Update external polarssl to 1.3.8

There were some fixes back on March 13th, 2014 for fixing compiling on MIPS64.
Also some fixes on June 25th, 2014 for SPARC64 fixes.

Probably more things, but those are what I care about.
This commit is contained in:
Ryan Houdek
2014-09-08 01:58:33 -05:00
parent 6ea82790ba
commit a48e284317
130 changed files with 12346 additions and 4632 deletions

View File

@ -3,7 +3,7 @@
*
* \brief AES block cipher
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_AES_H
#define POLARSSL_AES_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -69,6 +73,20 @@ typedef struct
}
aes_context;
/**
* \brief Initialize AES context
*
* \param ctx AES context to be initialized
*/
void aes_init( aes_context *ctx );
/**
* \brief Clear AES context
*
* \param ctx AES context to be cleared
*/
void aes_free( aes_context *ctx );
/**
* \brief AES key schedule (encryption)
*
@ -78,7 +96,8 @@ aes_context;
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/
int aes_setkey_enc( aes_context *ctx, const unsigned char *key, unsigned int keysize );
int aes_setkey_enc( aes_context *ctx, const unsigned char *key,
unsigned int keysize );
/**
* \brief AES key schedule (decryption)
@ -89,7 +108,8 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key, unsigned int key
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/
int aes_setkey_dec( aes_context *ctx, const unsigned char *key, unsigned int keysize );
int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
unsigned int keysize );
/**
* \brief AES-ECB block encryption/decryption
@ -129,6 +149,7 @@ int aes_crypt_cbc( aes_context *ctx,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
/**
* \brief AES-CFB128 buffer encryption/decryption.
*
@ -176,7 +197,9 @@ int aes_crypt_cfb8( aes_context *ctx,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
#endif /*POLARSSL_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR)
/**
* \brief AES-CTR buffer encryption/decryption
*
@ -206,6 +229,7 @@ int aes_crypt_ctr( aes_context *ctx,
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CTR */
#ifdef __cplusplus
}

View File

@ -3,7 +3,7 @@
*
* \brief The ARCFOUR stream cipher
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_ARC4_H
#define POLARSSL_ARC4_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -51,13 +55,28 @@ typedef struct
arc4_context;
/**
* \brief ARC4 key schedule
* \brief Initialize ARC4 context
*
* \param ctx ARC4 context to be initialized
*/
void arc4_init( arc4_context *ctx );
/**
* \brief Clear ARC4 context
*
* \param ctx ARC4 context to be cleared
*/
void arc4_free( arc4_context *ctx );
/**
* \brief ARC4 key schedule
*
* \param ctx ARC4 context to be setup
* \param key the secret key
* \param keylen length of the key, in bytes
*/
void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keylen );
void arc4_setup( arc4_context *ctx, const unsigned char *key,
unsigned int keylen );
/**
* \brief ARC4 cipher function

View File

@ -27,7 +27,11 @@
#ifndef POLARSSL_ASN1_H
#define POLARSSL_ASN1_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_BIGNUM_C)
#include "bignum.h"
@ -35,15 +39,15 @@
#include <string.h>
/**
/**
* \addtogroup asn1_module
* \{
* \{
*/
/**
* \name ASN1 Error codes
* These error codes are OR'ed to X509 error codes for
* higher error granularity.
* higher error granularity.
* ASN1 is a standard to specify data structures.
* \{
*/
@ -93,9 +97,13 @@
/** Returns the size of the binary string, without the trailing \\0 */
#define OID_SIZE(x) (sizeof(x) - 1)
/** Compares two asn1_buf structures for the same OID. Only works for
* 'defined' oid_str values (OID_HMAC_SHA1), you cannot use a 'unsigned
* char *oid' here!
/**
* Compares an asn1_buf structure to a reference OID.
*
* Only works for 'defined' oid_str values (OID_HMAC_SHA1), you cannot use a
* 'unsigned char *oid' here!
*
* Warning: returns true when the OIDs are equal (unlike memcmp)!
*/
#define OID_CMP(oid_str, oid_buf) \
( ( OID_SIZE(oid_str) == (oid_buf)->len ) && \
@ -270,7 +278,7 @@ int asn1_get_sequence_of( unsigned char **p,
int asn1_get_mpi( unsigned char **p,
const unsigned char *end,
mpi *X );
#endif
#endif /* POLARSSL_BIGNUM_C */
/**
* \brief Retrieve an AlgorithmIdentifier ASN.1 sequence.

View File

@ -3,7 +3,7 @@
*
* \brief ASN.1 buffer writing functionality
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -29,7 +29,8 @@
#include "asn1.h"
#define ASN1_CHK_ADD(g, f) do { if( ( ret = f ) < 0 ) return( ret ); else g += ret; } while( 0 )
#define ASN1_CHK_ADD(g, f) do { if( ( ret = f ) < 0 ) return( ret ); else \
g += ret; } while( 0 )
#ifdef __cplusplus
extern "C" {
@ -57,7 +58,8 @@ int asn1_write_len( unsigned char **p, unsigned char *start, size_t len );
*
* \return the length written or a negative error code
*/
int asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag );
int asn1_write_tag( unsigned char **p, unsigned char *start,
unsigned char tag );
/**
* \brief Write raw buffer data
@ -85,7 +87,7 @@ int asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
* \return the length written or a negative error code
*/
int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X );
#endif
#endif /* POLARSSL_BIGNUM_C */
/**
* \brief Write a NULL tag (ASN1_NULL) with zero data in ASN.1 format

View File

@ -3,7 +3,7 @@
*
* \brief Multi-precision integer library
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -30,7 +30,11 @@
#include <stdio.h>
#include <string.h>
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
@ -47,7 +51,7 @@ typedef UINT32 uint32_t;
typedef UINT64 uint64_t;
#else
#include <inttypes.h>
#endif
#endif /* _MSC_VER && !EFIX64 && !EFI32 */
#define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */
#define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */
@ -65,7 +69,7 @@ typedef UINT64 uint64_t;
*/
#define POLARSSL_MPI_MAX_LIMBS 10000
#if !defined(POLARSSL_CONFIG_OPTIONS)
#if !defined(POLARSSL_MPI_WINDOW_SIZE)
/*
* Maximum window size used for modular exponentiation. Default: 6
* Minimum value: 1. Maximum value: 6.
@ -76,7 +80,9 @@ typedef UINT64 uint64_t;
* Reduction in size, reduces speed.
*/
#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
#endif /* !POLARSSL_MPI_WINDOW_SIZE */
#if !defined(POLARSSL_MPI_MAX_SIZE)
/*
* Maximum size of MPIs allowed in bits and bytes for user-MPIs.
* ( Default: 512 bytes => 4096 bits, Maximum tested: 2048 bytes => 16384 bits )
@ -85,8 +91,7 @@ typedef UINT64 uint64_t;
* of limbs required (POLARSSL_MPI_MAX_LIMBS) is higher.
*/
#define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */
#endif /* !POLARSSL_CONFIG_OPTIONS */
#endif /* !POLARSSL_MPI_MAX_SIZE */
#define POLARSSL_MPI_MAX_BITS ( 8 * POLARSSL_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */
@ -129,7 +134,7 @@ typedef uint32_t t_udbl;
#else
/*
* 32-bit integers can be forced on 64-bit arches (eg. for testing purposes)
* by defining POLARSSL_HAVE_INT32 and undefining POARSSL_HAVE_ASM
* by defining POLARSSL_HAVE_INT32 and undefining POLARSSL_HAVE_ASM
*/
#if ( ! defined(POLARSSL_HAVE_INT32) && \
defined(_MSC_VER) && defined(_M_AMD64) )
@ -162,8 +167,8 @@ typedef uint32_t t_udbl;
#define POLARSSL_HAVE_UDBL
#endif
#endif
#endif
#endif
#endif /* !POLARSSL_HAVE_INT32 && __GNUC__ && 64-bit platform */
#endif /* !POLARSSL_HAVE_INT32 && _MSC_VER && _M_AMD64 */
#endif /* POLARSSL_HAVE_INT16 */
#endif /* POLARSSL_HAVE_INT8 */
@ -409,7 +414,9 @@ int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout );
int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen );
/**
* \brief Export X into unsigned binary data, big endian
* \brief Export X into unsigned binary data, big endian.
* Always fills the whole buffer, which will start with zeros
* if the number is smaller.
*
* \param X Source MPI
* \param buf Output buffer
@ -640,7 +647,7 @@ int mpi_mod_int( t_uint *r, const mpi *A, t_sint b );
/**
* \brief Sliding-window exponentiation: X = A^E mod N
*
* \param X Destination MPI
* \param X Destination MPI
* \param A Left-hand MPI
* \param E Exponent MPI
* \param N Modular MPI
@ -648,8 +655,8 @@ int mpi_mod_int( t_uint *r, const mpi *A, t_sint b );
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even or if
* E is negative
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even or
* if E is negative
*
* \note _RR is used to avoid re-computing R*R mod N across
* multiple calls, which speeds up things a bit. It can
@ -717,7 +724,8 @@ int mpi_is_prime( mpi *X,
* \brief Prime number generation
*
* \param X Destination MPI
* \param nbits Required size of X in bits ( 3 <= nbits <= POLARSSL_MPI_MAX_BITS )
* \param nbits Required size of X in bits
* ( 3 <= nbits <= POLARSSL_MPI_MAX_BITS )
* \param dh_flag If 1, then (X-1)/2 will be prime too
* \param f_rng RNG function
* \param p_rng RNG parameter

View File

@ -3,7 +3,7 @@
*
* \brief Blowfish block cipher
*
* Copyright (C) 2012-2013, Brainspark B.V.
* Copyright (C) 2012-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_BLOWFISH_H
#define POLARSSL_BLOWFISH_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -42,7 +46,7 @@ typedef UINT32 uint32_t;
#define BLOWFISH_DECRYPT 0
#define BLOWFISH_MAX_KEY 448
#define BLOWFISH_MIN_KEY 32
#define BLOWFISH_ROUNDS 16 /* when increasing this value, make sure to extend the initialisation vectors */
#define BLOWFISH_ROUNDS 16 /**< Rounds to use. When increasing this value, make sure to extend the initialisation vectors */
#define BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */
#define POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH -0x0016 /**< Invalid key length. */
@ -66,6 +70,20 @@ typedef struct
}
blowfish_context;
/**
* \brief Initialize Blowfish context
*
* \param ctx Blowfish context to be initialized
*/
void blowfish_init( blowfish_context *ctx );
/**
* \brief Clear Blowfish context
*
* \param ctx Blowfish context to be cleared
*/
void blowfish_free( blowfish_context *ctx );
/**
* \brief Blowfish key schedule
*
@ -75,7 +93,8 @@ blowfish_context;
*
* \return 0 if successful, or POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH
*/
int blowfish_setkey( blowfish_context *ctx, const unsigned char *key, unsigned int keysize );
int blowfish_setkey( blowfish_context *ctx, const unsigned char *key,
unsigned int keysize );
/**
* \brief Blowfish-ECB block encryption/decryption
@ -105,7 +124,8 @@ int blowfish_crypt_ecb( blowfish_context *ctx,
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful, or POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH
* \return 0 if successful, or
* POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH
*/
int blowfish_crypt_cbc( blowfish_context *ctx,
int mode,

File diff suppressed because it is too large Load Diff

View File

@ -3,7 +3,7 @@
*
* \brief Camellia block cipher
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_CAMELLIA_H
#define POLARSSL_CAMELLIA_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -62,16 +66,31 @@ typedef struct
}
camellia_context;
/**
* \brief Initialize CAMELLIA context
*
* \param ctx CAMELLIA context to be initialized
*/
void camellia_init( camellia_context *ctx );
/**
* \brief Clear CAMELLIA context
*
* \param ctx CAMELLIA context to be cleared
*/
void camellia_free( camellia_context *ctx );
/**
* \brief CAMELLIA key schedule (encryption)
*
* \param ctx CAMELLIA context to be initialized
* \param key encryption key
* \param keysize must be 128, 192 or 256
*
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
*/
int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize );
int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key,
unsigned int keysize );
/**
* \brief CAMELLIA key schedule (decryption)
@ -79,10 +98,11 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsign
* \param ctx CAMELLIA context to be initialized
* \param key decryption key
* \param keysize must be 128, 192 or 256
*
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
*/
int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize );
int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key,
unsigned int keysize );
/**
* \brief CAMELLIA-ECB block encryption/decryption
@ -91,7 +111,7 @@ int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsign
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
* \param input 16-byte input block
* \param output 16-byte output block
*
*
* \return 0 if successful
*/
int camellia_crypt_ecb( camellia_context *ctx,
@ -111,8 +131,9 @@ int camellia_crypt_ecb( camellia_context *ctx,
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH
*
* \return 0 if successful, or
* POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH
*/
int camellia_crypt_cbc( camellia_context *ctx,
int mode,
@ -138,7 +159,8 @@ int camellia_crypt_cbc( camellia_context *ctx,
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH
* \return 0 if successful, or
* POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH
*/
int camellia_crypt_cfb128( camellia_context *ctx,
int mode,

View File

@ -0,0 +1,134 @@
/**
* \file ccm.h
*
* \brief Counter with CBC-MAC (CCM) for 128-bit block ciphers
*
* Copyright (C) 2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_CCM_H
#define POLARSSL_CCM_H
#include "cipher.h"
#define POLARSSL_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to function. */
#define POLARSSL_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief CCM context structure
*/
typedef struct {
cipher_context_t cipher_ctx; /*!< cipher context used */
}
ccm_context;
/**
* \brief CCM initialization (encryption and decryption)
*
* \param ctx CCM context to be initialized
* \param cipher cipher to use (a 128-bit block cipher)
* \param key encryption key
* \param keysize key size in bits (must be acceptable by the cipher)
*
* \return 0 if successful, or a cipher specific error code
*/
int ccm_init( ccm_context *ctx, cipher_id_t cipher,
const unsigned char *key, unsigned int keysize );
/**
* \brief Free a CCM context and underlying cipher sub-context
*
* \param ctx CCM context to free
*/
void ccm_free( ccm_context *ctx );
/**
* \brief CCM buffer encryption
*
* \param ctx CCM context
* \param length length of the input data in bytes
* \param iv nonce (initialization vector)
* \param iv_len length of IV in bytes
* must be 2, 3, 4, 5, 6, 7 or 8
* \param add additional data
* \param add_len length of additional data in bytes
* must be less than 2^16 - 2^8
* \param input buffer holding the input data
* \param output buffer for holding the output data
* must be at least 'length' bytes wide
* \param tag buffer for holding the tag
* \param tag_len length of the tag to generate in bytes
* must be 4, 6, 8, 10, 14 or 16
*
* \note The tag is written to a separate buffer. To get the tag
* concatenated with the output as in the CCM spec, use
* tag = output + length and make sure the output buffer is
* at least length + tag_len wide.
*
* \return 0 if successful
*/
int ccm_encrypt_and_tag( ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len );
/**
* \brief CCM buffer authenticated decryption
*
* \param ctx CCM context
* \param length length of the input data
* \param iv initialization vector
* \param iv_len length of IV
* \param add additional data
* \param add_len length of additional data
* \param input buffer holding the input data
* \param output buffer for holding the output data
* \param tag buffer holding the tag
* \param tag_len length of the tag
*
* \return 0 if successful and authenticated,
* POLARSSL_ERR_CCM_AUTH_FAILED if tag does not match
*/
int ccm_auth_decrypt( ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len );
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int ccm_self_test( int verbose );
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_CGM_H */

View File

@ -0,0 +1,326 @@
/**
* \file check_config.h
*
* \brief Consistency checks for configuration options
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* It is recommended to include this file from your config.h
* in order to catch dependency issues early.
*/
#ifndef POLARSSL_CHECK_CONFIG_H
#define POLARSSL_CHECK_CONFIG_H
#if defined(POLARSSL_AESNI_C) && !defined(POLARSSL_HAVE_ASM)
#error "POLARSSL_AESNI_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_CERTS_C) && !defined(POLARSSL_PEM_PARSE_C)
#error "POLARSSL_CERTS_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_CTR_DRBG_C) && !defined(POLARSSL_AES_C)
#error "POLARSSL_CTR_DRBG_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_DHM_C) && !defined(POLARSSL_BIGNUM_C)
#error "POLARSSL_DHM_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ECDH_C) && !defined(POLARSSL_ECP_C)
#error "POLARSSL_ECDH_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ECDSA_C) && \
( !defined(POLARSSL_ECP_C) || \
!defined(POLARSSL_ASN1_PARSE_C) || \
!defined(POLARSSL_ASN1_WRITE_C) )
#error "POLARSSL_ECDSA_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ECDSA_DETERMINISTIC) && !defined(POLARSSL_HMAC_DRBG_C)
#error "POLARSSL_ECDSA_DETERMINISTIC defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ECP_C) && ( !defined(POLARSSL_BIGNUM_C) || ( \
!defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_BP256R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_BP384R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_BP512R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) ) )
#error "POLARSSL_ECP_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ENTROPY_C) && (!defined(POLARSSL_SHA512_C) && \
!defined(POLARSSL_SHA256_C))
#error "POLARSSL_ENTROPY_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SHA512_C) && \
defined(CTR_DRBG_ENTROPY_LEN) && (CTR_DRBG_ENTROPY_LEN > 64)
#error "CTR_DRBG_ENTROPY_LEN value too high"
#endif
#if defined(POLARSSL_ENTROPY_C) && \
( !defined(POLARSSL_SHA512_C) || defined(POLARSSL_ENTROPY_FORCE_SHA256) ) \
&& defined(CTR_DRBG_ENTROPY_LEN) && (CTR_DRBG_ENTROPY_LEN > 32)
#error "CTR_DRBG_ENTROPY_LEN value too high"
#endif
#if defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_ENTROPY_FORCE_SHA256) && !defined(POLARSSL_SHA256_C)
#error "POLARSSL_ENTROPY_FORCE_SHA256 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_GCM_C) && ( \
!defined(POLARSSL_AES_C) && !defined(POLARSSL_CAMELLIA_C) )
#error "POLARSSL_GCM_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_HAVEGE_C) && !defined(POLARSSL_TIMING_C)
#error "POLARSSL_HAVEGE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_HMAC_DRBG) && !defined(POLARSSL_MD_C)
#error "POLARSSL_HMAC_DRBG_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(POLARSSL_DHM_C)
#error "POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \
!defined(POLARSSL_ECDH_C)
#error "POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
( !defined(POLARSSL_DHM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_ECDSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\
!defined(POLARSSL_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\
!defined(POLARSSL_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) && \
( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) )
#error "POLARSSL_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PADLOCK_C) && !defined(POLARSSL_HAVE_ASM)
#error "POLARSSL_PADLOCK_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PBKDF2_C) && !defined(POLARSSL_MD_C)
#error "POLARSSL_PBKDF2_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PEM_PARSE_C) && !defined(POLARSSL_BASE64_C)
#error "POLARSSL_PEM_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PEM_WRITE_C) && !defined(POLARSSL_BASE64_C)
#error "POLARSSL_PEM_WRITE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PK_PARSE_C) && !defined(POLARSSL_PK_C)
#error "POLARSSL_PK_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PK_WRITE_C) && !defined(POLARSSL_PK_C)
#error "POLARSSL_PK_WRITE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PKCS11_C) && !defined(POLARSSL_PK_C)
#error "POLARSSL_PKCS11_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_RSA_C) && ( !defined(POLARSSL_BIGNUM_C) || \
!defined(POLARSSL_OID_C) )
#error "POLARSSL_RSA_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_PKCS1_V21) )
#error "POLARSSL_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_SSL3) && ( !defined(POLARSSL_MD5_C) || \
!defined(POLARSSL_SHA1_C) )
#error "POLARSSL_SSL_PROTO_SSL3 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_TLS1) && ( !defined(POLARSSL_MD5_C) || \
!defined(POLARSSL_SHA1_C) )
#error "POLARSSL_SSL_PROTO_TLS1 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_TLS1_1) && ( !defined(POLARSSL_MD5_C) || \
!defined(POLARSSL_SHA1_C) )
#error "POLARSSL_SSL_PROTO_TLS1_1 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_TLS1_2) && ( !defined(POLARSSL_SHA1_C) && \
!defined(POLARSSL_SHA256_C) && !defined(POLARSSL_SHA512_C) )
#error "POLARSSL_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_CLI_C) && !defined(POLARSSL_SSL_TLS_C)
#error "POLARSSL_SSL_CLI_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_TLS_C) && ( !defined(POLARSSL_CIPHER_C) || \
!defined(POLARSSL_MD_C) )
#error "POLARSSL_SSL_TLS_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_SRV_C) && !defined(POLARSSL_SSL_TLS_C)
#error "POLARSSL_SSL_SRV_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_TLS_C) && (!defined(POLARSSL_SSL_PROTO_SSL3) && \
!defined(POLARSSL_SSL_PROTO_TLS1) && !defined(POLARSSL_SSL_PROTO_TLS1_1) && \
!defined(POLARSSL_SSL_PROTO_TLS1_2))
#error "POLARSSL_SSL_TLS_C defined, but no protocols are active"
#endif
#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \
defined(POLARSSL_SSL_PROTO_TLS1_1) && !defined(POLARSSL_SSL_PROTO_TLS1))
#error "Illegal protocol selection"
#endif
#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_TLS1) && \
defined(POLARSSL_SSL_PROTO_TLS1_2) && !defined(POLARSSL_SSL_PROTO_TLS1_1))
#error "Illegal protocol selection"
#endif
#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \
defined(POLARSSL_SSL_PROTO_TLS1_2) && (!defined(POLARSSL_SSL_PROTO_TLS1) || \
!defined(POLARSSL_SSL_PROTO_TLS1_1)))
#error "Illegal protocol selection"
#endif
#if defined(POLARSSL_SSL_SESSION_TICKETS) && defined(POLARSSL_SSL_TLS_C) && \
( !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_CIPHER_MODE_CBC) )
#error "POLARSSL_SSL_SESSION_TICKETS_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && \
!defined(POLARSSL_X509_CRT_PARSE_C)
#error "POLARSSL_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites"
#endif
#if defined(POLARSSL_THREADING_PTHREAD)
#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL)
#error "POLARSSL_THREADING_PTHREAD defined, but not all prerequisites"
#endif
#define POLARSSL_THREADING_IMPL
#endif
#if defined(POLARSSL_THREADING_ALT)
#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL)
#error "POLARSSL_THREADING_ALT defined, but not all prerequisites"
#endif
#define POLARSSL_THREADING_IMPL
#endif
#if defined(POLARSSL_THREADING_C) && !defined(POLARSSL_THREADING_IMPL)
#error "POLARSSL_THREADING_C defined, single threading implementation required"
#endif
#undef POLARSSL_THREADING_IMPL
#if defined(POLARSSL_VERSION_FEATURES) && !defined(POLARSSL_VERSION_C)
#error "POLARSSL_VERSION_FEATURES defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_USE_C) && ( !defined(POLARSSL_BIGNUM_C) || \
!defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_PARSE_C) || \
!defined(POLARSSL_PK_PARSE_C) )
#error "POLARSSL_X509_USE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CREATE_C) && ( !defined(POLARSSL_BIGNUM_C) || \
!defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_WRITE_C) || \
!defined(POLARSSL_PK_WRITE_C) )
#error "POLARSSL_X509_CREATE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
#error "POLARSSL_X509_CRT_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CRL_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
#error "POLARSSL_X509_CRL_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CSR_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
#error "POLARSSL_X509_CSR_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CRT_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) )
#error "POLARSSL_X509_CRT_WRITE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CSR_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) )
#error "POLARSSL_X509_CSR_WRITE_C defined, but not all prerequisites"
#endif
#endif /* POLARSSL_CHECK_CONFIG_H */

View File

@ -1,11 +1,11 @@
/**
* \file cipher.h
*
*
* \brief Generic cipher wrapper.
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -30,9 +30,13 @@
#ifndef POLARSSL_CIPHER_H
#define POLARSSL_CIPHER_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_GCM_C)
#if defined(POLARSSL_GCM_C) || defined(POLARSSL_CCM_C)
#define POLARSSL_CIPHER_MODE_AEAD
#endif
@ -57,6 +61,9 @@
#define POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */
#define POLARSSL_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */
#define POLARSSL_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length */
#define POLARSSL_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length */
#ifdef __cplusplus
extern "C" {
#endif
@ -116,6 +123,12 @@ typedef enum {
POLARSSL_CIPHER_BLOWFISH_CFB64,
POLARSSL_CIPHER_BLOWFISH_CTR,
POLARSSL_CIPHER_ARC4_128,
POLARSSL_CIPHER_AES_128_CCM,
POLARSSL_CIPHER_AES_192_CCM,
POLARSSL_CIPHER_AES_256_CCM,
POLARSSL_CIPHER_CAMELLIA_128_CCM,
POLARSSL_CIPHER_CAMELLIA_192_CCM,
POLARSSL_CIPHER_CAMELLIA_256_CCM,
} cipher_type_t;
typedef enum {
@ -123,10 +136,11 @@ typedef enum {
POLARSSL_MODE_ECB,
POLARSSL_MODE_CBC,
POLARSSL_MODE_CFB,
POLARSSL_MODE_OFB,
POLARSSL_MODE_OFB, /* Unused! */
POLARSSL_MODE_CTR,
POLARSSL_MODE_GCM,
POLARSSL_MODE_STREAM,
POLARSSL_MODE_CCM,
} cipher_mode_t;
typedef enum {
@ -169,29 +183,34 @@ typedef struct {
/** Encrypt using ECB */
int (*ecb_func)( void *ctx, operation_t mode,
const unsigned char *input, unsigned char *output );
const unsigned char *input, unsigned char *output );
/** Encrypt using CBC */
int (*cbc_func)( void *ctx, operation_t mode, size_t length, unsigned char *iv,
const unsigned char *input, unsigned char *output );
int (*cbc_func)( void *ctx, operation_t mode, size_t length,
unsigned char *iv, const unsigned char *input,
unsigned char *output );
/** Encrypt using CFB (Full length) */
int (*cfb_func)( void *ctx, operation_t mode, size_t length, size_t *iv_off,
unsigned char *iv, const unsigned char *input, unsigned char *output );
unsigned char *iv, const unsigned char *input,
unsigned char *output );
/** Encrypt using CTR */
int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter,
unsigned char *stream_block, const unsigned char *input, unsigned char *output );
int (*ctr_func)( void *ctx, size_t length, size_t *nc_off,
unsigned char *nonce_counter, unsigned char *stream_block,
const unsigned char *input, unsigned char *output );
/** Encrypt using STREAM */
int (*stream_func)( void *ctx, size_t length,
const unsigned char *input, unsigned char *output );
/** Set key for encryption purposes */
int (*setkey_enc_func)( void *ctx, const unsigned char *key, unsigned int key_length);
int (*setkey_enc_func)( void *ctx, const unsigned char *key,
unsigned int key_length );
/** Set key for decryption purposes */
int (*setkey_dec_func)( void *ctx, const unsigned char *key, unsigned int key_length);
int (*setkey_dec_func)( void *ctx, const unsigned char *key,
unsigned int key_length);
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
@ -222,8 +241,8 @@ typedef struct {
* For cipher that accept many sizes: recommended size */
unsigned int iv_size;
/** Flag for ciphers that accept many sizes of IV/NONCE */
int accepts_variable_iv_size;
/** Flags for variable IV size, variable key size, etc. */
int flags;
/** block size, in bytes */
unsigned int block_size;
@ -312,16 +331,32 @@ const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id,
int key_length,
const cipher_mode_t mode );
/**
* \brief Initialize a cipher_context (as NONE)
*/
void cipher_init( cipher_context_t *ctx );
/**
* \brief Free and clear the cipher-specific context of ctx.
* Freeing ctx itself remains the responsibility of the
* caller.
*/
void cipher_free( cipher_context_t *ctx );
/**
* \brief Initialises and fills the cipher context structure with
* the appropriate values.
*
* \note Currently also clears structure. In future versions you
* will be required to call cipher_init() on the structure
* first.
*
* \param ctx context to initialise. May not be NULL.
* \param cipher_info cipher to use.
*
* \return \c 0 on success,
* \c POLARSSL_ERR_CIPHER_BAD_INPUT_DATA on parameter failure,
* \c POLARSSL_ERR_CIPHER_ALLOC_FAILED if allocation of the
* \return 0 on success,
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA on parameter failure,
* POLARSSL_ERR_CIPHER_ALLOC_FAILED if allocation of the
* cipher-specific context failed.
*/
int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info );
@ -330,10 +365,11 @@ int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info );
* \brief Free the cipher-specific context of ctx. Freeing ctx
* itself remains the responsibility of the caller.
*
* \note Deprecated: Redirects to cipher_free()
*
* \param ctx Free the cipher-specific context
*
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if
* parameter verification fails.
* \returns 0
*/
int cipher_free_ctx( cipher_context_t *ctx );
@ -470,8 +506,8 @@ static inline operation_t cipher_get_operation( const cipher_context_t *ctx )
* parameter verification fails or a cipher specific
* error code.
*/
int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, int key_length,
const operation_t operation );
int cipher_setkey( cipher_context_t *ctx, const unsigned char *key,
int key_length, const operation_t operation );
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
/**
@ -497,7 +533,7 @@ int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode );
* \param iv_len IV length for ciphers with variable-size IV;
* discarded by ciphers with fixed-size IV.
*
* \returns O on success, or POLARSSL_ERR_CIPHER_BAD_INPUT_DATA
* \returns 0 on success, or POLARSSL_ERR_CIPHER_BAD_INPUT_DATA
*
* \note Some ciphers don't use IVs nor NONCE. For these
* ciphers, this function has no effect.
@ -515,25 +551,21 @@ int cipher_set_iv( cipher_context_t *ctx,
*/
int cipher_reset( cipher_context_t *ctx );
#if defined(POLARSSL_CIPHER_MODE_AEAD)
#if defined(POLARSSL_GCM_C)
/**
* \brief Add additional data (for AEAD ciphers).
* This function has no effect for non-AEAD ciphers.
* For AEAD ciphers, it may or may not be called
* repeatedly, and/or interleaved with calls to
* cipher_udpate(), depending on the cipher.
* E.g. for GCM is must be called exactly once, right
* after cipher_reset().
* Currently only supported with GCM.
* Must be called exactly once, after cipher_reset().
*
* \param ctx generic cipher context
* \param ad Additional data to use.
* \param ad_len Length of ad.
*
* \returns 0 on success, or a specific error code.
* \return 0 on success, or a specific error code.
*/
int cipher_update_ad( cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len );
#endif /* POLARSSL_CIPHER_MODE_AEAD */
#endif /* POLARSSL_GCM_C */
/**
* \brief Generic cipher update function. Encrypts/decrypts
@ -564,8 +596,8 @@ int cipher_update_ad( cipher_context_t *ctx,
* function, except the last one before cipher_finish(),
* must have ilen a multiple of the block size.
*/
int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen );
int cipher_update( cipher_context_t *ctx, const unsigned char *input,
size_t ilen, unsigned char *output, size_t *olen );
/**
* \brief Generic cipher finalisation function. If data still
@ -587,10 +619,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ile
int cipher_finish( cipher_context_t *ctx,
unsigned char *output, size_t *olen );
#if defined(POLARSSL_CIPHER_MODE_AEAD)
#if defined(POLARSSL_GCM_C)
/**
* \brief Write tag for AEAD ciphers.
* No effect for other ciphers.
* Currently only supported with GCM.
* Must be called after cipher_finish().
*
* \param ctx Generic cipher context
@ -604,9 +636,8 @@ int cipher_write_tag( cipher_context_t *ctx,
/**
* \brief Check tag for AEAD ciphers.
* No effect for other ciphers.
* Calling time depends on the cipher:
* for GCM, must be called after cipher_finish().
* Currently only supported with GCM.
* Must be called after cipher_finish().
*
* \param ctx Generic cipher context
* \param tag Buffer holding the tag
@ -616,6 +647,103 @@ int cipher_write_tag( cipher_context_t *ctx,
*/
int cipher_check_tag( cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len );
#endif /* POLARSSL_GCM_C */
/**
* \brief Generic all-in-one encryption/decryption
* (for all ciphers except AEAD constructs).
*
* \param ctx generic cipher context
* \param iv IV to use (or NONCE_COUNTER for CTR-mode ciphers)
* \param iv_len IV length for ciphers with variable-size IV;
* discarded by ciphers with fixed-size IV.
* \param input buffer holding the input data
* \param ilen length of the input data
* \param output buffer for the output data. Should be able to hold at
* least ilen + block_size. Cannot be the same buffer as
* input!
* \param olen length of the output data, will be filled with the
* actual number of bytes written.
*
* \note Some ciphers don't use IVs nor NONCE. For these
* ciphers, use iv = NULL and iv_len = 0.
*
* \returns 0 on success, or
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA, or
* POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption
* expected a full block but was not provided one, or
* POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padding
* while decrypting, or
* a cipher specific error code.
*/
int cipher_crypt( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen );
#if defined(POLARSSL_CIPHER_MODE_AEAD)
/**
* \brief Generic autenticated encryption (AEAD ciphers).
*
* \param ctx generic cipher context
* \param iv IV to use (or NONCE_COUNTER for CTR-mode ciphers)
* \param iv_len IV length for ciphers with variable-size IV;
* discarded by ciphers with fixed-size IV.
* \param ad Additional data to authenticate.
* \param ad_len Length of ad.
* \param input buffer holding the input data
* \param ilen length of the input data
* \param output buffer for the output data.
* Should be able to hold at least ilen.
* \param olen length of the output data, will be filled with the
* actual number of bytes written.
* \param tag buffer for the authentication tag
* \param tag_len desired tag length
*
* \returns 0 on success, or
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA, or
* a cipher specific error code.
*/
int cipher_auth_encrypt( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen,
unsigned char *tag, size_t tag_len );
/**
* \brief Generic autenticated decryption (AEAD ciphers).
*
* \param ctx generic cipher context
* \param iv IV to use (or NONCE_COUNTER for CTR-mode ciphers)
* \param iv_len IV length for ciphers with variable-size IV;
* discarded by ciphers with fixed-size IV.
* \param ad Additional data to be authenticated.
* \param ad_len Length of ad.
* \param input buffer holding the input data
* \param ilen length of the input data
* \param output buffer for the output data.
* Should be able to hold at least ilen.
* \param olen length of the output data, will be filled with the
* actual number of bytes written.
* \param tag buffer holding the authentication tag
* \param tag_len length of the authentication tag
*
* \returns 0 on success, or
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA, or
* POLARSSL_ERR_CIPHER_AUTH_FAILED if data isn't authentic,
* or a cipher specific error code.
*
* \note If the data is not authentic, then the output buffer
* is zeroed out to prevent the unauthentic plaintext to
* be used by mistake, making this interface safer.
*/
int cipher_auth_decrypt( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen,
const unsigned char *tag, size_t tag_len );
#endif /* POLARSSL_CIPHER_MODE_AEAD */
/**

View File

@ -1,6 +1,6 @@
/**
* \file cipher_wrap.h
*
*
* \brief Cipher wrappers.
*
* \author Adriaan de Jong <dejong@fox-it.com>
@ -29,7 +29,11 @@
#ifndef POLARSSL_CIPHER_WRAP_H
#define POLARSSL_CIPHER_WRAP_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "cipher.h"
#ifdef __cplusplus

View File

@ -27,7 +27,11 @@
#ifndef POLARSSL_COMPAT_1_2_H
#define POLARSSL_COMPAT_1_2_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
// Comment out to disable prototype change warnings
#define SHOW_PROTOTYPE_CHANGE_WARNINGS
@ -167,7 +171,7 @@ static inline int sha4_self_test( int verbose ) {
#warning "rsa_pkcs1_verify() prototype changed. Manual change required if used"
#warning "rsa_pkcs1_decrypt() prototype changed. Manual change required if used"
#endif
#endif
#endif /* POLARSSL_RSA_C */
#if defined(POLARSSL_DHM_C)
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)

View File

@ -3,7 +3,7 @@
*
* \brief Configuration options (set of defines)
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -113,6 +113,60 @@
* Comment if your system does not support the IPv6 socket interface
*/
#define POLARSSL_HAVE_IPV6
/**
* \def POLARSSL_PLATFORM_MEMORY
*
* Enable the memory allocation layer.
*
* By default PolarSSL uses the system-provided malloc() and free().
* This allows different allocators (self-implemented or provided) to be
* provided to the platform abstraction layer.
*
* Enabling POLARSSL_PLATFORM_MEMORY will provide "platform_set_malloc_free()"
* to allow you to set an alternative malloc() and free() function pointer.
*
* Requires: POLARSSL_PLATFORM_C
*
* Enable this layer to allow use of alternative memory allocators.
*/
//#define POLARSSL_PLATFORM_MEMORY
/**
* \def POLARSSL_PLATFORM_NO_STD_FUNCTIONS
*
* Do not assign standard functions in the platform layer (e.g. malloc() to
* POLARSSL_PLATFORM_STD_MALLOC and printf() to POLARSSL_PLATFORM_STD_PRINTF)
*
* This makes sure there are no linking errors on platforms that do not support
* these functions. You will HAVE to provide alternatives, either at runtime
* via the platform_set_xxx() functions or at compile time by setting
* the POLARSSL_PLATFORM_STD_XXX defines.
*
* Requires: POLARSSL_PLATFORM_C
*
* Uncomment to prevent default assignment of standard functions in the
* platform layer.
*/
//#define POLARSSL_PLATFORM_NO_STD_FUNCTIONS
/**
* \def POLARSSL_PLATFORM_XXX_ALT
*
* Uncomment a macro to let PolarSSL support the function in the platform
* abstraction layer.
*
* Example: In case you uncomment POLARSSL_PLATFORM_PRINTF_ALT, PolarSSL will
* provide a function "platform_set_printf()" that allows you to set an
* alternative printf function pointer.
*
* All these define require POLARSSL_PLATFORM_C to be defined!
*
* Uncomment a macro to enable alternate implementation of specific base
* platform function
*/
//#define POLARSSL_PLATFORM_PRINTF_ALT
//#define POLARSSL_PLATFORM_FPRINTF_ALT
/* \} name SECTION: System support */
/**
@ -123,6 +177,19 @@
* \{
*/
/**
* \def POLARSSL_TIMING_ALT
*
* Uncomment to provide your own alternate implementation for hardclock(),
* get_timer(), set_alarm() and m_sleep().
*
* Only works if you have POLARSSL_TIMING_C enabled.
*
* You will need to provide a header "timing_alt.h" and an implementation at
* compile time.
*/
//#define POLARSSL_TIMING_ALT
/**
* \def POLARSSL_XXX_ALT
*
@ -214,8 +281,8 @@
* TLS_PSK_WITH_NULL_SHA
*
* Uncomment this macro to enable the NULL cipher and ciphersuites
#define POLARSSL_CIPHER_NULL_CIPHER
*/
//#define POLARSSL_CIPHER_NULL_CIPHER
/**
* \def POLARSSL_CIPHER_PADDING_XXX
@ -244,8 +311,21 @@
* TLS_DHE_RSA_WITH_DES_CBC_SHA
*
* Uncomment this macro to enable weak ciphersuites
#define POLARSSL_ENABLE_WEAK_CIPHERSUITES
*/
//#define POLARSSL_ENABLE_WEAK_CIPHERSUITES
/**
* \def POLARSSL_REMOVE_ARC4_CIPHERSUITES
*
* Remove RC4 ciphersuites by default in SSL / TLS.
* This flag removes the ciphersuites based on RC4 from the default list as
* returned by ssl_list_ciphersuites(). However, it is still possible to
* enable (some of) them with ssl_set_ciphersuites() by including them
* explicitly.
*
* Uncomment this macro to remove RC4 ciphersuites by default.
*/
//#define POLARSSL_REMOVE_ARC4_CIPHERSUITES
/**
* \def POLARSSL_ECP_XXXX_ENABLED
@ -290,7 +370,7 @@
* may result in a compromise of the long-term signing key. This is avoided by
* the deterministic variant.
*
* Requires: POLARSSL_MD_C
* Requires: POLARSSL_HMAC_DRBG_C
*
* Comment this macro to disable deterministic ECDSA.
*/
@ -538,12 +618,29 @@
*/
#define POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
/**
* \def POLARSSL_PK_PARSE_EC_EXTENDED
*
* Enhance support for reading EC keys using variants of SEC1 not allowed by
* RFC 5915 and RFC 5480.
*
* Currently this means parsing the SpecifiedECDomain choice of EC
* parameters (only known groups are supported, not arbitrary domains, to
* avoid validation issues).
*
* Disable if you only need to support RFC 5915 + 5480 key formats.
*/
#define POLARSSL_PK_PARSE_EC_EXTENDED
/**
* \def POLARSSL_ERROR_STRERROR_BC
*
* Make available the backward compatible error_strerror() next to the
* current polarssl_strerror().
*
* For new code, it is recommended to use polarssl_strerror() instead and
* disable this.
*
* Disable if you run into name conflicts and want to really remove the
* error_strerror()
*/
@ -553,7 +650,11 @@
* \def POLARSSL_ERROR_STRERROR_DUMMY
*
* Enable a dummy error function to make use of polarssl_strerror() in
* third party libraries easier.
* third party libraries easier when POLARSSL_ERROR_C is disabled
* (no effect when POLARSSL_ERROR_C is enabled).
*
* You can safely disable this if POLARSSL_ERROR_C is enabled, or if you're
* not using polarssl_strerror() or error_strerror() in your application.
*
* Disable if you run into name conflicts and want to really remove the
* polarssl_strerror()
@ -582,7 +683,7 @@
* Do not add default entropy sources. These are the platform specific,
* hardclock and HAVEGE based poll functions.
*
* This is useful to have more control over the added entropy sources in an
* This is useful to have more control over the added entropy sources in an
* application.
*
* Uncomment this macro to prevent loading of default entropy functions.
@ -600,6 +701,22 @@
*/
//#define POLARSSL_NO_PLATFORM_ENTROPY
/**
* \def POLARSSL_ENTROPY_FORCE_SHA256
*
* Force the entropy accumulator to use a SHA-256 accumulator instead of the
* default SHA-512 based one (if both are available).
*
* Requires: POLARSSL_SHA256_C
*
* On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
* if you have performance concerns.
*
* This option is only useful if both POLARSSL_SHA256_C and
* POLARSSL_SHA512_C are defined. Otherwise the available hash module is used.
*/
//#define POLARSSL_ENTROPY_FORCE_SHA256
/**
* \def POLARSSL_MEMORY_DEBUG
*
@ -608,7 +725,6 @@
* function for 'debug output' of allocated memory.
*
* Requires: POLARSSL_MEMORY_BUFFER_ALLOC_C
* fprintf()
*
* Uncomment this macro to let the buffer allocator print out error messages.
*/
@ -782,6 +898,16 @@
*/
#define POLARSSL_SSL_PROTO_TLS1_2
/**
* \def POLARSSL_SSL_ALPN
*
* Enable support for Application Layer Protocol Negotiation.
* draft-ietf-tls-applayerprotoneg-05
*
* Comment this macro to disable support for ALPN.
*/
#define POLARSSL_SSL_ALPN
/**
* \def POLARSSL_SSL_SESSION_TICKETS
*
@ -813,6 +939,20 @@
*/
#define POLARSSL_SSL_TRUNCATED_HMAC
/**
* \def POLARSSL_SSL_SET_CURVES
*
* Enable ssl_set_curves().
*
* This is disabled by default since it breaks binary compatibility with the
* 1.3.x line. If you choose to enable it, you will need to rebuild your
* application against the new header files, relinking will not be enough.
* It will be enabled by default, or no longer an option, in the 1.4 branch.
*
* Uncomment to make ssl_set_curves() available.
*/
//#define POLARSSL_SSL_SET_CURVES
/**
* \def POLARSSL_THREADING_ALT
*
@ -835,6 +975,19 @@
*/
//#define POLARSSL_THREADING_PTHREAD
/**
* \def POLARSSL_VERSION_FEATURES
*
* Allow run-time checking of compile-time enabled features. Thus allowing users
* to check at run-time if the library is for instance compiled with threading
* support via version_check_feature().
*
* Requires: POLARSSL_VERSION_C
*
* Comment this to disable run-time checking and save ROM space
*/
#define POLARSSL_VERSION_FEATURES
/**
* \def POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
*
@ -855,12 +1008,53 @@
*/
//#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
/**
* \def POLARSSL_X509_CHECK_KEY_USAGE
*
* Enable verification of the keyUsage extension (CA and leaf certificates).
*
* Disabling this avoids problems with mis-issued and/or misused
* (intermediate) CA and leaf certificates.
*
* \warning Depending on your PKI use, disabling this can be a security risk!
*
* Comment to skip keyUsage checking for both CA and leaf certificates.
*/
#define POLARSSL_X509_CHECK_KEY_USAGE
/**
* \def POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
*
* Enable verification of the extendedKeyUsage extension (leaf certificates).
*
* Disabling this avoids problems with mis-issued and/or misused certificates.
*
* \warning Depending on your PKI use, disabling this can be a security risk!
*
* Comment to skip extendedKeyUsage checking for certificates.
*/
#define POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
/**
* \def POLARSSL_X509_RSASSA_PSS_SUPPORT
*
* Enable parsing and verification of X.509 certificates, CRLs and CSRS
* signed with RSASSA-PSS (aka PKCS#1 v2.1).
*
* Comment this macro to disallow using RSASSA-PSS in certificates.
*/
#define POLARSSL_X509_RSASSA_PSS_SUPPORT
/**
* \def POLARSSL_ZLIB_SUPPORT
*
* If set, the SSL/TLS module uses ZLIB to support compression and
* decompression of packet data.
*
* \warning TLS-level compression MAY REDUCE SECURITY! See for example the
* CRIME attack. Before enabling this option, you should examine with care if
* CRIME or similar exploits may be a applicable to your use case.
*
* Used in: library/ssl_tls.c
* library/ssl_cli.c
* library/ssl_srv.c
@ -1039,10 +1233,11 @@
* Module: library/bignum.c
* Caller: library/dhm.c
* library/ecp.c
* library/ecdsa.c
* library/rsa.c
* library/ssl_tls.c
*
* This module is required for RSA and DHM support.
* This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
*/
#define POLARSSL_BIGNUM_C
@ -1110,6 +1305,20 @@
*/
#define POLARSSL_CAMELLIA_C
/**
* \def POLARSSL_CCM_C
*
* Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
*
* Module: library/ccm.c
*
* Requires: POLARSSL_AES_C or POLARSSL_CAMELLIA_C
*
* This module enables the AES-CCM ciphersuites, if other requisites are
* enabled as well.
*/
#define POLARSSL_CCM_C
/**
* \def POLARSSL_CERTS_C
*
@ -1256,7 +1465,7 @@
* Module: library/entropy.c
* Caller:
*
* Requires: POLARSSL_SHA512_C
* Requires: POLARSSL_SHA512_C or POLARSSL_SHA256_C
*
* This module provides a generic entropy pool
*/
@ -1270,7 +1479,7 @@
* Module: library/error.c
* Caller:
*
* This module enables err_strerror().
* This module enables polarssl_strerror().
*/
#define POLARSSL_ERROR_C
@ -1311,6 +1520,20 @@
*/
//#define POLARSSL_HAVEGE_C
/**
* \def POLARSSL_HMAC_DRBG_C
*
* Enable the HMAC_DRBG random generator.
*
* Module: library/hmac_drbg.c
* Caller:
*
* Requires: POLARSSL_MD_C
*
* Uncomment to enable the HMAC_DRBG random number geerator.
*/
#define POLARSSL_HMAC_DRBG_C
/**
* \def POLARSSL_MD_C
*
@ -1364,15 +1587,7 @@
/**
* \def POLARSSL_MEMORY_C
*
* Enable the memory allocation layer.
* By default PolarSSL uses the system-provided malloc() and free().
* (As long as POLARSSL_MEMORY_STDMALLOC and POLARSSL_MEMORY_STDFREE
* are defined and unmodified)
*
* This allows different allocators (self-implemented or provided)
*
* Enable this layer to allow use of alternative memory allocators.
* Deprecated since 1.3.5. Please use POLARSSL_PLATFORM_MEMORY instead.
*/
//#define POLARSSL_MEMORY_C
@ -1385,7 +1600,8 @@
*
* Module: library/memory_buffer_alloc.c
*
* Requires: POLARSSL_MEMORY_C
* Requires: POLARSSL_PLATFORM_C
* POLARSSL_PLATFORM_MEMORY (to use it within PolarSSL)
*
* Enable this module to enable the buffer memory allocator.
*/
@ -1576,6 +1792,19 @@
*/
#define POLARSSL_PKCS12_C
/**
* \def POLARSSL_PLATFORM_C
*
* Enable the platform abstraction layer that allows you to re-assign
* functions like malloc(), free(), printf(), fprintf()
*
* Module: library/platform.c
* Caller: Most other .c files
*
* This module enables abstraction of common (libc) functions.
*/
#define POLARSSL_PLATFORM_C
/**
* \def POLARSSL_RIPEMD160_C
*
@ -1873,329 +2102,79 @@
* This section allows for the setting of module specific sizes and
* configuration options. The default values are already present in the
* relevant header files and should suffice for the regular use cases.
* Our advice is to enable POLARSSL_CONFIG_OPTIONS and change values here
* only if you have a good reason and know the consequences.
*
* If POLARSSL_CONFIG_OPTIONS is undefined here the options in the module
* header file take precedence.
* Our advice is to enable options and change their values here
* only if you have a good reason and know the consequences.
*
* Please check the respective header file for documentation on these
* parameters (to prevent duplicate documentation).
*
* Uncomment POLARSSL_CONFIG_OPTIONS to enable using the values defined here.
* \{
*/
//#define POLARSSL_CONFIG_OPTIONS /**< Enable config.h module value configuration */
#if defined(POLARSSL_CONFIG_OPTIONS)
/* MPI / BIGNUM options */
//#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
//#define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */
// MPI / BIGNUM options
//
#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
#define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */
/* CTR_DRBG options */
//#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
//#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
//#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
//#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
//#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
// CTR_DRBG options
//
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
/* HMAC_DRBG options */
//#define POLARSSL_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
//#define POLARSSL_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
//#define POLARSSL_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
//#define POLARSSL_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
// ECP options
//
#define POLARSSL_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
#define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
#define POLARSSL_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
/* ECP options */
//#define POLARSSL_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
//#define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
//#define POLARSSL_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
// Entropy options
//
#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
/* Entropy options */
//#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
//#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
// Memory options
#define MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
#define POLARSSL_MEMORY_STDMALLOC malloc /**< Default allocator to use, can be undefined */
#define POLARSSL_MEMORY_STDFREE free /**< Default free to use, can be undefined */
/* Memory buffer allocator options */
//#define POLARSSL_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
// SSL Cache options
//
#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
/* Platform options */
//#define POLARSSL_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if POLARSSL_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
//#define POLARSSL_PLATFORM_STD_MALLOC malloc /**< Default allocator to use, can be undefined */
//#define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
//#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
//#define POLARSSL_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
// SSL options
//
#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */
#define SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
/* SSL Cache options */
//#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
//#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
#endif /* POLARSSL_CONFIG_OPTIONS */
/* SSL options */
//#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */
//#define SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
//#define POLARSSL_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
/* \} name */
/*
* Sanity checks on defines and dependencies
/**
* Complete list of ciphersuites to use, in order of preference.
*
* \warning No dependency checking is done on that field! This option can only
* be used to restrict the set of available ciphersuites. It is your
* responsibility to make sure the needed modules are active.
*
* Use this to save a few hundred bytes of ROM (default ordering of all
* available ciphersuites) and a few to a few hundred bytes of RAM.
*
* The value below is only an example, not the default.
*/
#if defined(POLARSSL_AESNI_C) && !defined(POLARSSL_HAVE_ASM)
#error "POLARSSL_AESNI_C defined, but not all prerequisites"
#endif
//#define SSL_CIPHERSUITES TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
#if defined(POLARSSL_CERTS_C) && !defined(POLARSSL_PEM_PARSE_C)
#error "POLARSSL_CERTS_C defined, but not all prerequisites"
#endif
/* Debug options */
//#define POLARSSL_DEBUG_DFL_MODE POLARSSL_DEBUG_LOG_FULL /**< Default log: Full or Raw */
#if defined(POLARSSL_CTR_DRBG_C) && !defined(POLARSSL_AES_C)
#error "POLARSSL_CTR_DRBG_C defined, but not all prerequisites"
#endif
/* \} name SECTION: Module configuration options */
#if defined(POLARSSL_DHM_C) && !defined(POLARSSL_BIGNUM_C)
#error "POLARSSL_DHM_C defined, but not all prerequisites"
#endif
#include "check_config.h"
#if defined(POLARSSL_ECDH_C) && !defined(POLARSSL_ECP_C)
#error "POLARSSL_ECDH_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ECDSA_C) && \
( !defined(POLARSSL_ECP_C) || \
!defined(POLARSSL_ASN1_PARSE_C) || \
!defined(POLARSSL_ASN1_WRITE_C) )
#error "POLARSSL_ECDSA_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ECDSA_DETERMINISTIC) && !defined(POLARSSL_MD_C)
#error "POLARSSL_ECDSA_DETERMINISTIC defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ECP_C) && ( !defined(POLARSSL_BIGNUM_C) || ( \
!defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_BP256R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_BP384R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_BP512R1_ENABLED) ) )
#error "POLARSSL_ECP_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ENTROPY_C) && (!defined(POLARSSL_SHA512_C) && \
!defined(POLARSSL_SHA256_C))
#error "POLARSSL_ENTROPY_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SHA512_C) && \
defined(POLARSSL_CONFIG_OPTIONS) && (CTR_DRBG_ENTROPY_LEN > 64)
#error "CTR_DRBG_ENTROPY_LEN value too high"
#endif
#if defined(POLARSSL_ENTROPY_C) && !defined(POLARSSL_SHA512_C) && \
defined(POLARSSL_CONFIG_OPTIONS) && (CTR_DRBG_ENTROPY_LEN > 32)
#error "CTR_DRBG_ENTROPY_LEN value too high"
#endif
#if defined(POLARSSL_GCM_C) && ( \
!defined(POLARSSL_AES_C) && !defined(POLARSSL_CAMELLIA_C) )
#error "POLARSSL_GCM_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_HAVEGE_C) && !defined(POLARSSL_TIMING_C)
#error "POLARSSL_HAVEGE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(POLARSSL_DHM_C)
#error "POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \
!defined(POLARSSL_ECDH_C)
#error "POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
( !defined(POLARSSL_DHM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_ECDSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\
!defined(POLARSSL_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\
!defined(POLARSSL_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) && !defined(POLARSSL_MEMORY_C)
#error "POLARSSL_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PADLOCK_C) && !defined(POLARSSL_HAVE_ASM)
#error "POLARSSL_PADLOCK_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PBKDF2_C) && !defined(POLARSSL_MD_C)
#error "POLARSSL_PBKDF2_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PEM_PARSE_C) && !defined(POLARSSL_BASE64_C)
#error "POLARSSL_PEM_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PEM_WRITE_C) && !defined(POLARSSL_BASE64_C)
#error "POLARSSL_PEM_WRITE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PK_PARSE_C) && !defined(POLARSSL_PK_C)
#error "POLARSSL_PK_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PK_WRITE_C) && !defined(POLARSSL_PK_C)
#error "POLARSSL_PK_WRITE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PKCS11_C) && !defined(POLARSSL_PK_C)
#error "POLARSSL_PKCS11_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_RSA_C) && ( !defined(POLARSSL_BIGNUM_C) || \
!defined(POLARSSL_OID_C) )
#error "POLARSSL_RSA_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_SSL3) && ( !defined(POLARSSL_MD5_C) || \
!defined(POLARSSL_SHA1_C) )
#error "POLARSSL_SSL_PROTO_SSL3 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_TLS1) && ( !defined(POLARSSL_MD5_C) || \
!defined(POLARSSL_SHA1_C) )
#error "POLARSSL_SSL_PROTO_TLS1 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_TLS1_1) && ( !defined(POLARSSL_MD5_C) || \
!defined(POLARSSL_SHA1_C) )
#error "POLARSSL_SSL_PROTO_TLS1_1 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_TLS1_2) && ( !defined(POLARSSL_SHA1_C) && \
!defined(POLARSSL_SHA256_C) && !defined(POLARSSL_SHA512_C) )
#error "POLARSSL_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_CLI_C) && !defined(POLARSSL_SSL_TLS_C)
#error "POLARSSL_SSL_CLI_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_TLS_C) && ( !defined(POLARSSL_CIPHER_C) || \
!defined(POLARSSL_MD_C) )
#error "POLARSSL_SSL_TLS_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_SRV_C) && !defined(POLARSSL_SSL_TLS_C)
#error "POLARSSL_SSL_SRV_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_TLS_C) && (!defined(POLARSSL_SSL_PROTO_SSL3) && \
!defined(POLARSSL_SSL_PROTO_TLS1) && !defined(POLARSSL_SSL_PROTO_TLS1_1) && \
!defined(POLARSSL_SSL_PROTO_TLS1_2))
#error "POLARSSL_SSL_TLS_C defined, but no protocols are active"
#endif
#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \
defined(POLARSSL_SSL_PROTO_TLS1_1) && !defined(POLARSSL_SSL_PROTO_TLS1))
#error "Illegal protocol selection"
#endif
#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_TLS1) && \
defined(POLARSSL_SSL_PROTO_TLS1_2) && !defined(POLARSSL_SSL_PROTO_TLS1_1))
#error "Illegal protocol selection"
#endif
#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \
defined(POLARSSL_SSL_PROTO_TLS1_2) && (!defined(POLARSSL_SSL_PROTO_TLS1) || \
!defined(POLARSSL_SSL_PROTO_TLS1_1)))
#error "Illegal protocol selection"
#endif
#if defined(POLARSSL_SSL_SESSION_TICKETS) && defined(POLARSSL_SSL_TLS_C) && \
( !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_CIPHER_MODE_CBC) )
#error "POLARSSL_SSL_SESSION_TICKETS_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_THREADING_PTHREAD)
#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL)
#error "POLARSSL_THREADING_PTHREAD defined, but not all prerequisites"
#endif
#define POLARSSL_THREADING_IMPL
#endif
#if defined(POLARSSL_THREADING_ALT)
#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL)
#error "POLARSSL_THREADING_ALT defined, but not all prerequisites"
#endif
#define POLARSSL_THREADING_IMPL
#endif
#if defined(POLARSSL_THREADING_C) && !defined(POLARSSL_THREADING_IMPL)
#error "POLARSSL_THREADING_C defined, single threading implementation required"
#endif
#undef POLARSSL_THREADING_IMPL
#if defined(POLARSSL_X509_USE_C) && ( !defined(POLARSSL_BIGNUM_C) || \
!defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_PARSE_C) || \
!defined(POLARSSL_PK_PARSE_C) )
#error "POLARSSL_X509_USE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CREATE_C) && ( !defined(POLARSSL_BIGNUM_C) || \
!defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_WRITE_C) || \
!defined(POLARSSL_PK_WRITE_C) )
#error "POLARSSL_X509_CREATE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
#error "POLARSSL_X509_CRT_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CRL_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
#error "POLARSSL_X509_CRL_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CSR_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
#error "POLARSSL_X509_CSR_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CRT_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) )
#error "POLARSSL_X509_CRT_WRITE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CSR_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) )
#error "POLARSSL_X509_CSR_WRITE_C defined, but not all prerequisites"
#endif
#endif /* config.h */
#endif /* POLARSSL_CONFIG_H */

View File

@ -3,7 +3,7 @@
*
* \brief CTR_DRBG based on AES-256 (NIST SP 800-90)
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -42,17 +42,39 @@
#define CTR_DRBG_SEEDLEN ( CTR_DRBG_KEYSIZE + CTR_DRBG_BLOCKSIZE )
/**< The seed length (counter + AES key) */
#if !defined(POLARSSL_CONFIG_OPTIONS)
#if defined(POLARSSL_SHA512_C)
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(CTR_DRBG_ENTROPY_LEN)
#if defined(POLARSSL_SHA512_C) && !defined(POLARSSL_ENTROPY_FORCE_SHA256)
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
#else
#define CTR_DRBG_ENTROPY_LEN 32 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
#endif
#endif
#if !defined(CTR_DRBG_RESEED_INTERVAL)
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
#endif
#if !defined(CTR_DRBG_MAX_INPUT)
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
#endif
#if !defined(CTR_DRBG_MAX_REQUEST)
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
#endif
#if !defined(CTR_DRBG_MAX_SEED_INPUT)
#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
#endif /* !POLARSSL_CONFIG_OPTIONS */
#endif
/* \} name SECTION: Module settings */
#define CTR_DRBG_PR_OFF 0 /**< No prediction resistance */
#define CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */
@ -69,8 +91,9 @@ typedef struct
unsigned char counter[16]; /*!< counter (V) */
int reseed_counter; /*!< reseed counter */
int prediction_resistance; /*!< enable prediction resistance (Automatic
reseed before every random generation) */
size_t entropy_len; /*!< amount of entropy grabbed on each (re)seed */
reseed before every random generation) */
size_t entropy_len; /*!< amount of entropy grabbed on each
(re)seed */
int reseed_interval; /*!< reseed interval */
aes_context aes_ctx; /*!< AES context */
@ -86,7 +109,7 @@ ctr_drbg_context;
/**
* \brief CTR_DRBG initialization
*
*
* Note: Personalization data can be provided in addition to the more generic
* entropy source to make this instantiation as unique as possible.
*
@ -107,6 +130,13 @@ int ctr_drbg_init( ctr_drbg_context *ctx,
const unsigned char *custom,
size_t len );
/**
* \brief Clear CTR_CRBG context data
*
* \param ctx CTR_DRBG context to clear
*/
void ctr_drbg_free( ctr_drbg_context *ctx );
/**
* \brief Enable / disable prediction resistance (Default: Off)
*
@ -141,7 +171,7 @@ void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx,
/**
* \brief CTR_DRBG reseeding (extracts data from entropy source)
*
*
* \param ctx CTR_DRBG context
* \param additional Additional data to add to state (Can be NULL)
* \param len Length of additional data
@ -204,7 +234,8 @@ int ctr_drbg_random( void *p_rng,
* \param ctx CTR_DRBG context
* \param path Name of the file
*
* \return 0 if successful, 1 on file error, or
* \return 0 if successful,
* POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR on file error, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
*/
int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path );
@ -216,12 +247,13 @@ int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path );
* \param ctx CTR_DRBG context
* \param path Name of the file
*
* \return 0 if successful, 1 on file error,
* \return 0 if successful,
* POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR on file error,
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
* POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG
*/
int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path );
#endif
#endif /* POLARSSL_FS_IO */
/**
* \brief Checkup routine
@ -231,7 +263,9 @@ int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path );
int ctr_drbg_self_test( int verbose );
/* Internal functions (do not call directly) */
int ctr_drbg_init_entropy_len( ctr_drbg_context *, int (*)(void *, unsigned char *, size_t), void *, const unsigned char *, size_t, size_t );
int ctr_drbg_init_entropy_len( ctr_drbg_context *,
int (*)(void *, unsigned char *, size_t), void *,
const unsigned char *, size_t, size_t );
#ifdef __cplusplus
}

View File

@ -27,7 +27,11 @@
#ifndef POLARSSL_DEBUG_H
#define POLARSSL_DEBUG_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "ssl.h"
#if defined(POLARSSL_ECP_C)
#include "ecp.h"
@ -35,6 +39,24 @@
#if defined(POLARSSL_DEBUG_C)
#define POLARSSL_DEBUG_LOG_FULL 0 /**< Include file:line in log lines */
#define POLARSSL_DEBUG_LOG_RAW 1 /**< Only log raw debug lines */
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(POLARSSL_DEBUG_DFL_MODE)
#define POLARSSL_DEBUG_DFL_MODE POLARSSL_DEBUG_LOG_FULL /**< Default log: Full or Raw */
#endif
/* \} name SECTION: Module settings */
#define SSL_DEBUG_MSG( level, args ) \
debug_print_msg( ssl, level, __FILE__, __LINE__, debug_fmt args );
@ -59,7 +81,7 @@
debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt );
#endif
#else
#else /* POLARSSL_DEBUG_C */
#define SSL_DEBUG_MSG( level, args ) do { } while( 0 )
#define SSL_DEBUG_RET( level, text, ret ) do { } while( 0 )
@ -68,12 +90,30 @@
#define SSL_DEBUG_ECP( level, text, X ) do { } while( 0 )
#define SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )
#endif
#endif /* POLARSSL_DEBUG_C */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Set the log mode for the debug functions globally
* (Default value: POLARSSL_DEBUG_DFL_MODE)
*
* \param log_mode The log mode to use (POLARSSL_DEBUG_LOG_FULL or
* POLARSSL_DEBUG_LOG_RAW)
*/
void debug_set_log_mode( int log_mode );
/**
* \brief Set the level threshold to handle globally. Messages that have a
* level over the threshold value are ignored.
* (Default value: 0 (No debug))
*
* \param threshold maximum level of messages to pass on
*/
void debug_set_threshold( int threshold );
char *debug_fmt( const char *format, ... );
void debug_print_msg( const ssl_context *ssl, int level,

View File

@ -3,7 +3,7 @@
*
* \brief DES block cipher
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_DES_H
#define POLARSSL_DES_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -73,6 +77,34 @@ typedef struct
}
des3_context;
/**
* \brief Initialize DES context
*
* \param ctx DES context to be initialized
*/
void des_init( des_context *ctx );
/**
* \brief Clear DES context
*
* \param ctx DES context to be cleared
*/
void des_free( des_context *ctx );
/**
* \brief Initialize Triple-DES context
*
* \param ctx DES3 context to be initialized
*/
void des3_init( des3_context *ctx );
/**
* \brief Clear Triple-DES context
*
* \param ctx DES3 context to be cleared
*/
void des3_free( des3_context *ctx );
/**
* \brief Set key parity on the given key to odd.
*
@ -132,7 +164,8 @@ int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] );
*
* \return 0
*/
int des3_set2key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] );
int des3_set2key_enc( des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 2] );
/**
* \brief Triple-DES key schedule (112-bit, decryption)
@ -142,7 +175,8 @@ int des3_set2key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE *
*
* \return 0
*/
int des3_set2key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] );
int des3_set2key_dec( des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 2] );
/**
* \brief Triple-DES key schedule (168-bit, encryption)
@ -152,7 +186,8 @@ int des3_set2key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE *
*
* \return 0
*/
int des3_set3key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] );
int des3_set3key_enc( des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 3] );
/**
* \brief Triple-DES key schedule (168-bit, decryption)
@ -162,7 +197,8 @@ int des3_set3key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE *
*
* \return 0
*/
int des3_set3key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] );
int des3_set3key_dec( des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 3] );
/**
* \brief DES-ECB block encryption/decryption

View File

@ -43,6 +43,8 @@
#define POLARSSL_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read/write of file failed. */
/**
* RFC 2409 defines a number of standardized Diffie-Hellman groups
* that can be used.
* RFC 3526 defines a number of standardized Diffie-Hellman groups
* for IKE.
* RFC 5114 defines a number of standardized Diffie-Hellman groups
@ -51,11 +53,22 @@
* Some are included here for convenience.
*
* Included are:
* RFC 2409 6.2. 1024-bit MODP Group (Second Oakley Group)
* RFC 3526 3. 2048-bit MODP Group
* RFC 3526 4. 3072-bit MODP Group
* RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup
* RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup
*/
#define POLARSSL_DHM_RFC2409_MODP_1024_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
"E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" \
"FFFFFFFFFFFFFFFF"
#define POLARSSL_DHM_RFC2409_MODP_1024_G "02"
#define POLARSSL_DHM_RFC3526_MODP_2048_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
@ -156,6 +169,13 @@ typedef struct
}
dhm_context;
/**
* \brief Initialize DHM context
*
* \param ctx DHM context to be initialized
*/
void dhm_init( dhm_context *ctx );
/**
* \brief Parse the ServerKeyExchange parameters
*
@ -224,7 +244,8 @@ int dhm_make_public( dhm_context *ctx, int x_size,
*
* \param ctx DHM context
* \param output destination buffer
* \param olen number of chars written
* \param olen on entry, must hold the size of the destination buffer
* on exit, holds the actual number of bytes written
* \param f_rng RNG function, for blinding purposes
* \param p_rng RNG parameter
*
@ -242,7 +263,9 @@ int dhm_calc_secret( dhm_context *ctx,
void *p_rng );
/**
* \brief Free the components of a DHM key
* \brief Free and clear the components of a DHM key
*
* \param ctx DHM context to free and clear
*/
void dhm_free( dhm_context *ctx );
@ -285,4 +308,4 @@ int dhm_self_test( int verbose );
}
#endif
#endif
#endif /* dhm.h */

View File

@ -47,23 +47,24 @@ typedef enum
*/
typedef struct
{
ecp_group grp; /*!< ellipitic curve used */
mpi d; /*!< our secret value */
ecp_point Q; /*!< our public value */
ecp_point Qp; /*!< peer's public value */
mpi z; /*!< shared secret */
int point_format; /*!< format for point export */
ecp_point Vi; /*!< blinding value (for later) */
ecp_point Vf; /*!< un-blinding value (for later) */
mpi _d; /*!< previous d */
ecp_group grp; /*!< elliptic curve used */
mpi d; /*!< our secret value (private key) */
ecp_point Q; /*!< our public value (public key) */
ecp_point Qp; /*!< peer's public value (public key) */
mpi z; /*!< shared secret */
int point_format; /*!< format for point export in TLS messages */
ecp_point Vi; /*!< blinding value (for later) */
ecp_point Vf; /*!< un-blinding value (for later) */
mpi _d; /*!< previous d (for later) */
}
ecdh_context;
/**
* \brief Generate a public key
* \brief Generate a public key.
* Raw function that only does the core computation.
*
* \param grp ECP group
* \param d Destination MPI (secret exponent)
* \param d Destination MPI (secret exponent, aka private key)
* \param Q Destination point (public key)
* \param f_rng RNG function
* \param p_rng RNG parameter
@ -77,11 +78,12 @@ int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q,
/**
* \brief Compute shared secret
* Raw function that only does the core computation.
*
* \param grp ECP group
* \param z Destination MPI (shared secret)
* \param Q Public key from other party
* \param d Our secret exponent
* \param d Our secret exponent (private key)
* \param f_rng RNG function (see notes)
* \param p_rng RNG parameter
*
@ -112,7 +114,8 @@ void ecdh_init( ecdh_context *ctx );
void ecdh_free( ecdh_context *ctx );
/**
* \brief Setup and write the ServerKeyExhange parameters
* \brief Generate a public key and a TLS ServerKeyExchange payload.
* (First function used by a TLS server for ECDHE.)
*
* \param ctx ECDH context
* \param olen number of chars written
@ -132,7 +135,8 @@ int ecdh_make_params( ecdh_context *ctx, size_t *olen,
void *p_rng );
/**
* \brief Parse the ServerKeyExhange parameters
* \brief Parse and procress a TLS ServerKeyExhange payload.
* (First function used by a TLS client for ECDHE.)
*
* \param ctx ECDH context
* \param buf pointer to start of input buffer
@ -144,7 +148,10 @@ int ecdh_read_params( ecdh_context *ctx,
const unsigned char **buf, const unsigned char *end );
/**
* \brief Setup an ECDH context from an EC key
* \brief Setup an ECDH context from an EC key.
* (Used by clients and servers in place of the
* ServerKeyEchange for static ECDH: import ECDH parameters
* from a certificate's EC key information.)
*
* \param ctx ECDH constext to set
* \param key EC key to use
@ -156,7 +163,8 @@ int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key,
ecdh_side side );
/**
* \brief Setup and export the client's public value
* \brief Generate a public key and a TLS ClientKeyExchange payload.
* (Second function used by a TLS client for ECDH(E).)
*
* \param ctx ECDH context
* \param olen number of bytes actually written
@ -173,7 +181,8 @@ int ecdh_make_public( ecdh_context *ctx, size_t *olen,
void *p_rng );
/**
* \brief Parse and import the client's public value
* \brief Parse and process a TLS ClientKeyExchange payload.
* (Second function used by a TLS server for ECDH(E).)
*
* \param ctx ECDH context
* \param buf start of input buffer
@ -185,7 +194,8 @@ int ecdh_read_public( ecdh_context *ctx,
const unsigned char *buf, size_t blen );
/**
* \brief Derive and export the shared secret
* \brief Derive and export the shared secret.
* (Last function used by both TLS client en servers.)
*
* \param ctx ECDH context
* \param olen number of bytes written
@ -212,4 +222,4 @@ int ecdh_self_test( int verbose );
}
#endif
#endif
#endif /* ecdh.h */

View File

@ -30,7 +30,7 @@
#include "ecp.h"
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
#include "polarssl/md.h"
#include "md.h"
#endif
/**
@ -40,7 +40,7 @@
*/
typedef struct
{
ecp_group grp; /*!< ellipitic curve used */
ecp_group grp; /*!< elliptic curve used */
mpi d; /*!< secret signature key */
ecp_point Q; /*!< public signature key */
mpi r; /*!< first integer from signature */
@ -90,7 +90,7 @@ int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s,
int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s,
const mpi *d, const unsigned char *buf, size_t blen,
md_type_t md_alg );
#endif
#endif /* POLARSSL_ECDSA_DETERMINISTIC */
/**
* \brief Verify ECDSA signature of a previously hashed message
@ -163,7 +163,7 @@ int ecdsa_write_signature_det( ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen,
md_type_t md_alg );
#endif
#endif /* POLARSSL_ECDSA_DETERMINISTIC */
/**
* \brief Read and verify an ECDSA signature
@ -175,7 +175,9 @@ int ecdsa_write_signature_det( ecdsa_context *ctx,
* \param slen Size of sig
*
* \return 0 if successful,
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid,
* POLARSSL_ERR_ECP_SIG_LEN_MISTMATCH if the signature is
* valid but its actual length is less than siglen,
* or a POLARSSL_ERR_ECP or POLARSSL_ERR_MPI error code
*/
int ecdsa_read_signature( ecdsa_context *ctx,
@ -231,4 +233,4 @@ int ecdsa_self_test( int verbose );
}
#endif
#endif
#endif /* ecdsa.h */

View File

@ -39,6 +39,7 @@
#define POLARSSL_ERR_ECP_MALLOC_FAILED -0x4D80 /**< Memory allocation failed. */
#define POLARSSL_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as (ephemeral) key, failed. */
#define POLARSSL_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */
#define POLARSSL_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< Signature is valid but shorter than the user-supplied length. */
#ifdef __cplusplus
extern "C" {
@ -68,9 +69,9 @@ typedef enum
POLARSSL_ECP_DP_M255, /*!< Curve25519 */
POLARSSL_ECP_DP_M383, /*!< (not implemented yet) */
POLARSSL_ECP_DP_M511, /*!< (not implemented yet) */
POLARSSL_ECP_DP_SECP192K1, /*!< (not implemented yet) */
POLARSSL_ECP_DP_SECP224K1, /*!< (not implemented yet) */
POLARSSL_ECP_DP_SECP256K1, /*!< 256-bits Koblitz curve */
POLARSSL_ECP_DP_SECP192K1, /*!< 192-bits "Koblitz" curve */
POLARSSL_ECP_DP_SECP224K1, /*!< 224-bits "Koblitz" curve */
POLARSSL_ECP_DP_SECP256K1, /*!< 256-bits "Koblitz" curve */
} ecp_group_id;
/**
@ -118,8 +119,11 @@ ecp_point;
* short weierstrass, this subgroup is actually the whole curve, and its
* cardinal is denoted by N.
*
* In the case of Short Weierstrass curves, our code requires that N is an odd
* prime. (Use odd in ecp_mul() and prime in ecdsa_sign() for blinding.)
*
* In the case of Montgomery curves, we don't store A but (A + 2) / 4 which is
* the quantity actualy used in the formulas. Also, nbits is not the size of N
* the quantity actually used in the formulas. Also, nbits is not the size of N
* but the required size for private keys.
*
* If modp is NULL, reduction modulo P is done using a generic algorithm.
@ -164,7 +168,15 @@ typedef struct
}
ecp_keypair;
#if !defined(POLARSSL_CONFIG_OPTIONS)
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(POLARSSL_ECP_MAX_BITS)
/**
* Maximum size of the groups (that is, of N and P)
*/
@ -174,7 +186,7 @@ ecp_keypair;
#define POLARSSL_ECP_MAX_BYTES ( ( POLARSSL_ECP_MAX_BITS + 7 ) / 8 )
#define POLARSSL_ECP_MAX_PT_LEN ( 2 * POLARSSL_ECP_MAX_BYTES + 1 )
#if !defined(POLARSSL_CONFIG_OPTIONS)
#if !defined(POLARSSL_ECP_WINDOW_SIZE)
/*
* Maximum "window" size used for point multiplication.
* Default: 6.
@ -191,11 +203,14 @@ ecp_keypair;
* 521 145 141 135 120 97
* 384 214 209 198 177 146
* 256 320 320 303 262 226
* 224 475 475 453 398 342
* 192 640 640 633 587 476
*/
#define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
#endif /* POLARSSL_ECP_WINDOW_SIZE */
#if !defined(POLARSSL_ECP_FIXED_POINT_OPTIM)
/*
* Trade memory for speed on fixed-point multiplication.
*
@ -208,7 +223,9 @@ ecp_keypair;
* Change this value to 0 to reduce peak memory usage.
*/
#define POLARSSL_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
#endif
#endif /* POLARSSL_ECP_FIXED_POINT_OPTIM */
/* \} name SECTION: Module settings */
/*
* Point formats, from RFC 4492's enum ECPointFormat
@ -222,12 +239,22 @@ ecp_keypair;
#define POLARSSL_ECP_TLS_NAMED_CURVE 3 /**< ECCurveType's named_curve */
/**
* \brief Return the list of supported curves with associated info
* \brief Get the list of supported curves in order of preferrence
* (full information)
*
* \return A statically allocated array, the last entry is 0.
*/
const ecp_curve_info *ecp_curve_list( void );
/**
* \brief Get the list of supported curves in order of preferrence
* (grp_id only)
*
* \return A statically allocated array,
* terminated with POLARSSL_ECP_DP_NONE.
*/
const ecp_group_id *ecp_grp_id_list( void );
/**
* \brief Get curve information from an internal group identifier
*
@ -366,8 +393,10 @@ int ecp_point_write_binary( const ecp_group *grp, const ecp_point *P,
* \param ilen Actual length of input
*
* \return 0 if successful,
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE if the point format
* is not implemented.
*
* \note This function does NOT check that the point actually
* belongs to the given group, see ecp_check_pubkey() for
@ -527,7 +556,7 @@ int ecp_sub( const ecp_group *grp, ecp_point *R,
*
* \note If f_rng is not NULL, it is used to randomize intermediate
* results in order to prevent potential timing attacks
* targetting these results. It is recommended to always
* targeting these results. It is recommended to always
* provide a non-NULL f_rng (the overhead is negligible).
*/
int ecp_mul( ecp_group *grp, ecp_point *R,
@ -606,15 +635,17 @@ int ecp_gen_keypair( ecp_group *grp, mpi *d, ecp_point *Q,
int ecp_gen_key( ecp_group_id grp_id, ecp_keypair *key,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
#if defined(POLARSSL_SELF_TEST)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
* \return 0 if successful, or 1 if a test failed
*/
int ecp_self_test( int verbose );
#endif
#ifdef __cplusplus
}
#endif
#endif
#endif /* ecp.h */

View File

@ -3,7 +3,7 @@
*
* \brief Entropy accumulator implementation
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -29,9 +29,13 @@
#include <string.h>
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_SHA512_C)
#if defined(POLARSSL_SHA512_C) && !defined(POLARSSL_ENTROPY_FORCE_SHA256)
#include "sha512.h"
#define POLARSSL_ENTROPY_SHA512_ACCUMULATOR
#else
@ -52,11 +56,25 @@
#define POLARSSL_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */
#define POLARSSL_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */
#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */
#define POLARSSL_ERR_ENTROPY_FILE_IO_ERROR -0x0058 /**< Read/write error in file. */
#if !defined(POLARSSL_CONFIG_OPTIONS)
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(ENTROPY_MAX_SOURCES)
#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
#endif
#if !defined(ENTROPY_MAX_GATHER)
#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
#endif /* !POLARSSL_CONFIG_OPTIONS */
#endif
/* \} name SECTION: Module settings */
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
#define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */
@ -64,6 +82,7 @@
#define ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */
#endif
#define ENTROPY_MAX_SEED_SIZE 1024 /**< Maximum size of seed we read from seed file */
#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES
#ifdef __cplusplus
@ -133,6 +152,7 @@ void entropy_free( entropy_context *ctx );
/**
* \brief Adds an entropy source to poll
* (Thread-safe if POLARSSL_THREADING_C is enabled)
*
* \param ctx Entropy context
* \param f_source Entropy function
@ -148,6 +168,7 @@ int entropy_add_source( entropy_context *ctx,
/**
* \brief Trigger an extra gather poll for the accumulator
* (Thread-safe if POLARSSL_THREADING_C is enabled)
*
* \param ctx Entropy context
*
@ -156,12 +177,13 @@ int entropy_add_source( entropy_context *ctx,
int entropy_gather( entropy_context *ctx );
/**
* \brief Retrieve entropy from the accumulator (Max ENTROPY_BLOCK_SIZE)
* \brief Retrieve entropy from the accumulator
* (Maximum length: ENTROPY_BLOCK_SIZE)
* (Thread-safe if POLARSSL_THREADING_C is enabled)
*
* \param data Entropy context
* \param output Buffer to fill
* \param len Length of buffer
* \param len Number of bytes desired, must be at most ENTROPY_BLOCK_SIZE
*
* \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED
*/
@ -169,7 +191,8 @@ int entropy_func( void *data, unsigned char *output, size_t len );
/**
* \brief Add data to the accumulator manually
*
* (Thread-safe if POLARSSL_THREADING_C is enabled)
*
* \param ctx Entropy context
* \param data Data to add
* \param len Length of data
@ -179,6 +202,43 @@ int entropy_func( void *data, unsigned char *output, size_t len );
int entropy_update_manual( entropy_context *ctx,
const unsigned char *data, size_t len );
#if defined(POLARSSL_FS_IO)
/**
* \brief Write a seed file
*
* \param ctx Entropy context
* \param path Name of the file
*
* \return 0 if successful,
* POLARSSL_ERR_ENTROPY_FILE_IO_ERROR on file error, or
* POLARSSL_ERR_ENTROPY_SOURCE_FAILED
*/
int entropy_write_seed_file( entropy_context *ctx, const char *path );
/**
* \brief Read and update a seed file. Seed is added to this
* instance. No more than ENTROPY_MAX_SEED_SIZE bytes are
* read from the seed file. The rest is ignored.
*
* \param ctx Entropy context
* \param path Name of the file
*
* \return 0 if successful,
* POLARSSL_ERR_ENTROPY_FILE_IO_ERROR on file error,
* POLARSSL_ERR_ENTROPY_SOURCE_FAILED
*/
int entropy_update_seed_file( entropy_context *ctx, const char *path );
#endif /* POLARSSL_FS_IO */
#if defined(POLARSSL_SELF_TEST)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if a test failed
*/
int entropy_self_test( int verbose );
#endif /* POLARSSL_SELF_TEST */
#ifdef __cplusplus
}
#endif

View File

@ -29,7 +29,11 @@
#include <string.h>
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#ifdef __cplusplus
extern "C" {

View File

@ -41,15 +41,17 @@
*
* 16 bit error code bit-segmentation
*
* 1 bit - Intentionally not used
* 1 bit - Sign bit
* 3 bits - High level module ID
* 5 bits - Module-dependent error code
* 6 bits - Low level module errors
* 1 bit - Intentionally not used
* 7 bits - Low level module errors
*
* Low-level module errors (0x007E-0x0002)
* For historical reasons, low-level error codes are divided in even and odd,
* even codes were assigned first, and -1 is reserved for other errors.
*
* Module Nr Codes assigned
* Low-level module errors (0x0002-0x007E, 0x0003-0x007F)
*
* Module Nr Codes assigned
* MPI 7 0x0002-0x0010
* GCM 2 0x0012-0x0014
* BLOWFISH 2 0x0016-0x0018
@ -58,12 +60,13 @@
* CAMELLIA 2 0x0024-0x0026
* XTEA 1 0x0028-0x0028
* BASE64 2 0x002A-0x002C
* OID 1 0x002E-0x002E
* OID 1 0x002E-0x002E 0x000B-0x000B
* PADLOCK 1 0x0030-0x0030
* DES 1 0x0032-0x0032
* CTR_DBRG 3 0x0034-0x003A
* CTR_DBRG 4 0x0034-0x003A
* ENTROPY 3 0x003C-0x0040
* NET 11 0x0042-0x0056
* ENTROPY 1 0x0058-0x0058
* ASN1 7 0x0060-0x006C
* MD2 1 0x0070-0x0070
* MD4 1 0x0072-0x0072
@ -72,23 +75,26 @@
* SHA256 1 0x0078-0x0078
* SHA512 1 0x007A-0x007A
* PBKDF2 1 0x007C-0x007C
* RIPEMD160 1 0x007E-0x007E
* HMAC_DRBG 4 0x0003-0x0009
* CCM 2 0x000D-0x000F
*
* High-level module nr (3 bits - 0x1...-0x8...)
* High-level module nr (3 bits - 0x0...-0x7...)
* Name ID Nr of Errors
* PEM 1 9
* PKCS#12 1 4 (Started from top)
* X509 2 18
* PK 2 13 (Started from top)
* PK 2 14 (Started from top, plus 0x2000)
* DHM 3 9
* PKCS5 3 4 (Started from top)
* RSA 4 9
* ECP 4 7 (Started from top)
* ECP 4 8 (Started from top)
* MD 5 4
* CIPHER 6 6
* SSL 6 8 (Started from top)
* SSL 6 9 (Started from top)
* SSL 7 31
*
* Module dependent error code (5 bits 0x.08.-0x.F8.)
* Module dependent error code (5 bits 0x.00.-0x.F8.)
*/
#ifdef __cplusplus

View File

@ -53,6 +53,13 @@ havege_state;
*/
void havege_init( havege_state *hs );
/**
* \brief Clear HAVEGE state
*
* \param hs HAVEGE state to be cleared
*/
void havege_free( havege_state *hs );
/**
* \brief HAVEGE rand function
*

View File

@ -0,0 +1,284 @@
/**
* \file hmac_drbg.h
*
* \brief HMAC_DRBG (NIST SP 800-90A)
*
* Copyright (C) 2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_HMAC_DRBG_H
#define POLARSSL_HMAC_DRBG_H
#include "md.h"
/*
* Error codes
*/
#define POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003 /**< Too many random requested in single call. */
#define POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005 /**< Input too large (Entropy + additional). */
#define POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007 /**< Read/write error in file. */
#define POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009 /**< The entropy source failed. */
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(POLARSSL_HMAC_DRBG_RESEED_INTERVAL)
#define POLARSSL_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
#endif
#if !defined(POLARSSL_HMAC_DRBG_MAX_INPUT)
#define POLARSSL_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
#endif
#if !defined(POLARSSL_HMAC_DRBG_MAX_REQUEST)
#define POLARSSL_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
#endif
#if !defined(POLARSSL_HMAC_DRBG_MAX_SEED_INPUT)
#define POLARSSL_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
#endif
/* \} name SECTION: Module settings */
#define POLARSSL_HMAC_DRBG_PR_OFF 0 /**< No prediction resistance */
#define POLARSSL_HMAC_DRBG_PR_ON 1 /**< Prediction resistance enabled */
#ifdef __cplusplus
extern "C" {
#endif
/**
* HMAC_DRBG context.
*/
typedef struct
{
/* Working state: the key K is not stored explicitely,
* but is implied by the HMAC context */
md_context_t md_ctx; /*!< HMAC context (inc. K) */
unsigned char V[POLARSSL_MD_MAX_SIZE]; /*!< V in the spec */
int reseed_counter; /*!< reseed counter */
/* Administrative state */
size_t entropy_len; /*!< entropy bytes grabbed on each (re)seed */
int prediction_resistance; /*!< enable prediction resistance (Automatic
reseed before every random generation) */
int reseed_interval; /*!< reseed interval */
/* Callbacks */
int (*f_entropy)(void *, unsigned char *, size_t); /*!< entropy function */
void *p_entropy; /*!< context for the entropy function */
} hmac_drbg_context;
/**
* \brief HMAC_DRBG initialisation
*
* \param ctx HMAC_DRBG context to be initialised
* \param md_info MD algorithm to use for HMAC_DRBG
* \param f_entropy Entropy callback (p_entropy, buffer to fill, buffer
* length)
* \param p_entropy Entropy context
* \param custom Personalization data (Device specific identifiers)
* (Can be NULL)
* \param len Length of personalization data
*
* \note The "security strength" as defined by NIST is set to:
* 128 bits if md_alg is SHA-1,
* 192 bits if md_alg is SHA-224,
* 256 bits if md_alg is SHA-256 or higher.
* Note that SHA-256 is just as efficient as SHA-224.
*
* \return 0 if successful, or
* POLARSSL_ERR_MD_BAD_INPUT_DATA, or
* POLARSSL_ERR_MD_ALLOC_FAILED, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED.
*/
int hmac_drbg_init( hmac_drbg_context *ctx,
const md_info_t * md_info,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
size_t len );
/**
* \brief Initilisation of simpified HMAC_DRBG (never reseeds).
* (For use with deterministic ECDSA.)
*
* \param ctx HMAC_DRBG context to be initialised
* \param md_info MD algorithm to use for HMAC_DRBG
* \param data Concatenation of entropy string and additional data
* \param data_len Length of data in bytes
*
* \return 0 if successful, or
* POLARSSL_ERR_MD_BAD_INPUT_DATA, or
* POLARSSL_ERR_MD_ALLOC_FAILED.
*/
int hmac_drbg_init_buf( hmac_drbg_context *ctx,
const md_info_t * md_info,
const unsigned char *data, size_t data_len );
/**
* \brief Enable / disable prediction resistance (Default: Off)
*
* Note: If enabled, entropy is used for ctx->entropy_len before each call!
* Only use this if you have ample supply of good entropy!
*
* \param ctx HMAC_DRBG context
* \param resistance POLARSSL_HMAC_DRBG_PR_ON or POLARSSL_HMAC_DRBG_PR_OFF
*/
void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx,
int resistance );
/**
* \brief Set the amount of entropy grabbed on each reseed
* (Default: given by the security strength, which
* depends on the hash used, see \c hmac_drbg_init() )
*
* \param ctx HMAC_DRBG context
* \param len Amount of entropy to grab, in bytes
*/
void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx,
size_t len );
/**
* \brief Set the reseed interval
* (Default: POLARSSL_HMAC_DRBG_RESEED_INTERVAL)
*
* \param ctx HMAC_DRBG context
* \param interval Reseed interval
*/
void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx,
int interval );
/**
* \brief HMAC_DRBG update state
*
* \param ctx HMAC_DRBG context
* \param additional Additional data to update state with, or NULL
* \param add_len Length of additional data, or 0
*
* \note Additional data is optional, pass NULL and 0 as second
* third argument if no additional data is being used.
*/
void hmac_drbg_update( hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len );
/**
* \brief HMAC_DRBG reseeding (extracts data from entropy source)
*
* \param ctx HMAC_DRBG context
* \param additional Additional data to add to state (Can be NULL)
* \param len Length of additional data
*
* \return 0 if successful, or
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
*/
int hmac_drbg_reseed( hmac_drbg_context *ctx,
const unsigned char *additional, size_t len );
/**
* \brief HMAC_DRBG generate random with additional update input
*
* Note: Automatically reseeds if reseed_counter is reached or PR is enabled.
*
* \param p_rng HMAC_DRBG context
* \param output Buffer to fill
* \param output_len Length of the buffer
* \param additional Additional data to update with (can be NULL)
* \param add_len Length of additional data (can be 0)
*
* \return 0 if successful, or
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
* POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG, or
* POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG.
*/
int hmac_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t output_len,
const unsigned char *additional,
size_t add_len );
/**
* \brief HMAC_DRBG generate random
*
* Note: Automatically reseeds if reseed_counter is reached or PR is enabled.
*
* \param p_rng HMAC_DRBG context
* \param output Buffer to fill
* \param out_len Length of the buffer
*
* \return 0 if successful, or
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
* POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG
*/
int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len );
/**
* \brief Free an HMAC_DRBG context
*
* \param ctx HMAC_DRBG context to free.
*/
void hmac_drbg_free( hmac_drbg_context *ctx );
#if defined(POLARSSL_FS_IO)
/**
* \brief Write a seed file
*
* \param ctx HMAC_DRBG context
* \param path Name of the file
*
* \return 0 if successful, 1 on file error, or
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
*/
int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path );
/**
* \brief Read and update a seed file. Seed is added to this
* instance
*
* \param ctx HMAC_DRBG context
* \param path Name of the file
*
* \return 0 if successful, 1 on file error,
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED or
* POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG
*/
int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path );
#endif /* POLARSSL_FS_IO */
#if defined(POLARSSL_SELF_TEST)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int hmac_drbg_self_test( int verbose );
#endif
#ifdef __cplusplus
}
#endif
#endif /* hmac_drbg.h */

View File

@ -1,11 +1,11 @@
/**
* \file md.h
*
*
* \brief Generic message digest wrapper
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -92,16 +92,18 @@ typedef struct {
/** Generic digest function */
void (*digest_func)( const unsigned char *input, size_t ilen,
unsigned char *output );
unsigned char *output );
/** Generic file digest function */
int (*file_func)( const char *path, unsigned char *output );
/** HMAC Initialisation function */
void (*hmac_starts_func)( void *ctx, const unsigned char *key, size_t keylen );
void (*hmac_starts_func)( void *ctx, const unsigned char *key,
size_t keylen );
/** HMAC update function */
void (*hmac_update_func)( void *ctx, const unsigned char *input, size_t ilen );
void (*hmac_update_func)( void *ctx, const unsigned char *input,
size_t ilen );
/** HMAC finalisation function */
void (*hmac_finish_func)( void *ctx, unsigned char *output);
@ -111,8 +113,8 @@ typedef struct {
/** Generic HMAC function */
void (*hmac_func)( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output );
const unsigned char *input, size_t ilen,
unsigned char *output );
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
@ -171,8 +173,24 @@ const md_info_t *md_info_from_string( const char *md_name );
const md_info_t *md_info_from_type( md_type_t md_type );
/**
* \brief Initialises and fills the message digest context structure with
* the appropriate values.
* \brief Initialize a md_context (as NONE)
*/
void md_init( md_context_t *ctx );
/**
* \brief Free and clear the message-specific context of ctx.
* Freeing ctx itself remains the responsibility of the
* caller.
*/
void md_free( md_context_t *ctx );
/**
* \brief Initialises and fills the message digest context structure
* with the appropriate values.
*
* \note Currently also clears structure. In future versions you
* will be required to call md_init() on the structure
* first.
*
* \param ctx context to initialise. May not be NULL. The
* digest-specific context (ctx->md_ctx) must be NULL. It will
@ -189,10 +207,11 @@ int md_init_ctx( md_context_t *ctx, const md_info_t *md_info );
* \brief Free the message-specific context of ctx. Freeing ctx itself
* remains the responsibility of the caller.
*
* \note Deprecated: Redirects to md_free()
*
* \param ctx Free the message-specific context
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
* \returns 0
*/
int md_free_ctx( md_context_t *ctx );
@ -299,7 +318,8 @@ int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
* failed, POLARSSL_ERR_MD_FILE_READ_FAILED if fread failed,
* POLARSSL_ERR_MD_BAD_INPUT_DATA if md_info was NULL.
*/
int md_file( const md_info_t *md_info, const char *path, unsigned char *output );
int md_file( const md_info_t *md_info, const char *path,
unsigned char *output );
/**
* \brief Generic HMAC context setup
@ -311,7 +331,8 @@ int md_file( const md_info_t *md_info, const char *path, unsigned char *output )
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen );
int md_hmac_starts( md_context_t *ctx, const unsigned char *key,
size_t keylen );
/**
* \brief Generic HMAC process buffer
@ -323,7 +344,8 @@ int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen );
int md_hmac_update( md_context_t *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief Generic HMAC final digest

View File

@ -3,7 +3,7 @@
*
* \brief MD2 message digest algorithm (hash function)
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_MD2_H
#define POLARSSL_MD2_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -56,6 +60,20 @@ typedef struct
}
md2_context;
/**
* \brief Initialize MD2 context
*
* \param ctx MD2 context to be initialized
*/
void md2_init( md2_context *ctx );
/**
* \brief Clear MD2 context
*
* \param ctx MD2 context to be cleared
*/
void md2_free( md2_context *ctx );
/**
* \brief MD2 context setup
*
@ -118,7 +136,8 @@ int md2_file( const char *path, unsigned char output[16] );
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen );
void md2_hmac_starts( md2_context *ctx, const unsigned char *key,
size_t keylen );
/**
* \brief MD2 HMAC process buffer
@ -127,7 +146,8 @@ void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md2_hmac_update( md2_context *ctx, const unsigned char *input, size_t ilen );
void md2_hmac_update( md2_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief MD2 HMAC final digest

View File

@ -3,7 +3,7 @@
*
* \brief MD4 message digest algorithm (hash function)
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_MD4_H
#define POLARSSL_MD4_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -62,6 +66,20 @@ typedef struct
}
md4_context;
/**
* \brief Initialize MD4 context
*
* \param ctx MD4 context to be initialized
*/
void md4_init( md4_context *ctx );
/**
* \brief Clear MD4 context
*
* \param ctx MD4 context to be cleared
*/
void md4_free( md4_context *ctx );
/**
* \brief MD4 context setup
*
@ -124,7 +142,8 @@ int md4_file( const char *path, unsigned char output[16] );
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void md4_hmac_starts( md4_context *ctx, const unsigned char *key, size_t keylen );
void md4_hmac_starts( md4_context *ctx, const unsigned char *key,
size_t keylen );
/**
* \brief MD4 HMAC process buffer
@ -133,7 +152,8 @@ void md4_hmac_starts( md4_context *ctx, const unsigned char *key, size_t keylen
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md4_hmac_update( md4_context *ctx, const unsigned char *input, size_t ilen );
void md4_hmac_update( md4_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief MD4 HMAC final digest

View File

@ -27,7 +27,11 @@
#ifndef POLARSSL_MD5_H
#define POLARSSL_MD5_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -62,6 +66,20 @@ typedef struct
}
md5_context;
/**
* \brief Initialize MD5 context
*
* \param ctx MD5 context to be initialized
*/
void md5_init( md5_context *ctx );
/**
* \brief Clear MD5 context
*
* \param ctx MD5 context to be cleared
*/
void md5_free( md5_context *ctx );
/**
* \brief MD5 context setup
*

View File

@ -1,6 +1,6 @@
/**
* \file md_wrap.h
*
*
* \brief Message digest wrappers.
*
* \author Adriaan de Jong <dejong@fox-it.com>
@ -29,7 +29,11 @@
#ifndef POLARSSL_MD_WRAP_H
#define POLARSSL_MD_WRAP_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "md.h"
#ifdef __cplusplus

View File

@ -1,9 +1,9 @@
/**
* \file memory.h
*
* \brief Memory allocation layer
* \brief Memory allocation layer (Deprecated to platform layer)
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,105 +27,26 @@
#ifndef POLARSSL_MEMORY_H
#define POLARSSL_MEMORY_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <stdlib.h>
#if !defined(POLARSSL_CONFIG_OPTIONS)
#define POLARSSL_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
#define POLARSSL_MEMORY_STDMALLOC malloc /**< Default allocator to use, can be undefined */
#define POLARSSL_MEMORY_STDFREE free /**< Default free to use, can be undefined */
#endif /* POLARSSL_CONFIG_OPTIONS */
#define MEMORY_VERIFY_NONE 0
#define MEMORY_VERIFY_ALLOC (1 << 0)
#define MEMORY_VERIFY_FREE (1 << 1)
#define MEMORY_VERIFY_ALWAYS (MEMORY_VERIFY_ALLOC | MEMORY_VERIFY_FREE)
#ifdef __cplusplus
extern "C" {
#if defined(POLARSSL_MEMORY_C) && !defined(POLARSSL_PLATFORM_MEMORY)
#define POLARSSL_PLATFORM_MEMORY
#endif
/*
* The function pointers for malloc and free
*/
extern void * (*polarssl_malloc)( size_t len );
extern void (*polarssl_free)( void *ptr );
#include "platform.h"
#include "memory_buffer_alloc.h"
/**
* \brief Set your own memory implementation function pointers
*
* \param malloc_func the malloc function implementation
* \param free_func the free function implementation
*
* \return 0 if successful
*/
int memory_set_own( void * (*malloc_func)( size_t ),
void (*free_func)( void * ) );
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
/**
* \brief Initialize use of stack-based memory allocator.
* The stack-based allocator does memory management inside the
* presented buffer and does not call malloc() and free().
* It sets the global polarssl_malloc() and polarssl_free() pointers
* to its own functions.
* (Provided polarssl_malloc() and polarssl_free() are thread-safe if
* POLARSSL_THREADING_C is defined)
*
* \note This code is not optimized and provides a straight-forward
* implementation of a stack-based memory allocator.
*
* \param buf buffer to use as heap
* \param len size of the buffer
*
* \return 0 if successful
*/
int memory_buffer_alloc_init( unsigned char *buf, size_t len );
/**
* \brief Free the mutex for thread-safety and clear remaining memory
*/
void memory_buffer_alloc_free();
/**
* \brief Determine when the allocator should automatically verify the state
* of the entire chain of headers / meta-data.
* (Default: MEMORY_VERIFY_NONE)
*
* \param verify One of MEMORY_VERIFY_NONE, MEMORY_VERIFY_ALLOC,
* MEMORY_VERIFY_FREE or MEMORY_VERIFY_ALWAYS
*/
void memory_buffer_set_verify( int verify );
#if defined(POLARSSL_MEMORY_DEBUG)
/**
* \brief Print out the status of the allocated memory (primarily for use
* after a program should have de-allocated all memory)
* Prints out a list of 'still allocated' blocks and their stack
* trace if POLARSSL_MEMORY_BACKTRACE is defined.
*/
void memory_buffer_alloc_status();
#endif /* POLARSSL_MEMORY_DEBUG */
/**
* \brief Verifies that all headers in the memory buffer are correct
* and contain sane values. Helps debug buffer-overflow errors.
*
* Prints out first failure if POLARSSL_MEMORY_DEBUG is defined.
* Prints out full header information if POLARSSL_MEMORY_DEBUG_HEADERS
* is defined. (Includes stack trace information for each block if
* POLARSSL_MEMORY_BACKTRACE is defined as well).
*
* \returns 0 if verified, 1 otherwise
*/
int memory_buffer_alloc_verify();
#endif /* POLARSSL_MEMORY_BUFFER_ALLOC_C */
#ifdef __cplusplus
void (*free_func)( void * ) )
{
return platform_set_malloc_free( malloc_func, free_func );
}
#endif
#endif /* memory.h */

View File

@ -0,0 +1,122 @@
/**
* \file memory_buffer_alloc.h
*
* \brief Buffer-based memory allocator
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MEMORY_BUFFER_ALLOC_H
#define POLARSSL_MEMORY_BUFFER_ALLOC_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <stdlib.h>
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(POLARSSL_MEMORY_ALIGN_MULTIPLE)
#define POLARSSL_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
#endif
/* \} name SECTION: Module settings */
#define MEMORY_VERIFY_NONE 0
#define MEMORY_VERIFY_ALLOC (1 << 0)
#define MEMORY_VERIFY_FREE (1 << 1)
#define MEMORY_VERIFY_ALWAYS (MEMORY_VERIFY_ALLOC | MEMORY_VERIFY_FREE)
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Initialize use of stack-based memory allocator.
* The stack-based allocator does memory management inside the
* presented buffer and does not call malloc() and free().
* It sets the global polarssl_malloc() and polarssl_free() pointers
* to its own functions.
* (Provided polarssl_malloc() and polarssl_free() are thread-safe if
* POLARSSL_THREADING_C is defined)
*
* \note This code is not optimized and provides a straight-forward
* implementation of a stack-based memory allocator.
*
* \param buf buffer to use as heap
* \param len size of the buffer
*
* \return 0 if successful
*/
int memory_buffer_alloc_init( unsigned char *buf, size_t len );
/**
* \brief Free the mutex for thread-safety and clear remaining memory
*/
void memory_buffer_alloc_free( void );
/**
* \brief Determine when the allocator should automatically verify the state
* of the entire chain of headers / meta-data.
* (Default: MEMORY_VERIFY_NONE)
*
* \param verify One of MEMORY_VERIFY_NONE, MEMORY_VERIFY_ALLOC,
* MEMORY_VERIFY_FREE or MEMORY_VERIFY_ALWAYS
*/
void memory_buffer_set_verify( int verify );
#if defined(POLARSSL_MEMORY_DEBUG)
/**
* \brief Print out the status of the allocated memory (primarily for use
* after a program should have de-allocated all memory)
* Prints out a list of 'still allocated' blocks and their stack
* trace if POLARSSL_MEMORY_BACKTRACE is defined.
*/
void memory_buffer_alloc_status( void );
#endif /* POLARSSL_MEMORY_DEBUG */
/**
* \brief Verifies that all headers in the memory buffer are correct
* and contain sane values. Helps debug buffer-overflow errors.
*
* Prints out first failure if POLARSSL_MEMORY_DEBUG is defined.
* Prints out full header information if POLARSSL_MEMORY_DEBUG_HEADERS
* is defined. (Includes stack trace information for each block if
* POLARSSL_MEMORY_BACKTRACE is defined as well).
*
* \returns 0 if verified, 1 otherwise
*/
int memory_buffer_alloc_verify( void );
#ifdef __cplusplus
}
#endif
#endif /* memory_buffer_alloc.h */

View File

@ -3,7 +3,7 @@
*
* \brief Object Identifier (OID) database
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -28,7 +28,11 @@
#define POLARSSL_OID_H
#include <string.h>
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "asn1.h"
#include "pk.h"
#if defined(POLARSSL_CIPHER_C)
@ -44,6 +48,7 @@
#endif
#define POLARSSL_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */
#define POLARSSL_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */
/*
* Top level OID tuples
@ -58,7 +63,7 @@
*/
#define OID_COUNTRY_US "\x86\x48" /* {us(840)} */
#define OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */
#define OID_RSA_COMPANY OID_ISO_MEMBER_BODIES OID_COUNTRY_US \
#define OID_RSA_COMPANY OID_ISO_MEMBER_BODIES OID_COUNTRY_US \
OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
#define OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */
#define OID_ANSI_X9_62 OID_ISO_MEMBER_BODIES OID_COUNTRY_US \
@ -104,14 +109,23 @@
*/
#define OID_AT OID_ISO_CCITT_DS "\x04" /**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */
#define OID_AT_CN OID_AT "\x03" /**< id-at-commonName AttributeType:= {id-at 3} */
#define OID_AT_SUR_NAME OID_AT "\x04" /**< id-at-surName AttributeType:= {id-at 4} */
#define OID_AT_SERIAL_NUMBER OID_AT "\x05" /**< id-at-serialNumber AttributeType:= {id-at 5} */
#define OID_AT_COUNTRY OID_AT "\x06" /**< id-at-countryName AttributeType:= {id-at 6} */
#define OID_AT_LOCALITY OID_AT "\x07" /**< id-at-locality AttributeType:= {id-at 7} */
#define OID_AT_STATE OID_AT "\x08" /**< id-at-state AttributeType:= {id-at 8} */
#define OID_AT_ORGANIZATION OID_AT "\x0A" /**< id-at-organizationName AttributeType:= {id-at 10} */
#define OID_AT_ORG_UNIT OID_AT "\x0B" /**< id-at-organizationalUnitName AttributeType:= {id-at 11} */
#define OID_AT_TITLE OID_AT "\x0C" /**< id-at-title AttributeType:= {id-at 12} */
#define OID_AT_POSTAL_ADDRESS OID_AT "\x10" /**< id-at-postalAddress AttributeType:= {id-at 16} */
#define OID_AT_POSTAL_CODE OID_AT "\x11" /**< id-at-postalCode AttributeType:= {id-at 17} */
#define OID_AT_GIVEN_NAME OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */
#define OID_AT_INITIALS OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */
#define OID_AT_GENERATION_QUALIFIER OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */
#define OID_AT_DN_QUALIFIER OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */
#define OID_AT_PSEUDONYM OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */
#define OID_DOMAIN_COMPONENT "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */
/*
* OIDs for standard certificate extensions
@ -193,6 +207,10 @@
#define OID_PKCS9_EMAIL OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */
/* RFC 4055 */
#define OID_RSASSA_PSS OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */
#define OID_MGF1 OID_PKCS1 "\x08" /**< id-mgf1 ::= { pkcs-1 8 } */
/*
* Digest algorithms
*/
@ -316,7 +334,16 @@
#define OID_EC_GRP_BP512R1 OID_EC_BRAINPOOL_V1 "\x0D"
/*
* ECDSA signature identifers, from RFC 5480
* SEC1 C.1
*
* prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 }
* id-fieldType OBJECT IDENTIFIER ::= { ansi-X9-62 fieldType(1)}
*/
#define OID_ANSI_X9_62_FIELD_TYPE OID_ANSI_X9_62 "\x01"
#define OID_ANSI_X9_62_PRIME_FIELD OID_ANSI_X9_62_FIELD_TYPE "\x01"
/*
* ECDSA signature identifiers, from RFC 5480
*/
#define OID_ANSI_X9_62_SIG OID_ANSI_X9_62 "\x04" /* signatures(4) */
#define OID_ANSI_X9_62_SIG_SHA2 OID_ANSI_X9_62_SIG "\x03" /* ecdsa-with-SHA2(3) */
@ -367,7 +394,8 @@ typedef struct {
* \param size size of the buffer
* \param oid OID to translate
*
* \return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL or actual length used
* \return Length of the string written (excluding final NULL) or
* POLARSSL_ERR_OID_BUF_TO_SMALL in case of error
*/
int oid_get_numeric_string( char *buf, size_t size, const asn1_buf *oid );

View File

@ -98,7 +98,7 @@ inline rsa_context* d2i_RSA_PUBKEY( void *ignore, unsigned char **bufptr,
memset( rsa, 0, sizeof( rsa_context ) );
if( ( len == 94 &&
if( ( len == 94 &&
mpi_read_binary( &rsa->N, &buffer[ 25], 64 ) == 0 &&
mpi_read_binary( &rsa->E, &buffer[ 91], 3 ) == 0 ) ||
( len == 162 &&

View File

@ -1,9 +1,10 @@
/**
* \file padlock.h
*
* \brief VIA PadLock ACE for HW encryption/decryption supported by some processors
* \brief VIA PadLock ACE for HW encryption/decryption supported by some
* processors
*
* Copyright (C) 2006-2010, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>

View File

@ -28,7 +28,11 @@
#ifndef POLARSSL_PK_H
#define POLARSSL_PK_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "md.h"
@ -57,6 +61,7 @@
#define POLARSSL_ERR_PK_INVALID_ALG -0x2A80 /**< The algorithm tag or value is invalid. */
#define POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE -0x2A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */
#define POLARSSL_ERR_PK_FEATURE_UNAVAILABLE -0x2980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */
#define POLARSSL_ERR_PK_SIG_LEN_MISMATCH -0x2000 /**< The signature is valid but its length is less than expected. */
#if defined(POLARSSL_RSA_C)
@ -94,8 +99,20 @@ typedef enum {
POLARSSL_PK_ECKEY_DH,
POLARSSL_PK_ECDSA,
POLARSSL_PK_RSA_ALT,
POLARSSL_PK_RSASSA_PSS,
} pk_type_t;
/**
* \brief Options for RSASSA-PSS signature verification.
* See \c rsa_rsassa_pss_verify_ext()
*/
typedef struct
{
md_type_t mgf1_hash_id;
int expected_salt_len;
} pk_rsassa_pss_options;
/**
* \brief Types for interfacing with the debug module
*/
@ -234,7 +251,7 @@ int pk_init_ctx( pk_context *ctx, const pk_info_t *info );
* \param key RSA key pointer
* \param decrypt_func Decryption function
* \param sign_func Signing function
* \param key_len_func Function returning key length
* \param key_len_func Function returning key length in bytes
*
* \return 0 on success, or POLARSSL_ERR_PK_BAD_INPUT_DATA if the
* context wasn't already initialized as RSA_ALT.
@ -278,7 +295,7 @@ static inline size_t pk_get_len( const pk_context *ctx )
int pk_can_do( pk_context *ctx, pk_type_t type );
/**
* \brief Verify signature
* \brief Verify signature (including padding if relevant).
*
* \param ctx PK context to use
* \param md_alg Hash algorithm used (see notes)
@ -288,8 +305,14 @@ int pk_can_do( pk_context *ctx, pk_type_t type );
* \param sig_len Signature length
*
* \return 0 on success (signature is valid),
* POLARSSL_ERR_PK_SIG_LEN_MISMATCH if the signature is
* valid but its actual length is less than sig_len,
* or a specific error code.
*
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
* Use \c pk_verify_ext( POLARSSL_PK_RSASSA_PSS, ... )
* to verify RSASSA_PSS signatures.
*
* \note If hash_len is 0, then the length associated with md_alg
* is used instead, or an error returned if it is invalid.
*
@ -300,7 +323,41 @@ int pk_verify( pk_context *ctx, md_type_t md_alg,
const unsigned char *sig, size_t sig_len );
/**
* \brief Make signature
* \brief Verify signature, with options.
* (Includes verification of the padding depending on type.)
*
* \param type Signature type (inc. possible padding type) to verify
* \param options Pointer to type-specific options, or NULL
* \param ctx PK context to use
* \param md_alg Hash algorithm used (see notes)
* \param hash Hash of the message to sign
* \param hash_len Hash length or 0 (see notes)
* \param sig Signature to verify
* \param sig_len Signature length
*
* \return 0 on success (signature is valid),
* POLARSSL_ERR_PK_TYPE_MISMATCH if the PK context can't be
* used for this type of signatures,
* POLARSSL_ERR_PK_SIG_LEN_MISMATCH if the signature is
* valid but its actual length is less than sig_len,
* or a specific error code.
*
* \note If hash_len is 0, then the length associated with md_alg
* is used instead, or an error returned if it is invalid.
*
* \note md_alg may be POLARSSL_MD_NONE, only if hash_len != 0
*
* \note If type is POLARSSL_PK_RSASSA_PSS, then options must point
* to a pk_rsassa_pss_options structure,
* otherwise it must be NULL.
*/
int pk_verify_ext( pk_type_t type, const void *options,
pk_context *ctx, md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len );
/**
* \brief Make signature, including padding if relevant.
*
* \param ctx PK context to use
* \param md_alg Hash algorithm used (see notes)
@ -313,6 +370,10 @@ int pk_verify( pk_context *ctx, md_type_t md_alg,
*
* \return 0 on success, or a specific error code.
*
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
* There is no interface in the PK module to make RSASSA-PSS
* signatures yet.
*
* \note If hash_len is 0, then the length associated with md_alg
* is used instead, or an error returned if it is invalid.
*
@ -324,7 +385,7 @@ int pk_sign( pk_context *ctx, md_type_t md_alg,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/**
* \brief Decrypt message
* \brief Decrypt message (including padding if relevant).
*
* \param ctx PK context to use
* \param input Input to decrypt
@ -335,6 +396,8 @@ int pk_sign( pk_context *ctx, md_type_t md_alg,
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
*
* \return 0 on success, or a specific error code.
*/
int pk_decrypt( pk_context *ctx,
@ -343,7 +406,7 @@ int pk_decrypt( pk_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/**
* \brief Encrypt message
* \brief Encrypt message (including padding if relevant).
*
* \param ctx PK context to use
* \param input Message to encrypt
@ -354,6 +417,8 @@ int pk_decrypt( pk_context *ctx,
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
*
* \return 0 on success, or a specific error code.
*/
int pk_encrypt( pk_context *ctx,
@ -400,6 +465,12 @@ pk_type_t pk_get_type( const pk_context *ctx );
* \param pwd password for decryption (optional)
* \param pwdlen size of the password
*
* \note On entry, ctx must be empty, either freshly initialised
* with pk_init() or reset with pk_free(). If you need a
* specific key type, check the result with pk_can_do().
*
* \note The key is also checked for correctness.
*
* \return 0 if successful, or a specific PK or PEM error code
*/
int pk_parse_key( pk_context *ctx,
@ -414,6 +485,12 @@ int pk_parse_key( pk_context *ctx,
* \param key input buffer
* \param keylen size of the buffer
*
* \note On entry, ctx must be empty, either freshly initialised
* with pk_init() or reset with pk_free(). If you need a
* specific key type, check the result with pk_can_do().
*
* \note The key is also checked for correctness.
*
* \return 0 if successful, or a specific PK or PEM error code
*/
int pk_parse_public_key( pk_context *ctx,
@ -428,6 +505,12 @@ int pk_parse_public_key( pk_context *ctx,
* \param path filename to read the private key from
* \param password password to decrypt the file (can be NULL)
*
* \note On entry, ctx must be empty, either freshly initialised
* with pk_init() or reset with pk_free(). If you need a
* specific key type, check the result with pk_can_do().
*
* \note The key is also checked for correctness.
*
* \return 0 if successful, or a specific PK or PEM error code
*/
int pk_parse_keyfile( pk_context *ctx,
@ -440,6 +523,12 @@ int pk_parse_keyfile( pk_context *ctx,
* \param ctx key to be initialized
* \param path filename to read the private key from
*
* \note On entry, ctx must be empty, either freshly initialised
* with pk_init() or reset with pk_free(). If you need a
* specific key type, check the result with pk_can_do().
*
* \note The key is also checked for correctness.
*
* \return 0 if successful, or a specific PK or PEM error code
*/
int pk_parse_public_keyfile( pk_context *ctx, const char *path );

View File

@ -28,7 +28,11 @@
#ifndef POLARSSL_PK_WRAP_H
#define POLARSSL_PK_WRAP_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "pk.h"

View File

@ -5,7 +5,7 @@
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -29,7 +29,11 @@
#ifndef POLARSSL_PKCS11_H
#define POLARSSL_PKCS11_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_PKCS11_C)
@ -89,7 +93,8 @@ int pkcs11_priv_key_init( pkcs11_context *priv_key,
void pkcs11_priv_key_free( pkcs11_context *priv_key );
/**
* \brief Do an RSA private key decrypt, then remove the message padding
* \brief Do an RSA private key decrypt, then remove the message
* padding
*
* \param ctx PKCS #11 context
* \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature
@ -115,8 +120,8 @@ int pkcs11_decrypt( pkcs11_context *ctx,
*
* \param ctx PKCS #11 context
* \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature
* \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512}
* \param hashlen message digest length (for SIG_RSA_RAW only)
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
* \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext
*
@ -144,7 +149,7 @@ static inline int ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
output_max_len );
}
static inline int ssl_pkcs11_sign( void *ctx,
static inline int ssl_pkcs11_sign( void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
int mode, md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig )

View File

@ -0,0 +1,128 @@
/**
* \file platform.h
*
* \brief PolarSSL Platform abstraction layer
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_PLATFORM_H
#define POLARSSL_PLATFORM_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <stdio.h>
#ifdef __cplusplus
extern "C" {
#endif
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS)
#include <stdlib.h>
#if !defined(POLARSSL_PLATFORM_STD_PRINTF)
#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use */
#endif
#if !defined(POLARSSL_PLATFORM_STD_FPRINTF)
#define POLARSSL_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use */
#endif
#if !defined(POLARSSL_PLATFORM_STD_MALLOC)
#define POLARSSL_PLATFORM_STD_MALLOC malloc /**< Default allocator to use */
#endif
#if !defined(POLARSSL_PLATFORM_STD_FREE)
#define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use */
#endif
#else /* POLARSSL_PLATFORM_NO_STD_FUNCTIONS */
#if defined(POLARSSL_PLATFORM_STD_MEM_HDR)
#include POLARSSL_PLATFORM_STD_MEM_HDR
#endif
#endif /* POLARSSL_PLATFORM_NO_STD_FUNCTIONS */
/* \} name SECTION: Module settings */
/*
* The function pointers for malloc and free
*/
#if defined(POLARSSL_PLATFORM_MEMORY)
extern void * (*polarssl_malloc)( size_t len );
extern void (*polarssl_free)( void *ptr );
/**
* \brief Set your own memory implementation function pointers
*
* \param malloc_func the malloc function implementation
* \param free_func the free function implementation
*
* \return 0 if successful
*/
int platform_set_malloc_free( void * (*malloc_func)( size_t ),
void (*free_func)( void * ) );
#else /* POLARSSL_PLATFORM_ENTROPY */
#define polarssl_malloc malloc
#define polarssl_free free
#endif /* POLARSSL_PLATFORM_ENTROPY */
/*
* The function pointers for printf
*/
#if defined(POLARSSL_PLATFORM_PRINTF_ALT)
extern int (*polarssl_printf)( const char *format, ... );
/**
* \brief Set your own printf function pointer
*
* \param printf_func the printf function implementation
*
* \return 0
*/
int platform_set_printf( int (*printf_func)( const char *, ... ) );
#else /* POLARSSL_PLATFORM_PRINTF_ALT */
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_PRINTF_ALT */
/*
* The function pointers for fprintf
*/
#if defined(POLARSSL_PLATFORM_FPRINTF_ALT)
extern int (*polarssl_fprintf)( FILE *stream, const char *format, ... );
int platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *,
... ) );
#else
#define polarssl_fprintf fprintf
#endif
#ifdef __cplusplus
}
#endif
#endif /* platform.h */

View File

@ -1,5 +1,5 @@
/**
* \file rdm160.h
* \file ripemd160.h
*
* \brief RIPE MD-160 message digest
*
@ -27,7 +27,11 @@
#ifndef POLARSSL_RIPEMD160_H
#define POLARSSL_RIPEMD160_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -38,7 +42,7 @@ typedef UINT32 uint32_t;
#include <inttypes.h>
#endif
#define POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR -0x0074 /**< Read/write error in file. */
#define POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR -0x007E /**< Read/write error in file. */
#if !defined(POLARSSL_RIPEMD160_ALT)
// Regular implementation
@ -62,6 +66,20 @@ typedef struct
}
ripemd160_context;
/**
* \brief Initialize RIPEMD-160 context
*
* \param ctx RIPEMD-160 context to be initialized
*/
void ripemd160_init( ripemd160_context *ctx );
/**
* \brief Clear RIPEMD-160 context
*
* \param ctx RIPEMD-160 context to be cleared
*/
void ripemd160_free( ripemd160_context *ctx );
/**
* \brief RIPEMD-160 context setup
*

View File

@ -3,7 +3,7 @@
*
* \brief The RSA public-key cryptosystem
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_RSA_H
#define POLARSSL_RSA_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "bignum.h"
#include "md.h"
@ -61,6 +65,8 @@
#define RSA_SIGN 1
#define RSA_CRYPT 2
#define RSA_SALT_LEN_ANY -1
/*
* The above constants may be used even if the RSA module is compile out,
* eg for alternative (PKCS#11) RSA implemenations in the PK layers.
@ -122,11 +128,32 @@ rsa_context;
*
* \note The hash_id parameter is actually ignored
* when using RSA_PKCS_V15 padding.
*
* \note Choice of padding mode is strictly enforced for private key
* operations, since there might be security concerns in
* mixing padding modes. For public key operations it's merely
* a default value, which can be overriden by calling specific
* rsa_rsaes_xxx or rsa_rsassa_xxx functions.
*
* \note The chosen hash is always used for OEAP encryption.
* For PSS signatures, it's always used for making signatures,
* but can be overriden (and always is, if set to
* POLARSSL_MD_NONE) for verifying them.
*/
void rsa_init( rsa_context *ctx,
int padding,
int hash_id);
/**
* \brief Set padding for an already initialized RSA context
* See \c rsa_init() for details.
*
* \param ctx RSA context to be set
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21
* \param hash_id RSA_PKCS_V21 hash identifier
*/
void rsa_set_padding( rsa_context *ctx, int padding, int hash_id);
/**
* \brief Generate an RSA keypair
*
@ -386,11 +413,8 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx,
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
* \note In case of PKCS#1 v2.1 encoding keep in mind that
* the hash_id in the RSA context is the one used for the
* encoding. hash_id in the function call is the type of hash
* that is encoded. According to RFC 3447 it is advised to
* keep both hashes the same.
* \note In case of PKCS#1 v2.1 encoding, see comments on
* \note \c rsa_rsassa_pss_sign() for details on md_alg and hash_id.
*/
int rsa_pkcs1_sign( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
@ -447,9 +471,8 @@ int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx,
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
* \note In case of PKCS#1 v2.1 encoding keep in mind that
* the hash_id in the RSA context is the one used for the
* encoding. hash_id in the function call is the type of hash
* \note The hash_id in the RSA context is the one used for the
* encoding. md_alg in the function call is the type of hash
* that is encoded. According to RFC 3447 it is advised to
* keep both hashes the same.
*/
@ -482,11 +505,8 @@ int rsa_rsassa_pss_sign( rsa_context *ctx,
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
* \note In case of PKCS#1 v2.1 encoding keep in mind that
* the hash_id in the RSA context is the one used for the
* verification. hash_id in the function call is the type of hash
* that is verified. According to RFC 3447 it is advised to
* keep both hashes the same.
* \note In case of PKCS#1 v2.1 encoding, see comments on
* \c rsa_rsassa_pss_verify() about md_alg and hash_id.
*/
int rsa_pkcs1_verify( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
@ -526,6 +546,7 @@ int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx,
/**
* \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY)
* (This is the "simple" version.)
*
* \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
@ -542,11 +563,11 @@ int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx,
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
* \note In case of PKCS#1 v2.1 encoding keep in mind that
* the hash_id in the RSA context is the one used for the
* verification. hash_id in the function call is the type of hash
* that is verified. According to RFC 3447 it is advised to
* keep both hashes the same.
* \note The hash_id in the RSA context is the one used for the
* verification. md_alg in the function call is the type of
* hash that is verified. According to RFC 3447 it is advised to
* keep both hashes the same. If hash_id in the RSA context is
* unset, the md_alg from the function call is used.
*/
int rsa_rsassa_pss_verify( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
@ -557,6 +578,41 @@ int rsa_rsassa_pss_verify( rsa_context *ctx,
const unsigned char *hash,
const unsigned char *sig );
/**
* \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY)
* (This is the version with "full" options.)
*
* \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
* \param hash buffer holding the message digest
* \param mgf1_hash_id message digest used for mask generation
* \param expected_salt_len Length of the salt used in padding, use
* RSA_SALT_LEN_ANY to accept any salt length
* \param sig buffer holding the ciphertext
*
* \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
* \note The hash_id in the RSA context is ignored.
*/
int rsa_rsassa_pss_verify_ext( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
md_type_t mgf1_hash_id,
int expected_salt_len,
const unsigned char *sig );
/**
* \brief Copy the components of an RSA context
*

View File

@ -3,7 +3,7 @@
*
* \brief SHA-1 cryptographic hash function
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_SHA1_H
#define POLARSSL_SHA1_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -62,6 +66,20 @@ typedef struct
}
sha1_context;
/**
* \brief Initialize SHA-1 context
*
* \param ctx SHA-1 context to be initialized
*/
void sha1_init( sha1_context *ctx );
/**
* \brief Clear SHA-1 context
*
* \param ctx SHA-1 context to be cleared
*/
void sha1_free( sha1_context *ctx );
/**
* \brief SHA-1 context setup
*
@ -127,7 +145,8 @@ int sha1_file( const char *path, unsigned char output[20] );
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, size_t keylen );
void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key,
size_t keylen );
/**
* \brief SHA-1 HMAC process buffer
@ -136,7 +155,8 @@ void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, size_t keyle
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, size_t ilen );
void sha1_hmac_update( sha1_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief SHA-1 HMAC final digest

View File

@ -3,7 +3,7 @@
*
* \brief SHA-224 and SHA-256 cryptographic hash function
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_SHA256_H
#define POLARSSL_SHA256_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -63,6 +67,20 @@ typedef struct
}
sha256_context;
/**
* \brief Initialize SHA-256 context
*
* \param ctx SHA-256 context to be initialized
*/
void sha256_init( sha256_context *ctx );
/**
* \brief Clear SHA-256 context
*
* \param ctx SHA-256 context to be cleared
*/
void sha256_free( sha256_context *ctx );
/**
* \brief SHA-256 context setup
*
@ -78,7 +96,8 @@ void sha256_starts( sha256_context *ctx, int is224 );
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha256_update( sha256_context *ctx, const unsigned char *input, size_t ilen );
void sha256_update( sha256_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief SHA-256 final digest
@ -143,7 +162,8 @@ void sha256_hmac_starts( sha256_context *ctx, const unsigned char *key,
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha256_hmac_update( sha256_context *ctx, const unsigned char *input, size_t ilen );
void sha256_hmac_update( sha256_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief SHA-256 HMAC final digest

View File

@ -3,7 +3,7 @@
*
* \brief SHA-384 and SHA-512 cryptographic hash function
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_SHA512_H
#define POLARSSL_SHA512_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -64,6 +68,20 @@ typedef struct
}
sha512_context;
/**
* \brief Initialize SHA-512 context
*
* \param ctx SHA-512 context to be initialized
*/
void sha512_init( sha512_context *ctx );
/**
* \brief Clear SHA-512 context
*
* \param ctx SHA-512 context to be cleared
*/
void sha512_free( sha512_context *ctx );
/**
* \brief SHA-512 context setup
*
@ -79,7 +97,8 @@ void sha512_starts( sha512_context *ctx, int is384 );
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha512_update( sha512_context *ctx, const unsigned char *input, size_t ilen );
void sha512_update( sha512_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief SHA-512 final digest
@ -141,7 +160,8 @@ void sha512_hmac_starts( sha512_context *ctx, const unsigned char *key,
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha512_hmac_update( sha512_context *ctx, const unsigned char *input, size_t ilen );
void sha512_hmac_update( sha512_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief SHA-512 HMAC final digest

View File

@ -3,7 +3,7 @@
*
* \brief SSL/TLS functions.
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,9 +27,14 @@
#ifndef POLARSSL_SSL_H
#define POLARSSL_SSL_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "net.h"
#include "bignum.h"
#include "ecp.h"
#include "ssl_ciphersuites.h"
@ -83,6 +88,12 @@
#define POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
#define POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED
#endif
#if defined(_MSC_VER) && !defined(inline)
#define inline _inline
#else
@ -131,8 +142,9 @@
#define POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */
#define POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */
#define POLARSSL_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */
#define POLARSSL_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unkown identity received (eg, PSK identity) */
#define POLARSSL_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */
#define POLARSSL_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */
#define POLARSSL_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */
/*
* Various constants
@ -157,10 +169,10 @@
#else
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
#define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_3
#endif
#endif
#endif
#endif
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
#endif /* POLARSSL_SSL_PROTO_TLS1_1 */
#endif /* POLARSSL_SSL_PROTO_TLS1 */
#endif /* POLARSSL_SSL_PROTO_SSL3 */
/* Determine maximum supported version */
#define SSL_MAX_MAJOR_VERSION SSL_MAJOR_VERSION_3
@ -176,10 +188,10 @@
#else
#if defined(POLARSSL_SSL_PROTO_SSL3)
#define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_0
#endif
#endif
#endif
#endif
#endif /* POLARSSL_SSL_PROTO_SSL3 */
#endif /* POLARSSL_SSL_PROTO_TLS1 */
#endif /* POLARSSL_SSL_PROTO_TLS1_1 */
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
/* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c
* NONE must be zero so that memset()ing structure to zero works */
@ -210,6 +222,9 @@
#define SSL_RENEGOTIATION_DISABLED 0
#define SSL_RENEGOTIATION_ENABLED 1
#define SSL_RENEGOTIATION_NOT_ENFORCED -1
#define SSL_RENEGO_MAX_RECORDS_DEFAULT 16
#define SSL_LEGACY_NO_RENEGOTIATION 0
#define SSL_LEGACY_ALLOW_RENEGOTIATION 1
#define SSL_LEGACY_BREAK_HANDSHAKE 2
@ -221,24 +236,36 @@
#define SSL_SESSION_TICKETS_DISABLED 0
#define SSL_SESSION_TICKETS_ENABLED 1
#if !defined(POLARSSL_CONFIG_OPTIONS)
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(SSL_DEFAULT_TICKET_LIFETIME)
#define SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
#endif /* !POLARSSL_CONFIG_OPTIONS */
#endif
/*
* Size of the input / output buffer.
* Note: the RFC defines the default size of SSL / TLS messages. If you
* change the value here, other clients / servers may not be able to
* communicate with you anymore. Only change this value if you control
* both sides of the connection and have it reduced at both sides!
* both sides of the connection and have it reduced at both sides, or
* if you're using the Max Fragment Length extension and you know all your
* peers are using it too!
*/
#if !defined(POLARSSL_CONFIG_OPTIONS)
#if !defined(SSL_MAX_CONTENT_LEN)
#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */
#endif /* !POLARSSL_CONFIG_OPTIONS */
#endif
/* \} name SECTION: Module settings */
/*
* Allow an extra 301 bytes for the record header
* and encryption overhead: counter (8) + header (5) + MAC (32) + padding (256)
* Allow extra bytes for record, authentication and encryption overhead:
* counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256)
* and allow for a maximum of 1024 of compression expansion if
* enabled.
*/
@ -248,8 +275,36 @@
#define SSL_COMPRESSION_ADD 0
#endif
#define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + SSL_COMPRESSION_ADD + 301)
#if defined(POLARSSL_RC4_C) || defined(POLARSSL_CIPHER_MODE_CBC)
/* Ciphersuites using HMAC */
#if defined(POLARSSL_SHA512_C)
#define SSL_MAC_ADD 48 /* SHA-384 used for HMAC */
#elif defined(POLARSSL_SHA256_C)
#define SSL_MAC_ADD 32 /* SHA-256 used for HMAC */
#else
#define SSL_MAC_ADD 20 /* SHA-1 used for HMAC */
#endif
#else
/* AEAD ciphersuites: GCM and CCM use a 128 bits tag */
#define SSL_MAC_ADD 16
#endif
#if defined(POLARSSL_CIPHER_MODE_CBC)
#define SSL_PADDING_ADD 256
#else
#define SSL_PADDING_ADD 0
#endif
#define SSL_BUFFER_LEN ( SSL_MAX_CONTENT_LEN \
+ SSL_COMPRESSION_ADD \
+ 29 /* counter + header + IV */ \
+ SSL_MAC_ADD \
+ SSL_PADDING_ADD \
)
/*
* Signaling ciphersuite values (SCSV)
*/
#define SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */
/*
@ -313,6 +368,7 @@
#define SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */
#define SSL_ALERT_MSG_UNRECOGNIZED_NAME 112 /* 0x70 */
#define SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY 115 /* 0x73 */
#define SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL 120 /* 0x78 */
#define SSL_HS_HELLO_REQUEST 0
#define SSL_HS_CLIENT_HELLO 1
@ -341,6 +397,8 @@
#define TLS_EXT_SIG_ALG 13
#define TLS_EXT_ALPN 16
#define TLS_EXT_SESSION_TICKET 35
#define TLS_EXT_RENEGOTIATION_INFO 0xFF01
@ -355,12 +413,43 @@
/*
* Size defines
*/
#if !defined(POLARSSL_MPI_MAX_SIZE)
#define POLARSSL_PREMASTER_SIZE 512
#else
#define POLARSSL_PREMASTER_SIZE POLARSSL_MPI_MAX_SIZE
#if !defined(POLARSSL_PSK_MAX_LEN)
#define POLARSSL_PSK_MAX_LEN 32 /* 256 bits */
#endif
/* Dummy type used only for its size */
union _ssl_premaster_secret
{
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */
#endif
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
unsigned char _pms_dhm[POLARSSL_MPI_MAX_SIZE]; /* RFC 5246 8.1.2 */
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
unsigned char _pms_ecdh[POLARSSL_ECP_MAX_BYTES]; /* RFC 4492 5.10 */
#endif
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
unsigned char _pms_psk[4 + 2 * POLARSSL_PSK_MAX_LEN]; /* RFC 4279 2 */
#endif
#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
unsigned char _pms_dhe_psk[4 + POLARSSL_MPI_MAX_SIZE
+ POLARSSL_PSK_MAX_LEN]; /* RFC 4279 3 */
#endif
#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
unsigned char _pms_rsa_psk[52 + POLARSSL_PSK_MAX_LEN]; /* RFC 4279 4 */
#endif
#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
unsigned char _pms_ecdhe_psk[4 + POLARSSL_ECP_MAX_BYTES
+ POLARSSL_PSK_MAX_LEN]; /* RFC 5489 2 */
#endif
};
#define POLARSSL_PREMASTER_SIZE sizeof( union _ssl_premaster_secret )
#ifdef __cplusplus
extern "C" {
#endif
@ -371,7 +460,7 @@ extern "C" {
*/
typedef int (*rsa_decrypt_func)( void *ctx, int mode, size_t *olen,
const unsigned char *input, unsigned char *output,
size_t output_max_len );
size_t output_max_len );
typedef int (*rsa_sign_func)( void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
int mode, md_type_t md_alg, unsigned int hashlen,
@ -498,8 +587,8 @@ struct _ssl_handshake_params
/*
* Handshake specific crypto variables
*/
int sig_alg; /*!< Signature algorithm */
int cert_type; /*!< Requested cert type */
int sig_alg; /*!< Hash algorithm for signature */
int cert_type; /*!< Requested cert type */
int verify_sig_alg; /*!< Signature algorithm for verify */
#if defined(POLARSSL_DHM_C)
dhm_context dhm_ctx; /*!< DHM key exchange */
@ -521,7 +610,7 @@ struct _ssl_handshake_params
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI */
#endif
#endif
#endif /* POLARSSL_X509_CRT_PARSE_C */
/*
* Checksum contexts
@ -596,6 +685,7 @@ struct _ssl_context
*/
int state; /*!< SSL handshake: current state */
int renegotiation; /*!< Initial or renegotiation */
int renego_records_seen; /*!< Records since renego request */
int major_ver; /*!< equal to SSL_MAJOR_VERSION_3 */
int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */
@ -720,7 +810,11 @@ struct _ssl_context
int verify_result; /*!< verification result */
int disable_renegotiation; /*!< enable/disable renegotiation */
int allow_legacy_renegotiation; /*!< allow legacy renegotiation */
int renego_max_records; /*!< grace period for renegotiation */
const int *ciphersuite_list[4]; /*!< allowed ciphersuites / version */
#if defined(POLARSSL_SSL_SET_CURVES)
const ecp_group_id *curve_list; /*!< allowed curves */
#endif
#if defined(POLARSSL_SSL_TRUNCATED_HMAC)
int trunc_hmac; /*!< negotiate truncated hmac? */
#endif
@ -752,6 +846,14 @@ struct _ssl_context
size_t hostname_len;
#endif
#if defined(POLARSSL_SSL_ALPN)
/*
* ALPN extension
*/
const char **alpn_list; /*!< ordered list of supported protocols */
const char *alpn_chosen; /*!< negotiated protocol */
#endif
/*
* Secure renegotiation
*/
@ -779,7 +881,7 @@ extern int (*ssl_hw_record_reset)(ssl_context *ssl);
extern int (*ssl_hw_record_write)(ssl_context *ssl);
extern int (*ssl_hw_record_read)(ssl_context *ssl);
extern int (*ssl_hw_record_finish)(ssl_context *ssl);
#endif
#endif /* POLARSSL_SSL_HW_RECORD_ACCEL */
/**
* \brief Returns the list of ciphersuites supported by the SSL/TLS module.
@ -790,8 +892,8 @@ extern int (*ssl_hw_record_finish)(ssl_context *ssl);
const int *ssl_list_ciphersuites( void );
/**
* \brief Return the name of the ciphersuite associated with the given
* ID
* \brief Return the name of the ciphersuite associated with the
* given ID
*
* \param ciphersuite_id SSL ciphersuite ID
*
@ -800,8 +902,8 @@ const int *ssl_list_ciphersuites( void );
const char *ssl_get_ciphersuite_name( const int ciphersuite_id );
/**
* \brief Return the ID of the ciphersuite associated with the given
* name
* \brief Return the ID of the ciphersuite associated with the
* given name
*
* \param ciphersuite_name SSL ciphersuite name
*
@ -859,6 +961,12 @@ void ssl_set_endpoint( ssl_context *ssl, int endpoint );
*
* SSL_VERIFY_REQUIRED: peer *must* present a valid certificate,
* handshake is aborted if verification failed.
*
* \note On client, SSL_VERIFY_REQUIRED is the recommended mode.
* With SSL_VERIFY_OPTIONAL, the user needs to call ssl_get_verify_result() at
* the right time(s), which may not be obvious, while REQUIRED always perform
* the verification as soon as possible. For example, REQUIRED was protecting
* against the "triple handshake" attack even before it was found.
*/
void ssl_set_authmode( ssl_context *ssl, int authmode );
@ -1043,6 +1151,9 @@ int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert,
* up your certificate chain. The top certificate (self-signed)
* can be omitted.
*
* \warning This backwards-compatibility function is deprecated!
* Please use \c ssl_set_own_cert() instead.
*
* \param ssl SSL context
* \param own_cert own public certificate chain
* \param rsa_key own private RSA key
@ -1065,6 +1176,10 @@ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert,
* up your certificate chain. The top certificate (self-signed)
* can be omitted.
*
* \warning This backwards-compatibility function is deprecated!
* Please use \c pk_init_ctx_rsa_alt()
* and \c ssl_set_own_cert() instead.
*
* \param ssl SSL context
* \param own_cert own public certificate chain
* \param rsa_key alternate implementation private RSA key
@ -1102,7 +1217,7 @@ int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len,
*
* If set, the PSK callback is called for each
* handshake where a PSK ciphersuite was negotiated.
* The callback provides the identity received and wants to
* The caller provides the identity received and wants to
* receive the actual PSK data and length.
*
* The callback has the following parameters: (void *parameter,
@ -1147,7 +1262,29 @@ int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G );
* \return 0 if successful
*/
int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx );
#endif
#endif /* POLARSSL_DHM_C */
#if defined(POLARSSL_SSL_SET_CURVES)
/**
* \brief Set the allowed curves in order of preference.
* (Default: all defined curves.)
*
* On server: this only affects selection of the ECDHE curve;
* the curves used for ECDH and ECDSA are determined by the
* list of available certificates instead.
*
* On client: this affects the list of curves offered for any
* use. The server can override our preference order.
*
* Both sides: limits the set of curves used by peer to the
* listed curves for any use (ECDH(E), certificates).
*
* \param ssl SSL context
* \param curves Ordered list of allowed curves,
* terminated by POLARSSL_ECP_DP_NONE.
*/
void ssl_set_curves( ssl_context *ssl, const ecp_group_id *curves );
#endif /* POLARSSL_SSL_SET_CURVES */
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
/**
@ -1187,6 +1324,30 @@ void ssl_set_sni( ssl_context *ssl,
void *p_sni );
#endif /* POLARSSL_SSL_SERVER_NAME_INDICATION */
#if defined(POLARSSL_SSL_ALPN)
/**
* \brief Set the supported Application Layer Protocols.
*
* \param ssl SSL context
* \param protos NULL-terminated list of supported protocols,
* in decreasing preference order.
*
* \return 0 on success, or POLARSSL_ERR_SSL_BAD_INPUT_DATA.
*/
int ssl_set_alpn_protocols( ssl_context *ssl, const char **protos );
/**
* \brief Get the name of the negotiated Application Layer Protocol.
* This function should be called after the handshake is
* completed.
*
* \param ssl SSL context
*
* \return Protcol name, or NULL if no protocol was negotiated.
*/
const char *ssl_get_alpn_protocol( const ssl_context *ssl );
#endif /* POLARSSL_SSL_ALPN */
/**
* \brief Set the maximum supported version sent from the client side
* and/or accepted at the server side
@ -1301,7 +1462,7 @@ void ssl_set_renegotiation( ssl_context *ssl, int renegotiation );
/**
* \brief Prevent or allow legacy renegotiation.
* (Default: SSL_LEGACY_NO_RENEGOTIATION)
*
*
* SSL_LEGACY_NO_RENEGOTIATION allows connections to
* be established even if the peer does not support
* secure renegotiation, but does not allow renegotiation
@ -1327,6 +1488,33 @@ void ssl_set_renegotiation( ssl_context *ssl, int renegotiation );
*/
void ssl_legacy_renegotiation( ssl_context *ssl, int allow_legacy );
/**
* \brief Enforce server-requested renegotiation.
* (Default: enforced, max_records = 16)
* (No effect on client.)
*
* When a server requests a renegotiation, the client can
* comply or ignore the request. This function allows the
* server to decide if it should enforce its renegotiation
* requests by closing the connection if the client doesn't
* initiate a renegotiation.
*
* However, records could already be in transit from the
* client to the server when the request is emitted. In order
* to increase reliability, the server can accept a number of
* records containing application data before the ClientHello
* that was requested.
*
* The optimal value is highly dependent on the specific usage
* scenario.
*
* \param ssl SSL context
* \param max_records Use SSL_RENEGOTIATION_NOT_ENFORCED if you don't want to
* enforce renegotiation, or a non-negative value to enforce
* it but allow for a grace period of max_records records.
*/
void ssl_set_renegotiation_enforced( ssl_context *ssl, int max_records );
/**
* \brief Return the number of data bytes available to read
*
@ -1494,6 +1682,13 @@ int ssl_close_notify( ssl_context *ssl );
*/
void ssl_free( ssl_context *ssl );
/**
* \brief Initialize SSL session structure
*
* \param session SSL session
*/
void ssl_session_init( ssl_session *session );
/**
* \brief Free referenced items in an SSL session including the
* peer certificate and clear memory
@ -1548,7 +1743,8 @@ int ssl_write_change_cipher_spec( ssl_context *ssl );
int ssl_parse_finished( ssl_context *ssl );
int ssl_write_finished( ssl_context *ssl );
void ssl_optimize_checksum( ssl_context *ssl, const ssl_ciphersuite_t *ciphersuite_info );
void ssl_optimize_checksum( ssl_context *ssl,
const ssl_ciphersuite_t *ciphersuite_info );
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex );
@ -1561,6 +1757,10 @@ pk_type_t ssl_pk_alg_from_sig( unsigned char sig );
md_type_t ssl_md_alg_from_hash( unsigned char hash );
#if defined(POLARSSL_SSL_SET_CURVES)
int ssl_curve_is_acceptable( const ssl_context *ssl, ecp_group_id grp_id );
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C)
static inline pk_context *ssl_own_key( ssl_context *ssl )
{
@ -1573,6 +1773,19 @@ static inline x509_crt *ssl_own_cert( ssl_context *ssl )
return( ssl->handshake->key_cert == NULL ? NULL
: ssl->handshake->key_cert->cert );
}
/*
* Check usage of a certificate wrt extensions:
* keyUsage, extendedKeyUsage (later), and nSCertType (later).
*
* Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we
* check a cert we received from them)!
*
* Return 0 if everything is OK, -1 if not.
*/
int ssl_check_cert_usage( const x509_crt *cert,
const ssl_ciphersuite_t *ciphersuite,
int cert_endpoint );
#endif /* POLARSSL_X509_CRT_PARSE_C */
/* constant-time buffer comparison */

View File

@ -33,10 +33,23 @@
#include "threading.h"
#endif
#if !defined(POLARSSL_CONFIG_OPTIONS)
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(SSL_CACHE_DEFAULT_TIMEOUT)
#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */
#endif
#if !defined(SSL_CACHE_DEFAULT_MAX_ENTRIES)
#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */
#endif /* !POLARSSL_CONFIG_OPTIONS */
#endif
/* \} name SECTION: Module settings */
#ifdef __cplusplus
extern "C" {
@ -106,7 +119,7 @@ int ssl_cache_set( void *data, const ssl_session *session );
* A timeout of 0 indicates no timeout.
*
* \param cache SSL cache context
* \param timeout cache entry timeout
* \param timeout cache entry timeout in seconds
*/
void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout );
#endif /* POLARSSL_HAVE_TIME */

View File

@ -210,6 +210,30 @@ extern "C" {
#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< Not in SSL3! */
#define TLS_RSA_WITH_AES_128_CCM 0xC09C /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_256_CCM 0xC09D /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB /**< TLS 1.2 */
/* The last two are named with PSK_DHE in the RFC, which looks like a typo */
#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF /**< TLS 1.2 */
/* Reminder: update _ssl_premaster_secret when adding a new key exchange */
typedef enum {
POLARSSL_KEY_EXCHANGE_NONE = 0,
POLARSSL_KEY_EXCHANGE_RSA,
@ -226,7 +250,9 @@ typedef enum {
typedef struct _ssl_ciphersuite_t ssl_ciphersuite_t;
#define POLARSSL_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */
#define POLARSSL_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */
#define POLARSSL_CIPHERSUITE_SHORT_TAG 0x02 /**< Short authentication tag,
eg for CCM_8 */
/**
* \brief This structure is used for storing ciphersuite information

View File

@ -27,7 +27,11 @@
#ifndef POLARSSL_THREADING_H
#define POLARSSL_THREADING_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <stdlib.h>

View File

@ -3,7 +3,7 @@
*
* \brief Portable interface to the CPU cycle counter
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,6 +27,16 @@
#ifndef POLARSSL_TIMING_H
#define POLARSSL_TIMING_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if !defined(POLARSSL_TIMING_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
@ -68,8 +78,21 @@ void set_alarm( int seconds );
*/
void m_sleep( int milliseconds );
#if defined(POLARSSL_SELF_TEST)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if a test failed
*/
int timing_self_test( int verbose );
#endif
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_TIMING_ALT */
#include "timing_alt.h"
#endif /* POLARSSL_TIMING_ALT */
#endif /* timing.h */

View File

@ -3,7 +3,7 @@
*
* \brief Run-time version information
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -31,7 +31,11 @@
#ifndef POLARSSL_VERSION_H
#define POLARSSL_VERSION_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
/**
* The version number x.y.z is split into three parts.
@ -39,16 +43,16 @@
*/
#define POLARSSL_VERSION_MAJOR 1
#define POLARSSL_VERSION_MINOR 3
#define POLARSSL_VERSION_PATCH 4
#define POLARSSL_VERSION_PATCH 8
/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
#define POLARSSL_VERSION_NUMBER 0x01030400
#define POLARSSL_VERSION_STRING "1.3.4"
#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.3.4"
#define POLARSSL_VERSION_NUMBER 0x01030800
#define POLARSSL_VERSION_STRING "1.3.8"
#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.3.8"
#if defined(POLARSSL_VERSION_C)
@ -75,11 +79,32 @@ void version_get_string( char *string );
/**
* Get the full version string ("PolarSSL x.y.z").
*
* \param string The string that will receive the value.
* (Should be at least 18 bytes in size)
* \param string The string that will receive the value. The PolarSSL version
* string will use 18 bytes AT MOST including a terminating
* null byte.
* (So the buffer should be at least 18 bytes to receive this
* version string).
*/
void version_get_string_full( char *string );
/**
* \brief Check if support for a feature was compiled into this
* PolarSSL binary. This allows you to see at runtime if the
* library was for instance compiled with or without
* Multi-threading support.
*
* Note: only checks against defines in the sections "System
* support", "PolarSSL modules" and "PolarSSL feature
* support" in config.h
*
* \param feature The string for the define to check (e.g. "POLARSSL_AES_C")
*
* \return 0 if the feature is present, -1 if the feature is not
* present and -2 if support for feature checking as a whole
* was not compiled in.
*/
int version_check_feature( const char *feature );
#ifdef __cplusplus
}
#endif

View File

@ -3,7 +3,7 @@
*
* \brief X.509 generic defines and structures
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_X509_H
#define POLARSSL_X509_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "asn1.h"
#include "pk.h"
@ -78,6 +82,8 @@
#define BADCERT_MISSING 0x40 /**< Certificate was missing. */
#define BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */
#define BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */
#define BADCERT_FUTURE 0x0200 /**< The certificate validity starts in the future. */
#define BADCRL_FUTURE 0x0400 /**< The CRL is from the future */
/* \} name */
/* \} addtogroup x509_module */
@ -108,24 +114,27 @@
/*
* X.509 extension types
*
* Comments refer to the status for using certificates. Status can be
* different for writing certificates or reading CRLs or CSRs.
*/
#define EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
#define EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
#define EXT_KEY_USAGE (1 << 2)
#define EXT_KEY_USAGE (1 << 2) /* Parsed but not used */
#define EXT_CERTIFICATE_POLICIES (1 << 3)
#define EXT_POLICY_MAPPINGS (1 << 4)
#define EXT_SUBJECT_ALT_NAME (1 << 5)
#define EXT_SUBJECT_ALT_NAME (1 << 5) /* Supported (DNS) */
#define EXT_ISSUER_ALT_NAME (1 << 6)
#define EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
#define EXT_BASIC_CONSTRAINTS (1 << 8)
#define EXT_BASIC_CONSTRAINTS (1 << 8) /* Supported */
#define EXT_NAME_CONSTRAINTS (1 << 9)
#define EXT_POLICY_CONSTRAINTS (1 << 10)
#define EXT_EXTENDED_KEY_USAGE (1 << 11)
#define EXT_EXTENDED_KEY_USAGE (1 << 11) /* Parsed but not used */
#define EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
#define EXT_INIHIBIT_ANYPOLICY (1 << 13)
#define EXT_FRESHEST_CRL (1 << 14)
#define EXT_NS_CERT_TYPE (1 << 16)
#define EXT_NS_CERT_TYPE (1 << 16) /* Parsed (and then ?) */
/*
* Storage format identifiers
@ -207,6 +216,8 @@ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial );
/**
* \brief Give an known OID, return its descriptive string.
* (Deprecated. Use oid_get_extended_key_usage() instead.)
* Warning: only works for extended_key_usage OIDs!
*
* \param oid buffer containing the oid
*
@ -223,22 +234,33 @@ const char *x509_oid_get_description( x509_buf *oid );
* \param size Maximum size of buffer
* \param oid Buffer containing the OID
*
* \return The amount of data written to the buffer, or -1 in
* case of an error.
* \return Length of the string written (excluding final NULL) or
* POLARSSL_ERR_OID_BUF_TO_SMALL in case of error
*/
int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid );
/**
* \brief Check a given x509_time against the system time and check
* if it is valid.
* if it is not expired.
*
* \param time x509_time to check
*
* \return Return 0 if the x509_time is still valid,
* or 1 otherwise.
* \return 0 if the x509_time is still valid,
* 1 otherwise.
*/
int x509_time_expired( const x509_time *time );
/**
* \brief Check a given x509_time against the system time and check
* if it is not from the future.
*
* \param time x509_time to check
*
* \return 0 if the x509_time is already valid,
* 1 otherwise.
*/
int x509_time_future( const x509_time *time );
/**
* \brief Checkup routine
*
@ -254,9 +276,17 @@ int x509_get_name( unsigned char **p, const unsigned char *end,
x509_name *cur );
int x509_get_alg_null( unsigned char **p, const unsigned char *end,
x509_buf *alg );
int x509_get_alg( unsigned char **p, const unsigned char *end,
x509_buf *alg, x509_buf *params );
#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT)
int x509_get_rsassa_pss_params( const x509_buf *params,
md_type_t *md_alg, md_type_t *mgf_md,
int *salt_len );
#endif
int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig );
int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg,
pk_type_t *pk_alg );
int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params,
md_type_t *md_alg, pk_type_t *pk_alg,
void **sig_opts );
int x509_get_time( unsigned char **p, const unsigned char *end,
x509_time *time );
int x509_get_serial( unsigned char **p, const unsigned char *end,
@ -264,9 +294,14 @@ int x509_get_serial( unsigned char **p, const unsigned char *end,
int x509_get_ext( unsigned char **p, const unsigned char *end,
x509_buf *ext, int tag );
int x509_load_file( const char *path, unsigned char **buf, size_t *n );
int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid,
pk_type_t pk_alg, md_type_t md_alg,
const void *sig_opts );
int x509_key_size_helper( char *buf, size_t size, const char *name );
int x509_string_to_names( asn1_named_data **head, const char *name );
int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len, int critical, const unsigned char *val, size_t val_len );
int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len,
int critical, const unsigned char *val,
size_t val_len );
int x509_write_extensions( unsigned char **p, unsigned char *start,
asn1_named_data *first );
int x509_write_names( unsigned char **p, unsigned char *start,

View File

@ -27,7 +27,11 @@
#ifndef POLARSSL_X509_CRL_H
#define POLARSSL_X509_CRL_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "x509.h"
@ -71,7 +75,7 @@ typedef struct _x509_crl
x509_buf raw; /**< The raw certificate data (DER). */
x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
int version;
int version; /**< CRL version (1=v1, 2=v2) */
x509_buf sig_oid1;
x509_buf issuer_raw; /**< The raw issuer data (DER). */
@ -88,7 +92,8 @@ typedef struct _x509_crl
x509_buf sig_oid2;
x509_buf sig;
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */;
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */
struct _x509_crl *next;
}

View File

@ -27,7 +27,11 @@
#ifndef POLARSSL_X509_CRT_H
#define POLARSSL_X509_CRT_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "x509.h"
@ -55,7 +59,7 @@ typedef struct _x509_crt
x509_buf raw; /**< The raw certificate data (DER). */
x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
int version; /**< The X.509 version. (0=v1, 1=v2, 2=v3) */
int version; /**< The X.509 version. (1=v1, 2=v2, 3=v3) */
x509_buf serial; /**< Unique id for certificate issued by a specific CA. */
x509_buf sig_oid1; /**< Signature algorithm, e.g. sha1RSA */
@ -72,23 +76,24 @@ typedef struct _x509_crt
x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */
x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */
x509_buf v3_ext; /**< Optional X.509 v3 extensions. Only Basic Contraints are supported at this time. */
x509_buf v3_ext; /**< Optional X.509 v3 extensions. */
x509_sequence subject_alt_names; /**< Optional list of Subject Alternative Names (Only dNSName supported). */
int ext_types; /**< Bit string containing detected and parsed extensions */
int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */
int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */
unsigned char key_usage; /**< Optional key usage extension value: See the values below */
unsigned char key_usage; /**< Optional key usage extension value: See the values in x509.h */
x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */
unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values below */
unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */
x509_buf sig_oid2; /**< Signature algorithm. Must match sig_oid1. */
x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */;
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */
struct _x509_crt *next; /**< Next certificate in the CA-chain. */
}
@ -244,6 +249,44 @@ int x509_crt_verify( x509_crt *crt,
int (*f_vrfy)(void *, x509_crt *, int, int *),
void *p_vrfy );
#if defined(POLARSSL_X509_CHECK_KEY_USAGE)
/**
* \brief Check usage of certificate against keyUsage extension.
*
* \param crt Leaf certificate used.
* \param usage Intended usage(s) (eg KU_KEY_ENCIPHERMENT before using the
* certificate to perform an RSA key exchange).
*
* \return 0 is these uses of the certificate are allowed,
* POLARSSL_ERR_X509_BAD_INPUT_DATA if the keyUsage extension
* is present but does not contain all the bits set in the
* usage argument.
*
* \note You should only call this function on leaf certificates, on
* (intermediate) CAs the keyUsage extension is automatically
* checked by \c x509_crt_verify().
*/
int x509_crt_check_key_usage( const x509_crt *crt, int usage );
#endif /* POLARSSL_X509_CHECK_KEY_USAGE) */
#if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE)
/**
* \brief Check usage of certificate against extentedJeyUsage.
*
* \param crt Leaf certificate used.
* \param usage_oid Intended usage (eg OID_SERVER_AUTH or OID_CLIENT_AUTH).
* \param usage_len Length of usage_oid (eg given by OID_SIZE()).
*
* \return 0 is this use of the certificate is allowed,
* POLARSSL_ERR_X509_BAD_INPUT_DATA if not.
*
* \note Usually only makes sense on leaf certificates.
*/
int x509_crt_check_extended_key_usage( const x509_crt *crt,
const char *usage_oid,
size_t usage_len );
#endif /* POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) */
#if defined(POLARSSL_X509_CRL_PARSE_C)
/**
* \brief Verify the certificate revocation status

View File

@ -3,7 +3,7 @@
*
* \brief X.509 certificate signing request parsing and writing
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -27,7 +27,11 @@
#ifndef POLARSSL_X509_CSR_H
#define POLARSSL_X509_CSR_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "x509.h"
@ -52,7 +56,7 @@ typedef struct _x509_csr
x509_buf raw; /**< The raw CSR data (DER). */
x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */
int version;
int version; /**< CSR version (1=v1). */
x509_buf subject_raw; /**< The raw subject data (DER). */
x509_name subject; /**< The parsed subject data (named information object). */
@ -62,7 +66,8 @@ typedef struct _x509_csr
x509_buf sig_oid;
x509_buf sig;
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */;
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */
}
x509_csr;
@ -80,7 +85,19 @@ x509write_csr;
#if defined(POLARSSL_X509_CSR_PARSE_C)
/**
* \brief Load a Certificate Signing Request (CSR)
* \brief Load a Certificate Signing Request (CSR) in DER format
*
* \param csr CSR context to fill
* \param buf buffer holding the CRL data
* \param buflen size of the buffer
*
* \return 0 if successful, or a specific X509 error code
*/
int x509_csr_parse_der( x509_csr *csr,
const unsigned char *buf, size_t buflen );
/**
* \brief Load a Certificate Signing Request (CSR), DER or PEM format
*
* \param csr CSR context to fill
* \param buf buffer holding the CRL data
@ -111,8 +128,8 @@ int x509_csr_parse_file( x509_csr *csr, const char *path );
* \param prefix A line prefix
* \param csr The X509 CSR to represent
*
* \return The amount of data written to the buffer, or -1 in
* case of an error.
* \return The length of the string written (exluding the terminating
* null byte), or a negative value in case of an error.
*/
int x509_csr_info( char *buf, size_t size, const char *prefix,
const x509_csr *csr );
@ -200,7 +217,8 @@ int x509write_csr_set_ns_cert_type( x509write_csr *ctx,
unsigned char ns_cert_type );
/**
* \brief Generic function to add to or replace an extension in the CSR
* \brief Generic function to add to or replace an extension in the
* CSR
*
* \param ctx CSR context to use
* \param oid OID of the extension

View File

@ -27,7 +27,11 @@
#ifndef POLARSSL_XTEA_H
#define POLARSSL_XTEA_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
@ -60,6 +64,20 @@ typedef struct
}
xtea_context;
/**
* \brief Initialize XTEA context
*
* \param ctx XTEA context to be initialized
*/
void xtea_init( xtea_context *ctx );
/**
* \brief Clear XTEA context
*
* \param ctx XTEA context to be cleared
*/
void xtea_free( xtea_context *ctx );
/**
* \brief XTEA key schedule
*