aes.h   aes.h 
/** /**
* \file aes.h * \file aes.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 28 skipping to change at line 31
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_AES_H #ifndef POLARSSL_AES_H
#define POLARSSL_AES_H #define POLARSSL_AES_H
#define AES_ENCRYPT 1 #define AES_ENCRYPT 1
#define AES_DECRYPT 0 #define AES_DECRYPT 0
#define POLARSSL_ERR_AES_INVALID_KEY_LENGTH -0x0800
#define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH -0x0810
/** /**
* \brief AES context structure * \brief AES context structure
*/ */
typedef struct typedef struct
{ {
int nr; /*!< number of rounds */ int nr; /*!< number of rounds */
unsigned long *rk; /*!< AES round keys */ unsigned long *rk; /*!< AES round keys */
unsigned long buf[68]; /*!< unaligned data */ unsigned long buf[68]; /*!< unaligned data */
} }
aes_context; aes_context;
skipping to change at line 49 skipping to change at line 55
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief AES key schedule (encryption) * \brief AES key schedule (encryption)
* *
* \param ctx AES context to be initialized * \param ctx AES context to be initialized
* \param key encryption key * \param key encryption key
* \param keysize must be 128, 192 or 256 * \param keysize must be 128, 192 or 256
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/ */
void aes_setkey_enc( aes_context *ctx, unsigned char *key, int keysize ); int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize );
/** /**
* \brief AES key schedule (decryption) * \brief AES key schedule (decryption)
* *
* \param ctx AES context to be initialized * \param ctx AES context to be initialized
* \param key decryption key * \param key decryption key
* \param keysize must be 128, 192 or 256 * \param keysize must be 128, 192 or 256
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/ */
void aes_setkey_dec( aes_context *ctx, unsigned char *key, int keysize ); int aes_setkey_dec( aes_context *ctx, const unsigned char *key, int keysize );
/** /**
* \brief AES-ECB block encryption/decryption * \brief AES-ECB block encryption/decryption
* *
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode AES_ENCRYPT or AES_DECRYPT
* \param input 16-byte input block * \param input 16-byte input block
* \param output 16-byte output block * \param output 16-byte output block
*
* \return 0 if successful
*/ */
void aes_crypt_ecb( aes_context *ctx, int aes_crypt_ecb( aes_context *ctx,
int mode, int mode,
unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16] );
/** /**
* \brief AES-CBC buffer encryption/decryption * \brief AES-CBC buffer encryption/decryption
* Length should be a multiple of the block * Length should be a multiple of the block
* size (16 bytes) * size (16 bytes)
* *
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_INPUT_LENGT
H
*/ */
void aes_crypt_cbc( aes_context *ctx, int aes_crypt_cbc( aes_context *ctx,
int mode, int mode,
int length, int length,
unsigned char iv[16], unsigned char iv[16],
unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief AES-CFB128 buffer encryption/decryption. * \brief AES-CFB128 buffer encryption/decryption.
* *
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv_off offset in IV (updated after use) * \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
*
* \return 0 if successful
*/ */
void aes_crypt_cfb128( aes_context *ctx, int aes_crypt_cfb128( aes_context *ctx,
int mode, int mode,
int length, int length,
int *iv_off, int *iv_off,
unsigned char iv[16], unsigned char iv[16],
unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int aes_self_test( int verbose ); int aes_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
 End of changes. 16 change blocks. 
11 lines changed or deleted 27 lines changed or added


 arc4.h   arc4.h 
/** /**
* \file arc4.h * \file arc4.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 47 skipping to change at line 50
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief ARC4 key schedule * \brief ARC4 key schedule
* *
* \param ctx ARC4 context to be initialized * \param ctx ARC4 context to be initialized
* \param key the secret key * \param key the secret key
* \param keylen length of the key * \param keylen length of the key
*/ */
void arc4_setup( arc4_context *ctx, unsigned char *key, int keylen ); void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen );
/** /**
* \brief ARC4 cipher function * \brief ARC4 cipher function
* *
* \param ctx ARC4 context * \param ctx ARC4 context
* \param buf buffer to be processed * \param length length of the input data
* \param buflen amount of data in buf * \param input buffer holding the input data
* \param output buffer for the output data
*
* \return 0 if successful
*/ */
void arc4_crypt( arc4_context *ctx, unsigned char *buf, int buflen ); int arc4_crypt( arc4_context *ctx, int length, const unsigned char *input,
unsigned char *output );
/* /*
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int arc4_self_test( int verbose ); int arc4_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }
 End of changes. 5 change blocks. 
7 lines changed or deleted 13 lines changed or added


 base64.h   base64.h 
/** /**
* \file base64.h * \file base64.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_BASE64_H #ifndef POLARSSL_BASE64_H
#define POLARSSL_BASE64_H #define POLARSSL_BASE64_H
#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x0010 #define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL 0x0010
#define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x0012 #define POLARSSL_ERR_BASE64_INVALID_CHARACTER 0x0012
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief Encode a buffer into base64 format * \brief Encode a buffer into base64 format
* *
* \param dst destination buffer * \param dst destination buffer
* \param dlen size of the buffer * \param dlen size of the buffer
skipping to change at line 48 skipping to change at line 51
* \param slen amount of data to be encoded * \param slen amount of data to be encoded
* *
* \return 0 if successful, or POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL . * \return 0 if successful, or POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL .
* *dlen is always updated to reflect the amount * *dlen is always updated to reflect the amount
* of data that has (or would have) been written. * of data that has (or would have) been written.
* *
* \note Call this function with *dlen = 0 to obtain the * \note Call this function with *dlen = 0 to obtain the
* required buffer size in *dlen * required buffer size in *dlen
*/ */
int base64_encode( unsigned char *dst, int *dlen, int base64_encode( unsigned char *dst, int *dlen,
unsigned char *src, int slen ); const unsigned char *src, int slen );
/** /**
* \brief Decode a base64-formatted buffer * \brief Decode a base64-formatted buffer
* *
* \param dst destination buffer * \param dst destination buffer
* \param dlen size of the buffer * \param dlen size of the buffer
* \param src source buffer * \param src source buffer
* \param slen amount of data to be decoded * \param slen amount of data to be decoded
* *
* \return 0 if successful, POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL, o r * \return 0 if successful, POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL, o r
* POLARSSL_ERR_BASE64_INVALID_DATA if the input data is no t * POLARSSL_ERR_BASE64_INVALID_DATA if the input data is no t
* correct. *dlen is always updated to reflect the amount * correct. *dlen is always updated to reflect the amount
* of data that has (or would have) been written. * of data that has (or would have) been written.
* *
* \note Call this function with *dlen = 0 to obtain the * \note Call this function with *dlen = 0 to obtain the
* required buffer size in *dlen * required buffer size in *dlen
*/ */
int base64_decode( unsigned char *dst, int *dlen, int base64_decode( unsigned char *dst, int *dlen,
unsigned char *src, int slen ); const unsigned char *src, int slen );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int base64_self_test( int verbose ); int base64_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }
 End of changes. 5 change blocks. 
7 lines changed or deleted 9 lines changed or added


 bignum.h   bignum.h 
/** /**
* \file bignum.h * \file bignum.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_BIGNUM_H #ifndef POLARSSL_BIGNUM_H
#define POLARSSL_BIGNUM_H #define POLARSSL_BIGNUM_H
#include <stdio.h> #include <stdio.h>
#define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002 #define POLARSSL_ERR_MPI_FILE_IO_ERROR 0x0002
#define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004 #define POLARSSL_ERR_MPI_BAD_INPUT_DATA 0x0004
#define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006 #define POLARSSL_ERR_MPI_INVALID_CHARACTER 0x0006
#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL -0x0008 #define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL 0x0008
#define POLARSSL_ERR_MPI_NEGATIVE_VALUE -0x000A #define POLARSSL_ERR_MPI_NEGATIVE_VALUE 0x000A
#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO -0x000C #define POLARSSL_ERR_MPI_DIVISION_BY_ZERO 0x000C
#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E #define POLARSSL_ERR_MPI_NOT_ACCEPTABLE 0x000E
#define MPI_CHK(f) if( ( ret = f ) != 0 ) goto cleanup #define MPI_CHK(f) if( ( ret = f ) != 0 ) goto cleanup
/* /*
* Define the base integer type, architecture-wise * Define the base integer type, architecture-wise
*/ */
#if defined(POLARSSL_HAVE_INT8) #if defined(POLARSSL_HAVE_INT8)
typedef unsigned char t_int; typedef unsigned char t_int;
typedef unsigned short t_dbl; typedef unsigned short t_dbl;
#else #else
skipping to change at line 57 skipping to change at line 60
#else #else
typedef unsigned long t_int; typedef unsigned long t_int;
#if defined(_MSC_VER) && defined(_M_IX86) #if defined(_MSC_VER) && defined(_M_IX86)
typedef unsigned __int64 t_dbl; typedef unsigned __int64 t_dbl;
#else #else
#if defined(__amd64__) || defined(__x86_64__) || \ #if defined(__amd64__) || defined(__x86_64__) || \
defined(__ppc64__) || defined(__powerpc64__) || \ defined(__ppc64__) || defined(__powerpc64__) || \
defined(__ia64__) || defined(__alpha__) defined(__ia64__) || defined(__alpha__)
typedef unsigned int t_dbl __attribute__((mode(TI))); typedef unsigned int t_dbl __attribute__((mode(TI)));
#else #else
typedef unsigned long long t_dbl; #if defined(POLARSSL_HAVE_LONGLONG)
typedef unsigned long long t_dbl;
#endif
#endif #endif
#endif #endif
#endif #endif
#endif #endif
/** /**
* \brief MPI structure * \brief MPI structure
*/ */
typedef struct typedef struct
{ {
skipping to change at line 91 skipping to change at line 96
void mpi_init( mpi *X, ... ); void mpi_init( mpi *X, ... );
/** /**
* \brief Unallocate one or more mpi * \brief Unallocate one or more mpi
*/ */
void mpi_free( mpi *X, ... ); void mpi_free( mpi *X, ... );
/** /**
* \brief Enlarge to the specified number of limbs * \brief Enlarge to the specified number of limbs
* *
* \param X MPI to grow
* \param nblimbs The target number of limbs
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_grow( mpi *X, int nblimbs ); int mpi_grow( mpi *X, int nblimbs );
/** /**
* \brief Copy the contents of Y into X * \brief Copy the contents of Y into X
* *
* \param X Destination MPI
* \param Y Source MPI
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_copy( mpi *X, mpi *Y ); int mpi_copy( mpi *X, const mpi *Y );
/** /**
* \brief Swap the contents of X and Y * \brief Swap the contents of X and Y
*
* \param X First MPI value
* \param Y Second MPI value
*/ */
void mpi_swap( mpi *X, mpi *Y ); void mpi_swap( mpi *X, mpi *Y );
/** /**
* \brief Set value from integer * \brief Set value from integer
* *
* \param X MPI to set
* \param z Value to use
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_lset( mpi *X, int z ); int mpi_lset( mpi *X, int z );
/** /**
* \brief Return the number of least significant bits * \brief Return the number of least significant bits
*
* \param X MPI to use
*/ */
int mpi_lsb( mpi *X ); int mpi_lsb( const mpi *X );
/** /**
* \brief Return the number of most significant bits * \brief Return the number of most significant bits
*
* \param X MPI to use
*/ */
int mpi_msb( mpi *X ); int mpi_msb( const mpi *X );
/** /**
* \brief Return the total size in bytes * \brief Return the total size in bytes
*
* \param X MPI to use
*/ */
int mpi_size( mpi *X ); int mpi_size( const mpi *X );
/** /**
* \brief Import from an ASCII string * \brief Import from an ASCII string
* *
* \param X destination mpi * \param X Destination MPI
* \param radix input numeric base * \param radix Input numeric base
* \param s null-terminated string buffer * \param s Null-terminated string buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
*/ */
int mpi_read_string( mpi *X, int radix, char *s ); int mpi_read_string( mpi *X, int radix, const char *s );
/** /**
* \brief Export into an ASCII string * \brief Export into an ASCII string
* *
* \param X source mpi * \param X Source MPI
* \param radix output numeric base * \param radix Output numeric base
* \param s string buffer * \param s String buffer
* \param slen string buffer size * \param slen String buffer size
* *
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code.
* *slen is always updated to reflect the amount
* of data that has (or would have) been written.
* *
* \note Call this function with *slen = 0 to obtain the * \note Call this function with *slen = 0 to obtain the
* minimum required buffer size in *slen. * minimum required buffer size in *slen.
*/ */
int mpi_write_string( mpi *X, int radix, char *s, int *slen ); int mpi_write_string( const mpi *X, int radix, char *s, int *slen );
/** /**
* \brief Read X from an opened file * \brief Read X from an opened file
* *
* \param X destination mpi * \param X Destination MPI
* \param radix input numeric base * \param radix Input numeric base
* \param fin input file handle * \param fin Input file handle
* *
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
*/ */
int mpi_read_file( mpi *X, int radix, FILE *fin ); int mpi_read_file( mpi *X, int radix, FILE *fin );
/** /**
* \brief Write X into an opened file, or stdout * \brief Write X into an opened file, or stdout if fout is NULL
* *
* \param p prefix, can be NULL * \param p Prefix, can be NULL
* \param X source mpi * \param X Source MPI
* \param radix output numeric base * \param radix Output numeric base
* \param fout output file handle * \param fout Output file handle (can be NULL)
* *
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
* *
* \note Set fout == NULL to print X on the console. * \note Set fout == NULL to print X on the console.
*/ */
int mpi_write_file( char *p, mpi *X, int radix, FILE *fout ); int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout );
/** /**
* \brief Import X from unsigned binary data, big endian * \brief Import X from unsigned binary data, big endian
* *
* \param X destination mpi * \param X Destination MPI
* \param buf input buffer * \param buf Input buffer
* \param buflen input buffer size * \param buflen Input buffer size
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_read_binary( mpi *X, unsigned char *buf, int buflen ); int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen );
/** /**
* \brief Export X into unsigned binary data, big endian * \brief Export X into unsigned binary data, big endian
* *
* \param X source mpi * \param X Source MPI
* \param buf output buffer * \param buf Output buffer
* \param buflen output buffer size * \param buflen Output buffer size
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large eno ugh * POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large eno ugh
*
* \note Call this function with *buflen = 0 to obtain the
* minimum required buffer size in *buflen.
*/ */
int mpi_write_binary( mpi *X, unsigned char *buf, int buflen ); int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen );
/** /**
* \brief Left-shift: X <<= count * \brief Left-shift: X <<= count
* *
* \param X MPI to shift
* \param count Amount to shift
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_shift_l( mpi *X, int count ); int mpi_shift_l( mpi *X, int count );
/** /**
* \brief Right-shift: X >>= count * \brief Right-shift: X >>= count
* *
* \param X MPI to shift
* \param count Amount to shift
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_shift_r( mpi *X, int count ); int mpi_shift_r( mpi *X, int count );
/** /**
* \brief Compare unsigned values * \brief Compare unsigned values
* *
* \param X Left-hand MPI
* \param Y Right-hand MPI
*
* \return 1 if |X| is greater than |Y|, * \return 1 if |X| is greater than |Y|,
* -1 if |X| is lesser than |Y| or * -1 if |X| is lesser than |Y| or
* 0 if |X| is equal to |Y| * 0 if |X| is equal to |Y|
*/ */
int mpi_cmp_abs( mpi *X, mpi *Y ); int mpi_cmp_abs( const mpi *X, const mpi *Y );
/** /**
* \brief Compare signed values * \brief Compare signed values
* *
* \param X Left-hand MPI
* \param Y Right-hand MPI
*
* \return 1 if X is greater than Y, * \return 1 if X is greater than Y,
* -1 if X is lesser than Y or * -1 if X is lesser than Y or
* 0 if X is equal to Y * 0 if X is equal to Y
*/ */
int mpi_cmp_mpi( mpi *X, mpi *Y ); int mpi_cmp_mpi( const mpi *X, const mpi *Y );
/** /**
* \brief Compare signed values * \brief Compare signed values
* *
* \param X Left-hand MPI
* \param z The integer value to compare to
*
* \return 1 if X is greater than z, * \return 1 if X is greater than z,
* -1 if X is lesser than z or * -1 if X is lesser than z or
* 0 if X is equal to z * 0 if X is equal to z
*/ */
int mpi_cmp_int( mpi *X, int z ); int mpi_cmp_int( const mpi *X, int z );
/** /**
* \brief Unsigned addition: X = |A| + |B| * \brief Unsigned addition: X = |A| + |B|
* *
* \param X Destination MPI
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_add_abs( mpi *X, mpi *A, mpi *B ); int mpi_add_abs( mpi *X, const mpi *A, const mpi *B );
/** /**
* \brief Unsigned substraction: X = |A| - |B| * \brief Unsigned substraction: X = |A| - |B|
* *
* \param X Destination MPI
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A
*/ */
int mpi_sub_abs( mpi *X, mpi *A, mpi *B ); int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B );
/** /**
* \brief Signed addition: X = A + B * \brief Signed addition: X = A + B
* *
* \param X Destination MPI
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_add_mpi( mpi *X, mpi *A, mpi *B ); int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B );
/** /**
* \brief Signed substraction: X = A - B * \brief Signed substraction: X = A - B
* *
* \param X Destination MPI
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_sub_mpi( mpi *X, mpi *A, mpi *B ); int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B );
/** /**
* \brief Signed addition: X = A + b * \brief Signed addition: X = A + b
* *
* \param X Destination MPI
* \param A Left-hand MPI
* \param b The integer value to add
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_add_int( mpi *X, mpi *A, int b ); int mpi_add_int( mpi *X, const mpi *A, int b );
/** /**
* \brief Signed substraction: X = A - b * \brief Signed substraction: X = A - b
* *
* \param X Destination MPI
* \param A Left-hand MPI
* \param b The integer value to subtract
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_sub_int( mpi *X, mpi *A, int b ); int mpi_sub_int( mpi *X, const mpi *A, int b );
/** /**
* \brief Baseline multiplication: X = A * B * \brief Baseline multiplication: X = A * B
* *
* \param X Destination MPI
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_mul_mpi( mpi *X, mpi *A, mpi *B ); int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B );
/** /**
* \brief Baseline multiplication: X = A * b * \brief Baseline multiplication: X = A * b
* Note: b is an unsigned integer type, thus
* Negative values of b are ignored.
*
* \param X Destination MPI
* \param A Left-hand MPI
* \param b The integer value to multiply with
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_mul_int( mpi *X, mpi *A, t_int b ); int mpi_mul_int( mpi *X, const mpi *A, t_int b );
/** /**
* \brief Division by mpi: A = Q * B + R * \brief Division by mpi: A = Q * B + R
* *
* \param Q Destination MPI for the quotient
* \param R Destination MPI for the rest value
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * 1 if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0 * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0
* *
* \note Either Q or R can be NULL. * \note Either Q or R can be NULL.
*/ */
int mpi_div_mpi( mpi *Q, mpi *R, mpi *A, mpi *B ); int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B );
/** /**
* \brief Division by int: A = Q * b + R * \brief Division by int: A = Q * b + R
* *
* \param Q Destination MPI for the quotient
* \param R Destination MPI for the rest value
* \param A Left-hand MPI
* \param b Integer to divide by
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * 1 if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0 * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0
* *
* \note Either Q or R can be NULL. * \note Either Q or R can be NULL.
*/ */
int mpi_div_int( mpi *Q, mpi *R, mpi *A, int b ); int mpi_div_int( mpi *Q, mpi *R, const mpi *A, int b );
/** /**
* \brief Modulo: R = A mod B * \brief Modulo: R = A mod B
* *
* \param R Destination MPI for the rest value
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * 1 if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0 * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if B < 0
*/ */
int mpi_mod_mpi( mpi *R, mpi *A, mpi *B ); int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B );
/** /**
* \brief Modulo: r = A mod b * \brief Modulo: r = A mod b
* *
* \param r Destination t_int
* \param A Left-hand MPI
* \param b Integer to divide by
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * 1 if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0 * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0
*/ */
int mpi_mod_int( t_int *r, mpi *A, int b ); int mpi_mod_int( t_int *r, const mpi *A, int b );
/** /**
* \brief Sliding-window exponentiation: X = A^E mod N * \brief Sliding-window exponentiation: X = A^E mod N
* *
* \param X Destination MPI
* \param A Left-hand MPI
* \param E Exponent MPI
* \param N Modular MPI
* \param _RR Speed-up MPI used for recalculations
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * 1 if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even
* *
* \note _RR is used to avoid re-computing R*R mod N across * \note _RR is used to avoid re-computing R*R mod N across
* multiple calls, which speeds up things a bit. It can * multiple calls, which speeds up things a bit. It can
* be set to NULL if the extra performance is unneeded. * be set to NULL if the extra performance is unneeded.
*/ */
int mpi_exp_mod( mpi *X, mpi *A, mpi *E, mpi *N, mpi *_RR ); int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR );
/** /**
* \brief Greatest common divisor: G = gcd(A, B) * \brief Greatest common divisor: G = gcd(A, B)
* *
* \param G Destination MPI
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * 1 if memory allocation failed
*/ */
int mpi_gcd( mpi *G, mpi *A, mpi *B ); int mpi_gcd( mpi *G, const mpi *A, const mpi *B );
/** /**
* \brief Modular inverse: X = A^-1 mod N * \brief Modular inverse: X = A^-1 mod N
* *
* \param X Destination MPI
* \param A Left-hand MPI
* \param N Right-hand MPI
*
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * 1 if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil
* POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N
*/ */
int mpi_inv_mod( mpi *X, mpi *A, mpi *N ); int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N );
/** /**
* \brief Miller-Rabin primality test * \brief Miller-Rabin primality test
* *
* \param X MPI to check
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful (probably prime), * \return 0 if successful (probably prime),
* 1 if memory allocation failed, * 1 if memory allocation failed,
* POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime * POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime
*/ */
int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng ); int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng );
/** /**
* \brief Prime number generation * \brief Prime number generation
* *
* \param X destination mpi * \param X Destination MPI
* \param nbits required size of X in bits * \param nbits Required size of X in bits
* \param dh_flag if 1, then (X-1)/2 will be prime too * \param dh_flag If 1, then (X-1)/2 will be prime too
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful (probably prime), * \return 0 if successful (probably prime),
* 1 if memory allocation failed, * 1 if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3 * POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
*/ */
int mpi_gen_prime( mpi *X, int nbits, int dh_flag, int mpi_gen_prime( mpi *X, int nbits, int dh_flag,
int (*f_rng)(void *), void *p_rng ); int (*f_rng)(void *), void *p_rng );
 End of changes. 71 change blocks. 
70 lines changed or deleted 178 lines changed or added


 bn_mul.h   bn_mul.h 
/** /**
* \file bn_mul.h * \file bn_mul.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 46 skipping to change at line 49
#ifndef POLARSSL_BN_MUL_H #ifndef POLARSSL_BN_MUL_H
#define POLARSSL_BN_MUL_H #define POLARSSL_BN_MUL_H
#include "polarssl/config.h" #include "polarssl/config.h"
#if defined(POLARSSL_HAVE_ASM) #if defined(POLARSSL_HAVE_ASM)
#if defined(__GNUC__) #if defined(__GNUC__)
#if defined(__i386__) #if defined(__i386__)
#define MULADDC_INIT \ #define MULADDC_INIT \
asm( "movl %%ebx, %0 " : "=m" (t)); \ asm( " \
asm( "movl %0, %%esi " :: "m" (s)); \ movl %%ebx, %0; \
asm( "movl %0, %%edi " :: "m" (d)); \ movl %5, %%esi; \
asm( "movl %0, %%ecx " :: "m" (c)); \ movl %6, %%edi; \
asm( "movl %0, %%ebx " :: "m" (b)); movl %7, %%ecx; \
movl %8, %%ebx; \
#define MULADDC_CORE \ "
asm( "lodsl " ); \
asm( "mull %ebx " ); \ #define MULADDC_CORE \
asm( "addl %ecx, %eax " ); \ " \
asm( "adcl $0, %edx " ); \ lodsl; \
asm( "addl (%edi), %eax " ); \ mull %%ebx; \
asm( "adcl $0, %edx " ); \ addl %%ecx, %%eax; \
asm( "movl %edx, %ecx " ); \ adcl $0, %%edx; \
asm( "stosl " ); addl (%%edi), %%eax; \
adcl $0, %%edx; \
movl %%edx, %%ecx; \
stosl; \
"
#if defined(POLARSSL_HAVE_SSE2) #if defined(POLARSSL_HAVE_SSE2)
#define MULADDC_HUIT \ #define MULADDC_HUIT \
asm( "movd %ecx, %mm1 " ); \ " \
asm( "movd %ebx, %mm0 " ); \ movd %%ecx, %%mm1; \
asm( "movd (%edi), %mm3 " ); \ movd %%ebx, %%mm0; \
asm( "paddq %mm3, %mm1 " ); \ movd (%%edi), %%mm3; \
asm( "movd (%esi), %mm2 " ); \ paddq %%mm3, %%mm1; \
asm( "pmuludq %mm0, %mm2 " ); \ movd (%%esi), %%mm2; \
asm( "movd 4(%esi), %mm4 " ); \ pmuludq %%mm0, %%mm2; \
asm( "pmuludq %mm0, %mm4 " ); \ movd 4(%%esi), %%mm4; \
asm( "movd 8(%esi), %mm6 " ); \ pmuludq %%mm0, %%mm4; \
asm( "pmuludq %mm0, %mm6 " ); \ movd 8(%%esi), %%mm6; \
asm( "movd 12(%esi), %mm7 " ); \ pmuludq %%mm0, %%mm6; \
asm( "pmuludq %mm0, %mm7 " ); \ movd 12(%%esi), %%mm7; \
asm( "paddq %mm2, %mm1 " ); \ pmuludq %%mm0, %%mm7; \
asm( "movd 4(%edi), %mm3 " ); \ paddq %%mm2, %%mm1; \
asm( "paddq %mm4, %mm3 " ); \ movd 4(%%edi), %%mm3; \
asm( "movd 8(%edi), %mm5 " ); \ paddq %%mm4, %%mm3; \
asm( "paddq %mm6, %mm5 " ); \ movd 8(%%edi), %%mm5; \
asm( "movd 12(%edi), %mm4 " ); \ paddq %%mm6, %%mm5; \
asm( "paddq %mm4, %mm7 " ); \ movd 12(%%edi), %%mm4; \
asm( "movd %mm1, (%edi) " ); \ paddq %%mm4, %%mm7; \
asm( "movd 16(%esi), %mm2 " ); \ movd %%mm1, (%%edi); \
asm( "pmuludq %mm0, %mm2 " ); \ movd 16(%%esi), %%mm2; \
asm( "psrlq $32, %mm1 " ); \ pmuludq %%mm0, %%mm2; \
asm( "movd 20(%esi), %mm4 " ); \ psrlq $32, %%mm1; \
asm( "pmuludq %mm0, %mm4 " ); \ movd 20(%%esi), %%mm4; \
asm( "paddq %mm3, %mm1 " ); \ pmuludq %%mm0, %%mm4; \
asm( "movd 24(%esi), %mm6 " ); \ paddq %%mm3, %%mm1; \
asm( "pmuludq %mm0, %mm6 " ); \ movd 24(%%esi), %%mm6; \
asm( "movd %mm1, 4(%edi) " ); \ pmuludq %%mm0, %%mm6; \
asm( "psrlq $32, %mm1 " ); \ movd %%mm1, 4(%%edi); \
asm( "movd 28(%esi), %mm3 " ); \ psrlq $32, %%mm1; \
asm( "pmuludq %mm0, %mm3 " ); \ movd 28(%%esi), %%mm3; \
asm( "paddq %mm5, %mm1 " ); \ pmuludq %%mm0, %%mm3; \
asm( "movd 16(%edi), %mm5 " ); \ paddq %%mm5, %%mm1; \
asm( "paddq %mm5, %mm2 " ); \ movd 16(%%edi), %%mm5; \
asm( "movd %mm1, 8(%edi) " ); \ paddq %%mm5, %%mm2; \
asm( "psrlq $32, %mm1 " ); \ movd %%mm1, 8(%%edi); \
asm( "paddq %mm7, %mm1 " ); \ psrlq $32, %%mm1; \
asm( "movd 20(%edi), %mm5 " ); \ paddq %%mm7, %%mm1; \
asm( "paddq %mm5, %mm4 " ); \ movd 20(%%edi), %%mm5; \
asm( "movd %mm1, 12(%edi) " ); \ paddq %%mm5, %%mm4; \
asm( "psrlq $32, %mm1 " ); \ movd %%mm1, 12(%%edi); \
asm( "paddq %mm2, %mm1 " ); \ psrlq $32, %%mm1; \
asm( "movd 24(%edi), %mm5 " ); \ paddq %%mm2, %%mm1; \
asm( "paddq %mm5, %mm6 " ); \ movd 24(%%edi), %%mm5; \
asm( "movd %mm1, 16(%edi) " ); \ paddq %%mm5, %%mm6; \
asm( "psrlq $32, %mm1 " ); \ movd %%mm1, 16(%%edi); \
asm( "paddq %mm4, %mm1 " ); \ psrlq $32, %%mm1; \
asm( "movd 28(%edi), %mm5 " ); \ paddq %%mm4, %%mm1; \
asm( "paddq %mm5, %mm3 " ); \ movd 28(%%edi), %%mm5; \
asm( "movd %mm1, 20(%edi) " ); \ paddq %%mm5, %%mm3; \
asm( "psrlq $32, %mm1 " ); \ movd %%mm1, 20(%%edi); \
asm( "paddq %mm6, %mm1 " ); \ psrlq $32, %%mm1; \
asm( "movd %mm1, 24(%edi) " ); \ paddq %%mm6, %%mm1; \
asm( "psrlq $32, %mm1 " ); \ movd %%mm1, 24(%%edi); \
asm( "paddq %mm3, %mm1 " ); \ psrlq $32, %%mm1; \
asm( "movd %mm1, 28(%edi) " ); \ paddq %%mm3, %%mm1; \
asm( "addl $32, %edi " ); \ movd %%mm1, 28(%%edi); \
asm( "addl $32, %esi " ); \ addl $32, %%edi; \
asm( "psrlq $32, %mm1 " ); \ addl $32, %%esi; \
asm( "movd %mm1, %ecx " ); psrlq $32, %%mm1; \
movd %%mm1, %%ecx; \
#define MULADDC_STOP \ "
asm( "emms " ); \
asm( "movl %0, %%ebx " :: "m" (t)); \ #define MULADDC_STOP \
asm( "movl %%ecx, %0 " : "=m" (c)); \ " \
asm( "movl %%edi, %0 " : "=m" (d)); \ emms; \
asm( "movl %%esi, %0 " : "=m" (s) :: \ movl %4, %%ebx; \
"eax", "ecx", "edx", "esi", "edi" ); movl %%ecx, %1; \
movl %%edi, %2; \
movl %%esi, %3; \
" \
: "=m" (t), "=m" (c), "=m" (d), "=m" (s) \
: "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \
: "eax", "ecx", "edx", "esi", "edi" \
);
#else #else
#define MULADDC_STOP \ #define MULADDC_STOP \
asm( "movl %0, %%ebx " :: "m" (t)); \ " \
asm( "movl %%ecx, %0 " : "=m" (c)); \ movl %4, %%ebx; \
asm( "movl %%edi, %0 " : "=m" (d)); \ movl %%ecx, %1; \
asm( "movl %%esi, %0 " : "=m" (s) :: \ movl %%edi, %2; \
"eax", "ecx", "edx", "esi", "edi" ); movl %%esi, %3; \
" \
: "=m" (t), "=m" (c), "=m" (d), "=m" (s) \
: "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \
: "eax", "ecx", "edx", "esi", "edi" \
);
#endif /* SSE2 */ #endif /* SSE2 */
#endif /* i386 */ #endif /* i386 */
#if defined(__amd64__) || defined (__x86_64__) #if defined(__amd64__) || defined (__x86_64__)
#define MULADDC_INIT \ #define MULADDC_INIT \
asm( "movq %0, %%rsi " :: "m" (s)); \ asm( "movq %0, %%rsi " :: "m" (s)); \
asm( "movq %0, %%rdi " :: "m" (d)); \ asm( "movq %0, %%rdi " :: "m" (d)); \
asm( "movq %0, %%rcx " :: "m" (c)); \ asm( "movq %0, %%rcx " :: "m" (c)); \
asm( "movq %0, %%rbx " :: "m" (b)); \ asm( "movq %0, %%rbx " :: "m" (b)); \
 End of changes. 5 change blocks. 
96 lines changed or deleted 113 lines changed or added


 camellia.h   camellia.h 
/** /**
* \file camellia.h * \file camellia.h
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * Copyright (C) 2006-2010, Brainspark B.V.
g> *
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_CAMELLIA_H #ifndef POLARSSL_CAMELLIA_H
#define POLARSSL_CAMELLIA_H #define POLARSSL_CAMELLIA_H
#ifdef _MSC_VER
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h> #include <inttypes.h>
#endif
#define CAMELLIA_ENCRYPT 1 #define CAMELLIA_ENCRYPT 1
#define CAMELLIA_DECRYPT 0 #define CAMELLIA_DECRYPT 0
#define POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0a00
#define POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0a10
/** /**
* \brief CAMELLIA context structure * \brief CAMELLIA context structure
*/ */
typedef struct typedef struct
{ {
int nr; /*!< number of rounds */ int nr; /*!< number of rounds */
uint32_t rk[68]; /*!< CAMELLIA round keys */ uint32_t rk[68]; /*!< CAMELLIA round keys */
} }
camellia_context; camellia_context;
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief CAMELLIA key schedule (encryption) * \brief CAMELLIA key schedule (encryption)
* *
* \param ctx CAMELLIA context to be initialized * \param ctx CAMELLIA context to be initialized
* \param key encryption key * \param key encryption key
* \param keysize must be 128, 192 or 256 * \param keysize must be 128, 192 or 256
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LE
NGTH
*/ */
void camellia_setkey_enc( camellia_context *ctx, unsigned char *key, int ke ysize ); int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, i nt keysize );
/** /**
* \brief CAMELLIA key schedule (decryption) * \brief CAMELLIA key schedule (decryption)
* *
* \param ctx CAMELLIA context to be initialized * \param ctx CAMELLIA context to be initialized
* \param key decryption key * \param key decryption key
* \param keysize must be 128, 192 or 256 * \param keysize must be 128, 192 or 256
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LE
NGTH
*/ */
void camellia_setkey_dec( camellia_context *ctx, unsigned char *key, int ke ysize ); int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, i nt keysize );
/** /**
* \brief CAMELLIA-ECB block encryption/decryption * \brief CAMELLIA-ECB block encryption/decryption
* *
* \param ctx CAMELLIA context * \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
* \param input 16-byte input block * \param input 16-byte input block
* \param output 16-byte output block * \param output 16-byte output block
*
* \return 0 if successful
*/ */
void camellia_crypt_ecb( camellia_context *ctx, int camellia_crypt_ecb( camellia_context *ctx,
int mode, int mode,
unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16] );
/** /**
* \brief CAMELLIA-CBC buffer encryption/decryption * \brief CAMELLIA-CBC buffer encryption/decryption
* Length should be a multiple of the block * Length should be a multiple of the block
* size (16 bytes) * size (16 bytes)
* *
* \param ctx CAMELLIA context * \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_
LENGTH
*/ */
void camellia_crypt_cbc( camellia_context *ctx, int camellia_crypt_cbc( camellia_context *ctx,
int mode, int mode,
int length, int length,
unsigned char iv[16], unsigned char iv[16],
unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief CAMELLIA-CFB128 buffer encryption/decryption * \brief CAMELLIA-CFB128 buffer encryption/decryption
* *
* \param ctx CAMELLIA context * \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv_off offset in IV (updated after use) * \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_
LENGTH
*/ */
void camellia_crypt_cfb128( camellia_context *ctx, int camellia_crypt_cfb128( camellia_context *ctx,
int mode, int mode,
int length, int length,
int *iv_off, int *iv_off,
unsigned char iv[16], unsigned char iv[16],
unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int camellia_self_test( int verbose ); int camellia_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
 End of changes. 17 change blocks. 
10 lines changed or deleted 36 lines changed or added


 certs.h   certs.h 
/** /**
* \file certs.h * \file certs.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 29 skipping to change at line 32
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_CERTS_H #ifndef POLARSSL_CERTS_H
#define POLARSSL_CERTS_H #define POLARSSL_CERTS_H
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
extern char test_ca_crt[]; extern const char test_ca_crt[];
extern char test_ca_key[]; extern const char test_ca_key[];
extern char test_ca_pwd[]; extern const char test_ca_pwd[];
extern char test_srv_crt[]; extern const char test_srv_crt[];
extern char test_srv_key[]; extern const char test_srv_key[];
extern char test_cli_crt[]; extern const char test_cli_crt[];
extern char test_cli_key[]; extern const char test_cli_key[];
extern char xyssl_ca_crt[];
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* certs.h */ #endif /* certs.h */
 End of changes. 3 change blocks. 
11 lines changed or deleted 12 lines changed or added


 config.h   config.h 
/** /**
* \file config.h * \file config.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 81 skipping to change at line 84
* Enable all SSL/TLS debugging messages. * Enable all SSL/TLS debugging messages.
*/ */
#define POLARSSL_DEBUG_MSG #define POLARSSL_DEBUG_MSG
/* /*
* Enable the checkup functions (*_self_test). * Enable the checkup functions (*_self_test).
*/ */
#define POLARSSL_SELF_TEST #define POLARSSL_SELF_TEST
/* /*
* Enable run-time version information functions
*/
#define POLARSSL_VERSION_C
/*
* Enable the prime-number generation code. * Enable the prime-number generation code.
*/ */
#define POLARSSL_GENPRIME #define POLARSSL_GENPRIME
/* /*
* Uncomment this macro to store the AES tables in ROM. * Uncomment this macro to store the AES tables in ROM.
* *
#define POLARSSL_AES_ROM_TABLES #define POLARSSL_AES_ROM_TABLES
*/ */
skipping to change at line 133 skipping to change at line 141
* library/rsa.c * library/rsa.c
* library/ssl_tls.c * library/ssl_tls.c
* library/x509parse.c * library/x509parse.c
* *
* This module is required for RSA and DHM support. * This module is required for RSA and DHM support.
*/ */
#define POLARSSL_BIGNUM_C #define POLARSSL_BIGNUM_C
/* /*
* Module: library/camellia.c * Module: library/camellia.c
* Caller: * Caller: library/ssl_tls.c
* *
* This module enabled the following cipher suites: * This module enabled the following cipher suites:
* SSL_RSA_CAMELLIA_128_SHA
* SSL_RSA_CAMELLIA_256_SHA
* SSL_EDH_RSA_CAMELLIA_256_SHA
*/ */
#define POLARSSL_CAMELLIA_C #define POLARSSL_CAMELLIA_C
/* /*
* Module: library/certs.c * Module: library/certs.c
* Caller: * Caller:
* *
* This module is used for testing (ssl_client/server). * This module is used for testing (ssl_client/server).
*/ */
#define POLARSSL_CERTS_C #define POLARSSL_CERTS_C
skipping to change at line 175 skipping to change at line 186
#define POLARSSL_DES_C #define POLARSSL_DES_C
/* /*
* Module: library/dhm.c * Module: library/dhm.c
* Caller: library/ssl_cli.c * Caller: library/ssl_cli.c
* library/ssl_srv.c * library/ssl_srv.c
* *
* This module enables the following ciphersuites: * This module enables the following ciphersuites:
* SSL_EDH_RSA_DES_168_SHA * SSL_EDH_RSA_DES_168_SHA
* SSL_EDH_RSA_AES_256_SHA * SSL_EDH_RSA_AES_256_SHA
* SSL_EDH_RSA_CAMELLIA_256_SHA
*/ */
#define POLARSSL_DHM_C #define POLARSSL_DHM_C
/* /*
* Module: library/havege.c * Module: library/havege.c
* Caller: * Caller:
* *
* This module enables the HAVEGE random number generator. * This module enables the HAVEGE random number generator.
*/ */
#define POLARSSL_HAVEGE_C #define POLARSSL_HAVEGE_C
 End of changes. 6 change blocks. 
4 lines changed or deleted 15 lines changed or added


 debug.h   debug.h 
/** /**
* \file debug.h * \file debug.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 61 skipping to change at line 64
#define SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) #define SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
char *debug_fmt( const char *format, ... ); char *debug_fmt( const char *format, ... );
void debug_print_msg( ssl_context *ssl, int level, void debug_print_msg( const ssl_context *ssl, int level,
char *file, int line, char *text ); const char *file, int line, const char *text );
void debug_print_ret( ssl_context *ssl, int level, void debug_print_ret( const ssl_context *ssl, int level,
char *file, int line, char *text, int ret ); const char *file, int line,
const char *text, int ret );
void debug_print_buf( ssl_context *ssl, int level, void debug_print_buf( const ssl_context *ssl, int level,
char *file, int line, char *text, const char *file, int line, const char *text,
unsigned char *buf, int len ); unsigned char *buf, int len );
void debug_print_mpi( ssl_context *ssl, int level, void debug_print_mpi( const ssl_context *ssl, int level,
char *file, int line, char *text, mpi *X ); const char *file, int line,
const char *text, const mpi *X );
void debug_print_crt( ssl_context *ssl, int level,
char *file, int line, char *text, x509_cert *crt ); void debug_print_crt( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const x509_cert *crt );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* debug.h */ #endif /* debug.h */
 End of changes. 6 change blocks. 
14 lines changed or deleted 19 lines changed or added


 des.h   des.h 
/** /**
* \file des.h * \file des.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 28 skipping to change at line 31
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_DES_H #ifndef POLARSSL_DES_H
#define POLARSSL_DES_H #define POLARSSL_DES_H
#define DES_ENCRYPT 1 #define DES_ENCRYPT 1
#define DES_DECRYPT 0 #define DES_DECRYPT 0
#define POLARSSL_ERR_DES_INVALID_INPUT_LENGTH -0x0C00
/** /**
* \brief DES context structure * \brief DES context structure
*/ */
typedef struct typedef struct
{ {
int mode; /*!< encrypt/decrypt */ int mode; /*!< encrypt/decrypt */
unsigned long sk[32]; /*!< DES subkeys */ unsigned long sk[32]; /*!< DES subkeys */
} }
des_context; des_context;
skipping to change at line 58 skipping to change at line 63
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief DES key schedule (56-bit, encryption) * \brief DES key schedule (56-bit, encryption)
* *
* \param ctx DES context to be initialized * \param ctx DES context to be initialized
* \param key 8-byte secret key * \param key 8-byte secret key
*/ */
void des_setkey_enc( des_context *ctx, unsigned char key[8] ); void des_setkey_enc( des_context *ctx, const unsigned char key[8] );
/** /**
* \brief DES key schedule (56-bit, decryption) * \brief DES key schedule (56-bit, decryption)
* *
* \param ctx DES context to be initialized * \param ctx DES context to be initialized
* \param key 8-byte secret key * \param key 8-byte secret key
*/ */
void des_setkey_dec( des_context *ctx, unsigned char key[8] ); void des_setkey_dec( des_context *ctx, const unsigned char key[8] );
/** /**
* \brief Triple-DES key schedule (112-bit, encryption) * \brief Triple-DES key schedule (112-bit, encryption)
* *
* \param ctx 3DES context to be initialized * \param ctx 3DES context to be initialized
* \param key 16-byte secret key * \param key 16-byte secret key
*/ */
void des3_set2key_enc( des3_context *ctx, unsigned char key[16] ); void des3_set2key_enc( des3_context *ctx, const unsigned char key[16] );
/** /**
* \brief Triple-DES key schedule (112-bit, decryption) * \brief Triple-DES key schedule (112-bit, decryption)
* *
* \param ctx 3DES context to be initialized * \param ctx 3DES context to be initialized
* \param key 16-byte secret key * \param key 16-byte secret key
*/ */
void des3_set2key_dec( des3_context *ctx, unsigned char key[16] ); void des3_set2key_dec( des3_context *ctx, const unsigned char key[16] );
/** /**
* \brief Triple-DES key schedule (168-bit, encryption) * \brief Triple-DES key schedule (168-bit, encryption)
* *
* \param ctx 3DES context to be initialized * \param ctx 3DES context to be initialized
* \param key 24-byte secret key * \param key 24-byte secret key
*/ */
void des3_set3key_enc( des3_context *ctx, unsigned char key[24] ); void des3_set3key_enc( des3_context *ctx, const unsigned char key[24] );
/** /**
* \brief Triple-DES key schedule (168-bit, decryption) * \brief Triple-DES key schedule (168-bit, decryption)
* *
* \param ctx 3DES context to be initialized * \param ctx 3DES context to be initialized
* \param key 24-byte secret key * \param key 24-byte secret key
*/ */
void des3_set3key_dec( des3_context *ctx, unsigned char key[24] ); void des3_set3key_dec( des3_context *ctx, const unsigned char key[24] );
/** /**
* \brief DES-ECB block encryption/decryption * \brief DES-ECB block encryption/decryption
* *
* \param ctx DES context * \param ctx DES context
* \param input 64-bit input block * \param input 64-bit input block
* \param output 64-bit output block * \param output 64-bit output block
*
* \return 0 if successful
*/ */
void des_crypt_ecb( des_context *ctx, int des_crypt_ecb( des_context *ctx,
unsigned char input[8], const unsigned char input[8],
unsigned char output[8] ); unsigned char output[8] );
/** /**
* \brief DES-CBC buffer encryption/decryption * \brief DES-CBC buffer encryption/decryption
* *
* \param ctx DES context * \param ctx DES context
* \param mode DES_ENCRYPT or DES_DECRYPT * \param mode DES_ENCRYPT or DES_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
*/ */
void des_crypt_cbc( des_context *ctx, int des_crypt_cbc( des_context *ctx,
int mode, int mode,
int length, int length,
unsigned char iv[8], unsigned char iv[8],
unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief 3DES-ECB block encryption/decryption * \brief 3DES-ECB block encryption/decryption
* *
* \param ctx 3DES context * \param ctx 3DES context
* \param input 64-bit input block * \param input 64-bit input block
* \param output 64-bit output block * \param output 64-bit output block
*
* \return 0 if successful
*/ */
void des3_crypt_ecb( des3_context *ctx, int des3_crypt_ecb( des3_context *ctx,
unsigned char input[8], const unsigned char input[8],
unsigned char output[8] ); unsigned char output[8] );
/** /**
* \brief 3DES-CBC buffer encryption/decryption * \brief 3DES-CBC buffer encryption/decryption
* *
* \param ctx 3DES context * \param ctx 3DES context
* \param mode DES_ENCRYPT or DES_DECRYPT * \param mode DES_ENCRYPT or DES_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
*
* \return 0 if successful, or POLARSSL_ERR_DES_INVALID_INPUT_LENGT
H
*/ */
void des3_crypt_cbc( des3_context *ctx, int des3_crypt_cbc( des3_context *ctx,
int mode, int mode,
int length, int length,
unsigned char iv[8], unsigned char iv[8],
unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/* /*
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int des_self_test( int verbose ); int des_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
 End of changes. 18 change blocks. 
17 lines changed or deleted 28 lines changed or added


 dhm.h   dhm.h 
/** /**
* \file dhm.h * \file dhm.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_DHM_H #ifndef POLARSSL_DHM_H
#define POLARSSL_DHM_H #define POLARSSL_DHM_H
#include "polarssl/bignum.h" #include "polarssl/bignum.h"
#define POLARSSL_ERR_DHM_BAD_INPUT_DATA -0x0480 #define POLARSSL_ERR_DHM_BAD_INPUT_DATA 0x0480
#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x0490 #define POLARSSL_ERR_DHM_READ_PARAMS_FAILED 0x0490
#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x04A0 #define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED 0x04A0
#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x04B0 #define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED 0x04B0
#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x04C0 #define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED 0x04C0
#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x04D0 #define POLARSSL_ERR_DHM_CALC_SECRET_FAILED 0x04D0
typedef struct typedef struct
{ {
int len; /*!< size(P) in chars */ int len; /*!< size(P) in chars */
mpi P; /*!< prime modulus */ mpi P; /*!< prime modulus */
mpi G; /*!< generator */ mpi G; /*!< generator */
mpi X; /*!< secret value */ mpi X; /*!< secret value */
mpi GX; /*!< self = G^X mod P */ mpi GX; /*!< self = G^X mod P */
mpi GY; /*!< peer = G^Y mod P */ mpi GY; /*!< peer = G^Y mod P */
mpi K; /*!< key = GY^X mod P */ mpi K; /*!< key = GY^X mod P */
skipping to change at line 62 skipping to change at line 65
* \brief Parse the ServerKeyExchange parameters * \brief Parse the ServerKeyExchange parameters
* *
* \param ctx DHM context * \param ctx DHM context
* \param p &(start of input buffer) * \param p &(start of input buffer)
* \param end end of buffer * \param end end of buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/ */
int dhm_read_params( dhm_context *ctx, int dhm_read_params( dhm_context *ctx,
unsigned char **p, unsigned char **p,
unsigned char *end ); const unsigned char *end );
/** /**
* \brief Setup and write the ServerKeyExchange parameters * \brief Setup and write the ServerKeyExchange parameters
* *
* \param ctx DHM context * \param ctx DHM context
* \param x_size private value size in bits * \param x_size private value size in bytes
* \param output destination buffer * \param output destination buffer
* \param olen number of chars written * \param olen number of chars written
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \note This function assumes that ctx->P and ctx->G * \note This function assumes that ctx->P and ctx->G
* have already been properly set (for example * have already been properly set (for example
* using mpi_read_string or mpi_read_binary). * using mpi_read_string or mpi_read_binary).
* *
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/ */
int dhm_make_params( dhm_context *ctx, int s_size, int dhm_make_params( dhm_context *ctx, int x_size,
unsigned char *output, int *olen, unsigned char *output, int *olen,
int (*f_rng)(void *), void *p_rng ); int (*f_rng)(void *), void *p_rng );
/** /**
* \brief Import the peer's public value G^Y * \brief Import the peer's public value G^Y
* *
* \param ctx DHM context * \param ctx DHM context
* \param input input buffer * \param input input buffer
* \param ilen size of buffer * \param ilen size of buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/ */
int dhm_read_public( dhm_context *ctx, int dhm_read_public( dhm_context *ctx,
unsigned char *input, int ilen ); const unsigned char *input, int ilen );
/** /**
* \brief Create own private value X and export G^X * \brief Create own private value X and export G^X
* *
* \param ctx DHM context * \param ctx DHM context
* \param x_size private value size in bits * \param x_size private value size in bits
* \param output destination buffer * \param output destination buffer
* \param olen must be equal to ctx->P.len * \param olen must be equal to ctx->P.len
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
 End of changes. 7 change blocks. 
13 lines changed or deleted 15 lines changed or added


 havege.h   havege.h 
/** /**
* \file havege.h * \file havege.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 52 skipping to change at line 55
/** /**
* \brief HAVEGE initialization * \brief HAVEGE initialization
* *
* \param hs HAVEGE state to be initialized * \param hs HAVEGE state to be initialized
*/ */
void havege_init( havege_state *hs ); void havege_init( havege_state *hs );
/** /**
* \brief HAVEGE rand function * \brief HAVEGE rand function
* *
* \param rng_st points to an HAVEGE state * \param p_rng A HAVEGE state
* *
* \return A random int * \return A random int
*/ */
int havege_rand( void *p_rng ); int havege_rand( void *p_rng );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* havege.h */ #endif /* havege.h */
 End of changes. 3 change blocks. 
4 lines changed or deleted 6 lines changed or added


 md2.h   md2.h 
/** /**
* \file md2.h * \file md2.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 58 skipping to change at line 61
*/ */
void md2_starts( md2_context *ctx ); void md2_starts( md2_context *ctx );
/** /**
* \brief MD2 process buffer * \brief MD2 process buffer
* *
* \param ctx MD2 context * \param ctx MD2 context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void md2_update( md2_context *ctx, unsigned char *input, int ilen ); void md2_update( md2_context *ctx, const unsigned char *input, int ilen );
/** /**
* \brief MD2 final digest * \brief MD2 final digest
* *
* \param ctx MD2 context * \param ctx MD2 context
* \param output MD2 checksum result * \param output MD2 checksum result
*/ */
void md2_finish( md2_context *ctx, unsigned char output[16] ); void md2_finish( md2_context *ctx, unsigned char output[16] );
/** /**
* \brief Output = MD2( input buffer ) * \brief Output = MD2( input buffer )
* *
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* \param output MD2 checksum result * \param output MD2 checksum result
*/ */
void md2( unsigned char *input, int ilen, unsigned char output[16] ); void md2( const unsigned char *input, int ilen, unsigned char output[16] );
/** /**
* \brief Output = MD2( file contents ) * \brief Output = MD2( file contents )
* *
* \param path input file name * \param path input file name
* \param output MD2 checksum result * \param output MD2 checksum result
* *
* \return 0 if successful, 1 if fopen failed, * \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed * or 2 if fread failed
*/ */
int md2_file( char *path, unsigned char output[16] ); int md2_file( const char *path, unsigned char output[16] );
/** /**
* \brief MD2 HMAC context setup * \brief MD2 HMAC context setup
* *
* \param ctx HMAC context to be initialized * \param ctx HMAC context to be initialized
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
*/ */
void md2_hmac_starts( md2_context *ctx, unsigned char *key, int keylen ); void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keyle n );
/** /**
* \brief MD2 HMAC process buffer * \brief MD2 HMAC process buffer
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void md2_hmac_update( md2_context *ctx, unsigned char *input, int ilen ); void md2_hmac_update( md2_context *ctx, const unsigned char *input, int ile n );
/** /**
* \brief MD2 HMAC final digest * \brief MD2 HMAC final digest
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param output MD2 HMAC checksum result * \param output MD2 HMAC checksum result
*/ */
void md2_hmac_finish( md2_context *ctx, unsigned char output[16] ); void md2_hmac_finish( md2_context *ctx, unsigned char output[16] );
/** /**
* \brief MD2 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void md2_hmac_reset( md2_context *ctx );
/**
* \brief Output = HMAC-MD2( hmac key, input buffer ) * \brief Output = HMAC-MD2( hmac key, input buffer )
* *
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* \param output HMAC-MD2 result * \param output HMAC-MD2 result
*/ */
void md2_hmac( unsigned char *key, int keylen, void md2_hmac( const unsigned char *key, int keylen,
unsigned char *input, int ilen, const unsigned char *input, int ilen,
unsigned char output[16] ); unsigned char output[16] );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int md2_self_test( int verbose ); int md2_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
 End of changes. 9 change blocks. 
10 lines changed or deleted 19 lines changed or added


 md4.h   md4.h 
/** /**
* \file md4.h * \file md4.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 57 skipping to change at line 60
*/ */
void md4_starts( md4_context *ctx ); void md4_starts( md4_context *ctx );
/** /**
* \brief MD4 process buffer * \brief MD4 process buffer
* *
* \param ctx MD4 context * \param ctx MD4 context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void md4_update( md4_context *ctx, unsigned char *input, int ilen ); void md4_update( md4_context *ctx, const unsigned char *input, int ilen );
/** /**
* \brief MD4 final digest * \brief MD4 final digest
* *
* \param ctx MD4 context * \param ctx MD4 context
* \param output MD4 checksum result * \param output MD4 checksum result
*/ */
void md4_finish( md4_context *ctx, unsigned char output[16] ); void md4_finish( md4_context *ctx, unsigned char output[16] );
/** /**
* \brief Output = MD4( input buffer ) * \brief Output = MD4( input buffer )
* *
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* \param output MD4 checksum result * \param output MD4 checksum result
*/ */
void md4( unsigned char *input, int ilen, unsigned char output[16] ); void md4( const unsigned char *input, int ilen, unsigned char output[16] );
/** /**
* \brief Output = MD4( file contents ) * \brief Output = MD4( file contents )
* *
* \param path input file name * \param path input file name
* \param output MD4 checksum result * \param output MD4 checksum result
* *
* \return 0 if successful, 1 if fopen failed, * \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed * or 2 if fread failed
*/ */
int md4_file( char *path, unsigned char output[16] ); int md4_file( const char *path, unsigned char output[16] );
/** /**
* \brief MD4 HMAC context setup * \brief MD4 HMAC context setup
* *
* \param ctx HMAC context to be initialized * \param ctx HMAC context to be initialized
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
*/ */
void md4_hmac_starts( md4_context *ctx, unsigned char *key, int keylen ); void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keyle n );
/** /**
* \brief MD4 HMAC process buffer * \brief MD4 HMAC process buffer
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void md4_hmac_update( md4_context *ctx, unsigned char *input, int ilen ); void md4_hmac_update( md4_context *ctx, const unsigned char *input, int ile n );
/** /**
* \brief MD4 HMAC final digest * \brief MD4 HMAC final digest
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param output MD4 HMAC checksum result * \param output MD4 HMAC checksum result
*/ */
void md4_hmac_finish( md4_context *ctx, unsigned char output[16] ); void md4_hmac_finish( md4_context *ctx, unsigned char output[16] );
/** /**
* \brief MD4 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void md4_hmac_reset( md4_context *ctx );
/**
* \brief Output = HMAC-MD4( hmac key, input buffer ) * \brief Output = HMAC-MD4( hmac key, input buffer )
* *
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* \param output HMAC-MD4 result * \param output HMAC-MD4 result
*/ */
void md4_hmac( unsigned char *key, int keylen, void md4_hmac( const unsigned char *key, int keylen,
unsigned char *input, int ilen, const unsigned char *input, int ilen,
unsigned char output[16] ); unsigned char output[16] );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int md4_self_test( int verbose ); int md4_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
 End of changes. 9 change blocks. 
10 lines changed or deleted 19 lines changed or added


 md5.h   md5.h 
/** /**
* \file md5.h * \file md5.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 57 skipping to change at line 60
*/ */
void md5_starts( md5_context *ctx ); void md5_starts( md5_context *ctx );
/** /**
* \brief MD5 process buffer * \brief MD5 process buffer
* *
* \param ctx MD5 context * \param ctx MD5 context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void md5_update( md5_context *ctx, unsigned char *input, int ilen ); void md5_update( md5_context *ctx, const unsigned char *input, int ilen );
/** /**
* \brief MD5 final digest * \brief MD5 final digest
* *
* \param ctx MD5 context * \param ctx MD5 context
* \param output MD5 checksum result * \param output MD5 checksum result
*/ */
void md5_finish( md5_context *ctx, unsigned char output[16] ); void md5_finish( md5_context *ctx, unsigned char output[16] );
/** /**
* \brief Output = MD5( input buffer ) * \brief Output = MD5( input buffer )
* *
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* \param output MD5 checksum result * \param output MD5 checksum result
*/ */
void md5( unsigned char *input, int ilen, unsigned char output[16] ); void md5( const unsigned char *input, int ilen, unsigned char output[16] );
/** /**
* \brief Output = MD5( file contents ) * \brief Output = MD5( file contents )
* *
* \param path input file name * \param path input file name
* \param output MD5 checksum result * \param output MD5 checksum result
* *
* \return 0 if successful, 1 if fopen failed, * \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed * or 2 if fread failed
*/ */
int md5_file( char *path, unsigned char output[16] ); int md5_file( const char *path, unsigned char output[16] );
/** /**
* \brief MD5 HMAC context setup * \brief MD5 HMAC context setup
* *
* \param ctx HMAC context to be initialized * \param ctx HMAC context to be initialized
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
*/ */
void md5_hmac_starts( md5_context *ctx, unsigned char *key, int keylen ); void md5_hmac_starts( md5_context *ctx,
const unsigned char *key, int keylen );
/** /**
* \brief MD5 HMAC process buffer * \brief MD5 HMAC process buffer
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void md5_hmac_update( md5_context *ctx, unsigned char *input, int ilen ); void md5_hmac_update( md5_context *ctx,
const unsigned char *input, int ilen );
/** /**
* \brief MD5 HMAC final digest * \brief MD5 HMAC final digest
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param output MD5 HMAC checksum result * \param output MD5 HMAC checksum result
*/ */
void md5_hmac_finish( md5_context *ctx, unsigned char output[16] ); void md5_hmac_finish( md5_context *ctx, unsigned char output[16] );
/** /**
* \brief MD5 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void md5_hmac_reset( md5_context *ctx );
/**
* \brief Output = HMAC-MD5( hmac key, input buffer ) * \brief Output = HMAC-MD5( hmac key, input buffer )
* *
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* \param output HMAC-MD5 result * \param output HMAC-MD5 result
*/ */
void md5_hmac( unsigned char *key, int keylen, void md5_hmac( const unsigned char *key, int keylen,
unsigned char *input, int ilen, const unsigned char *input, int ilen,
unsigned char output[16] ); unsigned char output[16] );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int md5_self_test( int verbose ); int md5_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
 End of changes. 9 change blocks. 
10 lines changed or deleted 21 lines changed or added


 net.h   net.h 
/** /**
* \file net.h * \file net.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 43 skipping to change at line 46
#define POLARSSL_ERR_NET_CONN_RESET -0x0F80 #define POLARSSL_ERR_NET_CONN_RESET -0x0F80
#define POLARSSL_ERR_NET_TRY_AGAIN -0x0F90 #define POLARSSL_ERR_NET_TRY_AGAIN -0x0F90
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief Initiate a TCP connection with host:port * \brief Initiate a TCP connection with host:port
* *
* \param fd Socket to use
* \param host Host to connect to
* \param port Port to connect to
*
* \return 0 if successful, or one of: * \return 0 if successful, or one of:
* POLARSSL_ERR_NET_SOCKET_FAILED, * POLARSSL_ERR_NET_SOCKET_FAILED,
* POLARSSL_ERR_NET_UNKNOWN_HOST, * POLARSSL_ERR_NET_UNKNOWN_HOST,
* POLARSSL_ERR_NET_CONNECT_FAILED * POLARSSL_ERR_NET_CONNECT_FAILED
*/ */
int net_connect( int *fd, char *host, int port ); int net_connect( int *fd, const char *host, int port );
/** /**
* \brief Create a listening socket on bind_ip:port. * \brief Create a listening socket on bind_ip:port.
* If bind_ip == NULL, all interfaces are binded. * If bind_ip == NULL, all interfaces are binded.
* *
* \param fd Socket to use
* \param bind_ip IP to bind to, can be NULL
* \param port Port number to use
*
* \return 0 if successful, or one of: * \return 0 if successful, or one of:
* POLARSSL_ERR_NET_SOCKET_FAILED, * POLARSSL_ERR_NET_SOCKET_FAILED,
* POLARSSL_ERR_NET_BIND_FAILED, * POLARSSL_ERR_NET_BIND_FAILED,
* POLARSSL_ERR_NET_LISTEN_FAILED * POLARSSL_ERR_NET_LISTEN_FAILED
*/ */
int net_bind( int *fd, char *bind_ip, int port ); int net_bind( int *fd, const char *bind_ip, int port );
/** /**
* \brief Accept a connection from a remote client * \brief Accept a connection from a remote client
* *
* \return 0 if successful, POLARSSL_ERR_NET_ACCEPT_FAILED, or * \param bind_fd Relevant socket
* POLARSSL_ERR_NET_WOULD_BLOCK is bind_fd was set to * \param client_fd Will contain the connected client socket
* non-blocking and accept() is blocking. * \param client_ip Will contain the client IP address
*
* \return 0 if successful, POLARSSL_ERR_NET_ACCEPT_FAILED, or
* POLARSSL_ERR_NET_WOULD_BLOCK is bind_fd was set to
* non-blocking and accept() is blocking.
*/ */
int net_accept( int bind_fd, int *client_fd, void *client_ip ); int net_accept( int bind_fd, int *client_fd, void *client_ip );
/** /**
* \brief Set the socket blocking * \brief Set the socket blocking
* *
* \param fd Socket to set
*
* \return 0 if successful, or a non-zero error code * \return 0 if successful, or a non-zero error code
*/ */
int net_set_block( int fd ); int net_set_block( int fd );
/** /**
* \brief Set the socket non-blocking * \brief Set the socket non-blocking
* *
* \param fd Socket to set
*
* \return 0 if successful, or a non-zero error code * \return 0 if successful, or a non-zero error code
*/ */
int net_set_nonblock( int fd ); int net_set_nonblock( int fd );
/** /**
* \brief Portable usleep helper * \brief Portable usleep helper
* *
* \param usec Amount of microseconds to sleep
*
* \note Real amount of time slept will not be less than * \note Real amount of time slept will not be less than
* select()'s timeout granularity (typically, 10ms). * select()'s timeout granularity (typically, 10ms).
*/ */
void net_usleep( unsigned long usec ); void net_usleep( unsigned long usec );
/** /**
* \brief Read at most 'len' characters. len is updated to * \brief Read at most 'len' characters. If no error occurs,
* reflect the actual number of characters read. * the actual amount read is returned.
*
* \param ctx Socket
* \param buf The buffer to write to
* \param len Maximum length of the buffer
* *
* \return This function returns the number of bytes received, * \return This function returns the number of bytes received,
* or a negative error code; POLARSSL_ERR_NET_TRY_AGAIN * or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN
* indicates read() is blocking. * indicates read() is blocking.
*/ */
int net_recv( void *ctx, unsigned char *buf, int len ); int net_recv( void *ctx, unsigned char *buf, int len );
/** /**
* \brief Write at most 'len' characters. len is updated to * \brief Write at most 'len' characters. If no error occurs,
* reflect the number of characters _not_ written. * the actual amount read is returned.
*
* \param ctx Socket
* \param buf The buffer to read from
* \param len The length of the buffer
* *
* \return This function returns the number of bytes sent, * \return This function returns the number of bytes sent,
* or a negative error code; POLARSSL_ERR_NET_TRY_AGAIN * or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN
* indicates write() is blocking. * indicates write() is blocking.
*/ */
int net_send( void *ctx, unsigned char *buf, int len ); int net_send( void *ctx, unsigned char *buf, int len );
/** /**
* \brief Gracefully shutdown the connection * \brief Gracefully shutdown the connection
*
* \param fd The socket to close
*/ */
void net_close( int fd ); void net_close( int fd );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* net.h */ #endif /* net.h */
 End of changes. 16 change blocks. 
15 lines changed or deleted 45 lines changed or added


 openssl.h   openssl.h 
/** /**
* \file openssl.h * \file openssl.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
 End of changes. 2 change blocks. 
3 lines changed or deleted 5 lines changed or added


 padlock.h   padlock.h 
/** /**
* \file padlock.h * \file padlock.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 40 skipping to change at line 43
#define POLARSSL_HAVE_X86 #define POLARSSL_HAVE_X86
#endif #endif
#define PADLOCK_RNG 0x000C #define PADLOCK_RNG 0x000C
#define PADLOCK_ACE 0x00C0 #define PADLOCK_ACE 0x00C0
#define PADLOCK_PHE 0x0C00 #define PADLOCK_PHE 0x0C00
#define PADLOCK_PMM 0x3000 #define PADLOCK_PMM 0x3000
#define PADLOCK_ALIGN16(x) (unsigned long *) (16 + ((long) x & ~15)) #define PADLOCK_ALIGN16(x) (unsigned long *) (16 + ((long) x & ~15))
#define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED -0x08E0
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief PadLock detection routine * \brief PadLock detection routine
* *
* \param The feature to detect
*
* \return 1 if CPU has support for the feature, 0 otherwise * \return 1 if CPU has support for the feature, 0 otherwise
*/ */
int padlock_supports( int feature ); int padlock_supports( int feature );
/** /**
* \brief PadLock AES-ECB block en(de)cryption * \brief PadLock AES-ECB block en(de)cryption
* *
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode AES_ENCRYPT or AES_DECRYPT
* \param input 16-byte input block * \param input 16-byte input block
* \param output 16-byte output block * \param output 16-byte output block
* *
* \return 0 if success, 1 if operation failed * \return 0 if success, 1 if operation failed
*/ */
int padlock_xcryptecb( aes_context *ctx, int padlock_xcryptecb( aes_context *ctx,
int mode, int mode,
unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16] );
/** /**
* \brief PadLock AES-CBC buffer en(de)cryption * \brief PadLock AES-CBC buffer en(de)cryption
* *
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
* *
* \return 0 if success, 1 if operation failed * \return 0 if success, 1 if operation failed
*/ */
int padlock_xcryptcbc( aes_context *ctx, int padlock_xcryptcbc( aes_context *ctx,
int mode, int mode,
int length, int length,
unsigned char iv[16], unsigned char iv[16],
unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* HAVE_X86 */ #endif /* HAVE_X86 */
#endif /* padlock.h */ #endif /* padlock.h */
 End of changes. 6 change blocks. 
5 lines changed or deleted 11 lines changed or added


 rsa.h   rsa.h 
/** /**
* \file rsa.h * \file rsa.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_RSA_H #ifndef POLARSSL_RSA_H
#define POLARSSL_RSA_H #define POLARSSL_RSA_H
#include "polarssl/bignum.h" #include "polarssl/bignum.h"
/*
* RSA Error codes
*/
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x0400 #define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x0400
#define POLARSSL_ERR_RSA_INVALID_PADDING -0x0410 #define POLARSSL_ERR_RSA_INVALID_PADDING -0x0410
#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x0420 #define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x0420
#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x0430 #define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x0430
#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x0440 #define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x0440
#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x0450 #define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x0450
#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x0460 #define POLARSSL_ERR_RSA_VERIFY_FAILED -0x0460
#define POLARSSL_ERR_RSA_OUTPUT_TO_LARGE -0x0470 #define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x0470
#define POLARSSL_ERR_RSA_RNG_FAILED -0x0480
/* /*
* PKCS#1 constants * PKCS#1 constants
*/ */
#define RSA_RAW 0 #define SIG_RSA_RAW 0
#define SIG_RSA_MD2 2
#define SIG_RSA_MD2 2 #define SIG_RSA_MD4 3
#define SIG_RSA_MD4 3 #define SIG_RSA_MD5 4
#define SIG_RSA_MD5 4
#define SIG_RSA_SHA1 5 #define SIG_RSA_SHA1 5
#define SIG_RSA_SHA224 14 #define SIG_RSA_SHA224 14
#define SIG_RSA_SHA256 11 #define SIG_RSA_SHA256 11
#define SIG_RSA_SHA384 12 #define SIG_RSA_SHA384 12
#define SIG_RSA_SHA512 13 #define SIG_RSA_SHA512 13
#define RSA_PUBLIC 0 #define RSA_PUBLIC 0
#define RSA_PRIVATE 1 #define RSA_PRIVATE 1
#define RSA_PKCS_V15 0 #define RSA_PKCS_V15 0
#define RSA_PKCS_V21 1 #define RSA_PKCS_V21 1
#define RSA_SIGN 1 #define RSA_SIGN 1
#define RSA_CRYPT 2 #define RSA_CRYPT 2
#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30" #define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30"
#define ASN1_STR_NULL "\x05" #define ASN1_STR_NULL "\x05"
#define ASN1_STR_OID "\x06" #define ASN1_STR_OID "\x06"
#define ASN1_STR_OCTET_STRING "\x04" #define ASN1_STR_OCTET_STRING "\x04"
#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00" #define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00"
#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a" #define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a"
#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00" #define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x0
0"
#define OID_ISO_MEMBER_BODIES "\x2a" #define OID_ISO_MEMBER_BODIES "\x2a"
#define OID_ISO_IDENTIFIED_ORG "\x2b" #define OID_ISO_IDENTIFIED_ORG "\x2b"
/* /*
* ISO Member bodies OID parts * ISO Member bodies OID parts
*/ */
#define OID_COUNTRY_US "\x86\x48" #define OID_COUNTRY_US "\x86\x48"
#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d" #define OID_RSA_DATA_SECURITY "\x86\xf7\x0d"
/* /*
* ISO Identified organization OID parts * ISO Identified organization OID parts
*/ */
#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a" #define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a"
/* /*
* DigestInfo ::= SEQUENCE { * DigestInfo ::= SEQUENCE {
* digestAlgorithm DigestAlgorithmIdentifier, * digestAlgorithm DigestAlgorithmIdentifier,
* digest Digest } * digest Digest }
* *
* DigestAlgorithmIdentifier ::= AlgorithmIdentifier * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
* *
* Digest ::= OCTET STRING * Digest ::= OCTET STRING
*/ */
#define ASN1_HASH_MDX \ #define ASN1_HASH_MDX \
( \ (
\
ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \ ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \ ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \
ASN1_STR_OID "\x08" \ ASN1_STR_OID "\x08" \
OID_DIGEST_ALG_MDX \ OID_DIGEST_ALG_MDX \
ASN1_STR_NULL "\x00" \ ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x10" \ ASN1_STR_OCTET_STRING "\x10" \
) )
#define ASN1_HASH_SHA1 \ #define ASN1_HASH_SHA1 \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \ ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \ ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \
ASN1_STR_OID "\x05" \ ASN1_STR_OID "\x05" \
OID_HASH_ALG_SHA1 \ OID_HASH_ALG_SHA1 \
ASN1_STR_NULL "\x00" \ ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x14" ASN1_STR_OCTET_STRING "\x14"
#define ASN1_HASH_SHA2X \ #define ASN1_HASH_SHA2X \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \ ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \ ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \
ASN1_STR_OID "\x09" \ ASN1_STR_OID "\x09" \
OID_HASH_ALG_SHA2X \ OID_HASH_ALG_SHA2X \
ASN1_STR_NULL "\x00" \ ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x00" ASN1_STR_OCTET_STRING "\x00"
/** /**
* \brief RSA context structure * \brief RSA context structure
*/ */
typedef struct typedef struct
{ {
int ver; /*!< always 0 */ int ver; /*!< always 0 */
int len; /*!< size(N) in chars */ int len; /*!< size(N) in chars */
skipping to change at line 141 skipping to change at line 147
mpi DP; /*!< D % (P - 1) */ mpi DP; /*!< D % (P - 1) */
mpi DQ; /*!< D % (Q - 1) */ mpi DQ; /*!< D % (Q - 1) */
mpi QP; /*!< 1 / (Q % P) */ mpi QP; /*!< 1 / (Q % P) */
mpi RN; /*!< cached R^2 mod N */ mpi RN; /*!< cached R^2 mod N */
mpi RP; /*!< cached R^2 mod P */ mpi RP; /*!< cached R^2 mod P */
mpi RQ; /*!< cached R^2 mod Q */ mpi RQ; /*!< cached R^2 mod Q */
int padding; /*!< 1.5 or OAEP/PSS */ int padding; /*!< 1.5 or OAEP/PSS */
int hash_id; /*!< hash identifier */ int hash_id; /*!< hash identifier */
int (*f_rng)(void *); /*!< RNG function */
void *p_rng; /*!< RNG parameter */
} }
rsa_context; rsa_context;
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief Initialize an RSA context * \brief Initialize an RSA context
* *
* \param ctx RSA context to be initialized * \param ctx RSA context to be initialized
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21 * \param padding RSA_PKCS_V15 or RSA_PKCS_V21
* \param hash_id RSA_PKCS_V21 hash identifier * \param hash_id RSA_PKCS_V21 hash identifier
* \param f_rng RNG function
* \param p_rng RNG parameter
* *
* \note The hash_id parameter is actually ignored * \note The hash_id parameter is actually ignored
* when using RSA_PKCS_V15 padding. * when using RSA_PKCS_V15 padding.
* *
* \note Currently (xyssl-0.8), RSA_PKCS_V21 padding * \note Currently, RSA_PKCS_V21 padding
* is not supported. * is not supported.
*/ */
void rsa_init( rsa_context *ctx, void rsa_init( rsa_context *ctx,
int padding, int padding,
int hash_id, int hash_id);
int (*f_rng)(void *),
void *p_rng );
/** /**
* \brief Generate an RSA keypair * \brief Generate an RSA keypair
* *
* \param ctx RSA context that will hold the key * \param ctx RSA context that will hold the key
* \param f_rng RNG function
* \param p_rng RNG parameter
* \param nbits size of the public key in bits * \param nbits size of the public key in bits
* \param exponent public exponent (e.g., 65537) * \param exponent public exponent (e.g., 65537)
* *
* \note rsa_init() must be called beforehand to setup * \note rsa_init() must be called beforehand to setup
* the RSA context (especially f_rng and p_rng). * the RSA context.
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/ */
int rsa_gen_key( rsa_context *ctx, int nbits, int exponent ); int rsa_gen_key( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
int nbits, int exponent );
/** /**
* \brief Check a public RSA key * \brief Check a public RSA key
* *
* \param ctx RSA context to be checked * \param ctx RSA context to be checked
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/ */
int rsa_check_pubkey( rsa_context *ctx ); int rsa_check_pubkey( const rsa_context *ctx );
/** /**
* \brief Check a private RSA key * \brief Check a private RSA key
* *
* \param ctx RSA context to be checked * \param ctx RSA context to be checked
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/ */
int rsa_check_privkey( rsa_context *ctx ); int rsa_check_privkey( const rsa_context *ctx );
/** /**
* \brief Do an RSA public key operation * \brief Do an RSA public key operation
* *
* \param ctx RSA context * \param ctx RSA context
* \param input input buffer * \param input input buffer
* \param output output buffer * \param output output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note This function does NOT take care of message * \note This function does NOT take care of message
* padding. Also, be sure to set input[0] = 0 or assure tha t * padding. Also, be sure to set input[0] = 0 or assure tha t
* input is smaller than N. * input is smaller than N.
* *
* \note The input and output buffers must be large * \note The input and output buffers must be large
* enough (eg. 128 bytes if RSA-1024 is used). * enough (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_public( rsa_context *ctx, int rsa_public( rsa_context *ctx,
unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Do an RSA private key operation * \brief Do an RSA private key operation
* *
* \param ctx RSA context * \param ctx RSA context
* \param input input buffer * \param input input buffer
* \param output output buffer * \param output output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The input and output buffers must be large * \note The input and output buffers must be large
* enough (eg. 128 bytes if RSA-1024 is used). * enough (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_private( rsa_context *ctx, int rsa_private( rsa_context *ctx,
unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Add the message padding, then do an RSA operation * \brief Add the message padding, then do an RSA operation
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param ilen contains the plaintext length * \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted * \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext * \param output buffer that will hold the ciphertext
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_pkcs1_encrypt( rsa_context *ctx, int rsa_pkcs1_encrypt( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
int mode, int ilen, int mode, int ilen,
unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Do an RSA operation, then remove the message padding * \brief Do an RSA operation, then remove the message padding
* *
* \param ctx RSA context * \param ctx RSA context
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param input buffer holding the encrypted data * \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext * \param output buffer that will hold the plaintext
* \param olen will contain the plaintext length * \param olen will contain the plaintext length
* \param output_max_len maximum length of the output buffer * \param output_max_len maximum length of the output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown. * an error is thrown.
*/ */
int rsa_pkcs1_decrypt( rsa_context *ctx, int rsa_pkcs1_decrypt( rsa_context *ctx,
int mode, int *olen, int mode, int *olen,
unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
int output_max_len); int output_max_len );
/** /**
* \brief Do a private RSA to sign a message digest * \brief Do a private RSA to sign a message digest
* *
* \param ctx RSA context * \param ctx RSA context
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param hash_id RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384, * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,
512} 384,512}
* \param hashlen message digest length (for RSA_RAW only) * \param hashlen message digest length (for SIG_RSA_RAW only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext * \param sig buffer that will hold the ciphertext
* *
* \return 0 if the signing operation was successful, * \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_pkcs1_sign( rsa_context *ctx, int rsa_pkcs1_sign( rsa_context *ctx,
int mode, int mode,
int hash_id, int hash_id,
int hashlen, int hashlen,
unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
/** /**
* \brief Do a public RSA and check the message digest * \brief Do a public RSA and check the message digest
* *
* \param ctx points to an RSA public key * \param ctx points to an RSA public key
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param hash_id RSA_RAW, RSA_MD{2,4,5} or RSA_SHA{1,256} * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,
* \param hashlen message digest length (for RSA_RAW only) 384,512}
* \param hashlen message digest length (for SIG_RSA_RAW only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext * \param sig buffer holding the ciphertext
* *
* \return 0 if the verify operation was successful, * \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_pkcs1_verify( rsa_context *ctx, int rsa_pkcs1_verify( rsa_context *ctx,
int mode, int mode,
int hash_id, int hash_id,
int hashlen, int hashlen,
unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
/** /**
* \brief Free the components of an RSA key * \brief Free the components of an RSA key
*
* \param ctx RSA Context to free
*/ */
void rsa_free( rsa_context *ctx ); void rsa_free( rsa_context *ctx );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int rsa_self_test( int verbose ); int rsa_self_test( int verbose );
 End of changes. 36 change blocks. 
59 lines changed or deleted 72 lines changed or added


 sha1.h   sha1.h 
/** /**
* \file sha1.h * \file sha1.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 57 skipping to change at line 60
*/ */
void sha1_starts( sha1_context *ctx ); void sha1_starts( sha1_context *ctx );
/** /**
* \brief SHA-1 process buffer * \brief SHA-1 process buffer
* *
* \param ctx SHA-1 context * \param ctx SHA-1 context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void sha1_update( sha1_context *ctx, unsigned char *input, int ilen ); void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen ) ;
/** /**
* \brief SHA-1 final digest * \brief SHA-1 final digest
* *
* \param ctx SHA-1 context * \param ctx SHA-1 context
* \param output SHA-1 checksum result * \param output SHA-1 checksum result
*/ */
void sha1_finish( sha1_context *ctx, unsigned char output[20] ); void sha1_finish( sha1_context *ctx, unsigned char output[20] );
/** /**
* \brief Output = SHA-1( input buffer ) * \brief Output = SHA-1( input buffer )
* *
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* \param output SHA-1 checksum result * \param output SHA-1 checksum result
*/ */
void sha1( unsigned char *input, int ilen, unsigned char output[20] ); void sha1( const unsigned char *input, int ilen, unsigned char output[20] ) ;
/** /**
* \brief Output = SHA-1( file contents ) * \brief Output = SHA-1( file contents )
* *
* \param path input file name * \param path input file name
* \param output SHA-1 checksum result * \param output SHA-1 checksum result
* *
* \return 0 if successful, 1 if fopen failed, * \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed * or 2 if fread failed
*/ */
int sha1_file( char *path, unsigned char output[20] ); int sha1_file( const char *path, unsigned char output[20] );
/** /**
* \brief SHA-1 HMAC context setup * \brief SHA-1 HMAC context setup
* *
* \param ctx HMAC context to be initialized * \param ctx HMAC context to be initialized
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
*/ */
void sha1_hmac_starts( sha1_context *ctx, unsigned char *key, int keylen ); void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int key len );
/** /**
* \brief SHA-1 HMAC process buffer * \brief SHA-1 HMAC process buffer
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void sha1_hmac_update( sha1_context *ctx, unsigned char *input, int ilen ); void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, int i len );
/** /**
* \brief SHA-1 HMAC final digest * \brief SHA-1 HMAC final digest
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param output SHA-1 HMAC checksum result * \param output SHA-1 HMAC checksum result
*/ */
void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] ); void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] );
/** /**
* \brief SHA-1 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void sha1_hmac_reset( sha1_context *ctx );
/**
* \brief Output = HMAC-SHA-1( hmac key, input buffer ) * \brief Output = HMAC-SHA-1( hmac key, input buffer )
* *
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* \param output HMAC-SHA-1 result * \param output HMAC-SHA-1 result
*/ */
void sha1_hmac( unsigned char *key, int keylen, void sha1_hmac( const unsigned char *key, int keylen,
unsigned char *input, int ilen, const unsigned char *input, int ilen,
unsigned char output[20] ); unsigned char output[20] );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int sha1_self_test( int verbose ); int sha1_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
 End of changes. 9 change blocks. 
10 lines changed or deleted 19 lines changed or added


 sha2.h   sha2.h 
/** /**
* \file sha2.h * \file sha2.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 59 skipping to change at line 62
*/ */
void sha2_starts( sha2_context *ctx, int is224 ); void sha2_starts( sha2_context *ctx, int is224 );
/** /**
* \brief SHA-256 process buffer * \brief SHA-256 process buffer
* *
* \param ctx SHA-256 context * \param ctx SHA-256 context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void sha2_update( sha2_context *ctx, unsigned char *input, int ilen ); void sha2_update( sha2_context *ctx, const unsigned char *input, int ilen ) ;
/** /**
* \brief SHA-256 final digest * \brief SHA-256 final digest
* *
* \param ctx SHA-256 context * \param ctx SHA-256 context
* \param output SHA-224/256 checksum result * \param output SHA-224/256 checksum result
*/ */
void sha2_finish( sha2_context *ctx, unsigned char output[32] ); void sha2_finish( sha2_context *ctx, unsigned char output[32] );
/** /**
* \brief Output = SHA-256( input buffer ) * \brief Output = SHA-256( input buffer )
* *
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* \param output SHA-224/256 checksum result * \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224 * \param is224 0 = use SHA256, 1 = use SHA224
*/ */
void sha2( unsigned char *input, int ilen, void sha2( const unsigned char *input, int ilen,
unsigned char output[32], int is224 ); unsigned char output[32], int is224 );
/** /**
* \brief Output = SHA-256( file contents ) * \brief Output = SHA-256( file contents )
* *
* \param path input file name * \param path input file name
* \param output SHA-224/256 checksum result * \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224 * \param is224 0 = use SHA256, 1 = use SHA224
* *
* \return 0 if successful, 1 if fopen failed, * \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed * or 2 if fread failed
*/ */
int sha2_file( char *path, unsigned char output[32], int is224 ); int sha2_file( const char *path, unsigned char output[32], int is224 );
/** /**
* \brief SHA-256 HMAC context setup * \brief SHA-256 HMAC context setup
* *
* \param ctx HMAC context to be initialized * \param ctx HMAC context to be initialized
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
* \param is224 0 = use SHA256, 1 = use SHA224 * \param is224 0 = use SHA256, 1 = use SHA224
*/ */
void sha2_hmac_starts( sha2_context *ctx, unsigned char *key, int keylen, void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int key len,
int is224 ); int is224 );
/** /**
* \brief SHA-256 HMAC process buffer * \brief SHA-256 HMAC process buffer
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void sha2_hmac_update( sha2_context *ctx, unsigned char *input, int ilen ); void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, int i len );
/** /**
* \brief SHA-256 HMAC final digest * \brief SHA-256 HMAC final digest
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param output SHA-224/256 HMAC checksum result * \param output SHA-224/256 HMAC checksum result
*/ */
void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] ); void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] );
/** /**
* \brief SHA-256 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void sha2_hmac_reset( sha2_context *ctx );
/**
* \brief Output = HMAC-SHA-256( hmac key, input buffer ) * \brief Output = HMAC-SHA-256( hmac key, input buffer )
* *
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* \param output HMAC-SHA-224/256 result * \param output HMAC-SHA-224/256 result
* \param is224 0 = use SHA256, 1 = use SHA224 * \param is224 0 = use SHA256, 1 = use SHA224
*/ */
void sha2_hmac( unsigned char *key, int keylen, void sha2_hmac( const unsigned char *key, int keylen,
unsigned char *input, int ilen, const unsigned char *input, int ilen,
unsigned char output[32], int is224 ); unsigned char output[32], int is224 );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int sha2_self_test( int verbose ); int sha2_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
 End of changes. 9 change blocks. 
10 lines changed or deleted 19 lines changed or added


 sha4.h   sha4.h 
/** /**
* \file sha4.h * \file sha4.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 67 skipping to change at line 70
*/ */
void sha4_starts( sha4_context *ctx, int is384 ); void sha4_starts( sha4_context *ctx, int is384 );
/** /**
* \brief SHA-512 process buffer * \brief SHA-512 process buffer
* *
* \param ctx SHA-512 context * \param ctx SHA-512 context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void sha4_update( sha4_context *ctx, unsigned char *input, int ilen ); void sha4_update( sha4_context *ctx, const unsigned char *input, int ilen ) ;
/** /**
* \brief SHA-512 final digest * \brief SHA-512 final digest
* *
* \param ctx SHA-512 context * \param ctx SHA-512 context
* \param output SHA-384/512 checksum result * \param output SHA-384/512 checksum result
*/ */
void sha4_finish( sha4_context *ctx, unsigned char output[64] ); void sha4_finish( sha4_context *ctx, unsigned char output[64] );
/** /**
* \brief Output = SHA-512( input buffer ) * \brief Output = SHA-512( input buffer )
* *
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* \param output SHA-384/512 checksum result * \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384 * \param is384 0 = use SHA512, 1 = use SHA384
*/ */
void sha4( unsigned char *input, int ilen, void sha4( const unsigned char *input, int ilen,
unsigned char output[64], int is384 ); unsigned char output[64], int is384 );
/** /**
* \brief Output = SHA-512( file contents ) * \brief Output = SHA-512( file contents )
* *
* \param path input file name * \param path input file name
* \param output SHA-384/512 checksum result * \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384 * \param is384 0 = use SHA512, 1 = use SHA384
* *
* \return 0 if successful, 1 if fopen failed, * \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed * or 2 if fread failed
*/ */
int sha4_file( char *path, unsigned char output[64], int is384 ); int sha4_file( const char *path, unsigned char output[64], int is384 );
/** /**
* \brief SHA-512 HMAC context setup * \brief SHA-512 HMAC context setup
* *
* \param ctx HMAC context to be initialized * \param ctx HMAC context to be initialized
* \param is384 0 = use SHA512, 1 = use SHA384 * \param is384 0 = use SHA512, 1 = use SHA384
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
*/ */
void sha4_hmac_starts( sha4_context *ctx, unsigned char *key, int keylen, void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int key len,
int is384 ); int is384 );
/** /**
* \brief SHA-512 HMAC process buffer * \brief SHA-512 HMAC process buffer
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void sha4_hmac_update( sha4_context *ctx, unsigned char *input, int ilen ); void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, int i len );
/** /**
* \brief SHA-512 HMAC final digest * \brief SHA-512 HMAC final digest
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param output SHA-384/512 HMAC checksum result * \param output SHA-384/512 HMAC checksum result
*/ */
void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] ); void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] );
/** /**
* \brief SHA-512 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void sha4_hmac_reset( sha4_context *ctx );
/**
* \brief Output = HMAC-SHA-512( hmac key, input buffer ) * \brief Output = HMAC-SHA-512( hmac key, input buffer )
* *
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* \param output HMAC-SHA-384/512 result * \param output HMAC-SHA-384/512 result
* \param is384 0 = use SHA512, 1 = use SHA384 * \param is384 0 = use SHA512, 1 = use SHA384
*/ */
void sha4_hmac( unsigned char *key, int keylen, void sha4_hmac( const unsigned char *key, int keylen,
unsigned char *input, int ilen, const unsigned char *input, int ilen,
unsigned char output[64], int is384 ); unsigned char output[64], int is384 );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int sha4_self_test( int verbose ); int sha4_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
 End of changes. 9 change blocks. 
10 lines changed or deleted 19 lines changed or added


 ssl.h   ssl.h 
/** /**
* \file ssl.h * \file ssl.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 34 skipping to change at line 37
#include <time.h> #include <time.h>
#include "polarssl/net.h" #include "polarssl/net.h"
#include "polarssl/dhm.h" #include "polarssl/dhm.h"
#include "polarssl/rsa.h" #include "polarssl/rsa.h"
#include "polarssl/md5.h" #include "polarssl/md5.h"
#include "polarssl/sha1.h" #include "polarssl/sha1.h"
#include "polarssl/x509.h" #include "polarssl/x509.h"
/*
* SSL Error codes
*/
#define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE -0x1000 #define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE -0x1000
#define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x1800 #define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x1800
#define POLARSSL_ERR_SSL_INVALID_MAC -0x2000 #define POLARSSL_ERR_SSL_INVALID_MAC -0x2000
#define POLARSSL_ERR_SSL_INVALID_RECORD -0x2800 #define POLARSSL_ERR_SSL_INVALID_RECORD -0x2800
#define POLARSSL_ERR_SSL_INVALID_MODULUS_SIZE -0x3000 #define POLARSSL_ERR_SSL_INVALID_MODULUS_SIZE -0x3000
#define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x3800 #define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x3800
#define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x4000 #define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x4000
#define POLARSSL_ERR_SSL_NO_SESSION_FOUND -0x4800 #define POLARSSL_ERR_SSL_NO_SESSION_FOUND -0x4800
#define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE -0x5000 #define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE -0x5000
#define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE -0x5800 #define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE -0x5800
skipping to change at line 89 skipping to change at line 95
/* /*
* Allow an extra 512 bytes for the record header * Allow an extra 512 bytes for the record header
* and encryption overhead (counter + MAC + padding). * and encryption overhead (counter + MAC + padding).
*/ */
#define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + 512) #define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + 512)
/* /*
* Supported ciphersuites * Supported ciphersuites
*/ */
#define SSL_RSA_RC4_128_MD5 4 #define SSL_RSA_RC4_128_MD5 0x04
#define SSL_RSA_RC4_128_SHA 5 #define SSL_RSA_RC4_128_SHA 0x05
#define SSL_RSA_DES_168_SHA 10 #define SSL_RSA_DES_168_SHA 0x0A
#define SSL_EDH_RSA_DES_168_SHA 22 #define SSL_EDH_RSA_DES_168_SHA 0x16
#define SSL_RSA_AES_128_SHA 47 #define SSL_RSA_AES_128_SHA 0x2F
#define SSL_RSA_AES_256_SHA 53 #define SSL_EDH_RSA_AES_128_SHA 0x33
#define SSL_EDH_RSA_AES_256_SHA 57 #define SSL_RSA_AES_256_SHA 0x35
#define SSL_EDH_RSA_AES_256_SHA 0x39
#define SSL_RSA_CAMELLIA_128_SHA 0x41
#define SSL_RSA_CAMELLIA_256_SHA 0x84 #define SSL_RSA_CAMELLIA_128_SHA 0x41
#define SSL_EDH_RSA_CAMELLIA_256_SHA 0x88 #define SSL_EDH_RSA_CAMELLIA_128_SHA 0x45
#define SSL_RSA_CAMELLIA_256_SHA 0x84
#define SSL_EDH_RSA_CAMELLIA_256_SHA 0x88
/* /*
* Message, alert and handshake types * Message, alert and handshake types
*/ */
#define SSL_MSG_CHANGE_CIPHER_SPEC 20 #define SSL_MSG_CHANGE_CIPHER_SPEC 20
#define SSL_MSG_ALERT 21 #define SSL_MSG_ALERT 21
#define SSL_MSG_HANDSHAKE 22 #define SSL_MSG_HANDSHAKE 22
#define SSL_MSG_APPLICATION_DATA 23 #define SSL_MSG_APPLICATION_DATA 23
#define SSL_ALERT_CLOSE_NOTIFY 0 #define SSL_ALERT_LEVEL_WARNING 1
#define SSL_ALERT_WARNING 1 #define SSL_ALERT_LEVEL_FATAL 2
#define SSL_ALERT_FATAL 2
#define SSL_ALERT_NO_CERTIFICATE 41 #define SSL_ALERT_MSG_CLOSE_NOTIFY 0
#define SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10
#define SSL_ALERT_MSG_BAD_RECORD_MAD 20
#define SSL_ALERT_MSG_DECRYPTION_FAILED 21
#define SSL_ALERT_MSG_RECORD_OVERFLOW 22
#define SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30
#define SSL_ALERT_MSG_HANDSHAKE_FAILURE 40
#define SSL_ALERT_MSG_NO_CERT 41
#define SSL_ALERT_MSG_BAD_CERT 42
#define SSL_ALERT_MSG_UNSUPPORTED_CERT 43
#define SSL_ALERT_MSG_CERT_REVOKED 44
#define SSL_ALERT_MSG_CERT_EXPIRED 45
#define SSL_ALERT_MSG_CERT_UNKNOWN 46
#define SSL_ALERT_MSG_ILLEGAL_PARAMETER 47
#define SSL_ALERT_MSG_UNKNOWN_CA 48
#define SSL_ALERT_MSG_ACCESS_DENIED 49
#define SSL_ALERT_MSG_DECODE_ERROR 50
#define SSL_ALERT_MSG_DECRYPT_ERROR 51
#define SSL_ALERT_MSG_EXPORT_RESTRICTION 60
#define SSL_ALERT_MSG_PROTOCOL_VERSION 70
#define SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71
#define SSL_ALERT_MSG_INTERNAL_ERROR 80
#define SSL_ALERT_MSG_USER_CANCELED 90
#define SSL_ALERT_MSG_NO_RENEGOTIATION 100
#define SSL_HS_HELLO_REQUEST 0 #define SSL_HS_HELLO_REQUEST 0
#define SSL_HS_CLIENT_HELLO 1 #define SSL_HS_CLIENT_HELLO 1
#define SSL_HS_SERVER_HELLO 2 #define SSL_HS_SERVER_HELLO 2
#define SSL_HS_CERTIFICATE 11 #define SSL_HS_CERTIFICATE 11
#define SSL_HS_SERVER_KEY_EXCHANGE 12 #define SSL_HS_SERVER_KEY_EXCHANGE 12
#define SSL_HS_CERTIFICATE_REQUEST 13 #define SSL_HS_CERTIFICATE_REQUEST 13
#define SSL_HS_SERVER_HELLO_DONE 14 #define SSL_HS_SERVER_HELLO_DONE 14
#define SSL_HS_CERTIFICATE_VERIFY 15 #define SSL_HS_CERTIFICATE_VERIFY 15
#define SSL_HS_CLIENT_KEY_EXCHANGE 16 #define SSL_HS_CLIENT_KEY_EXCHANGE 16
skipping to change at line 188 skipping to change at line 219
int major_ver; /*!< equal to SSL_MAJOR_VERSION_3 */ int major_ver; /*!< equal to SSL_MAJOR_VERSION_3 */
int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */ int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */
int max_major_ver; /*!< max. major version from client */ int max_major_ver; /*!< max. major version from client */
int max_minor_ver; /*!< max. minor version from client */ int max_minor_ver; /*!< max. minor version from client */
/* /*
* Callbacks (RNG, debug, I/O) * Callbacks (RNG, debug, I/O)
*/ */
int (*f_rng)(void *); int (*f_rng)(void *);
void (*f_dbg)(void *, int, char *); void (*f_dbg)(void *, int, const char *);
int (*f_recv)(void *, unsigned char *, int); int (*f_recv)(void *, unsigned char *, int);
int (*f_send)(void *, unsigned char *, int); int (*f_send)(void *, unsigned char *, int);
void *p_rng; /*!< context for the RNG function */ void *p_rng; /*!< context for the RNG function */
void *p_dbg; /*!< context for the debug function */ void *p_dbg; /*!< context for the debug function */
void *p_recv; /*!< context for reading operations */ void *p_recv; /*!< context for reading operations */
void *p_send; /*!< context for writing operations */ void *p_send; /*!< context for writing operations */
/* /*
* Session layer * Session layer
skipping to change at line 240 skipping to change at line 271
int out_left; /*!< amount of data not yet written */ int out_left; /*!< amount of data not yet written */
/* /*
* PKI layer * PKI layer
*/ */
rsa_context *rsa_key; /*!< own RSA private key */ rsa_context *rsa_key; /*!< own RSA private key */
x509_cert *own_cert; /*!< own X.509 certificate */ x509_cert *own_cert; /*!< own X.509 certificate */
x509_cert *ca_chain; /*!< own trusted CA chain */ x509_cert *ca_chain; /*!< own trusted CA chain */
x509_crl *ca_crl; /*!< trusted CA CRLs */ x509_crl *ca_crl; /*!< trusted CA CRLs */
x509_cert *peer_cert; /*!< peer X.509 cert chain */ x509_cert *peer_cert; /*!< peer X.509 cert chain */
char *peer_cn; /*!< expected peer CN */ const char *peer_cn; /*!< expected peer CN */
int endpoint; /*!< 0: client, 1: server */ int endpoint; /*!< 0: client, 1: server */
int authmode; /*!< verification mode */ int authmode; /*!< verification mode */
int client_auth; /*!< flag for client auth. */ int client_auth; /*!< flag for client auth. */
int verify_result; /*!< verification result */ int verify_result; /*!< verification result */
/* /*
* Crypto layer * Crypto layer
*/ */
dhm_context dhm_ctx; /*!< DHM key exchange */ dhm_context dhm_ctx; /*!< DHM key exchange */
md5_context fin_md5; /*!< Finished MD5 checksum */ md5_context fin_md5; /*!< Finished MD5 checksum */
sha1_context fin_sha1; /*!< Finished SHA-1 checksum */ sha1_context fin_sha1; /*!< Finished SHA-1 checksum */
int do_crypt; /*!< en(de)cryption flag */ int do_crypt; /*!< en(de)cryption flag */
int *ciphers; /*!< allowed ciphersuites */ int *ciphers; /*!< allowed ciphersuites */
int pmslen; /*!< premaster length */ int pmslen; /*!< premaster length */
int keylen; /*!< symmetric key length */ int keylen; /*!< symmetric key length */
int minlen; /*!< min. ciphertext length */ int minlen; /*!< min. ciphertext length */
int ivlen; /*!< IV length */ int ivlen; /*!< IV length */
int maclen; /*!< MAC length */ int maclen; /*!< MAC length */
skipping to change at line 342 skipping to change at line 373
void *p_rng ); void *p_rng );
/** /**
* \brief Set the debug callback * \brief Set the debug callback
* *
* \param ssl SSL context * \param ssl SSL context
* \param f_dbg debug function * \param f_dbg debug function
* \param p_dbg debug parameter * \param p_dbg debug parameter
*/ */
void ssl_set_dbg( ssl_context *ssl, void ssl_set_dbg( ssl_context *ssl,
void (*f_dbg)(void *, int, char *), void (*f_dbg)(void *, int, const char *),
void *p_dbg ); void *p_dbg );
/** /**
* \brief Set the underlying BIO read and write callbacks * \brief Set the underlying BIO read and write callbacks
* *
* \param ssl SSL context * \param ssl SSL context
* \param f_recv read callback * \param f_recv read callback
* \param p_recv read parameter * \param p_recv read parameter
* \param f_send write callback * \param f_send write callback
* \param p_send write parameter * \param p_send write parameter
skipping to change at line 399 skipping to change at line 430
* \brief Set the data required to verify peer certificate * \brief Set the data required to verify peer certificate
* *
* \param ssl SSL context * \param ssl SSL context
* \param ca_chain trusted CA chain * \param ca_chain trusted CA chain
* \param ca_crl trusted CA CRLs * \param ca_crl trusted CA CRLs
* \param peer_cn expected peer CommonName (or NULL) * \param peer_cn expected peer CommonName (or NULL)
* *
* \note TODO: add two more parameters: depth and crl * \note TODO: add two more parameters: depth and crl
*/ */
void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain, void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
x509_crl *ca_crl, char *peer_cn ); x509_crl *ca_crl, const char *peer_cn );
/** /**
* \brief Set own certificate and private key * \brief Set own certificate and private key
* *
* \param ssl SSL context * \param ssl SSL context
* \param own_cert own public certificate * \param own_cert own public certificate
* \param rsa_key own private RSA key * \param rsa_key own private RSA key
*/ */
void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert, void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
rsa_context *rsa_key ); rsa_context *rsa_key );
skipping to change at line 421 skipping to change at line 452
/** /**
* \brief Set the Diffie-Hellman public P and G values, * \brief Set the Diffie-Hellman public P and G values,
* read as hexadecimal strings (server-side only) * read as hexadecimal strings (server-side only)
* *
* \param ssl SSL context * \param ssl SSL context
* \param dhm_P Diffie-Hellman-Merkle modulus * \param dhm_P Diffie-Hellman-Merkle modulus
* \param dhm_G Diffie-Hellman-Merkle generator * \param dhm_G Diffie-Hellman-Merkle generator
* *
* \return 0 if successful * \return 0 if successful
*/ */
int ssl_set_dh_param( ssl_context *ssl, char *dhm_P, char *dhm_G ); int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_ G );
/** /**
* \brief Set hostname for ServerName TLS Extension * \brief Set hostname for ServerName TLS Extension
* *
* *
* \param ssl SSL context * \param ssl SSL context
* \param hostname the server hostname * \param hostname the server hostname
* *
* \return 0 if successful * \return 0 if successful
*/ */
int ssl_set_hostname( ssl_context *ssl, char *hostname ); int ssl_set_hostname( ssl_context *ssl, const char *hostname );
/** /**
* \brief Return the number of data bytes available to read * \brief Return the number of data bytes available to read
* *
* \param ssl SSL context * \param ssl SSL context
* *
* \return how many bytes are available in the read buffer * \return how many bytes are available in the read buffer
*/ */
int ssl_get_bytes_avail( ssl_context *ssl ); int ssl_get_bytes_avail( const ssl_context *ssl );
/** /**
* \brief Return the result of the certificate verification * \brief Return the result of the certificate verification
* *
* \param ssl SSL context * \param ssl SSL context
* *
* \return 0 if successful, or a combination of: * \return 0 if successful, or a combination of:
* BADCERT_EXPIRED * BADCERT_EXPIRED
* BADCERT_REVOKED * BADCERT_REVOKED
* BADCERT_CN_MISMATCH * BADCERT_CN_MISMATCH
* BADCERT_NOT_TRUSTED * BADCERT_NOT_TRUSTED
*/ */
int ssl_get_verify_result( ssl_context *ssl ); int ssl_get_verify_result( const ssl_context *ssl );
/** /**
* \brief Return the name of the current cipher * \brief Return the name of the current cipher
* *
* \param ssl SSL context * \param ssl SSL context
* *
* \return a string containing the cipher name * \return a string containing the cipher name
*/ */
char *ssl_get_cipher( ssl_context *ssl ); const char *ssl_get_cipher( const ssl_context *ssl );
/** /**
* \brief Perform the SSL handshake * \brief Perform the SSL handshake
* *
* \param ssl SSL context * \param ssl SSL context
* *
* \return 0 if successful, POLARSSL_ERR_NET_TRY_AGAIN, * \return 0 if successful, POLARSSL_ERR_NET_TRY_AGAIN,
* or a specific SSL error code. * or a specific SSL error code.
*/ */
int ssl_handshake( ssl_context *ssl ); int ssl_handshake( ssl_context *ssl );
skipping to change at line 501 skipping to change at line 532
* \param buf buffer holding the data * \param buf buffer holding the data
* \param len how many bytes must be written * \param len how many bytes must be written
* *
* \return This function returns the number of bytes written, * \return This function returns the number of bytes written,
* or a negative error code. * or a negative error code.
* *
* \note When this function returns POLARSSL_ERR_NET_TRY_AGAIN, * \note When this function returns POLARSSL_ERR_NET_TRY_AGAIN,
* it must be called later with the *same* arguments, * it must be called later with the *same* arguments,
* until it returns a positive value. * until it returns a positive value.
*/ */
int ssl_write( ssl_context *ssl, unsigned char *buf, int len ); int ssl_write( ssl_context *ssl, const unsigned char *buf, int len );
/** /**
* \brief Notify the peer that the connection is being closed * \brief Notify the peer that the connection is being closed
*
* \param ssl SSL context
*/ */
int ssl_close_notify( ssl_context *ssl ); int ssl_close_notify( ssl_context *ssl );
/** /**
* \brief Free an SSL context * \brief Free an SSL context
*
* \param ssl SSL context
*/ */
void ssl_free( ssl_context *ssl ); void ssl_free( ssl_context *ssl );
/* /*
* Internal functions (do not call directly) * Internal functions (do not call directly)
*/ */
int ssl_handshake_client( ssl_context *ssl ); int ssl_handshake_client( ssl_context *ssl );
int ssl_handshake_server( ssl_context *ssl ); int ssl_handshake_server( ssl_context *ssl );
int ssl_derive_keys( ssl_context *ssl ); int ssl_derive_keys( ssl_context *ssl );
 End of changes. 18 change blocks. 
30 lines changed or deleted 64 lines changed or added


 timing.h   timing.h 
/** /**
* \file timing.h * \file timing.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 61 skipping to change at line 64
/** /**
* \brief Setup an alarm clock * \brief Setup an alarm clock
* *
* \param seconds delay before the "alarmed" flag is set * \param seconds delay before the "alarmed" flag is set
*/ */
void set_alarm( int seconds ); void set_alarm( int seconds );
/** /**
* \brief Sleep for a certain amount of time * \brief Sleep for a certain amount of time
*
* \param Delay in milliseconds
*/ */
void m_sleep( int milliseconds ); void m_sleep( int milliseconds );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* timing.h */ #endif /* timing.h */
 End of changes. 3 change blocks. 
3 lines changed or deleted 7 lines changed or added


 x509.h   x509.h 
/** /**
* \file x509.h * \file x509.h
* *
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine * Copyright (C) 2006-2010, Brainspark B.V.
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * This file is part of PolarSSL (http://www.polarssl.org)
g> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_X509_H #ifndef POLARSSL_X509_H
#define POLARSSL_X509_H #define POLARSSL_X509_H
#include "polarssl/rsa.h" #include "polarssl/rsa.h"
#define POLARSSL_ERR_ASN1_OUT_OF_DATA -0x0014 /*
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG -0x0016 * ASN1 Error codes
#define POLARSSL_ERR_ASN1_INVALID_LENGTH -0x0018 *
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH -0x001A * These error codes will be OR'ed to X509 error codes for
#define POLARSSL_ERR_ASN1_INVALID_DATA -0x001C * higher error granularity.
*/
#define POLARSSL_ERR_ASN1_OUT_OF_DATA 0x0014
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG 0x0016
#define POLARSSL_ERR_ASN1_INVALID_LENGTH 0x0018
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH 0x001A
#define POLARSSL_ERR_ASN1_INVALID_DATA 0x001C
/*
* X509 Error codes
*/
#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x0020 #define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x0020
#define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x0040 #define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x0040
#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x0060 #define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x0060
#define POLARSSL_ERR_X509_CERT_INVALID_VERSION -0x0080 #define POLARSSL_ERR_X509_CERT_INVALID_VERSION -0x0080
#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL -0x00A0 #define POLARSSL_ERR_X509_CERT_INVALID_SERIAL -0x00A0
#define POLARSSL_ERR_X509_CERT_INVALID_ALG -0x00C0 #define POLARSSL_ERR_X509_CERT_INVALID_ALG -0x00C0
#define POLARSSL_ERR_X509_CERT_INVALID_NAME -0x00E0 #define POLARSSL_ERR_X509_CERT_INVALID_NAME -0x00E0
#define POLARSSL_ERR_X509_CERT_INVALID_DATE -0x0100 #define POLARSSL_ERR_X509_CERT_INVALID_DATE -0x0100
#define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY -0x0120 #define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY -0x0120
#define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE -0x0140 #define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE -0x0140
skipping to change at line 59 skipping to change at line 71
#define POLARSSL_ERR_X509_KEY_INVALID_PEM -0x0220 #define POLARSSL_ERR_X509_KEY_INVALID_PEM -0x0220
#define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x0240 #define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x0240
#define POLARSSL_ERR_X509_KEY_INVALID_FORMAT -0x0260 #define POLARSSL_ERR_X509_KEY_INVALID_FORMAT -0x0260
#define POLARSSL_ERR_X509_KEY_INVALID_ENC_IV -0x0280 #define POLARSSL_ERR_X509_KEY_INVALID_ENC_IV -0x0280
#define POLARSSL_ERR_X509_KEY_UNKNOWN_ENC_ALG -0x02A0 #define POLARSSL_ERR_X509_KEY_UNKNOWN_ENC_ALG -0x02A0
#define POLARSSL_ERR_X509_KEY_PASSWORD_REQUIRED -0x02C0 #define POLARSSL_ERR_X509_KEY_PASSWORD_REQUIRED -0x02C0
#define POLARSSL_ERR_X509_KEY_PASSWORD_MISMATCH -0x02E0 #define POLARSSL_ERR_X509_KEY_PASSWORD_MISMATCH -0x02E0
#define POLARSSL_ERR_X509_POINT_ERROR -0x0300 #define POLARSSL_ERR_X509_POINT_ERROR -0x0300
#define POLARSSL_ERR_X509_VALUE_TO_LENGTH -0x0320 #define POLARSSL_ERR_X509_VALUE_TO_LENGTH -0x0320
/*
* X509 Verify codes
*/
#define BADCERT_EXPIRED 1 #define BADCERT_EXPIRED 1
#define BADCERT_REVOKED 2 #define BADCERT_REVOKED 2
#define BADCERT_CN_MISMATCH 4 #define BADCERT_CN_MISMATCH 4
#define BADCERT_NOT_TRUSTED 8 #define BADCERT_NOT_TRUSTED 8
#define BADCRL_NOT_TRUSTED 16 #define BADCRL_NOT_TRUSTED 16
#define BADCRL_EXPIRED 32 #define BADCRL_EXPIRED 32
/* /*
* DER constants * DER constants
*/ */
skipping to change at line 82 skipping to change at line 97
#define ASN1_OCTET_STRING 0x04 #define ASN1_OCTET_STRING 0x04
#define ASN1_NULL 0x05 #define ASN1_NULL 0x05
#define ASN1_OID 0x06 #define ASN1_OID 0x06
#define ASN1_UTF8_STRING 0x0C #define ASN1_UTF8_STRING 0x0C
#define ASN1_SEQUENCE 0x10 #define ASN1_SEQUENCE 0x10
#define ASN1_SET 0x11 #define ASN1_SET 0x11
#define ASN1_PRINTABLE_STRING 0x13 #define ASN1_PRINTABLE_STRING 0x13
#define ASN1_T61_STRING 0x14 #define ASN1_T61_STRING 0x14
#define ASN1_IA5_STRING 0x16 #define ASN1_IA5_STRING 0x16
#define ASN1_UTC_TIME 0x17 #define ASN1_UTC_TIME 0x17
#define ASN1_GENERALIZED_TIME 0x18
#define ASN1_UNIVERSAL_STRING 0x1C #define ASN1_UNIVERSAL_STRING 0x1C
#define ASN1_BMP_STRING 0x1E #define ASN1_BMP_STRING 0x1E
#define ASN1_PRIMITIVE 0x00 #define ASN1_PRIMITIVE 0x00
#define ASN1_CONSTRUCTED 0x20 #define ASN1_CONSTRUCTED 0x20
#define ASN1_CONTEXT_SPECIFIC 0x80 #define ASN1_CONTEXT_SPECIFIC 0x80
/* /*
* various object identifiers * various object identifiers
*/ */
#define X520_COMMON_NAME 3 #define X520_COMMON_NAME 3
skipping to change at line 169 skipping to change at line 185
x509_buf issuer_id; x509_buf issuer_id;
x509_buf subject_id; x509_buf subject_id;
x509_buf v3_ext; x509_buf v3_ext;
int ca_istrue; int ca_istrue;
int max_pathlen; int max_pathlen;
x509_buf sig_oid2; x509_buf sig_oid2;
x509_buf sig; x509_buf sig;
int sig_alg;
struct _x509_cert *next; struct _x509_cert *next;
} }
x509_cert; x509_cert;
typedef struct _x509_crl_entry typedef struct _x509_crl_entry
{ {
x509_buf raw; x509_buf raw;
x509_buf serial; x509_buf serial;
skipping to change at line 209 skipping to change at line 226
x509_time this_update; x509_time this_update;
x509_time next_update; x509_time next_update;
x509_crl_entry entry; x509_crl_entry entry;
x509_buf crl_ext; x509_buf crl_ext;
x509_buf sig_oid2; x509_buf sig_oid2;
x509_buf sig; x509_buf sig;
int sig_alg;
struct _x509_crl *next; struct _x509_crl *next;
} }
x509_crl; x509_crl;
/* /*
* Structures for writing X.509 certificates * Structures for writing X.509 certificates
*/ */
typedef struct _x509_node typedef struct _x509_node
{ {
skipping to change at line 259 skipping to change at line 277
/** /**
* \brief Parse one or more certificates and add them * \brief Parse one or more certificates and add them
* to the chained list * to the chained list
* *
* \param chain points to the start of the chain * \param chain points to the start of the chain
* \param buf buffer holding the certificate data * \param buf buffer holding the certificate data
* \param buflen size of the buffer * \param buflen size of the buffer
* *
* \return 0 if successful, or a specific X509 error code * \return 0 if successful, or a specific X509 error code
*/ */
int x509parse_crt( x509_cert *chain, unsigned char *buf, int buflen ); int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen ) ;
/** /**
* \brief Load one or more certificates and add them * \brief Load one or more certificates and add them
* to the chained list * to the chained list
* *
* \param chain points to the start of the chain * \param chain points to the start of the chain
* \param path filename to read the certificates from * \param path filename to read the certificates from
* *
* \return 0 if successful, or a specific X509 error code * \return 0 if successful, or a specific X509 error code
*/ */
int x509parse_crtfile( x509_cert *chain, char *path ); int x509parse_crtfile( x509_cert *chain, const char *path );
/** /**
* \brief Parse one or more CRLs and add them * \brief Parse one or more CRLs and add them
* to the chained list * to the chained list
* *
* \param chain points to the start of the chain * \param chain points to the start of the chain
* \param buf buffer holding the CRL data * \param buf buffer holding the CRL data
* \param buflen size of the buffer * \param buflen size of the buffer
* *
* \return 0 if successful, or a specific X509 error code * \return 0 if successful, or a specific X509 error code
*/ */
int x509parse_crl( x509_crl *chain, unsigned char *buf, int buflen ); int x509parse_crl( x509_crl *chain, const unsigned char *buf, int buflen );
/** /**
* \brief Load one or more CRLs and add them * \brief Load one or more CRLs and add them
* to the chained list * to the chained list
* *
* \param chain points to the start of the chain * \param chain points to the start of the chain
* \param path filename to read the CRLs from * \param path filename to read the CRLs from
* *
* \return 0 if successful, or a specific X509 error code * \return 0 if successful, or a specific X509 error code
*/ */
int x509parse_crlfile( x509_crl *chain, char *path ); int x509parse_crlfile( x509_crl *chain, const char *path );
/** /**
* \brief Parse a private RSA key * \brief Parse a private RSA key
* *
* \param rsa RSA context to be initialized * \param rsa RSA context to be initialized
* \param buf input buffer * \param key input buffer
* \param buflen size of the buffer * \param keylen size of the buffer
* \param pwd password for decryption (optional) * \param pwd password for decryption (optional)
* \param pwdlen size of the password * \param pwdlen size of the password
* *
* \return 0 if successful, or a specific X509 error code * \return 0 if successful, or a specific X509 error code
*/ */
int x509parse_key( rsa_context *rsa, int x509parse_key( rsa_context *rsa,
unsigned char *buf, int buflen, const unsigned char *key, int keylen,
unsigned char *pwd, int pwdlen ); const unsigned char *pwd, int pwdlen );
/** /**
* \brief Load and parse a private RSA key * \brief Load and parse a private RSA key
* *
* \param rsa RSA context to be initialized * \param rsa RSA context to be initialized
* \param path filename to read the private key from * \param path filename to read the private key from
* \param pwd password to decrypt the file (can be NULL) * \param pwd password to decrypt the file (can be NULL)
* *
* \return 0 if successful, or a specific X509 error code * \return 0 if successful, or a specific X509 error code
*/ */
int x509parse_keyfile( rsa_context *rsa, char *path, char *password ); int x509parse_keyfile( rsa_context *rsa, const char *path,
const char *password );
/** /**
* \brief Store the certificate DN in printable form into buf; * \brief Store the certificate DN in printable form into buf;
* no more than size characters will be written. * no more than size characters will be written.
*
* \param buf Buffer to write to
* \param size Maximum size of buffer
* \param dn The X509 name to represent
*
* \return The amount of data written to the buffer, or -1 in
* case of an error.
*/ */
int x509parse_dn_gets( char *buf, size_t size, x509_name *dn ); int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn );
/** /**
* \brief Returns an informational string about the * \brief Returns an informational string about the
* certificate. * certificate.
*
* \param buf Buffer to write to
* \param size Maximum size of buffer
* \param prefix A line prefix
* \param crt The X509 certificate to represent
*
* \return The amount of data written to the buffer, or -1 in
* case of an error.
*/ */
int x509parse_cert_info( char *buf, size_t size, char *prefix, x509_cert *c int x509parse_cert_info( char *buf, size_t size, const char *prefix,
rt ); const x509_cert *crt );
/** /**
* \brief Returns an informational string about the * \brief Returns an informational string about the
* CRL. * CRL.
*
* \param buf Buffer to write to
* \param size Maximum size of buffer
* \param prefix A line prefix
* \param crt The X509 CRL to represent
*
* \return The amount of data written to the buffer, or -1 in
* case of an error.
*/ */
int x509parse_crl_info( char *buf, size_t size, char *prefix, x509_crl *crl int x509parse_crl_info( char *buf, size_t size, const char *prefix,
); const x509_crl *crl );
/** /**
* \brief Return 0 if the x509_time is still valid, * \brief Check a given x509_time against the system time and chec
k
* if it is valid.
*
* \param time x509_time to check
*
* \return Return 0 if the x509_time is still valid,
* or 1 otherwise. * or 1 otherwise.
*/ */
int x509parse_time_expired( x509_time *time ); int x509parse_time_expired( const x509_time *time );
/** /**
* \brief Verify the certificate signature * \brief Verify the certificate signature
* *
* \param crt a certificate to be verified * \param crt a certificate to be verified
* \param trust_ca the trusted CA chain * \param trust_ca the trusted CA chain
* \param ca_crl the CRL chain for trusted CA's * \param ca_crl the CRL chain for trusted CA's
* \param cn expected Common Name (can be set to * \param cn expected Common Name (can be set to
* NULL if the CN must not be verified) * NULL if the CN must not be verified)
* \param flags result of the verification * \param flags result of the verification
skipping to change at line 368 skipping to change at line 417
* BADCERT_EXPIRED -- * BADCERT_EXPIRED --
* BADCERT_REVOKED -- * BADCERT_REVOKED --
* BADCERT_CN_MISMATCH -- * BADCERT_CN_MISMATCH --
* BADCERT_NOT_TRUSTED * BADCERT_NOT_TRUSTED
* *
* \note TODO: add two arguments, depth and crl * \note TODO: add two arguments, depth and crl
*/ */
int x509parse_verify( x509_cert *crt, int x509parse_verify( x509_cert *crt,
x509_cert *trust_ca, x509_cert *trust_ca,
x509_crl *ca_crl, x509_crl *ca_crl,
char *cn, int *flags ); const char *cn, int *flags );
/** /**
* \brief Unallocate all certificate data * \brief Unallocate all certificate data
*
* \param crt Certificate chain to free
*/ */
void x509_free( x509_cert *crt ); void x509_free( x509_cert *crt );
/** /**
* \brief Unallocate all CRL data * \brief Unallocate all CRL data
*
* \param crt CRL chain to free
*/ */
void x509_crl_free( x509_crl *crl ); void x509_crl_free( x509_crl *crl );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int x509_self_test( int verbose ); int x509_self_test( int verbose );
 End of changes. 26 change blocks. 
25 lines changed or deleted 76 lines changed or added


 xtea.h   xtea.h 
/** /**
* \file xtea.h * \file xtea.h
* *
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot or * Copyright (C) 2006-2010, Brainspark B.V.
g> *
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_XTEA_H #ifndef POLARSSL_XTEA_H
#define POLARSSL_XTEA_H #define POLARSSL_XTEA_H
#ifdef _MSC_VER
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h> #include <inttypes.h>
#endif
#define XTEA_ENCRYPT 1 #define XTEA_ENCRYPT 1
#define XTEA_DECRYPT 0 #define XTEA_DECRYPT 0
/** /**
* \brief XTEA context structure * \brief XTEA context structure
*/ */
typedef struct typedef struct
{ {
uint32_t k[4]; /*!< key */ uint32_t k[4]; /*!< key */
skipping to change at line 56 skipping to change at line 66
*/ */
void xtea_setup( xtea_context *ctx, unsigned char key[16] ); void xtea_setup( xtea_context *ctx, unsigned char key[16] );
/** /**
* \brief XTEA cipher function * \brief XTEA cipher function
* *
* \param ctx XTEA context * \param ctx XTEA context
* \param mode XTEA_ENCRYPT or XTEA_DECRYPT * \param mode XTEA_ENCRYPT or XTEA_DECRYPT
* \param input 8-byte input block * \param input 8-byte input block
* \param output 8-byte output block * \param output 8-byte output block
*
* \return 0 if successful
*/ */
void xtea_crypt( xtea_context *ctx, int xtea_crypt_ecb( xtea_context *ctx,
int mode, int mode,
unsigned char input[8], unsigned char input[8],
unsigned char output[8] ); unsigned char output[8] );
/* /*
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int xtea_self_test( int verbose ); int xtea_self_test( int verbose );
 End of changes. 5 change blocks. 
3 lines changed or deleted 14 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/