camellia.h   camellia.h 
skipping to change at line 23 skipping to change at line 23
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_CAMELLIA_H #ifndef POLARSSL_CAMELLIA_H
#define POLARSSL_CAMELLIA_H #define POLARSSL_CAMELLIA_H
#include <inttypes.h>
#define CAMELLIA_ENCRYPT 1 #define CAMELLIA_ENCRYPT 1
#define CAMELLIA_DECRYPT 0 #define CAMELLIA_DECRYPT 0
/** /**
* \brief CAMELLIA context structure * \brief CAMELLIA context structure
*/ */
typedef struct typedef struct
{ {
int nr; /*!< number of rounds */ int nr; /*!< number of rounds */
unsigned long rk[68]; /*!< CAMELLIA round keys */ uint32_t rk[68]; /*!< CAMELLIA round keys */
} }
camellia_context; camellia_context;
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief CAMELLIA key schedule (encryption) * \brief CAMELLIA key schedule (encryption)
* *
 End of changes. 2 change blocks. 
1 lines changed or deleted 3 lines changed or added


 config.h   config.h 
skipping to change at line 53 skipping to change at line 53
*/ */
/* /*
* Uncomment if the compiler supports long long. * Uncomment if the compiler supports long long.
* *
#define POLARSSL_HAVE_LONGLONG #define POLARSSL_HAVE_LONGLONG
*/ */
/* /*
* Uncomment to enable the use of assembly code. * Uncomment to enable the use of assembly code.
*
* Requires support for asm() in compiler.
*
* Used in:
* library/timing.c
* library/padlock.c
* include/polarssl/bn_mul.h
*
*/ */
#define POLARSSL_HAVE_ASM #define POLARSSL_HAVE_ASM
/* /*
* Uncomment if the CPU supports SSE2 (IA-32 specific). * Uncomment if the CPU supports SSE2 (IA-32 specific).
* *
#define POLARSSL_HAVE_SSE2 #define POLARSSL_HAVE_SSE2
*/ */
/* /*
 End of changes. 1 change blocks. 
0 lines changed or deleted 8 lines changed or added


 padlock.h   padlock.h 
skipping to change at line 27 skipping to change at line 27
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_PADLOCK_H #ifndef POLARSSL_PADLOCK_H
#define POLARSSL_PADLOCK_H #define POLARSSL_PADLOCK_H
#include "polarssl/aes.h" #include "polarssl/aes.h"
#if (defined(__GNUC__) && defined(__i386__)) #if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && defined(__i386__)
#ifndef POLARSSL_HAVE_X86 #ifndef POLARSSL_HAVE_X86
#define POLARSSL_HAVE_X86 #define POLARSSL_HAVE_X86
#endif #endif
#define PADLOCK_RNG 0x000C #define PADLOCK_RNG 0x000C
#define PADLOCK_ACE 0x00C0 #define PADLOCK_ACE 0x00C0
#define PADLOCK_PHE 0x0C00 #define PADLOCK_PHE 0x0C00
#define PADLOCK_PMM 0x3000 #define PADLOCK_PMM 0x3000
 End of changes. 1 change blocks. 
1 lines changed or deleted 1 lines changed or added


 rsa.h   rsa.h 
skipping to change at line 40 skipping to change at line 40
#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x0430 #define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x0430
#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x0440 #define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x0440
#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x0450 #define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x0450
#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x0460 #define POLARSSL_ERR_RSA_VERIFY_FAILED -0x0460
#define POLARSSL_ERR_RSA_OUTPUT_TO_LARGE -0x0470 #define POLARSSL_ERR_RSA_OUTPUT_TO_LARGE -0x0470
/* /*
* PKCS#1 constants * PKCS#1 constants
*/ */
#define RSA_RAW 0 #define RSA_RAW 0
#define RSA_MD2 2
#define RSA_MD4 3 #define SIG_RSA_MD2 2
#define RSA_MD5 4 #define SIG_RSA_MD4 3
#define RSA_SHA1 5 #define SIG_RSA_MD5 4
#define RSA_SHA256 6 #define SIG_RSA_SHA1 5
#define SIG_RSA_SHA224 14
#define SIG_RSA_SHA256 11
#define SIG_RSA_SHA384 12
#define SIG_RSA_SHA512 13
#define RSA_PUBLIC 0 #define RSA_PUBLIC 0
#define RSA_PRIVATE 1 #define RSA_PRIVATE 1
#define RSA_PKCS_V15 0 #define RSA_PKCS_V15 0
#define RSA_PKCS_V21 1 #define RSA_PKCS_V21 1
#define RSA_SIGN 1 #define RSA_SIGN 1
#define RSA_CRYPT 2 #define RSA_CRYPT 2
#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30"
#define ASN1_STR_NULL "\x05"
#define ASN1_STR_OID "\x06"
#define ASN1_STR_OCTET_STRING "\x04"
#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00"
#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a"
#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00"
#define OID_ISO_MEMBER_BODIES "\x2a"
#define OID_ISO_IDENTIFIED_ORG "\x2b"
/*
* ISO Member bodies OID parts
*/
#define OID_COUNTRY_US "\x86\x48"
#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d"
/*
* ISO Identified organization OID parts
*/
#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a"
/* /*
* DigestInfo ::= SEQUENCE { * DigestInfo ::= SEQUENCE {
* digestAlgorithm DigestAlgorithmIdentifier, * digestAlgorithm DigestAlgorithmIdentifier,
* digest Digest } * digest Digest }
* *
* DigestAlgorithmIdentifier ::= AlgorithmIdentifier * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
* *
* Digest ::= OCTET STRING * Digest ::= OCTET STRING
*/ */
#define ASN1_HASH_MDX \ #define ASN1_HASH_MDX \
"\x30\x20\x30\x0C\x06\x08\x2A\x86\x48" \ ( \
"\x86\xF7\x0D\x02\x00\x05\x00\x04\x10" ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \
#define ASN1_HASH_SHA1 \ ASN1_STR_OID "\x08" \
"\x30\x21\x30\x09\x06\x05\x2B\x0E\x03" \ OID_DIGEST_ALG_MDX \
"\x02\x1A\x05\x00\x04\x14" ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x10" \
)
#define ASN1_HASH_SHA1 \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \
ASN1_STR_OID "\x05" \
OID_HASH_ALG_SHA1 \
ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x14"
#define ASN1_HASH_SHA2X \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \
ASN1_STR_OID "\x09" \
OID_HASH_ALG_SHA2X \
ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x00"
/** /**
* \brief RSA context structure * \brief RSA context structure
*/ */
typedef struct typedef struct
{ {
int ver; /*!< always 0 */ int ver; /*!< always 0 */
int len; /*!< size(N) in chars */ int len; /*!< size(N) in chars */
mpi N; /*!< public modulus */ mpi N; /*!< public modulus */
skipping to change at line 168 skipping to change at line 213
/** /**
* \brief Do an RSA public key operation * \brief Do an RSA public key operation
* *
* \param ctx RSA context * \param ctx RSA context
* \param input input buffer * \param input input buffer
* \param output output buffer * \param output output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note This function does NOT take care of message * \note This function does NOT take care of message
* padding. Also, be sure to set input[0] = 0. * padding. Also, be sure to set input[0] = 0 or assure tha
t
* input is smaller than N.
* *
* \note The input and output buffers must be large * \note The input and output buffers must be large
* enough (eg. 128 bytes if RSA-1024 is used). * enough (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_public( rsa_context *ctx, int rsa_public( rsa_context *ctx,
unsigned char *input, unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Do an RSA private key operation * \brief Do an RSA private key operation
skipping to change at line 198 skipping to change at line 244
*/ */
int rsa_private( rsa_context *ctx, int rsa_private( rsa_context *ctx,
unsigned char *input, unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Add the message padding, then do an RSA operation * \brief Add the message padding, then do an RSA operation
* *
* \param ctx RSA context * \param ctx RSA context
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param ilen contains the the plaintext length * \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted * \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext * \param output buffer that will hold the ciphertext
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_pkcs1_encrypt( rsa_context *ctx, int rsa_pkcs1_encrypt( rsa_context *ctx,
int mode, int ilen, int mode, int ilen,
skipping to change at line 239 skipping to change at line 285
int mode, int *olen, int mode, int *olen,
unsigned char *input, unsigned char *input,
unsigned char *output, unsigned char *output,
int output_max_len); int output_max_len);
/** /**
* \brief Do a private RSA to sign a message digest * \brief Do a private RSA to sign a message digest
* *
* \param ctx RSA context * \param ctx RSA context
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param hash_id RSA_RAW, RSA_MD{2,4,5} or RSA_SHA{1,256} * \param hash_id RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384, 512}
* \param hashlen message digest length (for RSA_RAW only) * \param hashlen message digest length (for RSA_RAW only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext * \param sig buffer that will hold the ciphertext
* *
* \return 0 if the signing operation was successful, * \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
 End of changes. 6 change blocks. 
15 lines changed or deleted 62 lines changed or added


 ssl.h   ssl.h 
skipping to change at line 238 skipping to change at line 238
int out_msgtype; /*!< record header: message type */ int out_msgtype; /*!< record header: message type */
int out_msglen; /*!< record header: message length */ int out_msglen; /*!< record header: message length */
int out_left; /*!< amount of data not yet written */ int out_left; /*!< amount of data not yet written */
/* /*
* PKI layer * PKI layer
*/ */
rsa_context *rsa_key; /*!< own RSA private key */ rsa_context *rsa_key; /*!< own RSA private key */
x509_cert *own_cert; /*!< own X.509 certificate */ x509_cert *own_cert; /*!< own X.509 certificate */
x509_cert *ca_chain; /*!< own trusted CA chain */ x509_cert *ca_chain; /*!< own trusted CA chain */
x509_crl *ca_crl; /*!< trusted CA CRLs */
x509_cert *peer_cert; /*!< peer X.509 cert chain */ x509_cert *peer_cert; /*!< peer X.509 cert chain */
char *peer_cn; /*!< expected peer CN */ char *peer_cn; /*!< expected peer CN */
int endpoint; /*!< 0: client, 1: server */ int endpoint; /*!< 0: client, 1: server */
int authmode; /*!< verification mode */ int authmode; /*!< verification mode */
int client_auth; /*!< flag for client auth. */ int client_auth; /*!< flag for client auth. */
int verify_result; /*!< verification result */ int verify_result; /*!< verification result */
/* /*
* Crypto layer * Crypto layer
skipping to change at line 392 skipping to change at line 393
* \param ssl SSL context * \param ssl SSL context
* \param ciphers 0-terminated list of allowed ciphers * \param ciphers 0-terminated list of allowed ciphers
*/ */
void ssl_set_ciphers( ssl_context *ssl, int *ciphers ); void ssl_set_ciphers( ssl_context *ssl, int *ciphers );
/** /**
* \brief Set the data required to verify peer certificate * \brief Set the data required to verify peer certificate
* *
* \param ssl SSL context * \param ssl SSL context
* \param ca_chain trusted CA chain * \param ca_chain trusted CA chain
* \param ca_crl trusted CA CRLs
* \param peer_cn expected peer CommonName (or NULL) * \param peer_cn expected peer CommonName (or NULL)
* *
* \note TODO: add two more parameters: depth and crl * \note TODO: add two more parameters: depth and crl
*/ */
void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain, void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
char *peer_cn ); x509_crl *ca_crl, char *peer_cn );
/** /**
* \brief Set own certificate and private key * \brief Set own certificate and private key
* *
* \param ssl SSL context * \param ssl SSL context
* \param own_cert own public certificate * \param own_cert own public certificate
* \param rsa_key own private RSA key * \param rsa_key own private RSA key
*/ */
void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert, void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
rsa_context *rsa_key ); rsa_context *rsa_key );
 End of changes. 3 change blocks. 
1 lines changed or deleted 3 lines changed or added


 x509.h   x509.h 
skipping to change at line 63 skipping to change at line 63
#define POLARSSL_ERR_X509_KEY_UNKNOWN_ENC_ALG -0x02A0 #define POLARSSL_ERR_X509_KEY_UNKNOWN_ENC_ALG -0x02A0
#define POLARSSL_ERR_X509_KEY_PASSWORD_REQUIRED -0x02C0 #define POLARSSL_ERR_X509_KEY_PASSWORD_REQUIRED -0x02C0
#define POLARSSL_ERR_X509_KEY_PASSWORD_MISMATCH -0x02E0 #define POLARSSL_ERR_X509_KEY_PASSWORD_MISMATCH -0x02E0
#define POLARSSL_ERR_X509_POINT_ERROR -0x0300 #define POLARSSL_ERR_X509_POINT_ERROR -0x0300
#define POLARSSL_ERR_X509_VALUE_TO_LENGTH -0x0320 #define POLARSSL_ERR_X509_VALUE_TO_LENGTH -0x0320
#define BADCERT_EXPIRED 1 #define BADCERT_EXPIRED 1
#define BADCERT_REVOKED 2 #define BADCERT_REVOKED 2
#define BADCERT_CN_MISMATCH 4 #define BADCERT_CN_MISMATCH 4
#define BADCERT_NOT_TRUSTED 8 #define BADCERT_NOT_TRUSTED 8
#define BADCRL_NOT_TRUSTED 16
#define BADCRL_EXPIRED 32
/* /*
* DER constants * DER constants
*/ */
#define ASN1_BOOLEAN 0x01 #define ASN1_BOOLEAN 0x01
#define ASN1_INTEGER 0x02 #define ASN1_INTEGER 0x02
#define ASN1_BIT_STRING 0x03 #define ASN1_BIT_STRING 0x03
#define ASN1_OCTET_STRING 0x04 #define ASN1_OCTET_STRING 0x04
#define ASN1_NULL 0x05 #define ASN1_NULL 0x05
#define ASN1_OID 0x06 #define ASN1_OID 0x06
skipping to change at line 172 skipping to change at line 174
int ca_istrue; int ca_istrue;
int max_pathlen; int max_pathlen;
x509_buf sig_oid2; x509_buf sig_oid2;
x509_buf sig; x509_buf sig;
struct _x509_cert *next; struct _x509_cert *next;
} }
x509_cert; x509_cert;
typedef struct _x509_crl_entry
{
x509_buf raw;
x509_buf serial;
x509_time revocation_date;
x509_buf entry_ext;
struct _x509_crl_entry *next;
}
x509_crl_entry;
typedef struct _x509_crl
{
x509_buf raw;
x509_buf tbs;
int version;
x509_buf sig_oid1;
x509_buf issuer_raw;
x509_name issuer;
x509_time this_update;
x509_time next_update;
x509_crl_entry entry;
x509_buf crl_ext;
x509_buf sig_oid2;
x509_buf sig;
struct _x509_crl *next;
}
x509_crl;
/* /*
* Structures for writing X.509 certificates * Structures for writing X.509 certificates
*/ */
typedef struct _x509_node typedef struct _x509_node
{ {
unsigned char *data; unsigned char *data;
unsigned char *p; unsigned char *p;
unsigned char *end; unsigned char *end;
size_t len; size_t len;
skipping to change at line 217 skipping to change at line 259
/** /**
* \brief Parse one or more certificates and add them * \brief Parse one or more certificates and add them
* to the chained list * to the chained list
* *
* \param chain points to the start of the chain * \param chain points to the start of the chain
* \param buf buffer holding the certificate data * \param buf buffer holding the certificate data
* \param buflen size of the buffer * \param buflen size of the buffer
* *
* \return 0 if successful, or a specific X509 error code * \return 0 if successful, or a specific X509 error code
*/ */
int x509parse_crt( x509_cert *crt, unsigned char *buf, int buflen ); int x509parse_crt( x509_cert *chain, unsigned char *buf, int buflen );
/** /**
* \brief Load one or more certificates and add them * \brief Load one or more certificates and add them
* to the chained list * to the chained list
* *
* \param chain points to the start of the chain * \param chain points to the start of the chain
* \param path filename to read the certificates from * \param path filename to read the certificates from
* *
* \return 0 if successful, or a specific X509 error code * \return 0 if successful, or a specific X509 error code
*/ */
int x509parse_crtfile( x509_cert *crt, char *path ); int x509parse_crtfile( x509_cert *chain, char *path );
/**
* \brief Parse one or more CRLs and add them
* to the chained list
*
* \param chain points to the start of the chain
* \param buf buffer holding the CRL data
* \param buflen size of the buffer
*
* \return 0 if successful, or a specific X509 error code
*/
int x509parse_crl( x509_crl *chain, unsigned char *buf, int buflen );
/**
* \brief Load one or more CRLs and add them
* to the chained list
*
* \param chain points to the start of the chain
* \param path filename to read the CRLs from
*
* \return 0 if successful, or a specific X509 error code
*/
int x509parse_crlfile( x509_crl *chain, char *path );
/** /**
* \brief Parse a private RSA key * \brief Parse a private RSA key
* *
* \param rsa RSA context to be initialized * \param rsa RSA context to be initialized
* \param buf input buffer * \param buf input buffer
* \param buflen size of the buffer * \param buflen size of the buffer
* \param pwd password for decryption (optional) * \param pwd password for decryption (optional)
* \param pwdlen size of the password * \param pwdlen size of the password
* *
skipping to change at line 258 skipping to change at line 323
* \param rsa RSA context to be initialized * \param rsa RSA context to be initialized
* \param path filename to read the private key from * \param path filename to read the private key from
* \param pwd password to decrypt the file (can be NULL) * \param pwd password to decrypt the file (can be NULL)
* *
* \return 0 if successful, or a specific X509 error code * \return 0 if successful, or a specific X509 error code
*/ */
int x509parse_keyfile( rsa_context *rsa, char *path, char *password ); int x509parse_keyfile( rsa_context *rsa, char *path, char *password );
/** /**
* \brief Store the certificate DN in printable form into buf; * \brief Store the certificate DN in printable form into buf;
* no more than (end - buf) characters will be written. * no more than size characters will be written.
*/ */
int x509parse_dn_gets( char *buf, char *end, x509_name *dn ); int x509parse_dn_gets( char *buf, size_t size, x509_name *dn );
/** /**
* \brief Returns an informational string about the * \brief Returns an informational string about the
* certificate. * certificate.
*/ */
char *x509parse_cert_info( char *prefix, x509_cert *crt ); int x509parse_cert_info( char *buf, size_t size, char *prefix, x509_cert *c rt );
/** /**
* \brief Return 0 if the certificate is still valid, * \brief Returns an informational string about the
* or BADCERT_EXPIRED * CRL.
*/ */
int x509parse_expired( x509_cert *crt ); int x509parse_crl_info( char *buf, size_t size, char *prefix, x509_crl *crl
);
/**
* \brief Return 0 if the x509_time is still valid,
* or 1 otherwise.
*/
int x509parse_time_expired( x509_time *time );
/** /**
* \brief Verify the certificate signature * \brief Verify the certificate signature
* *
* \param crt a certificate to be verified * \param crt a certificate to be verified
* \param trust_ca the trusted CA chain * \param trust_ca the trusted CA chain
* \param ca_crl the CRL chain for trusted CA's
* \param cn expected Common Name (can be set to * \param cn expected Common Name (can be set to
* NULL if the CN must not be verified) * NULL if the CN must not be verified)
* \param flags result of the verification * \param flags result of the verification
* *
* \return 0 if successful or POLARSSL_ERR_X509_SIG_VERIFY_FAILED, * \return 0 if successful or POLARSSL_ERR_X509_SIG_VERIFY_FAILED,
* in which case *flags will have one or more of * in which case *flags will have one or more of
* the following values set: * the following values set:
* BADCERT_EXPIRED -- * BADCERT_EXPIRED --
* BADCERT_REVOKED -- * BADCERT_REVOKED --
* BADCERT_CN_MISMATCH -- * BADCERT_CN_MISMATCH --
* BADCERT_NOT_TRUSTED * BADCERT_NOT_TRUSTED
* *
* \note TODO: add two arguments, depth and crl * \note TODO: add two arguments, depth and crl
*/ */
int x509parse_verify( x509_cert *crt, int x509parse_verify( x509_cert *crt,
x509_cert *trust_ca, x509_cert *trust_ca,
x509_crl *ca_crl,
char *cn, int *flags ); char *cn, int *flags );
/** /**
* \brief Unallocate all certificate data * \brief Unallocate all certificate data
*/ */
void x509_free( x509_cert *crt ); void x509_free( x509_cert *crt );
/** /**
* \brief Unallocate all CRL data
*/
void x509_crl_free( x509_crl *crl );
/**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int x509_self_test( int verbose ); int x509_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
 End of changes. 12 change blocks. 
8 lines changed or deleted 87 lines changed or added


 xtea.h   xtea.h 
skipping to change at line 23 skipping to change at line 23
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_XTEA_H #ifndef POLARSSL_XTEA_H
#define POLARSSL_XTEA_H #define POLARSSL_XTEA_H
#include <inttypes.h>
#define XTEA_ENCRYPT 1 #define XTEA_ENCRYPT 1
#define XTEA_DECRYPT 0 #define XTEA_DECRYPT 0
/** /**
* \brief XTEA context structure * \brief XTEA context structure
*/ */
typedef struct typedef struct
{ {
unsigned long k[4]; /*!< key */ uint32_t k[4]; /*!< key */
} }
xtea_context; xtea_context;
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief XTEA key schedule * \brief XTEA key schedule
* *
 End of changes. 2 change blocks. 
1 lines changed or deleted 3 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/