0x30, 0x0F, 0xF8, 0x1B, 0x87, 0xFA, 0x06, 0x3F, 0x5E, 0xBA, 0xAE, 0x5B, - 0x8A, 0x00, 0xBC, 0x9D, 0x6D, 0xC1, 0xB1, 0x0E, 0x80, 0x5D, 0xD2, 0xD5, - 0xA0, 0x84, 0x07, 0x14, 0xB5, 0x90, 0x2C, 0xA3, 0xB2, 0x73, 0x4C, 0x54, - 0x92, 0x74, 0x36, 0x51, 0x38, 0xB0, 0xBD, 0x5A, 0xFC, 0x60, 0x62, 0x96, - 0x6C, 0x42, 0xF7, 0x10, 0x7C, 0x28, 0x27, 0x8C, 0x13, 0x95, 0x9C, 0xC7, - 0x24, 0x46, 0x3B, 0x70, 0xCA, 0xE3, 0x85, 0xCB, 0x11, 0xD0, 0x93, 0xB8, - 0xA6, 0x83, 0x20, 0xFF, 0x9F, 0x77, 0xC3, 0xCC, 0x03, 0x6F, 0x08, 0xBF, - 0x40, 0xE7, 0x2B, 0xE2, 0x79, 0x0C, 0xAA, 0x82, 0x41, 0x3A, 0xEA, 0xB9, - 0xE4, 0x9A, 0xA4, 0x97, 0x7E, 0xDA, 0x7A, 0x17, 0x66, 0x94, 0xA1, 0x1D, - 0x3D, 0xF0, 0xDE, 0xB3, 0x0B, 0x72, 0xA7, 0x1C, 0xEF, 0xD1, 0x53, 0x3E, - 0x8F, 0x33, 0x26, 0x5F, 0xEC, 0x76, 0x2A, 0x49, 0x81, 0x88, 0xEE, 0x21, - 0xC4, 0x1A, 0xEB, 0xD9, 0xC5, 0x39, 0x99, 0xCD, 0xAD, 0x31, 0x8B, 0x01, - 0x18, 0x23, 0xDD, 0x1F, 0x4E, 0x2D, 0xF9, 0x48, 0x4F, 0xF2, 0x65, 0x8E, - 0x78, 0x5C, 0x58, 0x19, 0x8D, 0xE5, 0x98, 0x57, 0x67, 0x7F, 0x05, 0x64, - 0xAF, 0x63, 0xB6, 0xFE, 0xF5, 0xB7, 0x3C, 0xA5, 0xCE, 0xE9, 0x68, 0x44, - 0xE0, 0x4D, 0x43, 0x69, 0x29, 0x2E, 0xAC, 0x15, 0x59, 0xA8, 0x0A, 0x9E, - 0x6E, 0x47, 0xDF, 0x34, 0x35, 0x6A, 0xCF, 0xDC, 0x22, 0xC9, 0xC0, 0x9B, - 0x89, 0xD4, 0xED, 0xAB, 0x12, 0xA2, 0x0D, 0x52, 0xBB, 0x02, 0x2F, 0xA9, - 0xD7, 0x61, 0x1E, 0xB4, 0x50, 0x04, 0xF6, 0xC2, 0x16, 0x25, 0x86, 0x56, - 0x55, 0x09, 0xBE, 0x91 -} -}; - - -const word32 Twofish::mds_[4][256] = { - { - 0xbcbc3275, 0xecec21f3, 0x202043c6, 0xb3b3c9f4, - 0xdada03db, 0x02028b7b, 0xe2e22bfb, 0x9e9efac8, - 0xc9c9ec4a, 0xd4d409d3, 0x18186be6, 0x1e1e9f6b, - 0x98980e45, 0xb2b2387d, 0xa6a6d2e8, 0x2626b74b, - 0x3c3c57d6, 0x93938a32, 0x8282eed8, 0x525298fd, - 0x7b7bd437, 0xbbbb3771, 0x5b5b97f1, 0x474783e1, - 0x24243c30, 0x5151e20f, 0xbabac6f8, 0x4a4af31b, - 0xbfbf4887, 0x0d0d70fa, 0xb0b0b306, 0x7575de3f, - 0xd2d2fd5e, 0x7d7d20ba, 0x666631ae, 0x3a3aa35b, - 0x59591c8a, 0x00000000, 0xcdcd93bc, 0x1a1ae09d, - 0xaeae2c6d, 0x7f7fabc1, 0x2b2bc7b1, 0xbebeb90e, - 0xe0e0a080, 0x8a8a105d, 0x3b3b52d2, 0x6464bad5, - 0xd8d888a0, 0xe7e7a584, 0x5f5fe807, 0x1b1b1114, - 0x2c2cc2b5, 0xfcfcb490, 0x3131272c, 0x808065a3, - 0x73732ab2, 0x0c0c8173, 0x79795f4c, 0x6b6b4154, - 0x4b4b0292, 0x53536974, 0x94948f36, 0x83831f51, - 0x2a2a3638, 0xc4c49cb0, 0x2222c8bd, 0xd5d5f85a, - 0xbdbdc3fc, 0x48487860, 0xffffce62, 0x4c4c0796, - 0x4141776c, 0xc7c7e642, 0xebeb24f7, 0x1c1c1410, - 0x5d5d637c, 0x36362228, 0x6767c027, 0xe9e9af8c, - 0x4444f913, 0x1414ea95, 0xf5f5bb9c, 0xcfcf18c7, - 0x3f3f2d24, 0xc0c0e346, 0x7272db3b, 0x54546c70, - 0x29294cca, 0xf0f035e3, 0x0808fe85, 0xc6c617cb, - 0xf3f34f11, 0x8c8ce4d0, 0xa4a45993, 0xcaca96b8, - 0x68683ba6, 0xb8b84d83, 0x38382820, 0xe5e52eff, - 0xadad569f, 0x0b0b8477, 0xc8c81dc3, 0x9999ffcc, - 0x5858ed03, 0x19199a6f, 0x0e0e0a08, 0x95957ebf, - 0x70705040, 0xf7f730e7, 0x6e6ecf2b, 0x1f1f6ee2, - 0xb5b53d79, 0x09090f0c, 0x616134aa, 0x57571682, - 0x9f9f0b41, 0x9d9d803a, 0x111164ea, 0x2525cdb9, - 0xafafdde4, 0x4545089a, 0xdfdf8da4, 0xa3a35c97, - 0xeaead57e, 0x353558da, 0xededd07a, 0x4343fc17, - 0xf8f8cb66, 0xfbfbb194, 0x3737d3a1, 0xfafa401d, - 0xc2c2683d, 0xb4b4ccf0, 0x32325dde, 0x9c9c71b3, - 0x5656e70b, 0xe3e3da72, 0x878760a7, 0x15151b1c, - 0xf9f93aef, 0x6363bfd1, 0x3434a953, 0x9a9a853e, - 0xb1b1428f, 0x7c7cd133, 0x88889b26, 0x3d3da65f, - 0xa1a1d7ec, 0xe4e4df76, 0x8181942a, 0x91910149, - 0x0f0ffb81, 0xeeeeaa88, 0x161661ee, 0xd7d77321, - 0x9797f5c4, 0xa5a5a81a, 0xfefe3feb, 0x6d6db5d9, - 0x7878aec5, 0xc5c56d39, 0x1d1de599, 0x7676a4cd, - 0x3e3edcad, 0xcbcb6731, 0xb6b6478b, 0xefef5b01, - 0x12121e18, 0x6060c523, 0x6a6ab0dd, 0x4d4df61f, - 0xcecee94e, 0xdede7c2d, 0x55559df9, 0x7e7e5a48, - 0x2121b24f, 0x03037af2, 0xa0a02665, 0x5e5e198e, - 0x5a5a6678, 0x65654b5c, 0x62624e58, 0xfdfd4519, - 0x0606f48d, 0x404086e5, 0xf2f2be98, 0x3333ac57, - 0x17179067, 0x05058e7f, 0xe8e85e05, 0x4f4f7d64, - 0x89896aaf, 0x10109563, 0x74742fb6, 0x0a0a75fe, - 0x5c5c92f5, 0x9b9b74b7, 0x2d2d333c, 0x3030d6a5, - 0x2e2e49ce, 0x494989e9, 0x46467268, 0x77775544, - 0xa8a8d8e0, 0x9696044d, 0x2828bd43, 0xa9a92969, - 0xd9d97929, 0x8686912e, 0xd1d187ac, 0xf4f44a15, - 0x8d8d1559, 0xd6d682a8, 0xb9b9bc0a, 0x42420d9e, - 0xf6f6c16e, 0x2f2fb847, 0xdddd06df, 0x23233934, - 0xcccc6235, 0xf1f1c46a, 0xc1c112cf, 0x8585ebdc, - 0x8f8f9e22, 0x7171a1c9, 0x9090f0c0, 0xaaaa539b, - 0x0101f189, 0x8b8be1d4, 0x4e4e8ced, 0x8e8e6fab, - 0xababa212, 0x6f6f3ea2, 0xe6e6540d, 0xdbdbf252, - 0x92927bbb, 0xb7b7b602, 0x6969ca2f, 0x3939d9a9, - 0xd3d30cd7, 0xa7a72361, 0xa2a2ad1e, 0xc3c399b4, - 0x6c6c4450, 0x07070504, 0x04047ff6, 0x272746c2, - 0xacaca716, 0xd0d07625, 0x50501386, 0xdcdcf756, - 0x84841a55, 0xe1e15109, 0x7a7a25be, 0x1313ef91 - }, - { - 0xa9d93939, 0x67901717, 0xb3719c9c, 0xe8d2a6a6, - 0x04050707, 0xfd985252, 0xa3658080, 0x76dfe4e4, - 0x9a084545, 0x92024b4b, 0x80a0e0e0, 0x78665a5a, - 0xe4ddafaf, 0xddb06a6a, 0xd1bf6363, 0x38362a2a, - 0x0d54e6e6, 0xc6432020, 0x3562cccc, 0x98bef2f2, - 0x181e1212, 0xf724ebeb, 0xecd7a1a1, 0x6c774141, - 0x43bd2828, 0x7532bcbc, 0x37d47b7b, 0x269b8888, - 0xfa700d0d, 0x13f94444, 0x94b1fbfb, 0x485a7e7e, - 0xf27a0303, 0xd0e48c8c, 0x8b47b6b6, 0x303c2424, - 0x84a5e7e7, 0x54416b6b, 0xdf06dddd, 0x23c56060, - 0x1945fdfd, 0x5ba33a3a, 0x3d68c2c2, 0x59158d8d, - 0xf321ecec, 0xae316666, 0xa23e6f6f, 0x82165757, - 0x63951010, 0x015befef, 0x834db8b8, 0x2e918686, - 0xd9b56d6d, 0x511f8383, 0x9b53aaaa, 0x7c635d5d, - 0xa63b6868, 0xeb3ffefe, 0xa5d63030, 0xbe257a7a, - 0x16a7acac, 0x0c0f0909, 0xe335f0f0, 0x6123a7a7, - 0xc0f09090, 0x8cafe9e9, 0x3a809d9d, 0xf5925c5c, - 0x73810c0c, 0x2c273131, 0x2576d0d0, 0x0be75656, - 0xbb7b9292, 0x4ee9cece, 0x89f10101, 0x6b9f1e1e, - 0x53a93434, 0x6ac4f1f1, 0xb499c3c3, 0xf1975b5b, - 0xe1834747, 0xe66b1818, 0xbdc82222, 0x450e9898, - 0xe26e1f1f, 0xf4c9b3b3, 0xb62f7474, 0x66cbf8f8, - 0xccff9999, 0x95ea1414, 0x03ed5858, 0x56f7dcdc, - 0xd4e18b8b, 0x1c1b1515, 0x1eada2a2, 0xd70cd3d3, - 0xfb2be2e2, 0xc31dc8c8, 0x8e195e5e, 0xb5c22c2c, - 0xe9894949, 0xcf12c1c1, 0xbf7e9595, 0xba207d7d, - 0xea641111, 0x77840b0b, 0x396dc5c5, 0xaf6a8989, - 0x33d17c7c, 0xc9a17171, 0x62ceffff, 0x7137bbbb, - 0x81fb0f0f, 0x793db5b5, 0x0951e1e1, 0xaddc3e3e, - 0x242d3f3f, 0xcda47676, 0xf99d5555, 0xd8ee8282, - 0xe5864040, 0xc5ae7878, 0xb9cd2525, 0x4d049696, - 0x44557777, 0x080a0e0e, 0x86135050, 0xe730f7f7, - 0xa1d33737, 0x1d40fafa, 0xaa346161, 0xed8c4e4e, - 0x06b3b0b0, 0x706c5454, 0xb22a7373, 0xd2523b3b, - 0x410b9f9f, 0x7b8b0202, 0xa088d8d8, 0x114ff3f3, - 0x3167cbcb, 0xc2462727, 0x27c06767, 0x90b4fcfc, - 0x20283838, 0xf67f0404, 0x60784848, 0xff2ee5e5, - 0x96074c4c, 0x5c4b6565, 0xb1c72b2b, 0xab6f8e8e, - 0x9e0d4242, 0x9cbbf5f5, 0x52f2dbdb, 0x1bf34a4a, - 0x5fa63d3d, 0x9359a4a4, 0x0abcb9b9, 0xef3af9f9, - 0x91ef1313, 0x85fe0808, 0x49019191, 0xee611616, - 0x2d7cdede, 0x4fb22121, 0x8f42b1b1, 0x3bdb7272, - 0x47b82f2f, 0x8748bfbf, 0x6d2caeae, 0x46e3c0c0, - 0xd6573c3c, 0x3e859a9a, 0x6929a9a9, 0x647d4f4f, - 0x2a948181, 0xce492e2e, 0xcb17c6c6, 0x2fca6969, - 0xfcc3bdbd, 0x975ca3a3, 0x055ee8e8, 0x7ad0eded, - 0xac87d1d1, 0x7f8e0505, 0xd5ba6464, 0x1aa8a5a5, - 0x4bb72626, 0x0eb9bebe, 0xa7608787, 0x5af8d5d5, - 0x28223636, 0x14111b1b, 0x3fde7575, 0x2979d9d9, - 0x88aaeeee, 0x3c332d2d, 0x4c5f7979, 0x02b6b7b7, - 0xb896caca, 0xda583535, 0xb09cc4c4, 0x17fc4343, - 0x551a8484, 0x1ff64d4d, 0x8a1c5959, 0x7d38b2b2, - 0x57ac3333, 0xc718cfcf, 0x8df40606, 0x74695353, - 0xb7749b9b, 0xc4f59797, 0x9f56adad, 0x72dae3e3, - 0x7ed5eaea, 0x154af4f4, 0x229e8f8f, 0x12a2abab, - 0x584e6262, 0x07e85f5f, 0x99e51d1d, 0x34392323, - 0x6ec1f6f6, 0x50446c6c, 0xde5d3232, 0x68724646, - 0x6526a0a0, 0xbc93cdcd, 0xdb03dada, 0xf8c6baba, - 0xc8fa9e9e, 0xa882d6d6, 0x2bcf6e6e, 0x40507070, - 0xdceb8585, 0xfe750a0a, 0x328a9393, 0xa48ddfdf, - 0xca4c2929, 0x10141c1c, 0x2173d7d7, 0xf0ccb4b4, - 0xd309d4d4, 0x5d108a8a, 0x0fe25151, 0x00000000, - 0x6f9a1919, 0x9de01a1a, 0x368f9494, 0x42e6c7c7, - 0x4aecc9c9, 0x5efdd2d2, 0xc1ab7f7f, 0xe0d8a8a8 - }, - { - 0xbc75bc32, 0xecf3ec21, 0x20c62043, 0xb3f4b3c9, - 0xdadbda03, 0x027b028b, 0xe2fbe22b, 0x9ec89efa, - 0xc94ac9ec, 0xd4d3d409, 0x18e6186b, 0x1e6b1e9f, - 0x9845980e, 0xb27db238, 0xa6e8a6d2, 0x264b26b7, - 0x3cd63c57, 0x9332938a, 0x82d882ee, 0x52fd5298, - 0x7b377bd4, 0xbb71bb37, 0x5bf15b97, 0x47e14783, - 0x2430243c, 0x510f51e2, 0xbaf8bac6, 0x4a1b4af3, - 0xbf87bf48, 0x0dfa0d70, 0xb006b0b3, 0x753f75de, - 0xd25ed2fd, 0x7dba7d20, 0x66ae6631, 0x3a5b3aa3, - 0x598a591c, 0x00000000, 0xcdbccd93, 0x1a9d1ae0, - 0xae6dae2c, 0x7fc17fab, 0x2bb12bc7, 0xbe0ebeb9, - 0xe080e0a0, 0x8a5d8a10, 0x3bd23b52, 0x64d564ba, - 0xd8a0d888, 0xe784e7a5, 0x5f075fe8, 0x1b141b11, - 0x2cb52cc2, 0xfc90fcb4, 0x312c3127, 0x80a38065, - 0x73b2732a, 0x0c730c81, 0x794c795f, 0x6b546b41, - 0x4b924b02, 0x53745369, 0x9436948f, 0x8351831f, - 0x2a382a36, 0xc4b0c49c, 0x22bd22c8, 0xd55ad5f8, - 0xbdfcbdc3, 0x48604878, 0xff62ffce, 0x4c964c07, - 0x416c4177, 0xc742c7e6, 0xebf7eb24, 0x1c101c14, - 0x5d7c5d63, 0x36283622, 0x672767c0, 0xe98ce9af, - 0x441344f9, 0x149514ea, 0xf59cf5bb, 0xcfc7cf18, - 0x3f243f2d, 0xc046c0e3, 0x723b72db, 0x5470546c, - 0x29ca294c, 0xf0e3f035, 0x088508fe, 0xc6cbc617, - 0xf311f34f, 0x8cd08ce4, 0xa493a459, 0xcab8ca96, - 0x68a6683b, 0xb883b84d, 0x38203828, 0xe5ffe52e, - 0xad9fad56, 0x0b770b84, 0xc8c3c81d, 0x99cc99ff, - 0x580358ed, 0x196f199a, 0x0e080e0a, 0x95bf957e, - 0x70407050, 0xf7e7f730, 0x6e2b6ecf, 0x1fe21f6e, - 0xb579b53d, 0x090c090f, 0x61aa6134, 0x57825716, - 0x9f419f0b, 0x9d3a9d80, 0x11ea1164, 0x25b925cd, - 0xafe4afdd, 0x459a4508, 0xdfa4df8d, 0xa397a35c, - 0xea7eead5, 0x35da3558, 0xed7aedd0, 0x431743fc, - 0xf866f8cb, 0xfb94fbb1, 0x37a137d3, 0xfa1dfa40, - 0xc23dc268, 0xb4f0b4cc, 0x32de325d, 0x9cb39c71, - 0x560b56e7, 0xe372e3da, 0x87a78760, 0x151c151b, - 0xf9eff93a, 0x63d163bf, 0x345334a9, 0x9a3e9a85, - 0xb18fb142, 0x7c337cd1, 0x8826889b, 0x3d5f3da6, - 0xa1eca1d7, 0xe476e4df, 0x812a8194, 0x91499101, - 0x0f810ffb, 0xee88eeaa, 0x16ee1661, 0xd721d773, - 0x97c497f5, 0xa51aa5a8, 0xfeebfe3f, 0x6dd96db5, - 0x78c578ae, 0xc539c56d, 0x1d991de5, 0x76cd76a4, - 0x3ead3edc, 0xcb31cb67, 0xb68bb647, 0xef01ef5b, - 0x1218121e, 0x602360c5, 0x6add6ab0, 0x4d1f4df6, - 0xce4ecee9, 0xde2dde7c, 0x55f9559d, 0x7e487e5a, - 0x214f21b2, 0x03f2037a, 0xa065a026, 0x5e8e5e19, - 0x5a785a66, 0x655c654b, 0x6258624e, 0xfd19fd45, - 0x068d06f4, 0x40e54086, 0xf298f2be, 0x335733ac, - 0x17671790, 0x057f058e, 0xe805e85e, 0x4f644f7d, - 0x89af896a, 0x10631095, 0x74b6742f, 0x0afe0a75, - 0x5cf55c92, 0x9bb79b74, 0x2d3c2d33, 0x30a530d6, - 0x2ece2e49, 0x49e94989, 0x46684672, 0x77447755, - 0xa8e0a8d8, 0x964d9604, 0x284328bd, 0xa969a929, - 0xd929d979, 0x862e8691, 0xd1acd187, 0xf415f44a, - 0x8d598d15, 0xd6a8d682, 0xb90ab9bc, 0x429e420d, - 0xf66ef6c1, 0x2f472fb8, 0xdddfdd06, 0x23342339, - 0xcc35cc62, 0xf16af1c4, 0xc1cfc112, 0x85dc85eb, - 0x8f228f9e, 0x71c971a1, 0x90c090f0, 0xaa9baa53, - 0x018901f1, 0x8bd48be1, 0x4eed4e8c, 0x8eab8e6f, - 0xab12aba2, 0x6fa26f3e, 0xe60de654, 0xdb52dbf2, - 0x92bb927b, 0xb702b7b6, 0x692f69ca, 0x39a939d9, - 0xd3d7d30c, 0xa761a723, 0xa21ea2ad, 0xc3b4c399, - 0x6c506c44, 0x07040705, 0x04f6047f, 0x27c22746, - 0xac16aca7, 0xd025d076, 0x50865013, 0xdc56dcf7, - 0x8455841a, 0xe109e151, 0x7abe7a25, 0x139113ef - }, - { - 0xd939a9d9, 0x90176790, 0x719cb371, 0xd2a6e8d2, - 0x05070405, 0x9852fd98, 0x6580a365, 0xdfe476df, - 0x08459a08, 0x024b9202, 0xa0e080a0, 0x665a7866, - 0xddafe4dd, 0xb06addb0, 0xbf63d1bf, 0x362a3836, - 0x54e60d54, 0x4320c643, 0x62cc3562, 0xbef298be, - 0x1e12181e, 0x24ebf724, 0xd7a1ecd7, 0x77416c77, - 0xbd2843bd, 0x32bc7532, 0xd47b37d4, 0x9b88269b, - 0x700dfa70, 0xf94413f9, 0xb1fb94b1, 0x5a7e485a, - 0x7a03f27a, 0xe48cd0e4, 0x47b68b47, 0x3c24303c, - 0xa5e784a5, 0x416b5441, 0x06dddf06, 0xc56023c5, - 0x45fd1945, 0xa33a5ba3, 0x68c23d68, 0x158d5915, - 0x21ecf321, 0x3166ae31, 0x3e6fa23e, 0x16578216, - 0x95106395, 0x5bef015b, 0x4db8834d, 0x91862e91, - 0xb56dd9b5, 0x1f83511f, 0x53aa9b53, 0x635d7c63, - 0x3b68a63b, 0x3ffeeb3f, 0xd630a5d6, 0x257abe25, - 0xa7ac16a7, 0x0f090c0f, 0x35f0e335, 0x23a76123, - 0xf090c0f0, 0xafe98caf, 0x809d3a80, 0x925cf592, - 0x810c7381, 0x27312c27, 0x76d02576, 0xe7560be7, - 0x7b92bb7b, 0xe9ce4ee9, 0xf10189f1, 0x9f1e6b9f, - 0xa93453a9, 0xc4f16ac4, 0x99c3b499, 0x975bf197, - 0x8347e183, 0x6b18e66b, 0xc822bdc8, 0x0e98450e, - 0x6e1fe26e, 0xc9b3f4c9, 0x2f74b62f, 0xcbf866cb, - 0xff99ccff, 0xea1495ea, 0xed5803ed, 0xf7dc56f7, - 0xe18bd4e1, 0x1b151c1b, 0xada21ead, 0x0cd3d70c, - 0x2be2fb2b, 0x1dc8c31d, 0x195e8e19, 0xc22cb5c2, - 0x8949e989, 0x12c1cf12, 0x7e95bf7e, 0x207dba20, - 0x6411ea64, 0x840b7784, 0x6dc5396d, 0x6a89af6a, - 0xd17c33d1, 0xa171c9a1, 0xceff62ce, 0x37bb7137, - 0xfb0f81fb, 0x3db5793d, 0x51e10951, 0xdc3eaddc, - 0x2d3f242d, 0xa476cda4, 0x9d55f99d, 0xee82d8ee, - 0x8640e586, 0xae78c5ae, 0xcd25b9cd, 0x04964d04, - 0x55774455, 0x0a0e080a, 0x13508613, 0x30f7e730, - 0xd337a1d3, 0x40fa1d40, 0x3461aa34, 0x8c4eed8c, - 0xb3b006b3, 0x6c54706c, 0x2a73b22a, 0x523bd252, - 0x0b9f410b, 0x8b027b8b, 0x88d8a088, 0x4ff3114f, - 0x67cb3167, 0x4627c246, 0xc06727c0, 0xb4fc90b4, - 0x28382028, 0x7f04f67f, 0x78486078, 0x2ee5ff2e, - 0x074c9607, 0x4b655c4b, 0xc72bb1c7, 0x6f8eab6f, - 0x0d429e0d, 0xbbf59cbb, 0xf2db52f2, 0xf34a1bf3, - 0xa63d5fa6, 0x59a49359, 0xbcb90abc, 0x3af9ef3a, - 0xef1391ef, 0xfe0885fe, 0x01914901, 0x6116ee61, - 0x7cde2d7c, 0xb2214fb2, 0x42b18f42, 0xdb723bdb, - 0xb82f47b8, 0x48bf8748, 0x2cae6d2c, 0xe3c046e3, - 0x573cd657, 0x859a3e85, 0x29a96929, 0x7d4f647d, - 0x94812a94, 0x492ece49, 0x17c6cb17, 0xca692fca, - 0xc3bdfcc3, 0x5ca3975c, 0x5ee8055e, 0xd0ed7ad0, - 0x87d1ac87, 0x8e057f8e, 0xba64d5ba, 0xa8a51aa8, - 0xb7264bb7, 0xb9be0eb9, 0x6087a760, 0xf8d55af8, - 0x22362822, 0x111b1411, 0xde753fde, 0x79d92979, - 0xaaee88aa, 0x332d3c33, 0x5f794c5f, 0xb6b702b6, - 0x96cab896, 0x5835da58, 0x9cc4b09c, 0xfc4317fc, - 0x1a84551a, 0xf64d1ff6, 0x1c598a1c, 0x38b27d38, - 0xac3357ac, 0x18cfc718, 0xf4068df4, 0x69537469, - 0x749bb774, 0xf597c4f5, 0x56ad9f56, 0xdae372da, - 0xd5ea7ed5, 0x4af4154a, 0x9e8f229e, 0xa2ab12a2, - 0x4e62584e, 0xe85f07e8, 0xe51d99e5, 0x39233439, - 0xc1f66ec1, 0x446c5044, 0x5d32de5d, 0x72466872, - 0x26a06526, 0x93cdbc93, 0x03dadb03, 0xc6baf8c6, - 0xfa9ec8fa, 0x82d6a882, 0xcf6e2bcf, 0x50704050, - 0xeb85dceb, 0x750afe75, 0x8a93328a, 0x8ddfa48d, - 0x4c29ca4c, 0x141c1014, 0x73d72173, 0xccb4f0cc, - 0x09d4d309, 0x108a5d10, 0xe2510fe2, 0x00000000, - 0x9a196f9a, 0xe01a9de0, 0x8f94368f, 0xe6c742e6, - 0xecc94aec, 0xfdd25efd, 0xab7fc1ab, 0xd8a8e0d8 - } -}; - - -} // namespace - diff --git a/extra/yassl/taocrypt/src/twofish.cpp b/extra/yassl/taocrypt/src/twofish.cpp deleted file mode 100644 index 2e28ae52cd3..00000000000 --- a/extra/yassl/taocrypt/src/twofish.cpp +++ /dev/null @@ -1,582 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* C++ based on Wei Dai's twofish.cpp from CryptoPP */ -/* x86 asm original */ - - -#if defined(TAOCRYPT_KERNEL_MODE) - #define DO_TAOCRYPT_KERNEL_MODE -#endif // only some modules now support this - -#include "runtime.hpp" -#include "twofish.hpp" - - - -namespace TaoCrypt { - - -#if defined(DO_TWOFISH_ASM) - -// ia32 optimized version -void Twofish::Process(byte* out, const byte* in, word32 sz) -{ - if (!isMMX) { - Mode_BASE::Process(out, in, sz); - return; - } - - word32 blocks = sz / BLOCK_SIZE; - - if (mode_ == ECB) - while (blocks--) { - if (dir_ == ENCRYPTION) - AsmEncrypt(in, out); - else - AsmDecrypt(in, out); - - out += BLOCK_SIZE; - in += BLOCK_SIZE; - } - else if (mode_ == CBC) { - if (dir_ == ENCRYPTION) { - while (blocks--) { - r_[0] ^= *(word32*)in; - r_[1] ^= *(word32*)(in + 4); - r_[2] ^= *(word32*)(in + 8); - r_[3] ^= *(word32*)(in + 12); - - AsmEncrypt((byte*)r_, (byte*)r_); - memcpy(out, r_, BLOCK_SIZE); - - out += BLOCK_SIZE; - in += BLOCK_SIZE; - } - } - else { - while (blocks--) { - AsmDecrypt(in, out); - - *(word32*)out ^= r_[0]; - *(word32*)(out + 4) ^= r_[1]; - *(word32*)(out + 8) ^= r_[2]; - *(word32*)(out + 12) ^= r_[3]; - - memcpy(r_, in, BLOCK_SIZE); - - out += BLOCK_SIZE; - in += BLOCK_SIZE; - } - } - } -} - -#endif // DO_TWOFISH_ASM - - -namespace { // locals - -// compute (c * x^4) mod (x^4 + (a + 1/a) * x^3 + a * x^2 + (a + 1/a) * x + 1) -// over GF(256) -static inline unsigned int Mod(unsigned int c) -{ - static const unsigned int modulus = 0x14d; - unsigned int c2 = (c<<1) ^ ((c & 0x80) ? modulus : 0); - unsigned int c1 = c2 ^ (c>>1) ^ ((c & 1) ? (modulus>>1) : 0); - return c | (c1 << 8) | (c2 << 16) | (c1 << 24); -} - -// compute RS(12,8) code with the above polynomial as generator -// this is equivalent to multiplying by the RS matrix -static word32 ReedSolomon(word32 high, word32 low) -{ - for (unsigned int i=0; i<8; i++) { - high = Mod(high>>24) ^ (high<<8) ^ (low>>24); - low <<= 8; - } - return high; -} - -} // local namespace - - - -inline word32 Twofish::h0(word32 x, const word32* key, unsigned int kLen) -{ - x = x | (x<<8) | (x<<16) | (x<<24); - switch(kLen) - { -#define Q(a, b, c, d, t) q_[a][GETBYTE(t,0)] ^ (q_[b][GETBYTE(t,1)] << 8) ^ \ - (q_[c][GETBYTE(t,2)] << 16) ^ (q_[d][GETBYTE(t,3)] << 24) - case 4: x = Q(1, 0, 0, 1, x) ^ key[6]; - case 3: x = Q(1, 1, 0, 0, x) ^ key[4]; - case 2: x = Q(0, 1, 0, 1, x) ^ key[2]; - x = Q(0, 0, 1, 1, x) ^ key[0]; - } - return x; -} - -inline word32 Twofish::h(word32 x, const word32* key, unsigned int kLen) -{ - x = h0(x, key, kLen); - return mds_[0][GETBYTE(x,0)] ^ mds_[1][GETBYTE(x,1)] ^ - mds_[2][GETBYTE(x,2)] ^ mds_[3][GETBYTE(x,3)]; -} - - -void Twofish::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/) -{ - unsigned int len = (keylen <= 16 ? 2 : (keylen <= 24 ? 3 : 4)); - word32 key[8]; - GetUserKey(LittleEndianOrder, key, len*2, userKey, keylen); - - unsigned int i; - for (i=0; i<40; i+=2) { - word32 a = h(i, key, len); - word32 b = rotlFixed(h(i+1, key+1, len), 8); - k_[i] = a+b; - k_[i+1] = rotlFixed(a+2*b, 9); - } - - word32 svec[8]; - for (i=0; i<len; i++) - svec[2*(len-i-1)] = ReedSolomon(key[2*i+1], key[2*i]); - - for (i=0; i<256; i++) { - word32 t = h0(i, svec, len); - s_[0][i] = mds_[0][GETBYTE(t, 0)]; - s_[1][i] = mds_[1][GETBYTE(t, 1)]; - s_[2][i] = mds_[2][GETBYTE(t, 2)]; - s_[3][i] = mds_[3][GETBYTE(t, 3)]; - } -} - - -void Twofish::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out) - const -{ - if (dir_ == ENCRYPTION) - encrypt(in, xOr, out); - else - decrypt(in, xOr, out); -} - -#define G1(x) (s_[0][GETBYTE(x,0)] ^ s_[1][GETBYTE(x,1)] ^ \ - s_[2][GETBYTE(x,2)] ^ s_[3][GETBYTE(x,3)]) -#define G2(x) (s_[0][GETBYTE(x,3)] ^ s_[1][GETBYTE(x,0)] ^ \ - s_[2][GETBYTE(x,1)] ^ s_[3][GETBYTE(x,2)]) - -#define ENCROUND(n, a, b, c, d) \ - x = G1 (a); y = G2 (b); \ - x += y; y += x + k[2 * (n) + 1]; \ - (c) ^= x + k[2 * (n)]; \ - (c) = rotrFixed(c, 1); \ - (d) = rotlFixed(d, 1) ^ y - -#define ENCCYCLE(n) \ - ENCROUND (2 * (n), a, b, c, d); \ - ENCROUND (2 * (n) + 1, c, d, a, b) - -#define DECROUND(n, a, b, c, d) \ - x = G1 (a); y = G2 (b); \ - x += y; y += x; \ - (d) ^= y + k[2 * (n) + 1]; \ - (d) = rotrFixed(d, 1); \ - (c) = rotlFixed(c, 1); \ - (c) ^= (x + k[2 * (n)]) - -#define DECCYCLE(n) \ - DECROUND (2 * (n) + 1, c, d, a, b); \ - DECROUND (2 * (n), a, b, c, d) - - -typedef BlockGetAndPut<word32, LittleEndian> gpBlock; - -void Twofish::encrypt(const byte* inBlock, const byte* xorBlock, - byte* outBlock) const -{ - word32 x, y, a, b, c, d; - - gpBlock::Get(inBlock)(a)(b)(c)(d); - - a ^= k_[0]; - b ^= k_[1]; - c ^= k_[2]; - d ^= k_[3]; - - const word32 *k = k_+8; - - ENCCYCLE (0); - ENCCYCLE (1); - ENCCYCLE (2); - ENCCYCLE (3); - ENCCYCLE (4); - ENCCYCLE (5); - ENCCYCLE (6); - ENCCYCLE (7); - - c ^= k_[4]; - d ^= k_[5]; - a ^= k_[6]; - b ^= k_[7]; - - gpBlock::Put(xorBlock, outBlock)(c)(d)(a)(b); -} - - -void Twofish::decrypt(const byte* inBlock, const byte* xorBlock, - byte* outBlock) const -{ - word32 x, y, a, b, c, d; - - gpBlock::Get(inBlock)(c)(d)(a)(b); - - c ^= k_[4]; - d ^= k_[5]; - a ^= k_[6]; - b ^= k_[7]; - - const word32 *k = k_+8; - DECCYCLE (7); - DECCYCLE (6); - DECCYCLE (5); - DECCYCLE (4); - DECCYCLE (3); - DECCYCLE (2); - DECCYCLE (1); - DECCYCLE (0); - - a ^= k_[0]; - b ^= k_[1]; - c ^= k_[2]; - d ^= k_[3]; - - gpBlock::Put(xorBlock, outBlock)(a)(b)(c)(d); -} - - - -#if defined(DO_TWOFISH_ASM) - #ifdef __GNUC__ - #define AS1(x) #x ";" - #define AS2(x, y) #x ", " #y ";" - - #define PROLOG() \ - __asm__ __volatile__ \ - ( \ - ".intel_syntax noprefix;" \ - "push ebx;" \ - "push ebp;" \ - "movd mm3, eax;" \ - "movd mm6, ebp;" - #define EPILOG() \ - "pop ebp;" \ - "pop ebx;" \ - "emms;" \ - ".att_syntax;" \ - : \ - : "D" (this), "S" (inBlock), "a" (outBlock) \ - : "%ecx", "%edx", "memory", "cc" \ - ); - - #else - #define AS1(x) __asm x - #define AS2(x, y) __asm x, y - - #define PROLOG() \ - AS1( push ebp ) \ - AS2( mov ebp, esp ) \ - AS2( movd mm3, edi ) \ - AS2( movd mm4, ebx ) \ - AS2( movd mm5, esi ) \ - AS2( movd mm6, ebp ) \ - AS2( mov edi, ecx ) \ - AS2( mov esi, DWORD PTR [ebp + 8] ) - - /* ebp already set */ - #define EPILOG() \ - AS2( movd esi, mm5 ) \ - AS2( movd ebx, mm4 ) \ - AS2( movd edi, mm3 ) \ - AS2( mov esp, ebp ) \ - AS1( pop ebp ) \ - AS1( emms ) \ - AS1( ret 8 ) - - #endif - - - - - // x = esi, y = [esp], s_ = ebp - // edi always open for G1 and G2 - // G1 also uses edx after save and restore - // G2 also uses eax after save and restore - // and ecx for tmp [esp] which Rounds also use - // and restore from mm7 - - // x = G1(a) bytes(0,1,2,3) -#define ASMG1(z, zl, zh) \ - AS2( movd mm2, edx ) \ - AS2( movzx edi, zl ) \ - AS2( mov esi, DWORD PTR [ebp + edi*4] ) \ - AS2( movzx edx, zh ) \ - AS2( xor esi, DWORD PTR 1024[ebp + edx*4] ) \ - \ - AS2( mov edx, z ) \ - AS2( shr edx, 16 ) \ - AS2( movzx edi, dl ) \ - AS2( xor esi, DWORD PTR 2048[ebp + edi*4] ) \ - AS2( movzx edx, dh ) \ - AS2( xor esi, DWORD PTR 3072[ebp + edx*4] ) \ - AS2( movd edx, mm2 ) - - - // y = G2(b) bytes(3,0,1,2) [ put y into ecx for Rounds ] -#define ASMG2(z, zl, zh) \ - AS2( movd mm7, ecx ) \ - AS2( movd mm2, eax ) \ - AS2( mov edi, z ) \ - AS2( shr edi, 24 ) \ - AS2( mov ecx, DWORD PTR [ebp + edi*4] ) \ - AS2( movzx eax, zl ) \ - AS2( xor ecx, DWORD PTR 1024[ebp + eax*4] ) \ - \ - AS2( mov eax, z ) \ - AS2( shr eax, 16 ) \ - AS2( movzx edi, zh ) \ - AS2( xor ecx, DWORD PTR 2048[ebp + edi*4] ) \ - AS2( movzx eax, al ) \ - AS2( xor ecx, DWORD PTR 3072[ebp + eax*4] ) \ - AS2( movd eax, mm2 ) - - - // encrypt Round (n), - // x = esi, k = ebp, edi open - // y is in ecx from G2, restore when done from mm7 - // before C (which be same register!) -#define ASMENCROUND(N, A, A2, A3, B, B2, B3, C, D) \ - /* setup s_ */ \ - AS2( movd ebp, mm1 ) \ - ASMG1(A, A2, A3) \ - ASMG2(B, B2, B3) \ - /* setup k */ \ - AS2( movd ebp, mm0 ) \ - /* x += y */ \ - AS2( add esi, ecx ) \ - AS2( add ebp, 32 ) \ - /* y += x + k[2 * (n) + 1] */ \ - AS2( add ecx, esi ) \ - AS2( rol D, 1 ) \ - AS2( add ecx, DWORD PTR [ebp + 8 * N + 4] ) \ - /* (d) = rotlFixed(d, 1) ^ y */ \ - AS2( xor D, ecx ) \ - AS2( movd ecx, mm7 ) \ - /* (c) ^= x + k[2 * (n)] */ \ - AS2( mov edi, esi ) \ - AS2( add edi, DWORD PTR [ebp + 8 * N] ) \ - AS2( xor C, edi ) \ - /* (c) = rotrFixed(c, 1) */ \ - AS2( ror C, 1 ) - - - // decrypt Round (n), - // x = esi, k = ebp, edi open - // y is in ecx from G2, restore ecx from mm7 when done -#define ASMDECROUND(N, A, A2, A3, B, B2, B3, C, D) \ - /* setup s_ */ \ - AS2( movd ebp, mm1 ) \ - ASMG1(A, A2, A3) \ - ASMG2(B, B2, B3) \ - /* setup k */ \ - AS2( movd ebp, mm0 ) \ - /* x += y */ \ - AS2( add esi, ecx ) \ - AS2( add ebp, 32 ) \ - /* y += x */ \ - AS2( add ecx, esi ) \ - /* (d) ^= y + k[2 * (n) + 1] */ \ - AS2( mov edi, DWORD PTR [ebp + 8 * N + 4] ) \ - AS2( add edi, ecx ) \ - AS2( movd ecx, mm7 ) \ - AS2( xor D, edi ) \ - /* (d) = rotrFixed(d, 1) */ \ - AS2( ror D, 1 ) \ - /* (c) = rotlFixed(c, 1) */ \ - AS2( rol C, 1 ) \ - /* (c) ^= (x + k[2 * (n)]) */ \ - AS2( mov edi, esi ) \ - AS2( add edi, DWORD PTR [ebp + 8 * N] ) \ - AS2( xor C, edi ) - - -#ifdef _MSC_VER - __declspec(naked) -#else - __attribute__ ((noinline)) -#endif -void Twofish::AsmEncrypt(const byte* inBlock, byte* outBlock) const -{ - PROLOG() - - #ifdef OLD_GCC_OFFSET - AS2( add edi, 60 ) // k_ - #else - AS2( add edi, 56 ) // k_ - #endif - - AS2( mov ebp, edi ) - - AS2( mov eax, DWORD PTR [esi] ) // a - AS2( movd mm0, edi ) // store k_ - AS2( mov ebx, DWORD PTR [esi + 4] ) // b - AS2( add ebp, 160 ) // s_[0] - AS2( mov ecx, DWORD PTR [esi + 8] ) // c - AS2( movd mm1, ebp ) // store s_ - AS2( mov edx, DWORD PTR [esi + 12] ) // d - - AS2( xor eax, DWORD PTR [edi] ) // k_[0] - AS2( xor ebx, DWORD PTR [edi + 4] ) // [1] - AS2( xor ecx, DWORD PTR [edi + 8] ) // [2] - AS2( xor edx, DWORD PTR [edi + 12] ) // [3] - - - ASMENCROUND( 0, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMENCROUND( 1, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMENCROUND( 2, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMENCROUND( 3, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMENCROUND( 4, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMENCROUND( 5, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMENCROUND( 6, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMENCROUND( 7, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMENCROUND( 8, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMENCROUND( 9, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMENCROUND(10, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMENCROUND(11, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMENCROUND(12, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMENCROUND(13, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMENCROUND(14, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMENCROUND(15, ecx, cl, ch, edx, dl, dh, eax, ebx) - - - AS2( movd ebp, mm6 ) - AS2( movd esi, mm0 ) // k_ - #ifdef __GNUC__ - AS2( movd edi, mm3 ) // outBlock - #else - AS2( mov edi, [ebp + 12] ) // outBlock - #endif - - AS2( xor ecx, DWORD PTR [esi + 16] ) // k_[4] - AS2( xor edx, DWORD PTR [esi + 20] ) // k_[5] - AS2( xor eax, DWORD PTR [esi + 24] ) // k_[6] - AS2( xor ebx, DWORD PTR [esi + 28] ) // k_[7] - - AS2( mov [edi], ecx ) // write out - AS2( mov [edi + 4], edx ) // write out - AS2( mov [edi + 8], eax ) // write out - AS2( mov [edi + 12], ebx ) // write out - - - EPILOG() -} - - -#ifdef _MSC_VER - __declspec(naked) -#else - __attribute__ ((noinline)) -#endif -void Twofish::AsmDecrypt(const byte* inBlock, byte* outBlock) const -{ - PROLOG() - - #ifdef OLD_GCC_OFFSET - AS2( add edi, 60 ) // k_ - #else - AS2( add edi, 56 ) // k_ - #endif - - AS2( mov ebp, edi ) - - AS2( mov ecx, DWORD PTR [esi] ) // c - AS2( movd mm0, edi ) // store k_ - AS2( mov edx, DWORD PTR [esi + 4] ) // d - AS2( add ebp, 160 ) // s_[0] - AS2( mov eax, DWORD PTR [esi + 8] ) // a - AS2( movd mm1, ebp ) // store s_ - AS2( mov ebx, DWORD PTR [esi + 12] ) // b - - AS2( xor ecx, DWORD PTR [edi + 16] ) // k_[4] - AS2( xor edx, DWORD PTR [edi + 20] ) // [5] - AS2( xor eax, DWORD PTR [edi + 24] ) // [6] - AS2( xor ebx, DWORD PTR [edi + 28] ) // [7] - - - ASMDECROUND(15, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMDECROUND(14, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMDECROUND(13, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMDECROUND(12, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMDECROUND(11, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMDECROUND(10, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMDECROUND( 9, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMDECROUND( 8, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMDECROUND( 7, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMDECROUND( 6, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMDECROUND( 5, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMDECROUND( 4, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMDECROUND( 3, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMDECROUND( 2, eax, al, ah, ebx, bl, bh, ecx, edx) - ASMDECROUND( 1, ecx, cl, ch, edx, dl, dh, eax, ebx) - ASMDECROUND( 0, eax, al, ah, ebx, bl, bh, ecx, edx) - - - AS2( movd ebp, mm6 ) - AS2( movd esi, mm0 ) // k_ - #ifdef __GNUC__ - AS2( movd edi, mm3 ) // outBlock - #else - AS2( mov edi, [ebp + 12] ) // outBlock - #endif - - AS2( xor eax, DWORD PTR [esi ] ) // k_[0] - AS2( xor ebx, DWORD PTR [esi + 4] ) // k_[1] - AS2( xor ecx, DWORD PTR [esi + 8] ) // k_[2] - AS2( xor edx, DWORD PTR [esi + 12] ) // k_[3] - - AS2( mov [edi], eax ) // write out - AS2( mov [edi + 4], ebx ) // write out - AS2( mov [edi + 8], ecx ) // write out - AS2( mov [edi + 12], edx ) // write out - - - EPILOG() -} - - - -#endif // defined(DO_TWOFISH_ASM) - - - - - -} // namespace - - diff --git a/extra/yassl/taocrypt/taocrypt.dsp b/extra/yassl/taocrypt/taocrypt.dsp deleted file mode 100644 index 9c8e74da8c8..00000000000 --- a/extra/yassl/taocrypt/taocrypt.dsp +++ /dev/null @@ -1,321 +0,0 @@ -# Microsoft Developer Studio Project File - Name="taocrypt" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Static Library" 0x0104 - -CFG=taocrypt - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "taocrypt.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "taocrypt.mak" CFG="taocrypt - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "taocrypt - Win32 Release" (based on "Win32 (x86) Static Library") -!MESSAGE "taocrypt - Win32 Debug" (based on "Win32 (x86) Static Library") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "taocrypt - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "taocrypt___Win32_Release" -# PROP BASE Intermediate_Dir "taocrypt___Win32_Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_MBCS" /D "_LIB" /YX /FD /c -# ADD CPP /nologo /G6 /MT /W3 /O2 /I "include" /I "mySTL" /D "WIN32" /D "NDEBUG" /D "_MBCS" /D "_LIB" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LIB32=link.exe -lib -# ADD BASE LIB32 /nologo -# ADD LIB32 /nologo - -!ELSEIF "$(CFG)" == "taocrypt - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "taocrypt___Win32_Debug" -# PROP BASE Intermediate_Dir "taocrypt___Win32_Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /YX /FD /GZ /c -# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "include" /I "mySTL" /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /YX /FD /GZ /c -# SUBTRACT CPP /Fr -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LIB32=link.exe -lib -# ADD BASE LIB32 /nologo -# ADD LIB32 /nologo - -!ENDIF - -# Begin Target - -# Name "taocrypt - Win32 Release" -# Name "taocrypt - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=.\src\aes.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\aestables.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\algebra.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\arc4.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\asn.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\bftables.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\blowfish.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\coding.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\des.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\dh.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\dsa.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\file.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\hash.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\hc128.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\integer.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\md2.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\md4.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\md5.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\misc.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\rabbit.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\random.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\ripemd.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\rsa.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\sha.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\tftables.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\twofish.cpp -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# Begin Source File - -SOURCE=.\include\aes.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\algebra.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\arc4.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\asn.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\block.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\blowfish.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\coding.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\des.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\dh.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\dsa.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\error.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\file.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\hash.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\hc128.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\hmac.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\integer.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\md2.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\md4.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\md5.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\misc.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\modarith.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\modes.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\pwdbased.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\rabbit.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\random.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\ripemd.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\rsa.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\sha.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\twofish.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\type_traits.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\types.hpp -# End Source File -# End Group -# End Target -# End Project diff --git a/extra/yassl/taocrypt/taocrypt.dsw b/extra/yassl/taocrypt/taocrypt.dsw deleted file mode 100644 index 43115069160..00000000000 --- a/extra/yassl/taocrypt/taocrypt.dsw +++ /dev/null @@ -1,59 +0,0 @@ -Microsoft Developer Studio Workspace File, Format Version 6.00 -# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE! - -############################################################################### - -Project: "benchmark"=.\benchmark\benchmark.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name taocrypt - End Project Dependency -}}} - -############################################################################### - -Project: "taocrypt"=.\taocrypt.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Project: "test"=.\test\test.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name taocrypt - End Project Dependency -}}} - -############################################################################### - -Global: - -Package=<5> -{{{ -}}} - -Package=<3> -{{{ -}}} - -############################################################################### - diff --git a/extra/yassl/taocrypt/test.dsw b/extra/yassl/taocrypt/test.dsw deleted file mode 100644 index b5c03bc6e03..00000000000 --- a/extra/yassl/taocrypt/test.dsw +++ /dev/null @@ -1,29 +0,0 @@ -Microsoft Developer Studio Workspace File, Format Version 6.00 -# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE! - -############################################################################### - -Project: "test"=.\test.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Global: - -Package=<5> -{{{ -}}} - -Package=<3> -{{{ -}}} - -############################################################################### - diff --git a/extra/yassl/taocrypt/test/make.bat b/extra/yassl/taocrypt/test/make.bat deleted file mode 100755 index cfb762ce847..00000000000 --- a/extra/yassl/taocrypt/test/make.bat +++ /dev/null @@ -1,24 +0,0 @@ -REM Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. -REM -REM This program is free software; you can redistribute it and/or modify -REM it under the terms of the GNU General Public License as published by -REM the Free Software Foundation; version 2 of the License. -REM -REM This program is distributed in the hope that it will be useful, -REM but WITHOUT ANY WARRANTY; without even the implied warranty of -REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -REM GNU General Public License for more details. -REM -REM You should have received a copy of the GNU General Public License -REM along with this program; if not, write to the Free Software -REM Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA - -REM quick and dirty build file for testing different MSDEVs -setlocal - -set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2 - -cl %myFLAGS% test.cpp - -link.exe /out:test.exe ../src/taocrypt.lib test.obj advapi32.lib - diff --git a/extra/yassl/taocrypt/test/memory.cpp b/extra/yassl/taocrypt/test/memory.cpp deleted file mode 100644 index 99f1fd646d4..00000000000 --- a/extra/yassl/taocrypt/test/memory.cpp +++ /dev/null @@ -1,359 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -// memory.cpp -#include "../../include/lock.hpp" // locking -#include <new> // std::bad_alloc -#include <cstdlib> // malloc -#include <cstring> // memset -#include <fstream> // ofstream -#include <sstream> // stringstream -#include <cassert> // assert -#include <iomanip> // setiosflags - -/********************************************************************* - -To use MemoryTracker merely add this file to your project -No need to instantiate anything - -If your app is multi threaded define MULTI_THREADED - -*********************************************************************/ - - -// locals -namespace { - -class MemoryTracker { - std::ofstream log_; -public: - MemoryTracker(); - ~MemoryTracker(); -private: - MemoryTracker(const MemoryTracker&); // hide copy - MemoryTracker& operator=(const MemoryTracker&); // and assign - - void LogStats(); -}; - - -struct alloc_node { - alloc_node* left_; - alloc_node* right_; - - alloc_node() : left_(0), right_(0) {} -}; - - -alloc_node* Root = 0; - -size_t Allocs = 0; -size_t DeAllocs = 0; -size_t Bytes = 0; - - -struct size_tracker { - size_t size_; - size_t count_; -}; - -size_tracker sizes[] = -{ - {0,0}, - {2,0}, - {4,0}, - {8,0}, - {16,0}, - {32,0}, - {64,0}, - {128,0}, - {256,0}, - {512,0}, - {1024,0}, - {2048,0}, - {4096,0}, - {8192,0}, -}; - -const size_t size_elements(sizeof(sizes) / sizeof(size_tracker)); - -bool Tracking(false); - -using yaSSL::Mutex; -typedef Mutex::Lock Lock; - -Mutex mutex; - -MemoryTracker theTracker; - - -bool lookup(alloc_node*& find, void* key, alloc_node*& prev) -{ - bool found(false); - - while (find) { - if (find == key) { - found = true; - break; - } - prev = find; - if (key < find) - find = find->left_; - else - find = find->right_; - } - return found; -} - - -// iterative insert -void insert(alloc_node* entry) -{ - if (!Root) { - Root = entry; - return; - } - - alloc_node* tmp = Root; - alloc_node* prev = 0; - - if (lookup(tmp, entry, prev)) - assert(0); // duplicate - - if (entry < prev) - prev->left_ = entry; - else - prev->right_ = entry; -} - - -alloc_node* predecessorSwap(alloc_node* del) -{ - alloc_node* pred = del->left_; - alloc_node* predPrev = del; - - while (pred->right_) { - predPrev = pred; - pred = pred->right_; - } - if (predPrev == del) - predPrev->left_ = pred->left_; - else - predPrev->right_ = pred->left_; - - pred->left_ = del->left_; - pred->right_ = del->right_; - - return pred; -} - - -// iterative remove -void remove(void* ptr) -{ - alloc_node* del = Root; - alloc_node* prev = 0; - alloc_node* replace = 0; - - if ( lookup(del, ptr, prev) == false) - assert(0); // oops, not there - - if (del->left_ && del->right_) // two children - replace = predecessorSwap(del); - else if (!del->left_ && !del->right_) // no children - replace = 0; - else // one child - replace = (del->left_) ? del->left_ : del->right_; - - if (del == Root) - Root = replace; - else if (prev->left_ == del) - prev->left_ = replace; - else - prev->right_ = replace; -} - - -typedef void (*fp)(alloc_node*, void*); - -void applyInOrder(alloc_node* root, fp f, void* arg) -{ - if (root == 0) - return; - - applyInOrder(root->left_, f, arg); - f(root, arg); - applyInOrder(root->right_, f, arg); -} - - -void show(alloc_node* ptr, void* arg) -{ - std::ofstream* log = static_cast<std::ofstream*>(arg); - *log << ptr << '\n'; -} - - -MemoryTracker::MemoryTracker() : log_("memory.log") -{ -#ifdef __GNUC__ - // Force pool allocator to cleanup at exit - setenv("GLIBCPP_FORCE_NEW", "1", 0); -#endif - -#ifdef _MSC_VER - // msvc6 needs to create Facility for ostream before main starts, otherwise - // if another ostream is created and destroyed in main scope, log stats - // will access a dead Facility reference (std::numput) - int msvcFac = 6; - log_ << "MSVC " << msvcFac << "workaround" << std::endl; -#endif - - - Tracking = true; -} - - -MemoryTracker::~MemoryTracker() -{ - // stop tracking before log (which will alloc on output) - Tracking = false; - LogStats(); - - //assert(Allocs == DeAllocs); - //assert(Root == 0); -} - - -void MemoryTracker::LogStats() -{ - log_ << "Number of Allocs: " << Allocs << '\n'; - log_ << "Number of DeAllocs: " << DeAllocs << '\n'; - log_ << "Number of bytes used: " << Bytes << '\n'; - - log_ << "Alloc size table:\n"; - log_ << " Bytes " << '\t' << " Times\n"; - - for (size_t i = 0; i < size_elements; ++i) { - log_ << " " << sizes[i].size_ << " " << '\t'; - log_ << std::setiosflags(std::ios::right) << std::setw(8); - log_ << sizes[i].count_ << '\n'; - } - - if (Allocs != DeAllocs) { - log_<< "Showing new'd allocs with no deletes" << '\n'; - applyInOrder(Root, show, &log_); - } - log_.flush(); -} - - -// return power of 2 up to size_tracker elements -size_t powerOf2(size_t sz) -{ - size_t shifts = 0; - - if (sz) - sz -= 1; - else - return 0; - - while (sz) { - sz >>= 1; - ++shifts; - } - - return shifts < size_elements ? shifts : size_elements; -} - - -} // namespace local - - -void* operator new(size_t sz) -{ - // put alloc node in front of requested memory - void* ptr = malloc(sz + sizeof(alloc_node)); - if (ptr) { - if (Tracking) { - Lock l(mutex); - ++Allocs; - Bytes += sz; - ++sizes[powerOf2(sz)].count_; - insert(new (ptr) alloc_node); - } - return static_cast<char*>(ptr) + sizeof(alloc_node); - } - else - assert(0); -} - - -void operator delete(void* ptr) -{ - if (ptr) { - ptr = static_cast<char*>(ptr) - sizeof(alloc_node); // correct offset - if (Tracking) { - Lock l(mutex); - ++DeAllocs; - remove(ptr); - } - free(ptr); - } -} - - -void* operator new[](size_t sz) -{ - return ::operator new(sz); -} - - -void operator delete[](void* ptr) -{ - ::operator delete(ptr); -} - - -extern "C" { - -void* XMALLOC(size_t sz, void* head) -{ - return ::operator new(sz); -} - -void* XREALLOC(void* ptr, size_t sz, void* heap) -{ - void* ret = ::operator new(sz); - - if (ret && ptr) - memcpy(ret, ptr, sz); - - if (ret) - ::operator delete(ptr); - return ret; -} - - -void XFREE(void* ptr, void* heap) -{ - ::operator delete(ptr); -} - -} // extern "C" - diff --git a/extra/yassl/taocrypt/test/test.cpp b/extra/yassl/taocrypt/test/test.cpp deleted file mode 100644 index cf1ec551fe3..00000000000 --- a/extra/yassl/taocrypt/test/test.cpp +++ /dev/null @@ -1,1358 +0,0 @@ -/* - Copyright (c) 2006, 2014, Oracle and/or its affiliates. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -// test.cpp -// test taocrypt functionality - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#include <string.h> -#include <stdio.h> - -#include "runtime.hpp" -#include "sha.hpp" -#include "md5.hpp" -#include "md2.hpp" -#include "md4.hpp" -#include "ripemd.hpp" -#include "hmac.hpp" -#include "arc4.hpp" -#include "des.hpp" -#include "rsa.hpp" -#include "dsa.hpp" -#include "aes.hpp" -#include "twofish.hpp" -#include "blowfish.hpp" -#include "asn.hpp" -#include "dh.hpp" -#include "coding.hpp" -#include "random.hpp" -#include "pwdbased.hpp" -#include "rabbit.hpp" -#include "hc128.hpp" - - - -using TaoCrypt::byte; -using TaoCrypt::word32; -using TaoCrypt::SHA; -using TaoCrypt::SHA256; -using TaoCrypt::SHA224; -#ifdef WORD64_AVAILABLE - using TaoCrypt::SHA512; - using TaoCrypt::SHA384; -#endif -using TaoCrypt::MD5; -using TaoCrypt::MD2; -using TaoCrypt::MD4; -using TaoCrypt::RIPEMD160; -using TaoCrypt::HMAC; -using TaoCrypt::ARC4; -using TaoCrypt::DES_EDE3_CBC_Encryption; -using TaoCrypt::DES_EDE3_CBC_Decryption; -using TaoCrypt::DES_CBC_Encryption; -using TaoCrypt::DES_CBC_Decryption; -using TaoCrypt::DES_ECB_Encryption; -using TaoCrypt::DES_ECB_Decryption; -using TaoCrypt::AES_CBC_Encryption; -using TaoCrypt::AES_CBC_Decryption; -using TaoCrypt::AES_ECB_Encryption; -using TaoCrypt::AES_ECB_Decryption; -using TaoCrypt::Twofish_CBC_Encryption; -using TaoCrypt::Twofish_CBC_Decryption; -using TaoCrypt::Twofish_ECB_Encryption; -using TaoCrypt::Twofish_ECB_Decryption; -using TaoCrypt::Blowfish_CBC_Encryption; -using TaoCrypt::Blowfish_CBC_Decryption; -using TaoCrypt::Blowfish_ECB_Encryption; -using TaoCrypt::Blowfish_ECB_Decryption; -using TaoCrypt::RSA_PrivateKey; -using TaoCrypt::RSA_PublicKey; -using TaoCrypt::DSA_PrivateKey; -using TaoCrypt::DSA_PublicKey; -using TaoCrypt::DSA_Signer; -using TaoCrypt::DSA_Verifier; -using TaoCrypt::RSAES_Encryptor; -using TaoCrypt::RSAES_Decryptor; -using TaoCrypt::Source; -using TaoCrypt::FileSource; -using TaoCrypt::FileSource; -using TaoCrypt::HexDecoder; -using TaoCrypt::HexEncoder; -using TaoCrypt::Base64Decoder; -using TaoCrypt::Base64Encoder; -using TaoCrypt::CertDecoder; -using TaoCrypt::DH; -using TaoCrypt::EncodeDSA_Signature; -using TaoCrypt::DecodeDSA_Signature; -using TaoCrypt::PBKDF2_HMAC; -using TaoCrypt::tcArrayDelete; -using TaoCrypt::GetCert; -using TaoCrypt::GetPKCS_Cert; -using TaoCrypt::Rabbit; -using TaoCrypt::HC128; - -struct testVector { - byte* input_; - byte* output_; - word32 inLen_; - word32 outLen_; - - testVector(const char* in, const char* out) : input_((byte*)in), - output_((byte*)out), inLen_((word32)strlen(in)), - outLen_((word32)strlen(out)) {} -}; - -int sha_test(); -int sha256_test(); -#ifdef WORD64_AVAILABLE - int sha512_test(); - int sha384_test(); -#endif -int sha224_test(); -int md5_test(); -int md2_test(); -int md4_test(); -int ripemd_test(); -int hmac_test(); -int arc4_test(); -int des_test(); -int aes_test(); -int twofish_test(); -int blowfish_test(); -int rsa_test(); -int dsa_test(); -int dh_test(); -int pwdbased_test(); -int pkcs12_test(); -int rabbit_test(); -int hc128_test(); - -TaoCrypt::RandomNumberGenerator rng; - - -void err_sys(const char* msg, int es) -{ - printf("%s\n", msg); - exit(es); -} - -// func_args from test.hpp, so don't have to pull in other junk -struct func_args { - int argc; - char** argv; - int return_code; -}; - - -/* - DES, AES, Blowfish, and Twofish need aligned (4 byte) input/output for - processing, can turn this off by setting gpBlock(assumeAligned = false) - but would hurt performance. yaSSL always uses dynamic memory so we have - at least 8 byte alignment. This test tried to force alignment for stack - variables (for convenience) but some compiler versions and optimizations - seemed to be off. So we have msgTmp variable which we copy into dynamic - memory at runtime to ensure proper alignment, along with plain/cipher. - Whew! -*/ -const byte msgTmp[] = { // "now is the time for all " w/o trailing 0 - 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, - 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, - 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 -}; - -byte* msg = 0; // for block cipher input -byte* plain = 0; // for cipher decrypt comparison -byte* cipher = 0; // block output - - -void taocrypt_test(void* args) -{ - ((func_args*)args)->return_code = -1; // error state - - msg = NEW_TC byte[24]; - plain = NEW_TC byte[24]; - cipher = NEW_TC byte[24]; - - memcpy(msg, msgTmp, 24); - - int ret = 0; - if ( (ret = sha_test()) ) - err_sys("SHA test failed!\n", ret); - else - printf( "SHA test passed!\n"); - - if ( (ret = sha256_test()) ) - err_sys("SHA-256 test failed!\n", ret); - else - printf( "SHA-256 test passed!\n"); - - if ( (ret = sha224_test()) ) - err_sys("SHA-224 test failed!\n", ret); - else - printf( "SHA-224 test passed!\n"); - -#ifdef WORD64_AVAILABLE - - if ( (ret = sha512_test()) ) - err_sys("SHA-512 test failed!\n", ret); - else - printf( "SHA-512 test passed!\n"); - - if ( (ret = sha384_test()) ) - err_sys("SHA-384 test failed!\n", ret); - else - printf( "SHA-384 test passed!\n"); - -#endif - - if ( (ret = md5_test()) ) - err_sys("MD5 test failed!\n", ret); - else - printf( "MD5 test passed!\n"); - - if ( (ret = md2_test()) ) - err_sys("MD2 test failed!\n", ret); - else - printf( "MD2 test passed!\n"); - - if ( (ret = md4_test()) ) - err_sys("MD4 test failed!\n", ret); - else - printf( "MD4 test passed!\n"); - - if ( (ret = ripemd_test()) ) - err_sys("RIPEMD test failed!\n", ret); - else - printf( "RIPEMD test passed!\n"); - - if ( ( ret = hmac_test()) ) - err_sys("HMAC test failed!\n", ret); - else - printf( "HMAC test passed!\n"); - - if ( (ret = arc4_test()) ) - err_sys("ARC4 test failed!\n", ret); - else - printf( "ARC4 test passed!\n"); - - if ( (ret = rabbit_test()) ) - err_sys("Rabbit test failed!\n", ret); - else - printf( "Rabbit test passed!\n"); - - if ( (ret = hc128_test()) ) - err_sys("HC128 test failed!\n", ret); - else - printf( "HC128 test passed!\n"); - - if ( (ret = des_test()) ) - err_sys("DES test failed!\n", ret); - else - printf( "DES test passed!\n"); - - if ( (ret = aes_test()) ) - err_sys("AES test failed!\n", ret); - else - printf( "AES test passed!\n"); - - if ( (ret = twofish_test()) ) - err_sys("Twofish test failed!\n", ret); - else - printf( "Twofish test passed!\n"); - - if ( (ret = blowfish_test()) ) - err_sys("Blowfish test failed!\n", ret); - else - printf( "Blowfish test passed!\n"); - - if ( (ret = rsa_test()) ) - err_sys("RSA test failed!\n", ret); - else - printf( "RSA test passed!\n"); - - if ( (ret = dh_test()) ) - err_sys("DH test failed!\n", ret); - else - printf( "DH test passed!\n"); - - if ( (ret = dsa_test()) ) - err_sys("DSA test failed!\n", ret); - else - printf( "DSA test passed!\n"); - - if ( (ret = pwdbased_test()) ) - err_sys("PBKDF2 test failed!\n", ret); - else - printf( "PBKDF2 test passed!\n"); - - /* not ready yet - if ( (ret = pkcs12_test()) ) - err_sys("PKCS12 test failed!\n", ret); - else - printf( "PKCS12 test passed!\n"); - */ - - tcArrayDelete(cipher); - tcArrayDelete(plain); - tcArrayDelete(msg); - - ((func_args*)args)->return_code = ret; -} - - -// so overall tests can pull in test function -#ifndef NO_MAIN_DRIVER - - int main(int argc, char** argv) - { - func_args args; - - args.argc = argc; - args.argv = argv; - - taocrypt_test(&args); - TaoCrypt::CleanUp(); - - return args.return_code; - } - -#endif // NO_MAIN_DRIVER - - -void file_test(const char* file, byte* check) -{ - FILE* f; - int i = 0; - MD5 md5; - byte buf[1024]; - byte md5sum[MD5::DIGEST_SIZE]; - - if( !( f = fopen( file, "rb" ) )) { - printf("Can't open %s\n", file); - return; - } - while( ( i = (int)fread(buf, 1, sizeof(buf), f )) > 0 ) - md5.Update(buf, i); - - md5.Final(md5sum); - memcpy(check, md5sum, sizeof(md5sum)); - - for(int j = 0; j < MD5::DIGEST_SIZE; ++j ) - printf( "%02x", md5sum[j] ); - - printf(" %s\n", file); - - fclose(f); -} - - -int sha_test() -{ - SHA sha; - byte hash[SHA::DIGEST_SIZE]; - - testVector test_sha[] = - { - testVector("abc", - "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2" - "\x6C\x9C\xD0\xD8\x9D"), - testVector("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", - "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29" - "\xE5\xE5\x46\x70\xF1"), - testVector("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaa", - "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44" - "\x2A\x25\xEC\x64\x4D"), - testVector("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaa", - "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7" - "\x53\x99\x5E\x26\xA0") - }; - - int times( sizeof(test_sha) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - sha.Update(test_sha[i].input_, test_sha[i].inLen_); - sha.Final(hash); - - if (memcmp(hash, test_sha[i].output_, SHA::DIGEST_SIZE) != 0) - return -1 - i; - } - - return 0; -} - - -int sha256_test() -{ - SHA256 sha; - byte hash[SHA256::DIGEST_SIZE]; - - testVector test_sha[] = - { - testVector("abc", - "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22" - "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00" - "\x15\xAD"), - testVector("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", - "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60" - "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB" - "\x06\xC1") - }; - - int times( sizeof(test_sha) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - sha.Update(test_sha[i].input_, test_sha[i].inLen_); - sha.Final(hash); - - if (memcmp(hash, test_sha[i].output_, SHA256::DIGEST_SIZE) != 0) - return -1 - i; - } - - return 0; -} - - -#ifdef WORD64_AVAILABLE - -int sha512_test() -{ - SHA512 sha; - byte hash[SHA512::DIGEST_SIZE]; - - testVector test_sha[] = - { - testVector("abc", - "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41" - "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55" - "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3" - "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f" - "\xa5\x4c\xa4\x9f"), - testVector("abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" - "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", - "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14" - "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" - "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" - "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" - "\x87\x4b\xe9\x09") - }; - - int times( sizeof(test_sha) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - sha.Update(test_sha[i].input_, test_sha[i].inLen_); - sha.Final(hash); - - if (memcmp(hash, test_sha[i].output_, SHA512::DIGEST_SIZE) != 0) - return -1 - i; - } - - return 0; -} - - -int sha384_test() -{ - SHA384 sha; - byte hash[SHA384::DIGEST_SIZE]; - - testVector test_sha[] = - { - testVector("abc", - "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50" - "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff" - "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34" - "\xc8\x25\xa7"), - testVector("abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" - "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", - "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b" - "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0" - "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" - "\x74\x60\x39") - }; - - int times( sizeof(test_sha) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - sha.Update(test_sha[i].input_, test_sha[i].inLen_); - sha.Final(hash); - - if (memcmp(hash, test_sha[i].output_, SHA384::DIGEST_SIZE) != 0) - return -1 - i; - } - - return 0; -} - -#endif // WORD64_AVAILABLE - - -int sha224_test() -{ - SHA224 sha; - byte hash[SHA224::DIGEST_SIZE]; - - testVector test_sha[] = - { - testVector("abc", - "\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2\x55" - "\xb3\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7"), - testVector("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", - "\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01" - "\x50\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25") - }; - - int times( sizeof(test_sha) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - sha.Update(test_sha[i].input_, test_sha[i].inLen_); - sha.Final(hash); - - if (memcmp(hash, test_sha[i].output_, SHA224::DIGEST_SIZE) != 0) - return -1 - i; - } - - return 0; -} - - -int md5_test() -{ - MD5 md5; - byte hash[MD5::DIGEST_SIZE]; - - testVector test_md5[] = - { - testVector("abc", - "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f" - "\x72"), - testVector("message digest", - "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61" - "\xd0"), - testVector("abcdefghijklmnopqrstuvwxyz", - "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1" - "\x3b"), - testVector("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" - "6789", - "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d" - "\x9f"), - testVector("1234567890123456789012345678901234567890123456789012345678" - "9012345678901234567890", - "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6" - "\x7a") - }; - - int times( sizeof(test_md5) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - md5.Update(test_md5[i].input_, test_md5[i].inLen_); - md5.Final(hash); - - if (memcmp(hash, test_md5[i].output_, MD5::DIGEST_SIZE) != 0) - return -5 - i; - } - - return 0; -} - - -int md4_test() -{ - MD4 md4; - byte hash[MD4::DIGEST_SIZE]; - - testVector test_md4[] = - { - testVector("", - "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89" - "\xc0"), - testVector("a", - "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb" - "\x24"), - testVector("abc", - "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72" - "\x9d"), - testVector("message digest", - "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01" - "\x4b"), - testVector("abcdefghijklmnopqrstuvwxyz", - "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d" - "\xa9"), - testVector("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" - "6789", - "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0" - "\xe4"), - testVector("1234567890123456789012345678901234567890123456789012345678" - "9012345678901234567890", - "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05" - "\x36") - }; - - int times( sizeof(test_md4) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - md4.Update(test_md4[i].input_, test_md4[i].inLen_); - md4.Final(hash); - - if (memcmp(hash, test_md4[i].output_, MD4::DIGEST_SIZE) != 0) - return -5 - i; - } - - return 0; -} - - -int md2_test() -{ - MD2 md5; - byte hash[MD2::DIGEST_SIZE]; - - testVector test_md2[] = - { - testVector("", - "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69" - "\x27\x73"), - testVector("a", - "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0" - "\xb5\xd1"), - testVector("abc", - "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde" - "\xd6\xbb"), - testVector("message digest", - "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe" - "\x06\xb0"), - testVector("abcdefghijklmnopqrstuvwxyz", - "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47" - "\x94\x0b"), - testVector("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" - "0123456789", - "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03" - "\x38\xcd"), - testVector("12345678901234567890123456789012345678901234567890123456" - "789012345678901234567890", - "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3" - "\xef\xd8") - }; - - int times( sizeof(test_md2) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - md5.Update(test_md2[i].input_, test_md2[i].inLen_); - md5.Final(hash); - - if (memcmp(hash, test_md2[i].output_, MD2::DIGEST_SIZE) != 0) - return -10 - i; - } - - return 0; -} - - -int ripemd_test() -{ - RIPEMD160 ripe160; - byte hash[RIPEMD160::DIGEST_SIZE]; - - testVector test_ripemd[] = - { - testVector("", - "\x9c\x11\x85\xa5\xc5\xe9\xfc\x54\x61\x28\x08\x97\x7e\xe8" - "\xf5\x48\xb2\x25\x8d\x31"), - testVector("a", - "\x0b\xdc\x9d\x2d\x25\x6b\x3e\xe9\xda\xae\x34\x7b\xe6\xf4" - "\xdc\x83\x5a\x46\x7f\xfe"), - testVector("abc", - "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6" - "\xb0\x87\xf1\x5a\x0b\xfc"), - testVector("message digest", - "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8" - "\x5f\xfa\x21\x59\x5f\x36"), - testVector("abcdefghijklmnopqrstuvwxyz", - "\xf7\x1c\x27\x10\x9c\x69\x2c\x1b\x56\xbb\xdc\xeb\x5b\x9d" - "\x28\x65\xb3\x70\x8d\xbc"), - testVector("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", - "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc" - "\xf4\x9a\xda\x62\xeb\x2b"), - testVector("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123" - "456789", - "\xb0\xe2\x0b\x6e\x31\x16\x64\x02\x86\xed\x3a\x87\xa5\x71" - "\x30\x79\xb2\x1f\x51\x89"), - testVector("12345678901234567890123456789012345678901234567890123456" - "789012345678901234567890", - "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab" - "\x82\xbf\x63\x32\x6b\xfb"), - }; - - int times( sizeof(test_ripemd) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - ripe160.Update(test_ripemd[i].input_, test_ripemd[i].inLen_); - ripe160.Final(hash); - - if (memcmp(hash, test_ripemd[i].output_, RIPEMD160::DIGEST_SIZE) != 0) - return -100 - i; - } - - return 0; -} - - -int hmac_test() -{ - HMAC<MD5> hmacMD5; - byte hash[MD5::DIGEST_SIZE]; - - const char* keys[]= - { - "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", - "Jefe", - "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" - }; - - testVector test_hmacMD5[] = - { - testVector("Hi There", - "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc" - "\x9d"), - testVector("what do ya want for nothing?", - "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7" - "\x38"), - testVector("\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD", - "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3" - "\xf6") - }; - - int times( sizeof(test_hmacMD5) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - hmacMD5.SetKey((byte*)keys[i], (word32)strlen(keys[i])); - hmacMD5.Update(test_hmacMD5[i].input_, test_hmacMD5[i].inLen_); - hmacMD5.Final(hash); - - if (memcmp(hash, test_hmacMD5[i].output_, MD5::DIGEST_SIZE) != 0) - return -20 - i; - } - - return 0; -} - - -int arc4_test() -{ - byte cipher[16]; - byte plain[16]; - - const char* keys[] = - { - "\x01\x23\x45\x67\x89\xab\xcd\xef", - "\x01\x23\x45\x67\x89\xab\xcd\xef", - "\x00\x00\x00\x00\x00\x00\x00\x00", - "\xef\x01\x23\x45" - }; - - testVector test_arc4[] = - { - testVector("\x01\x23\x45\x67\x89\xab\xcd\xef", - "\x75\xb7\x87\x80\x99\xe0\xc5\x96"), - testVector("\x00\x00\x00\x00\x00\x00\x00\x00", - "\x74\x94\xc2\xe7\x10\x4b\x08\x79"), - testVector("\x00\x00\x00\x00\x00\x00\x00\x00", - "\xde\x18\x89\x41\xa3\x37\x5d\x3a"), - testVector("\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61") - }; - - - int times( sizeof(test_arc4) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - ARC4::Encryption enc; - ARC4::Decryption dec; - - enc.SetKey((byte*)keys[i], (word32)strlen(keys[i])); - dec.SetKey((byte*)keys[i], (word32)strlen(keys[i])); - - enc.Process(cipher, test_arc4[i].input_, test_arc4[i].outLen_); - dec.Process(plain, cipher, test_arc4[i].outLen_); - - if (memcmp(plain, test_arc4[i].input_, test_arc4[i].outLen_)) - return -30 - i; - - if (memcmp(cipher, test_arc4[i].output_, test_arc4[i].outLen_)) - return -40 - i; - } - - return 0; -} - - -int rabbit_test() -{ - byte cipher[16]; - byte plain[16]; - - const char* keys[] = - { - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91" - }; - - const char* ivs[] = - { - "\x00\x00\x00\x00\x00\x00\x00\x00", - "\x59\x7E\x26\xC1\x75\xF5\x73\xC3", - 0 - }; - - - testVector test_rabbit[] = - { - testVector("\x00\x00\x00\x00\x00\x00\x00\x00", - "\xED\xB7\x05\x67\x37\x5D\xCD\x7C"), - testVector("\x00\x00\x00\x00\x00\x00\x00\x00", - "\x6D\x7D\x01\x22\x92\xCC\xDC\xE0"), - testVector("\x00\x00\x00\x00\x00\x00\x00\x00", - "\x9C\x51\xE2\x87\x84\xC3\x7F\xE9") - }; - - - int times( sizeof(test_rabbit) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - Rabbit::Encryption enc; - Rabbit::Decryption dec; - - enc.SetKey((byte*)keys[i], (byte*)ivs[i]); - dec.SetKey((byte*)keys[i], (byte*)ivs[i]); - - enc.Process(cipher, test_rabbit[i].input_, test_rabbit[i].outLen_); - dec.Process(plain, cipher, test_rabbit[i].outLen_); - - if (memcmp(plain, test_rabbit[i].input_, test_rabbit[i].outLen_)) - return -230 - i; - - if (memcmp(cipher, test_rabbit[i].output_, test_rabbit[i].outLen_)) - return -240 - i; - } - - return 0; -} - - -int hc128_test() -{ - byte cipher[16]; - byte plain[16]; - - const char* keys[] = - { - "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD", - "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC" - }; - - const char* ivs[] = - { - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16", - "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31" - }; - - testVector test_hc128[] = - { - testVector("\x00\x00\x00\x00\x00\x00\x00\x00", - "\x37\x86\x02\xB9\x8F\x32\xA7\x48"), - testVector("\x00\x00\x00\x00\x00\x00\x00\x00", - "\x33\x7F\x86\x11\xC6\xED\x61\x5F"), - testVector("\x00\x00\x00\x00\x00\x00\x00\x00", - "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A"), - testVector("\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29") - }; - - int times( sizeof(test_hc128) / sizeof(testVector) ); - for (int i = 0; i < times; ++i) { - HC128::Encryption enc; - HC128::Decryption dec; - - enc.SetKey((byte*)keys[i], (byte*)ivs[i]); - dec.SetKey((byte*)keys[i], (byte*)ivs[i]); - - enc.Process(cipher, test_hc128[i].input_, test_hc128[i].outLen_); - dec.Process(plain, cipher, test_hc128[i].outLen_); - - if (memcmp(plain, test_hc128[i].input_, test_hc128[i].outLen_)) - return -330 - i; - - if (memcmp(cipher, test_hc128[i].output_, test_hc128[i].outLen_)) - return -340 - i; - } - - return 0; -} - - -int des_test() -{ - //ECB mode - DES_ECB_Encryption enc; - DES_ECB_Decryption dec; - - const int sz = TaoCrypt::DES_BLOCK_SIZE * 3; - const byte key[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef }; - const byte iv[] = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef }; - - enc.SetKey(key, sizeof(key)); - enc.Process(cipher, msg, sz); - dec.SetKey(key, sizeof(key)); - dec.Process(plain, cipher, sz); - - if (memcmp(plain, msg, sz)) - return -50; - - const byte verify1[] = - { - 0xf9,0x99,0xb8,0x8e,0xaf,0xea,0x71,0x53, - 0x6a,0x27,0x17,0x87,0xab,0x88,0x83,0xf9, - 0x89,0x3d,0x51,0xec,0x4b,0x56,0x3b,0x53 - }; - - if (memcmp(cipher, verify1, sz)) - return -51; - - // CBC mode - DES_CBC_Encryption enc2; - DES_CBC_Decryption dec2; - - enc2.SetKey(key, sizeof(key), iv); - enc2.Process(cipher, msg, sz); - dec2.SetKey(key, sizeof(key), iv); - dec2.Process(plain, cipher, sz); - - if (memcmp(plain, msg, sz)) - return -52; - - const byte verify2[] = - { - 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8, - 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73, - 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b - }; - - if (memcmp(cipher, verify2, sz)) - return -53; - - // EDE3 CBC mode - DES_EDE3_CBC_Encryption enc3; - DES_EDE3_CBC_Decryption dec3; - - const byte key3[] = - { - 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, - 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, - 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 - }; - const byte iv3[] = - { - 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, - 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, - 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 - - }; - - enc3.SetKey(key3, sizeof(key3), iv3); - enc3.Process(cipher, msg, sz); - dec3.SetKey(key3, sizeof(key3), iv3); - dec3.Process(plain, cipher, sz); - - if (memcmp(plain, msg, sz)) - return -54; - - const byte verify3[] = - { - 0x08,0x8a,0xae,0xe6,0x9a,0xa9,0xc1,0x13, - 0x93,0x7d,0xf7,0x3a,0x11,0x56,0x66,0xb3, - 0x18,0xbc,0xbb,0x6d,0xd2,0xb1,0x16,0xda - }; - - if (memcmp(cipher, verify3, sz)) - return -55; - - return 0; -} - - -int aes_test() -{ - AES_CBC_Encryption enc; - AES_CBC_Decryption dec; - const int bs(TaoCrypt::AES::BLOCK_SIZE); - - byte key[] = "0123456789abcdef "; // align - byte iv[] = "1234567890abcdef "; // align - - enc.SetKey(key, bs, iv); - dec.SetKey(key, bs, iv); - - enc.Process(cipher, msg, bs); - dec.Process(plain, cipher, bs); - - if (memcmp(plain, msg, bs)) - return -60; - - const byte verify[] = - { - 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, - 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb - }; - - if (memcmp(cipher, verify, bs)) - return -61; - - AES_ECB_Encryption enc2; - AES_ECB_Decryption dec2; - - enc2.SetKey(key, bs, iv); - dec2.SetKey(key, bs, iv); - - enc2.Process(cipher, msg, bs); - dec2.Process(plain, cipher, bs); - - if (memcmp(plain, msg, bs)) - return -62; - - const byte verify2[] = - { - 0xd0,0xc9,0xd9,0xc9,0x40,0xe8,0x97,0xb6, - 0xc8,0x8c,0x33,0x3b,0xb5,0x8f,0x85,0xd1 - }; - - if (memcmp(cipher, verify2, bs)) - return -63; - - return 0; -} - - -int twofish_test() -{ - Twofish_CBC_Encryption enc; - Twofish_CBC_Decryption dec; - const int bs(TaoCrypt::Twofish::BLOCK_SIZE); - - byte key[] = "0123456789abcdef "; // align - byte iv[] = "1234567890abcdef "; // align - - enc.SetKey(key, bs, iv); - dec.SetKey(key, bs, iv); - - enc.Process(cipher, msg, bs); - dec.Process(plain, cipher, bs); - - if (memcmp(plain, msg, bs)) - return -60; - - const byte verify[] = - { - 0xD2,0xD7,0x47,0x47,0x4A,0x65,0x4E,0x16, - 0x21,0x03,0x58,0x79,0x5F,0x02,0x27,0x2C - }; - - if (memcmp(cipher, verify, bs)) - return -61; - - Twofish_ECB_Encryption enc2; - Twofish_ECB_Decryption dec2; - - enc2.SetKey(key, bs, iv); - dec2.SetKey(key, bs, iv); - - enc2.Process(cipher, msg, bs); - dec2.Process(plain, cipher, bs); - - if (memcmp(plain, msg, bs)) - return -62; - - const byte verify2[] = - { - 0x3B,0x6C,0x63,0x10,0x34,0xAB,0xB2,0x87, - 0xC4,0xCD,0x6B,0x91,0x14,0xC5,0x3A,0x09 - }; - - if (memcmp(cipher, verify2, bs)) - return -63; - - return 0; -} - - -int blowfish_test() -{ - Blowfish_CBC_Encryption enc; - Blowfish_CBC_Decryption dec; - const int bs(TaoCrypt::Blowfish::BLOCK_SIZE); - - byte key[] = "0123456789abcdef "; // align - byte iv[] = "1234567890abcdef "; // align - - enc.SetKey(key, 16, iv); - dec.SetKey(key, 16, iv); - - enc.Process(cipher, msg, bs * 2); - dec.Process(plain, cipher, bs * 2); - - if (memcmp(plain, msg, bs)) - return -60; - - const byte verify[] = - { - 0x0E,0x26,0xAA,0x29,0x11,0x25,0xAB,0xB5, - 0xBC,0xD9,0x08,0xC4,0x94,0x6C,0x89,0xA3 - }; - - if (memcmp(cipher, verify, bs)) - return -61; - - Blowfish_ECB_Encryption enc2; - Blowfish_ECB_Decryption dec2; - - enc2.SetKey(key, 16, iv); - dec2.SetKey(key, 16, iv); - - enc2.Process(cipher, msg, bs * 2); - dec2.Process(plain, cipher, bs * 2); - - if (memcmp(plain, msg, bs)) - return -62; - - const byte verify2[] = - { - 0xE7,0x42,0xB9,0x37,0xC8,0x7D,0x93,0xCA, - 0x8F,0xCE,0x39,0x32,0xDE,0xD7,0xBC,0x5B - }; - - if (memcmp(cipher, verify2, bs)) - return -63; - - return 0; -} - - -int rsa_test() -{ - Source source; - FileSource("../certs/client-key.der", source); - if (source.size() == 0) { - FileSource("../../certs/client-key.der", source); // for testsuite - if (source.size() == 0) { - FileSource("../../../certs/client-key.der", source); // Debug dir - if (source.size() == 0) - err_sys("where's your certs dir?", -79); - } - } - RSA_PrivateKey priv(source); - - RSAES_Encryptor enc(priv); - byte message[] = "Everyone gets Friday off."; - const word32 len = (word32)strlen((char*)message); - byte cipher[512]; - enc.Encrypt(message, len, cipher, rng); - - RSAES_Decryptor dec(priv); - byte plain[512]; - dec.Decrypt(cipher, priv.FixedCiphertextLength(), plain, rng); - - if (memcmp(plain, message, len)) - return -70; - - dec.SSL_Sign(message, len, cipher, rng); - if (!enc.SSL_Verify(message, len, cipher)) - return -71; - - - // test decode - Source source2; - FileSource("../certs/client-cert.der", source2); - if (source2.size() == 0) { - FileSource("../../certs/client-cert.der", source2); // for testsuite - if (source2.size() == 0) { - FileSource("../../../certs/client-cert.der", source2); // Debug dir - if (source2.size() == 0) - err_sys("where's your certs dir?", -79); - } - } - CertDecoder cd(source2, true, 0, false, CertDecoder::CA); - if (cd.GetError().What()) - err_sys("cert error", -80); - Source source3(cd.GetPublicKey().GetKey(), cd.GetPublicKey().size()); - RSA_PublicKey pub(source3); - - return 0; -} - - -int dh_test() -{ - Source source; - FileSource("../certs/dh1024.dat", source); - if (source.size() == 0) { - FileSource("../../certs/dh1024.dat", source); // for testsuite - if (source.size() == 0) { - FileSource("../../../certs/dh1024.dat", source); // win32 Debug dir - if (source.size() == 0) - err_sys("where's your certs dir?", -79); - } - } - HexDecoder hDec(source); - - DH dh(source); - - byte pub[128]; - byte priv[128]; - byte agree[128]; - byte pub2[128]; - byte priv2[128]; - byte agree2[128]; - - DH dh2(dh); - - dh.GenerateKeyPair(rng, priv, pub); - dh2.GenerateKeyPair(rng, priv2, pub2); - dh.Agree(agree, priv, pub2); - dh2.Agree(agree2, priv2, pub); - - - if ( memcmp(agree, agree2, dh.GetByteLength()) ) - return -80; - - return 0; -} - - -int dsa_test() -{ - Source source; - FileSource("../certs/dsa1024.der", source); - if (source.size() == 0) { - FileSource("../../certs/dsa1024.der", source); // for testsuite - if (source.size() == 0) { - FileSource("../../../certs/dsa1024.der", source); // win32 Debug dir - if (source.size() == 0) - err_sys("where's your certs dir?", -89); - } - } - - const char msg[] = "this is the message"; - byte signature[40]; - - DSA_PrivateKey priv(source); - DSA_Signer signer(priv); - - SHA sha; - byte digest[SHA::DIGEST_SIZE]; - sha.Update((byte*)msg, sizeof(msg)); - sha.Final(digest); - - signer.Sign(digest, signature, rng); - - byte encoded[sizeof(signature) + 6]; - byte decoded[40]; - - word32 encSz = EncodeDSA_Signature(signer.GetR(), signer.GetS(), encoded); - DecodeDSA_Signature(decoded, encoded, encSz); - - DSA_PublicKey pub(priv); - DSA_Verifier verifier(pub); - - if (!verifier.Verify(digest, decoded)) - return -90; - - if (!verifier.Verify(digest, signature)) - return -91; - - return 0; -} - - -int pwdbased_test() -{ - PBKDF2_HMAC<SHA> pb; - - byte derived[32]; - const byte pwd1[] = "password "; // align - const byte salt[] = { 0x12, 0x34, 0x56, 0x78, 0x78, 0x56, 0x34, 0x12 }; - - pb.DeriveKey(derived, 8, pwd1, 8, salt, sizeof(salt), 5); - - const byte verify1[] = { 0xD1, 0xDA, 0xA7, 0x86, 0x15, 0xF2, 0x87, 0xE6 }; - - if ( memcmp(derived, verify1, sizeof(verify1)) ) - return -101; - - - const byte pwd2[] = "All n-entities must communicate with other n-entities" - " via n-1 entiteeheehees "; // align - - pb.DeriveKey(derived, 24, pwd2, 76, salt, sizeof(salt), 500); - - const byte verify2[] = { 0x6A, 0x89, 0x70, 0xBF, 0x68, 0xC9, 0x2C, 0xAE, - 0xA8, 0x4A, 0x8D, 0xF2, 0x85, 0x10, 0x85, 0x86, - 0x07, 0x12, 0x63, 0x80, 0xCC, 0x47, 0xAB, 0x2D - }; - - if ( memcmp(derived, verify2, sizeof(verify2)) ) - return -102; - - return 0; -} - - -/* -int pkcs12_test() -{ - Source cert; - FileSource("../certs/server-cert.pem", cert); - if (cert.size() == 0) { - FileSource("../../certs/server-cert.pem", cert); // for testsuite - if (cert.size() == 0) { - FileSource("../../../certs/server-cert.pem", cert); // Debug dir - if (cert.size() == 0) - err_sys("where's your certs dir?", -109); - } - } - - if (GetCert(cert) != 0) - return -110; - - Source source; - FileSource("../certs/server.p12", source); - if (source.size() == 0) { - FileSource("../../certs/server.p12", source); // for testsuite - if (source.size() == 0) { - FileSource("../../../certs/server.p12", source); // Debug dir - if (source.size() == 0) - err_sys("where's your certs dir?", -111); - } - } - - if (GetPKCS_Cert("password", source) != 0) - return -112; - - return 0; -} -*/ - diff --git a/extra/yassl/taocrypt/test/test.dsp b/extra/yassl/taocrypt/test/test.dsp deleted file mode 100644 index 93b369de3d9..00000000000 --- a/extra/yassl/taocrypt/test/test.dsp +++ /dev/null @@ -1,102 +0,0 @@ -# Microsoft Developer Studio Project File - Name="test" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Console Application" 0x0103 - -CFG=test - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "test.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "test.mak" CFG="test - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "test - Win32 Release" (based on "Win32 (x86) Console Application") -!MESSAGE "test - Win32 Debug" (based on "Win32 (x86) Console Application") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "test - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "test___Win32_Release" -# PROP BASE Intermediate_Dir "test___Win32_Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MD /W3 /O2 /I "../include" /I "../mySTL" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 - -!ELSEIF "$(CFG)" == "test - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "test___Win32_Debug" -# PROP BASE Intermediate_Dir "test___Win32_Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c -# ADD CPP /nologo /MDd /W3 /Gm /ZI /Od /I "../include" /I "../mySTL" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept - -!ENDIF - -# Begin Target - -# Name "test - Win32 Release" -# Name "test - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=.\test.cpp -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" -# End Group -# End Target -# End Project diff --git a/extra/yassl/testsuite/cipher-test.sh b/extra/yassl/testsuite/cipher-test.sh deleted file mode 100644 index d3e69146097..00000000000 --- a/extra/yassl/testsuite/cipher-test.sh +++ /dev/null @@ -1,131 +0,0 @@ -#!/bin/bash - -# test all yassl cipher suties -# - - -no_pid=-1 -server_pid=$no_pid - - -do_cleanup() { - echo "in cleanup" - - if [[ $server_pid != $no_pid ]] - then - echo "killing server" - kill -9 $server_pid - fi -} - -do_trap() { - echo "got trap" - do_cleanup - exit -1 -} - -trap do_trap INT TERM - - -# make sure example server and client are built -if test ! -s ../examples/server/server; then - echo "Please build yaSSL first, example server missing" - exit -1 -fi - -if test ! -s ../examples/client/client; then - echo "Please build yaSSL first, example client missing" - exit -1 -fi - - -# non DSA suites -for suite in {"DHE-RSA-AES256-SHA","AES256-SHA","DHE-RSA-AES128-SHA","AES128-SHA","AES256-RMD","AES128-RMD","DES-CBC3-RMD","DHE-RSA-AES256-RMD","DHE-RSA-AES128-RMD","DHE-RSA-DES-CBC3-RMD","RC4-SHA","RC4-MD5","DES-CBC3-SHA","DES-CBC-SHA","EDH-RSA-DES-CBC3-SHA","EDH-RSA-DES-CBC-SHA"} -do - for client_auth in {y,n} - do - echo "Trying $suite client auth = $client_auth ..." - - if test -e server_ready; then - echo -e "removing exisitng server_ready file" - rm server_ready - fi - ../examples/server/server $client_auth & - server_pid=$! - - while [ ! -s server_ready ]; do - echo -e "waiting for server_ready file..." - sleep 0.1 - done - - ../examples/client/client $suite - client_result=$? - - wait $server_pid - server_result=$? - - server_pid=$no_pid - - if [[ $client_result != 0 ]] - then - echo "Client Error" - exit $client_result - fi - - if [[ $server_result != 0 ]] - then - echo "Server Error" - exit $server_result - fi - - done # end client auth loop -done # end non dsa suite list -echo -e "Non DSA Loop SUCCESS" - - - -# DSA suites -for suite in {"DHE-DSS-AES256-SHA","DHE-DSS-AES128-SHA","DHE-DSS-AES256-RMD","DHE-DSS-AES128-RMD","DHE-DSS-DES-CBC3-RMD","EDH-DSS-DES-CBC3-SHA","EDH-DSS-DES-CBC-SHA"} -do - for client_auth in {y,n} - do - echo "Trying $suite client auth = $client_auth ..." - - if test -e server_ready; then - echo -e "removing exisitng server_ready file" - rm server_ready - fi - # d signifies DSA - ../examples/server/server $client_auth d & - server_pid=$! - - while [ ! -s server_ready ]; do - echo -e "waiting for server_ready file..." - sleep 0.1 - done - - ../examples/client/client $suite - client_result=$? - - wait $server_pid - server_result=$? - - server_pid=$no_pid - - if [[ $client_result != 0 ]] - then - echo "Client Error" - exit $client_result - fi - - if [[ $server_result != 0 ]] - then - echo "Server Error" - exit $server_result - fi - - done # end client auth loop -done # end dsa suite list -echo -e "DSA Loop SUCCESS" - -exit 0 diff --git a/extra/yassl/testsuite/input b/extra/yassl/testsuite/input deleted file mode 100644 index d16cbc40750..00000000000 --- a/extra/yassl/testsuite/input +++ /dev/null @@ -1,107 +0,0 @@ -// testsuite.cpp - -#include "test.hpp" -#include "md5.hpp" - -typedef unsigned char byte; - -void taocrypt_test(void*); -void file_test(char*, byte*); - -void client_test(void*); -void echoclient_test(void*); - -THREAD_RETURN YASSL_API server_test(void*); -THREAD_RETURN YASSL_API echoserver_test(void*); - -int main(int argc, char** argv) -{ - func_args args(argc, argv); - func_args server_args(args); - - // *** Crypto Test *** - taocrypt_test(&args); - assert(args.return_code == 0); - - - // *** Simple yaSSL client server test *** - THREAD_TYPE thread; - - start_thread(server_test, &server_args, &thread); - client_test(&args); - - assert(args.return_code == 0); - join_thread(thread); - assert(server_args.return_code == 0); - - - // *** Echo input yaSSL client server test *** - start_thread(echoserver_test, &server_args, &thread); - func_args echo_args; - - // setup args - echo_args.argc = 3; - echo_args.argv = new char*[echo_args.argc]; - for (int i = 0; i < echo_args.argc; i++) - echo_args.argv[i] = new char[32]; - - strcpy(echo_args.argv[0], "echoclient"); - strcpy(echo_args.argv[1], "input"); - strcpy(echo_args.argv[2], "output"); - remove("output"); - - // make sure OK - echoclient_test(&echo_args); - assert(echo_args.return_code == 0); - - - // *** Echo quit yaSSL client server test *** - echo_args.argc = 2; - strcpy(echo_args.argv[1], "quit"); - - echoclient_test(&echo_args); - assert(echo_args.return_code == 0); - join_thread(thread); - assert(server_args.return_code == 0); - - - // input output compare - byte input[TaoCrypt::MD5::DIGEST_SIZE]; - byte output[TaoCrypt::MD5::DIGEST_SIZE]; - file_test("input", input); - file_test("output", output); - assert(memcmp(input, output, sizeof(input)) == 0); - - printf("\nAll tests passed!\n"); - - // cleanup - for (int j = echo_args.argc; j >= 0; j--) - delete[] echo_args.argv[j]; - delete[] echo_args.argv; - - return 0; -} - - - -void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread) -{ -#ifdef _WIN32 - *thread = _beginthreadex(0, 0, fun, args, 0, 0); -#else - pthread_create(thread, 0, fun, args); -#endif -} - - -void join_thread(THREAD_TYPE thread) -{ -#ifdef _WIN32 - int res = WaitForSingleObject(reinterpret_cast<HANDLE>(thread), INFINITE); - assert(res == WAIT_OBJECT_0); - res = CloseHandle(reinterpret_cast<HANDLE>(thread)); - assert(res); -#else - pthread_join(thread, 0); -#endif -} diff --git a/extra/yassl/testsuite/make.bat b/extra/yassl/testsuite/make.bat deleted file mode 100755 index eddbe90c400..00000000000 --- a/extra/yassl/testsuite/make.bat +++ /dev/null @@ -1,29 +0,0 @@ -REM Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. -REM -REM This program is free software; you can redistribute it and/or modify -REM it under the terms of the GNU General Public License as published by -REM the Free Software Foundation; version 2 of the License. -REM -REM This program is distributed in the hope that it will be useful, -REM but WITHOUT ANY WARRANTY; without even the implied warranty of -REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -REM GNU General Public License for more details. -REM -REM You should have received a copy of the GNU General Public License -REM along with this program; if not, write to the Free Software -REM Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA - -REM quick and dirty build file for testing different MSDEVs -setlocal - -set myFLAGS= /I../include /I../taocrypt/include /I../taocrypt/mySTL /c /W3 /G6 /O2 /MT /D"WIN32" /D"NO_MAIN_DRIVER" - -cl %myFLAGS% testsuite.cpp -cl %myFLAGS% ../examples/client/client.cpp -cl %myFLAGS% ../examples/echoclient/echoclient.cpp -cl %myFLAGS% ../examples/server/server.cpp -cl %myFLAGS% ../examples/echoserver/echoserver.cpp -cl %myFLAGS% ../taocrypt/test/test.cpp - -link.exe /out:testsuite.exe ../src/yassl.lib ../taocrypt/src/taocrypt.lib testsuite.obj client.obj server.obj echoclient.obj echoserver.obj test.obj advapi32.lib Ws2_32.lib - diff --git a/extra/yassl/testsuite/quit b/extra/yassl/testsuite/quit deleted file mode 100644 index 3db49b3ad12..00000000000 --- a/extra/yassl/testsuite/quit +++ /dev/null @@ -1,2 +0,0 @@ -quit - diff --git a/extra/yassl/testsuite/test.hpp b/extra/yassl/testsuite/test.hpp deleted file mode 100644 index 12da450fffe..00000000000 --- a/extra/yassl/testsuite/test.hpp +++ /dev/null @@ -1,553 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -// test.hpp - -#ifndef yaSSL_TEST_HPP -#define yaSSL_TEST_HPP - -#include "runtime.hpp" -#include "error.hpp" -#include <stdio.h> -#include <stdlib.h> -#include <assert.h> - -//#define NON_BLOCKING // test server and client example (not echos) - -#ifdef _WIN32 - #include <winsock2.h> - #include <process.h> - #ifdef TEST_IPV6 // don't require newer SDK for IPV4 - #include <ws2tcpip.h> - #include <wspiapi.h> - #endif - #define SOCKET_T unsigned int -#else - #include <string.h> - #include <unistd.h> - #include <netinet/in.h> - #include <arpa/inet.h> - #include <sys/ioctl.h> - #include <sys/time.h> - #include <sys/types.h> - #include <sys/socket.h> - #ifdef TEST_IPV6 - #include <netdb.h> - #endif - #include <pthread.h> -#ifdef NON_BLOCKING - #include <fcntl.h> -#endif - #define SOCKET_T int -#endif /* _WIN32 */ -#include "openssl/ssl.h" /* openssl compatibility test */ - - -#ifdef _MSC_VER - // disable conversion warning - // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy - #pragma warning(disable:4244 4996) -#endif - - -#if !defined(_SOCKLEN_T) && (defined(_WIN32) || defined(__APPLE__)) - typedef int socklen_t; -#endif - - -// Check type of third arg to accept -#if defined(__hpux) -// HPUX uses int* for third parameter to accept - typedef int* ACCEPT_THIRD_T; -#else - typedef socklen_t* ACCEPT_THIRD_T; -#endif - - -#ifdef TEST_IPV6 - typedef sockaddr_in6 SOCKADDR_IN_T; - #define AF_INET_V AF_INET6 -#else - typedef sockaddr_in SOCKADDR_IN_T; - #define AF_INET_V AF_INET -#endif - - -// Check if _POSIX_THREADS should be forced -#if !defined(_POSIX_THREADS) && defined(__hpux) -// HPUX does not define _POSIX_THREADS as it's not _fully_ implemented -#define _POSIX_THREADS -#endif - - -#ifndef _POSIX_THREADS - typedef unsigned int THREAD_RETURN; - typedef HANDLE THREAD_TYPE; - #define YASSL_API __stdcall -#else - typedef void* THREAD_RETURN; - typedef pthread_t THREAD_TYPE; - #define YASSL_API -#endif - - -struct tcp_ready { -#ifdef _POSIX_THREADS - pthread_mutex_t mutex_; - pthread_cond_t cond_; - bool ready_; // predicate - - tcp_ready() : ready_(false) - { - pthread_mutex_init(&mutex_, 0); - pthread_cond_init(&cond_, 0); - } - - ~tcp_ready() - { - pthread_mutex_destroy(&mutex_); - pthread_cond_destroy(&cond_); - } -#endif -}; - - -struct func_args { - int argc; - char** argv; - int return_code; - const char* file_ready; - tcp_ready* signal_; - - func_args(int c = 0, char** v = 0) : argc(c), argv(v), file_ready(0) {} - - void SetSignal(tcp_ready* p) { signal_ = p; } -}; - -typedef THREAD_RETURN YASSL_API THREAD_FUNC(void*); - -void start_thread(THREAD_FUNC, func_args*, THREAD_TYPE*); -void join_thread(THREAD_TYPE); - -// yaSSL -const char* const yasslIP = "127.0.0.1"; -const unsigned short yasslPort = 11111; -const unsigned short proxyPort = 12345; - - -// client -const char* const cert = "../certs/client-cert.pem"; -const char* const key = "../certs/client-key.pem"; - -const char* const certSuite = "../../certs/client-cert.pem"; -const char* const keySuite = "../../certs/client-key.pem"; - -const char* const certDebug = "../../../certs/client-cert.pem"; -const char* const keyDebug = "../../../certs/client-key.pem"; - - -// server -const char* const svrCert = "../certs/server-cert.pem"; -const char* const svrKey = "../certs/server-key.pem"; - -const char* const svrCert2 = "../../certs/server-cert.pem"; -const char* const svrKey2 = "../../certs/server-key.pem"; - -const char* const svrCert3 = "../../../certs/server-cert.pem"; -const char* const svrKey3 = "../../../certs/server-key.pem"; - - -// server dsa -const char* const dsaCert = "../certs/dsa-cert.pem"; -const char* const dsaKey = "../certs/dsa1024.der"; - -const char* const dsaCert2 = "../../certs/dsa-cert.pem"; -const char* const dsaKey2 = "../../certs/dsa1024.der"; - -const char* const dsaCert3 = "../../../certs/dsa-cert.pem"; -const char* const dsaKey3 = "../../../certs/dsa1024.der"; - - -// CA -const char* const caCert = "../certs/ca-cert.pem"; -const char* const caCert2 = "../../certs/ca-cert.pem"; -const char* const caCert3 = "../../../certs/ca-cert.pem"; - - -using namespace yaSSL; - - -inline void err_sys(const char* msg) -{ - printf("yassl error: %s\n", msg); - exit(EXIT_FAILURE); -} - - -extern "C" { - static int PasswordCallBack(char*, int, int, void*); -} - - -static int PasswordCallBack(char* passwd, int sz, int rw, void* userdata) -{ - strncpy(passwd, "yassl123", sz); - return 8; -} - - -inline void store_ca(SSL_CTX* ctx) -{ - // To allow testing from serveral dirs - if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS) - if (SSL_CTX_load_verify_locations(ctx, caCert2, 0) != SSL_SUCCESS) - if (SSL_CTX_load_verify_locations(ctx, caCert3, 0) != SSL_SUCCESS) - err_sys("failed to use certificate: certs/cacert.pem"); - - // load client CA for server verify - if (SSL_CTX_load_verify_locations(ctx, cert, 0) != SSL_SUCCESS) - if (SSL_CTX_load_verify_locations(ctx, certSuite, 0) != SSL_SUCCESS) - if (SSL_CTX_load_verify_locations(ctx, certDebug,0) != SSL_SUCCESS) - err_sys("failed to use certificate: certs/client-cert.pem"); - - // DSA cert - if (SSL_CTX_load_verify_locations(ctx, dsaCert, 0) != SSL_SUCCESS) - if (SSL_CTX_load_verify_locations(ctx, dsaCert2, 0) != SSL_SUCCESS) - if (SSL_CTX_load_verify_locations(ctx, dsaCert3, 0) != SSL_SUCCESS) - err_sys("failed to use certificate: certs/dsa-cert.pem"); - -} - - -// client -inline void set_certs(SSL_CTX* ctx) -{ - store_ca(ctx); - SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); - - // To allow testing from serveral dirs - if (SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - if (SSL_CTX_use_certificate_file(ctx, certSuite, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - if (SSL_CTX_use_certificate_file(ctx, certDebug, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - err_sys("failed to use certificate: certs/client-cert.pem"); - - // To allow testing from several dirs - if (SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - if (SSL_CTX_use_PrivateKey_file(ctx, keySuite, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - if (SSL_CTX_use_PrivateKey_file(ctx,keyDebug,SSL_FILETYPE_PEM) - != SSL_SUCCESS) - err_sys("failed to use key file: certs/client-key.pem"); -} - - -// server -inline void set_serverCerts(SSL_CTX* ctx) -{ - store_ca(ctx); - SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); - - // To allow testing from serveral dirs - if (SSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - if (SSL_CTX_use_certificate_file(ctx, svrCert2, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - if (SSL_CTX_use_certificate_file(ctx, svrCert3, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - err_sys("failed to use certificate: certs/server-cert.pem"); - - // To allow testing from several dirs - if (SSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - if (SSL_CTX_use_PrivateKey_file(ctx, svrKey2, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - if (SSL_CTX_use_PrivateKey_file(ctx, svrKey3,SSL_FILETYPE_PEM) - != SSL_SUCCESS) - err_sys("failed to use key file: certs/server-key.pem"); -} - - -// dsa server -inline void set_dsaServerCerts(SSL_CTX* ctx) -{ - store_ca(ctx); - - // To allow testing from serveral dirs - if (SSL_CTX_use_certificate_file(ctx, dsaCert, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - if (SSL_CTX_use_certificate_file(ctx, dsaCert2, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - if (SSL_CTX_use_certificate_file(ctx, dsaCert3, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - err_sys("failed to use certificate: certs/dsa-cert.pem"); - - // To allow testing from several dirs - if (SSL_CTX_use_PrivateKey_file(ctx, dsaKey, SSL_FILETYPE_ASN1) - != SSL_SUCCESS) - if (SSL_CTX_use_PrivateKey_file(ctx, dsaKey2, SSL_FILETYPE_ASN1) - != SSL_SUCCESS) - if (SSL_CTX_use_PrivateKey_file(ctx, dsaKey3,SSL_FILETYPE_ASN1) - != SSL_SUCCESS) - err_sys("failed to use key file: certs/dsa1024.der"); -} - - -inline void set_args(int& argc, char**& argv, func_args& args) -{ - argc = args.argc; - argv = args.argv; - args.return_code = -1; // error state -} - - -inline void set_file_ready(const char* name, func_args& args) -{ - args.file_ready = name; -} - - -inline void tcp_set_nonblocking(SOCKET_T& sockfd) -{ -#ifdef NON_BLOCKING - #ifdef _WIN32 - unsigned long blocking = 1; - int ret = ioctlsocket(sockfd, FIONBIO, &blocking); - #else - int flags = fcntl(sockfd, F_GETFL, 0); - int ret = fcntl(sockfd, F_SETFL, flags | O_NONBLOCK); - #endif -#endif -} - - -inline void tcp_socket(SOCKET_T& sockfd, SOCKADDR_IN_T& addr) -{ - sockfd = socket(AF_INET_V, SOCK_STREAM, 0); - memset(&addr, 0, sizeof(addr)); - -#ifdef TEST_IPV6 - addr.sin6_family = AF_INET_V; - addr.sin6_port = htons(yasslPort); - addr.sin6_addr = in6addr_loopback; - - /* // for external testing later - addrinfo hints; - memset(&hints, 0, sizeof(hints)); - hints.ai_family = AF_INET_V; - hints.ai_socktype = SOCK_STREAM; - hints.ai_flags = AI_PASSIVE; - - getaddrinfo(yasslIP6, yasslPortStr, &hints, info); - // then use info connect(sockfd, info->ai_addr, info->ai_addrlen) - - if (*info == 0) - err_sys("getaddrinfo failed"); - */ // end external testing later -#else - addr.sin_family = AF_INET_V; -#ifdef YASSL_PROXY_PORT - addr.sin_port = htons(proxyPort); -#else - addr.sin_port = htons(yasslPort); -#endif - addr.sin_addr.s_addr = inet_addr(yasslIP); -#endif - -} - - -inline void tcp_close(SOCKET_T& sockfd) -{ -#ifdef _WIN32 - closesocket(sockfd); -#else - close(sockfd); -#endif - sockfd = (SOCKET_T) -1; -} - - -inline void tcp_connect(SOCKET_T& sockfd) -{ - SOCKADDR_IN_T addr; - tcp_socket(sockfd, addr); - - if (connect(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0) { - tcp_close(sockfd); - err_sys("tcp connect failed"); - } -} - - -inline void tcp_listen(SOCKET_T& sockfd) -{ - SOCKADDR_IN_T addr; - tcp_socket(sockfd, addr); - -#ifndef _WIN32 - int on = 1; - socklen_t len = sizeof(on); - setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len); -#endif - - if (bind(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0) { - tcp_close(sockfd); - err_sys("tcp bind failed"); - } - if (listen(sockfd, 3) != 0) { - tcp_close(sockfd); - err_sys("tcp listen failed"); - } -} - - -inline void create_ready_file(func_args& args) -{ - FILE* f = fopen(args.file_ready, "w+"); - - if (f) { - fputs("ready", f); - fclose(f); - } -} - - -inline void tcp_accept(SOCKET_T& sockfd, SOCKET_T& clientfd, func_args& args) -{ - tcp_listen(sockfd); - - SOCKADDR_IN_T client; - socklen_t client_len = sizeof(client); - -#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) - // signal ready to tcp_accept - tcp_ready& ready = *args.signal_; - pthread_mutex_lock(&ready.mutex_); - ready.ready_ = true; - pthread_cond_signal(&ready.cond_); - pthread_mutex_unlock(&ready.mutex_); -#endif - - if (args.file_ready) - create_ready_file(args); - - clientfd = accept(sockfd, (sockaddr*)&client, (ACCEPT_THIRD_T)&client_len); - - if (clientfd == (SOCKET_T) -1) { - tcp_close(sockfd); - err_sys("tcp accept failed"); - } - -#ifdef NON_BLOCKING - tcp_set_nonblocking(clientfd); -#endif -} - - -inline void showPeer(SSL* ssl) -{ - X509* peer = SSL_get_peer_certificate(ssl); - if (peer) { - char* issuer = X509_NAME_oneline(X509_get_issuer_name(peer), 0, 0); - char* subject = X509_NAME_oneline(X509_get_subject_name(peer), 0, 0); - - X509_NAME_ENTRY* se = NULL; - ASN1_STRING* sd = NULL; - char* subCN = NULL; - - X509_NAME* sub = X509_get_subject_name(peer); - int lastpos = -1; - if (sub) - lastpos = X509_NAME_get_index_by_NID(sub, NID_commonName, lastpos); - if (lastpos >= 0) { - se = X509_NAME_get_entry(sub, lastpos); - if (se) - sd = X509_NAME_ENTRY_get_data(se); - if (sd) - subCN = (char*)ASN1_STRING_data(sd); - } - - printf("peer's cert info:\n issuer : %s\n subject: %s\n" - " subject cn: %s\n", issuer, subject, subCN); - - free(subject); - free(issuer); - - } - else - printf("peer has no cert!\n"); -} - - - -inline DH* set_tmpDH(SSL_CTX* ctx) -{ - static unsigned char dh1024_p[] = - { - 0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3, - 0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E, - 0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59, - 0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2, - 0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD, - 0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF, - 0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02, - 0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C, - 0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7, - 0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50, - 0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B, - }; - - static unsigned char dh1024_g[] = - { - 0x02, - }; - - DH* dh; - if ( (dh = DH_new()) ) { - dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0); - dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0); - } - if (!dh->p || !dh->g) { - DH_free(dh); - dh = 0; - } - SSL_CTX_set_tmp_dh(ctx, dh); - return dh; -} - - -inline int verify_callback(int preverify_ok, X509_STORE_CTX* ctx) -{ - X509* err_cert = X509_STORE_CTX_get_current_cert(ctx); - int err = X509_STORE_CTX_get_error(ctx); - int depth = X509_STORE_CTX_get_error_depth(ctx); - - // test allow self signed - if (err_cert && depth == 0 && err == TaoCrypt::SIG_OTHER_E) - return 1; - - return 0; -} - - -#endif // yaSSL_TEST_HPP - diff --git a/extra/yassl/testsuite/testsuite.cpp b/extra/yassl/testsuite/testsuite.cpp deleted file mode 100644 index 1792a2a3d9a..00000000000 --- a/extra/yassl/testsuite/testsuite.cpp +++ /dev/null @@ -1,174 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -// testsuite.cpp - -#include "test.hpp" -#include "md5.hpp" - - -typedef unsigned char byte; - -void taocrypt_test(void*); -void file_test(const char*, byte*); - -void client_test(void*); -void echoclient_test(void*); - -THREAD_RETURN YASSL_API server_test(void*); -THREAD_RETURN YASSL_API echoserver_test(void*); - -void wait_tcp_ready(func_args&); - - - -int main(int argc, char** argv) -{ - func_args args(argc, argv); - func_args server_args(argc, argv); - - // *** Crypto Test *** - taocrypt_test(&args); - assert(args.return_code == 0); - - - // *** Simple yaSSL client server test *** - tcp_ready ready; - server_args.SetSignal(&ready); - - THREAD_TYPE serverThread; - start_thread(server_test, &server_args, &serverThread); - wait_tcp_ready(server_args); - - client_test(&args); - assert(args.return_code == 0); - join_thread(serverThread); - assert(server_args.return_code == 0); - - - // *** Echo input yaSSL client server test *** - start_thread(echoserver_test, &server_args, &serverThread); - wait_tcp_ready(server_args); - func_args echo_args; - - // setup args - const int numArgs = 3; - echo_args.argc = numArgs; - char* myArgv[numArgs]; - - char argc0[32]; - char argc1[32]; - char argc2[32]; - - myArgv[0] = argc0; - myArgv[1] = argc1; - myArgv[2] = argc2; - - echo_args.argv = myArgv; - - strcpy(echo_args.argv[0], "echoclient"); - strcpy(echo_args.argv[1], "input"); - strcpy(echo_args.argv[2], "output"); - remove("output"); - - // make sure OK - echoclient_test(&echo_args); - assert(echo_args.return_code == 0); - - - // *** Echo quit yaSSL client server test *** - echo_args.argc = 2; - strcpy(echo_args.argv[1], "quit"); - - echoclient_test(&echo_args); - assert(echo_args.return_code == 0); - join_thread(serverThread); - assert(server_args.return_code == 0); - - - // input output compare - byte input[TaoCrypt::MD5::DIGEST_SIZE]; - byte output[TaoCrypt::MD5::DIGEST_SIZE]; - file_test("input", input); - file_test("output", output); - assert(memcmp(input, output, sizeof(input)) == 0); - - printf("\nAll tests passed!\n"); - yaSSL_CleanUp(); - - return 0; -} - - - -void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread) -{ -#ifndef _POSIX_THREADS - *thread = (HANDLE)_beginthreadex(0, 0, fun, args, 0, 0); -#else - pthread_create(thread, 0, fun, args); -#endif -} - - -void join_thread(THREAD_TYPE thread) -{ -#ifndef _POSIX_THREADS - int res = WaitForSingleObject(thread, INFINITE); - assert(res == WAIT_OBJECT_0); - res = CloseHandle(thread); - assert(res); -#else - pthread_join(thread, 0); -#endif -} - - - -void wait_tcp_ready(func_args& args) -{ -#ifdef _POSIX_THREADS - pthread_mutex_lock(&args.signal_->mutex_); - - if (!args.signal_->ready_) - pthread_cond_wait(&args.signal_->cond_, &args.signal_->mutex_); - args.signal_->ready_ = false; // reset - - pthread_mutex_unlock(&args.signal_->mutex_); -#endif -} - - -int test_openSSL_des() -{ - /* test des encrypt/decrypt */ - char data[] = "this is my data "; - int dataSz = (int)strlen(data); - DES_key_schedule key[3]; - byte iv[8]; - EVP_BytesToKey(EVP_des_ede3_cbc(), EVP_md5(), NULL, (byte*)data, dataSz, 1, - (byte*)key, iv); - - byte cipher[16]; - DES_ede3_cbc_encrypt((byte*)data, cipher, dataSz, &key[0], &key[1], - &key[2], &iv, true); - byte plain[16]; - DES_ede3_cbc_encrypt(cipher, plain, 16, &key[0], &key[1], &key[2], - &iv, false); - return 0; -} diff --git a/extra/yassl/testsuite/testsuite.dsp b/extra/yassl/testsuite/testsuite.dsp deleted file mode 100644 index 2a7f5a77433..00000000000 --- a/extra/yassl/testsuite/testsuite.dsp +++ /dev/null @@ -1,127 +0,0 @@ -# Microsoft Developer Studio Project File - Name="testsuite" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Console Application" 0x0103 - -CFG=testsuite - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "testsuite.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "testsuite.mak" CFG="testsuite - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "testsuite - Win32 Release" (based on "Win32 (x86) Console Application") -!MESSAGE "testsuite - Win32 Debug" (based on "Win32 (x86) Console Application") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "testsuite - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MT /W3 /O2 /I "../taocrypt/include" /I "../include" /I "../taocrypt/mySTL" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "NO_MAIN_DRIVER" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386 /nodefaultlib:"LIBC" -# SUBTRACT LINK32 /nodefaultlib - -!ELSEIF "$(CFG)" == "testsuite - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c -# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "../taocrypt/include" /I "../include" /I "../taocrypt/mySTL" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "NO_MAIN_DRIVER" /FR /YX /FD /GZ /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /nodefaultlib:"LIBCD" /pdbtype:sept - -!ENDIF - -# Begin Target - -# Name "testsuite - Win32 Release" -# Name "testsuite - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=..\examples\client\client.cpp -# End Source File -# Begin Source File - -SOURCE=..\examples\echoclient\echoclient.cpp -# End Source File -# Begin Source File - -SOURCE=..\examples\echoserver\echoserver.cpp -# End Source File -# Begin Source File - -SOURCE=..\examples\server\server.cpp -# End Source File -# Begin Source File - -SOURCE=..\taocrypt\test\test.cpp -# End Source File -# Begin Source File - -SOURCE=.\testsuite.cpp -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# Begin Source File - -SOURCE=.\test.hpp -# End Source File -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" -# End Group -# End Target -# End Project diff --git a/extra/yassl/yassl.dsp b/extra/yassl/yassl.dsp deleted file mode 100644 index f9b1699e667..00000000000 --- a/extra/yassl/yassl.dsp +++ /dev/null @@ -1,192 +0,0 @@ -# Microsoft Developer Studio Project File - Name="yassl" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Static Library" 0x0104 - -CFG=yassl - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "yassl.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "yassl.mak" CFG="yassl - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "yassl - Win32 Release" (based on "Win32 (x86) Static Library") -!MESSAGE "yassl - Win32 Debug" (based on "Win32 (x86) Static Library") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "yassl - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_MBCS" /D "_LIB" /D "YASSL_PREFIX" /YX /FD /c -# ADD CPP /nologo /MT /W3 /O2 /I "include" /I "taocrypt\include" /I "taocrypt\mySTL" /D "WIN32" /D "NDEBUG" /D "_MBCS" /D "_LIB" /D "YASSL_PREFIX" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LIB32=link.exe -lib -# ADD BASE LIB32 /nologo -# ADD LIB32 /nologo - -!ELSEIF "$(CFG)" == "yassl - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /D "YASSL_PREFIX" /YX /FD /GZ /c -# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "include" /I "taocrypt\include" /I "taocrypt\mySTL" /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /D "YASSL_PREFIX" /FR /YX /FD /GZ /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LIB32=link.exe -lib -# ADD BASE LIB32 /nologo -# ADD LIB32 /nologo - -!ENDIF - -# Begin Target - -# Name "yassl - Win32 Release" -# Name "yassl - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=.\src\buffer.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\cert_wrapper.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\crypto_wrapper.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\handshake.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\lock.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\log.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\socket_wrapper.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\ssl.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\timer.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\yassl_error.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\yassl_imp.cpp -# End Source File -# Begin Source File - -SOURCE=.\src\yassl_int.cpp -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# Begin Source File - -SOURCE=.\include\buffer.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\cert_wrapper.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\crypto_wrapper.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\factory.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\handshake.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\lock.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\log.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\socket_wrapper.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\timer.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\yassl_error.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\yassl_imp.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\yassl_int.hpp -# End Source File -# Begin Source File - -SOURCE=.\include\yassl_types.hpp -# End Source File -# End Group -# End Target -# End Project diff --git a/extra/yassl/yassl.dsw b/extra/yassl/yassl.dsw deleted file mode 100644 index 8da089fc1fa..00000000000 --- a/extra/yassl/yassl.dsw +++ /dev/null @@ -1,149 +0,0 @@ -Microsoft Developer Studio Workspace File, Format Version 6.00 -# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE! - -############################################################################### - -Project: "benchmark"=.\taocrypt\benchmark\benchmark.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name taocrypt - End Project Dependency -}}} - -############################################################################### - -Project: "client"=.\examples\client\client.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name yassl - End Project Dependency -}}} - -############################################################################### - -Project: "echoclient"=.\examples\echoclient\echoclient.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name yassl - End Project Dependency -}}} - -############################################################################### - -Project: "echoserver"=.\examples\echoserver\echoserver.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name yassl - End Project Dependency -}}} - -############################################################################### - -Project: "server"=.\examples\server\server.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name yassl - End Project Dependency -}}} - -############################################################################### - -Project: "taocrypt"=.\taocrypt\taocrypt.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Project: "test"=.\taocrypt\test\test.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name taocrypt - End Project Dependency -}}} - -############################################################################### - -Project: "testsuite"=.\testsuite\testsuite.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name yassl - End Project Dependency -}}} - -############################################################################### - -Project: "yassl"=.\yassl.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name taocrypt - End Project Dependency -}}} - -############################################################################### - -Global: - -Package=<5> -{{{ -}}} - -Package=<3> -{{{ -}}} - -############################################################################### - diff --git a/mysys_ssl/yassl.cc b/mysys_ssl/yassl.cc deleted file mode 100644 index 96b6f6867fe..00000000000 --- a/mysys_ssl/yassl.cc +++ /dev/null @@ -1,191 +0,0 @@ -/* - Copyright (c) 2015, 2017, MariaDB Corporation. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335 USA */ - -/* - The very minimal subset of OpenSSL's EVP* functions. - Just enough for my_crypt.cc to work. - - On the other hand, where it has to implement OpenSSL functionality, - it tries to be compatible (e.g. same flags and struct member names). -*/ - -#include <openssl/ssl.h> -#include "aes.hpp" - -using yaSSL::yaERR_remove_state; -using yaSSL::yaRAND_bytes; - -#define EVP_CIPH_ECB_MODE 0x1U -#define EVP_CIPH_CBC_MODE 0x2U -#define EVP_CIPH_NO_PADDING 0x100U - -/* - note that TaoCrypt::AES object is not explicitly put into EVP_CIPHER_CTX. - That's because we need to control when TaoCrypt::AES constructor and - destructor are called. -*/ -typedef struct -{ - ulong flags; - int encrypt; - int key_len; - int buf_len; - int final_used; - uchar tao_buf[sizeof(TaoCrypt::AES)]; // TaoCrypt::AES object - uchar buf[TaoCrypt::AES::BLOCK_SIZE]; // last partial input block - uchar final[TaoCrypt::AES::BLOCK_SIZE]; // last decrypted (output) block -} EVP_CIPHER_CTX; - -typedef struct { - TaoCrypt::Mode mode; - TaoCrypt::word32 key_len; -} EVP_CIPHER; - -#define gen_cipher(mode, MODE, len) \ - static const EVP_CIPHER *EVP_aes_ ## len ## _ ## mode() \ - { static const EVP_CIPHER c={TaoCrypt::MODE, len/8}; return &c; } - -gen_cipher(ecb,ECB,128) -gen_cipher(ecb,ECB,192) -gen_cipher(ecb,ECB,256) -gen_cipher(cbc,CBC,128) -gen_cipher(cbc,CBC,192) -gen_cipher(cbc,CBC,256) - -static inline TaoCrypt::AES *TAO(EVP_CIPHER_CTX *ctx) -{ - return (TaoCrypt::AES *)(ctx->tao_buf); -} - -static void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) -{ - ctx->final_used= ctx->buf_len= ctx->flags= 0; -} - -static int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *ctx) -{ - TAO(ctx)->~AES(); - return 1; -} - -static int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) -{ - if (pad) - ctx->flags&= ~EVP_CIPH_NO_PADDING; - else - ctx->flags|= EVP_CIPH_NO_PADDING; - return 1; -} - -static int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - void *, const uchar *key, const uchar *iv, int enc) -{ - new (ctx->tao_buf) TaoCrypt::AES(enc ? TaoCrypt::ENCRYPTION - : TaoCrypt::DECRYPTION, cipher->mode); - TAO(ctx)->SetKey(key, cipher->key_len); - if (iv) - TAO(ctx)->SetIV(iv); - ctx->encrypt= enc; - ctx->key_len= cipher->key_len; - ctx->flags|= cipher->mode == TaoCrypt::CBC ? EVP_CIPH_CBC_MODE : EVP_CIPH_ECB_MODE; - return 1; -} - -static int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) -{ - return ctx->key_len; -} - -static int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) -{ - return ctx->flags & EVP_CIPH_ECB_MODE ? 0 : TaoCrypt::AES::BLOCK_SIZE; -} - -static void do_whole_blocks(EVP_CIPHER_CTX *ctx, uchar *out, int *outl, - const uchar *in, int inl) -{ - DBUG_ASSERT(inl); - DBUG_ASSERT(inl % TaoCrypt::AES::BLOCK_SIZE == 0); - if (ctx->encrypt || (ctx->flags & EVP_CIPH_NO_PADDING)) - { - TAO(ctx)->Process(out, in, inl); - *outl+= inl; - return; - } - /* 'final' is only needed when decrypting with padding */ - if (ctx->final_used) - { - memcpy(out, ctx->final, TaoCrypt::AES::BLOCK_SIZE); - *outl+= TaoCrypt::AES::BLOCK_SIZE; - out+= TaoCrypt::AES::BLOCK_SIZE; - } - inl-= TaoCrypt::AES::BLOCK_SIZE; - TAO(ctx)->Process(out, in, inl); - *outl+= inl; - TAO(ctx)->Process(ctx->final, in + inl, TaoCrypt::AES::BLOCK_SIZE); - ctx->final_used= 1; -} - -static int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, uchar *out, int *outl, - const uchar *in, int inl) -{ - *outl= 0; - if (ctx->buf_len) - { - int prefixl= TaoCrypt::AES::BLOCK_SIZE - ctx->buf_len; - if (prefixl > inl) - { - memcpy(ctx->buf + ctx->buf_len, in, inl); - ctx->buf_len+= inl; - return 1; - } - memcpy(ctx->buf + ctx->buf_len, in, prefixl); - do_whole_blocks(ctx, out, outl, ctx->buf, TaoCrypt::AES::BLOCK_SIZE); - in+= prefixl; - inl-= prefixl; - out+= *outl; - } - ctx->buf_len= inl % TaoCrypt::AES::BLOCK_SIZE; - inl-= ctx->buf_len; - memcpy(ctx->buf, in + inl, ctx->buf_len); - if (inl) - do_whole_blocks(ctx, out, outl, in, inl); - return 1; -} - -static int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, uchar *out, int *outl) -{ - if (ctx->flags & EVP_CIPH_NO_PADDING) - return ctx->buf_len == 0; - - // PKCS#7 padding - *outl= 0; - if (ctx->encrypt) - { - int v= TaoCrypt::AES::BLOCK_SIZE - ctx->buf_len; - memset(ctx->buf + ctx->buf_len, v, v); - do_whole_blocks(ctx, out, outl, ctx->buf, TaoCrypt::AES::BLOCK_SIZE); - return 1; - } - int n= ctx->final[TaoCrypt::AES::BLOCK_SIZE - 1]; - if (ctx->buf_len || !ctx->final_used || - n < 1 || n > TaoCrypt::AES::BLOCK_SIZE) - return 0; - *outl= TaoCrypt::AES::BLOCK_SIZE - n; - memcpy(out, ctx->final, *outl); - return 1; -} - |