aes.h   aes.h 
skipping to change at line 114 skipping to change at line 114
int aes_crypt_cbc( aes_context *ctx, int aes_crypt_cbc( aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief AES-CFB128 buffer encryption/decryption. * \brief AES-CFB128 buffer encryption/decryption.
* *
* Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
*
* both
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv_off offset in IV (updated after use) * \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
* *
* \return 0 if successful * \return 0 if successful
*/ */
skipping to change at line 137 skipping to change at line 142
size_t *iv_off, size_t *iv_off,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/* /*
* \brief AES-CTR buffer encryption/decryption * \brief AES-CTR buffer encryption/decryption
* *
* Warning: You have to keep the maximum use of your counter in mind! * Warning: You have to keep the maximum use of your counter in mind!
* *
* Note: Due to the nature of CTR you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
*
* \param length The length of the data * \param length The length of the data
* \param nc_off The offset in the current stream_block (for resumin g * \param nc_off The offset in the current stream_block (for resumin g
* within current cipher stream). The offset pointer t o * within current cipher stream). The offset pointer t o
* should be 0 at the start of a stream. * should be 0 at the start of a stream.
* \param nonce_counter The 128-bit nonce and counter. * \param nonce_counter The 128-bit nonce and counter.
* \param stream_block The saved stream-block for resuming. Is overwritten * \param stream_block The saved stream-block for resuming. Is overwritten
* by the function. * by the function.
* \param input The input data stream * \param input The input data stream
* \param output The output data stream * \param output The output data stream
* *
 End of changes. 2 change blocks. 
0 lines changed or deleted 9 lines changed or added


 base64.h   base64.h 
skipping to change at line 32 skipping to change at line 32
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_BASE64_H #ifndef POLARSSL_BASE64_H
#define POLARSSL_BASE64_H #define POLARSSL_BASE64_H
#include <string.h> #include <string.h>
#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x0010 /**< Ou #define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Ou
tput buffer too small. */ tput buffer too small. */
#define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x0012 /**< In #define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x002C /**< In
valid character in input. */ valid character in input. */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief Encode a buffer into base64 format * \brief Encode a buffer into base64 format
* *
* \param dst destination buffer * \param dst destination buffer
* \param dlen size of the buffer * \param dlen size of the buffer
 End of changes. 1 change blocks. 
4 lines changed or deleted 4 lines changed or added


 bignum.h   bignum.h 
skipping to change at line 36 skipping to change at line 36
*/ */
#ifndef POLARSSL_BIGNUM_H #ifndef POLARSSL_BIGNUM_H
#define POLARSSL_BIGNUM_H #define POLARSSL_BIGNUM_H
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */ #define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */
#define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Ba d input parameters to function. */ #define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Ba d input parameters to function. */
#define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006 /**< Th ere is an invalid character in the digit string. */ #define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006 /**< Th ere is an invalid character in the digit string. */
#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< Th e output buffer is too small to write too. */ #define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< Th e buffer is too small to write to. */
#define POLARSSL_ERR_MPI_NEGATIVE_VALUE -0x000A /**< Th e input arguments are negative or result in illegal output. */ #define POLARSSL_ERR_MPI_NEGATIVE_VALUE -0x000A /**< Th e input arguments are negative or result in illegal output. */
#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< Th e input argument for division is zero, which is not allowed. */ #define POLARSSL_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< Th e input argument for division is zero, which is not allowed. */
#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< Th e input arguments are not acceptable. */ #define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< Th e input arguments are not acceptable. */
#define POLARSSL_ERR_MPI_MALLOC_FAILED -0x0010 /**< Me mory allocation failed. */
#define MPI_CHK(f) if( ( ret = f ) != 0 ) goto cleanup #define MPI_CHK(f) if( ( ret = f ) != 0 ) goto cleanup
/* /*
* Maximum size MPIs are allowed to grow to in number of limbs. * Maximum size MPIs are allowed to grow to in number of limbs.
*/ */
#define POLARSSL_MPI_MAX_LIMBS 10000 #define POLARSSL_MPI_MAX_LIMBS 10000
/* /*
* Maximum window size used for modular exponentiation. Default: 6
* Minimum value: 1. Maximum value: 6.
*
* Result is an array of ( 2 << POLARSSL_MPI_WINDOW_SIZE ) MPIs used
* for the sliding window calculation. (So 64 by default)
*
* Reduction in size, reduces speed.
*/
#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Ma
ximum windows size used. */
/*
* Maximum size of MPIs allowed in bits and bytes for user-MPIs.
* ( Default: 512 bytes => 4096 bits )
*
* Note: Calculations can results temporarily in larger MPIs. So the number
* of limbs required (POLARSSL_MPI_MAX_LIMBS) is higher.
*/
#define POLARSSL_MPI_MAX_SIZE 512 /**< Ma
ximum number of bytes for usable MPIs. */
#define POLARSSL_MPI_MAX_BITS ( 8 * POLARSSL_M
PI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */
/*
* When reading from files with mpi_read_file() the buffer should have spac
e
* for a (short) label, the MPI (in the provided radix), the newline
* characters and the '\0'.
*
* By default we assume at least a 10 char label, a minimum radix of 10
* (decimal) and a maximum of 4096 bit numbers (1234 decimal chars).
*/
#define POLARSSL_MPI_READ_BUFFER_SIZE 1250
/*
* Define the base integer type, architecture-wise * Define the base integer type, architecture-wise
*/ */
#if defined(POLARSSL_HAVE_INT8) #if defined(POLARSSL_HAVE_INT8)
typedef signed char t_sint; typedef signed char t_sint;
typedef unsigned char t_uint; typedef unsigned char t_uint;
typedef unsigned short t_udbl; typedef unsigned short t_udbl;
#else #else
#if defined(POLARSSL_HAVE_INT16) #if defined(POLARSSL_HAVE_INT16)
typedef signed short t_sint; typedef signed short t_sint;
typedef unsigned short t_uint; typedef unsigned short t_uint;
typedef unsigned long t_udbl; typedef unsigned long t_udbl;
#else #else
typedef signed long t_sint; typedef signed long t_sint;
typedef unsigned long t_uint; typedef unsigned long t_uint;
#if defined(_MSC_VER) && defined(_M_IX86) #if defined(_MSC_VER) && defined(_M_IX86)
typedef unsigned __int64 t_udbl; typedef unsigned __int64 t_udbl;
#else #else
#if defined(__amd64__) || defined(__x86_64__) || \ #if defined(__amd64__) || defined(__x86_64__) || \
defined(__ppc64__) || defined(__powerpc64__) || \ defined(__ppc64__) || defined(__powerpc64__) || \
defined(__ia64__) || defined(__alpha__) defined(__ia64__) || defined(__alpha__) || \
(defined(__sparc__) && defined(__arch64__)) || \
defined(__s390x__)
typedef unsigned int t_udbl __attribute__((mode(TI))); typedef unsigned int t_udbl __attribute__((mode(TI)));
#else #else
#if defined(POLARSSL_HAVE_LONGLONG) #if defined(POLARSSL_HAVE_LONGLONG)
typedef unsigned long long t_udbl; typedef unsigned long long t_udbl;
#endif #endif
#endif #endif
#endif #endif
#endif #endif
#endif #endif
skipping to change at line 115 skipping to change at line 149
*/ */
void mpi_free( mpi *X ); void mpi_free( mpi *X );
/** /**
* \brief Enlarge to the specified number of limbs * \brief Enlarge to the specified number of limbs
* *
* \param X MPI to grow * \param X MPI to grow
* \param nblimbs The target number of limbs * \param nblimbs The target number of limbs
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_grow( mpi *X, size_t nblimbs ); int mpi_grow( mpi *X, size_t nblimbs );
/** /**
* \brief Copy the contents of Y into X * \brief Copy the contents of Y into X
* *
* \param X Destination MPI * \param X Destination MPI
* \param Y Source MPI * \param Y Source MPI
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_copy( mpi *X, const mpi *Y ); int mpi_copy( mpi *X, const mpi *Y );
/** /**
* \brief Swap the contents of X and Y * \brief Swap the contents of X and Y
* *
* \param X First MPI value * \param X First MPI value
* \param Y Second MPI value * \param Y Second MPI value
*/ */
void mpi_swap( mpi *X, mpi *Y ); void mpi_swap( mpi *X, mpi *Y );
/** /**
* \brief Set value from integer * \brief Set value from integer
* *
* \param X MPI to set * \param X MPI to set
* \param z Value to use * \param z Value to use
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_lset( mpi *X, t_sint z ); int mpi_lset( mpi *X, t_sint z );
/* /*
* \brief Get a specific bit from X * \brief Get a specific bit from X
* *
* \param X MPI to use * \param X MPI to use
* \param pos Zero-based index of the bit in X * \param pos Zero-based index of the bit in X
* *
* \return Either a 0 or a 1 * \return Either a 0 or a 1
skipping to change at line 170 skipping to change at line 204
* \brief Set a bit of X to a specific value of 0 or 1 * \brief Set a bit of X to a specific value of 0 or 1
* *
* \note Will grow X if necessary to set a bit to 1 in a not yet * \note Will grow X if necessary to set a bit to 1 in a not yet
* existing limb. Will not grow if bit should be set to 0 * existing limb. Will not grow if bit should be set to 0
* *
* \param X MPI to use * \param X MPI to use
* \param pos Zero-based index of the bit in X * \param pos Zero-based index of the bit in X
* \param val The value to set the bit to (0 or 1) * \param val The value to set the bit to (0 or 1)
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if val is not 0 or 1 * POLARSSL_ERR_MPI_BAD_INPUT_DATA if val is not 0 or 1
*/ */
int mpi_set_bit( mpi *X, size_t pos, unsigned char val ); int mpi_set_bit( mpi *X, size_t pos, unsigned char val );
/** /**
* \brief Return the number of least significant bits * \brief Return the number of least significant bits
* *
* \param X MPI to use * \param X MPI to use
*/ */
size_t mpi_lsb( const mpi *X ); size_t mpi_lsb( const mpi *X );
skipping to change at line 203 skipping to change at line 237
*/ */
size_t mpi_size( const mpi *X ); size_t mpi_size( const mpi *X );
/** /**
* \brief Import from an ASCII string * \brief Import from an ASCII string
* *
* \param X Destination MPI * \param X Destination MPI
* \param radix Input numeric base * \param radix Input numeric base
* \param s Null-terminated string buffer * \param s Null-terminated string buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code
*/ */
int mpi_read_string( mpi *X, int radix, const char *s ); int mpi_read_string( mpi *X, int radix, const char *s );
/** /**
* \brief Export into an ASCII string * \brief Export into an ASCII string
* *
* \param X Source MPI * \param X Source MPI
* \param radix Output numeric base * \param radix Output numeric base
* \param s String buffer * \param s String buffer
* \param slen String buffer size * \param slen String buffer size
* *
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code. * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code.
* *slen is always updated to reflect the amount * *slen is always updated to reflect the amount
* of data that has (or would have) been written. * of data that has (or would have) been written.
* *
* \note Call this function with *slen = 0 to obtain the * \note Call this function with *slen = 0 to obtain the
* minimum required buffer size in *slen. * minimum required buffer size in *slen.
*/ */
int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen ); int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen );
/** /**
* \brief Read X from an opened file * \brief Read X from an opened file
* *
* \param X Destination MPI * \param X Destination MPI
* \param radix Input numeric base * \param radix Input numeric base
* \param fin Input file handle * \param fin Input file handle
* *
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code * \return 0 if successful, POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if
* the file read buffer is too small or a
* POLARSSL_ERR_MPI_XXX error code
*/ */
int mpi_read_file( mpi *X, int radix, FILE *fin ); int mpi_read_file( mpi *X, int radix, FILE *fin );
/** /**
* \brief Write X into an opened file, or stdout if fout is NULL * \brief Write X into an opened file, or stdout if fout is NULL
* *
* \param p Prefix, can be NULL * \param p Prefix, can be NULL
* \param X Source MPI * \param X Source MPI
* \param radix Output numeric base * \param radix Output numeric base
* \param fout Output file handle (can be NULL) * \param fout Output file handle (can be NULL)
* *
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code
* *
* \note Set fout == NULL to print X on the console. * \note Set fout == NULL to print X on the console.
*/ */
int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ); int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout );
/** /**
* \brief Import X from unsigned binary data, big endian * \brief Import X from unsigned binary data, big endian
* *
* \param X Destination MPI * \param X Destination MPI
* \param buf Input buffer * \param buf Input buffer
* \param buflen Input buffer size * \param buflen Input buffer size
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen ); int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen );
/** /**
* \brief Export X into unsigned binary data, big endian * \brief Export X into unsigned binary data, big endian
* *
* \param X Source MPI * \param X Source MPI
* \param buf Output buffer * \param buf Output buffer
* \param buflen Output buffer size * \param buflen Output buffer size
* *
skipping to change at line 280 skipping to change at line 316
*/ */
int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen ); int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen );
/** /**
* \brief Left-shift: X <<= count * \brief Left-shift: X <<= count
* *
* \param X MPI to shift * \param X MPI to shift
* \param count Amount to shift * \param count Amount to shift
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_shift_l( mpi *X, size_t count ); int mpi_shift_l( mpi *X, size_t count );
/** /**
* \brief Right-shift: X >>= count * \brief Right-shift: X >>= count
* *
* \param X MPI to shift * \param X MPI to shift
* \param count Amount to shift * \param count Amount to shift
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_shift_r( mpi *X, size_t count ); int mpi_shift_r( mpi *X, size_t count );
/** /**
* \brief Compare unsigned values * \brief Compare unsigned values
* *
* \param X Left-hand MPI * \param X Left-hand MPI
* \param Y Right-hand MPI * \param Y Right-hand MPI
* *
* \return 1 if |X| is greater than |Y|, * \return 1 if |X| is greater than |Y|,
skipping to change at line 339 skipping to change at line 375
int mpi_cmp_int( const mpi *X, t_sint z ); int mpi_cmp_int( const mpi *X, t_sint z );
/** /**
* \brief Unsigned addition: X = |A| + |B| * \brief Unsigned addition: X = |A| + |B|
* *
* \param X Destination MPI * \param X Destination MPI
* \param A Left-hand MPI * \param A Left-hand MPI
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ); int mpi_add_abs( mpi *X, const mpi *A, const mpi *B );
/** /**
* \brief Unsigned substraction: X = |A| - |B| * \brief Unsigned substraction: X = |A| - |B|
* *
* \param X Destination MPI * \param X Destination MPI
* \param A Left-hand MPI * \param A Left-hand MPI
* \param B Right-hand MPI * \param B Right-hand MPI
* *
skipping to change at line 363 skipping to change at line 399
int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ); int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B );
/** /**
* \brief Signed addition: X = A + B * \brief Signed addition: X = A + B
* *
* \param X Destination MPI * \param X Destination MPI
* \param A Left-hand MPI * \param A Left-hand MPI
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B ); int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B );
/** /**
* \brief Signed substraction: X = A - B * \brief Signed substraction: X = A - B
* *
* \param X Destination MPI * \param X Destination MPI
* \param A Left-hand MPI * \param A Left-hand MPI
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B ); int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B );
/** /**
* \brief Signed addition: X = A + b * \brief Signed addition: X = A + b
* *
* \param X Destination MPI * \param X Destination MPI
* \param A Left-hand MPI * \param A Left-hand MPI
* \param b The integer value to add * \param b The integer value to add
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_add_int( mpi *X, const mpi *A, t_sint b ); int mpi_add_int( mpi *X, const mpi *A, t_sint b );
/** /**
* \brief Signed substraction: X = A - b * \brief Signed substraction: X = A - b
* *
* \param X Destination MPI * \param X Destination MPI
* \param A Left-hand MPI * \param A Left-hand MPI
* \param b The integer value to subtract * \param b The integer value to subtract
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_sub_int( mpi *X, const mpi *A, t_sint b ); int mpi_sub_int( mpi *X, const mpi *A, t_sint b );
/** /**
* \brief Baseline multiplication: X = A * B * \brief Baseline multiplication: X = A * B
* *
* \param X Destination MPI * \param X Destination MPI
* \param A Left-hand MPI * \param A Left-hand MPI
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ); int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B );
/** /**
* \brief Baseline multiplication: X = A * b * \brief Baseline multiplication: X = A * b
* Note: b is an unsigned integer type, thus * Note: b is an unsigned integer type, thus
* Negative values of b are ignored. * Negative values of b are ignored.
* *
* \param X Destination MPI * \param X Destination MPI
* \param A Left-hand MPI * \param A Left-hand MPI
* \param b The integer value to multiply with * \param b The integer value to multiply with
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_mul_int( mpi *X, const mpi *A, t_sint b ); int mpi_mul_int( mpi *X, const mpi *A, t_sint b );
/** /**
* \brief Division by mpi: A = Q * B + R * \brief Division by mpi: A = Q * B + R
* *
* \param Q Destination MPI for the quotient * \param Q Destination MPI for the quotient
* \param R Destination MPI for the rest value * \param R Destination MPI for the rest value
* \param A Left-hand MPI * \param A Left-hand MPI
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0 * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0
* *
* \note Either Q or R can be NULL. * \note Either Q or R can be NULL.
*/ */
int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ); int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B );
/** /**
* \brief Division by int: A = Q * b + R * \brief Division by int: A = Q * b + R
* *
* \param Q Destination MPI for the quotient * \param Q Destination MPI for the quotient
* \param R Destination MPI for the rest value * \param R Destination MPI for the rest value
* \param A Left-hand MPI * \param A Left-hand MPI
* \param b Integer to divide by * \param b Integer to divide by
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0 * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0
* *
* \note Either Q or R can be NULL. * \note Either Q or R can be NULL.
*/ */
int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_sint b ); int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_sint b );
/** /**
* \brief Modulo: R = A mod B * \brief Modulo: R = A mod B
* *
* \param R Destination MPI for the rest value * \param R Destination MPI for the rest value
* \param A Left-hand MPI * \param A Left-hand MPI
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0, * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if B < 0 * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B < 0
*/ */
int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B ); int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B );
/** /**
* \brief Modulo: r = A mod b * \brief Modulo: r = A mod b
* *
* \param r Destination t_uint * \param r Destination t_uint
* \param A Left-hand MPI * \param A Left-hand MPI
* \param b Integer to divide by * \param b Integer to divide by
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0, * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0 * POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0
*/ */
int mpi_mod_int( t_uint *r, const mpi *A, t_sint b ); int mpi_mod_int( t_uint *r, const mpi *A, t_sint b );
/** /**
* \brief Sliding-window exponentiation: X = A^E mod N * \brief Sliding-window exponentiation: X = A^E mod N
* *
* \param X Destination MPI * \param X Destination MPI
* \param A Left-hand MPI * \param A Left-hand MPI
* \param E Exponent MPI * \param E Exponent MPI
* \param N Modular MPI * \param N Modular MPI
* \param _RR Speed-up MPI used for recalculations * \param _RR Speed-up MPI used for recalculations
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even
* *
* \note _RR is used to avoid re-computing R*R mod N across * \note _RR is used to avoid re-computing R*R mod N across
* multiple calls, which speeds up things a bit. It can * multiple calls, which speeds up things a bit. It can
* be set to NULL if the extra performance is unneeded. * be set to NULL if the extra performance is unneeded.
*/ */
int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ); int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR );
/** /**
* \brief Fill an MPI X with size bytes of random * \brief Fill an MPI X with size bytes of random
* *
* \param X Destination MPI * \param X Destination MPI
* \param size Size in bytes * \param size Size in bytes
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_fill_random( mpi *X, size_t size, int (*f_rng)(void *), void *p_rng int mpi_fill_random( mpi *X, size_t size,
); int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/** /**
* \brief Greatest common divisor: G = gcd(A, B) * \brief Greatest common divisor: G = gcd(A, B)
* *
* \param G Destination MPI * \param G Destination MPI
* \param A Left-hand MPI * \param A Left-hand MPI
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed
*/ */
int mpi_gcd( mpi *G, const mpi *A, const mpi *B ); int mpi_gcd( mpi *G, const mpi *A, const mpi *B );
/** /**
* \brief Modular inverse: X = A^-1 mod N * \brief Modular inverse: X = A^-1 mod N
* *
* \param X Destination MPI * \param X Destination MPI
* \param A Left-hand MPI * \param A Left-hand MPI
* \param N Right-hand MPI * \param N Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* 1 if memory allocation failed, * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil
POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N
*/ */
int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N ); int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N );
/** /**
* \brief Miller-Rabin primality test * \brief Miller-Rabin primality test
* *
* \param X MPI to check * \param X MPI to check
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful (probably prime), * \return 0 if successful (probably prime),
* 1 if memory allocation failed, * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed,
* POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime * POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime
*/ */
int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng ); int mpi_is_prime( mpi *X,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/** /**
* \brief Prime number generation * \brief Prime number generation
* *
* \param X Destination MPI * \param X Destination MPI
* \param nbits Required size of X in bits ( 3 <= nbits <= 4096 ) * \param nbits Required size of X in bits ( 3 <= nbits <= POLARSSL_MPI_ MAX_BITS )
* \param dh_flag If 1, then (X-1)/2 will be prime too * \param dh_flag If 1, then (X-1)/2 will be prime too
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful (probably prime), * \return 0 if successful (probably prime),
* 1 if memory allocation failed, * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation fail ed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3 * POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
*/ */
int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
int (*f_rng)(void *), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int mpi_self_test( int verbose ); int mpi_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }
 End of changes. 36 change blocks. 
35 lines changed or deleted 79 lines changed or added


 bn_mul.h   bn_mul.h 
skipping to change at line 44 skipping to change at line 44
* . IA-32 (SSE2) . Motorola 68000 * . IA-32 (SSE2) . Motorola 68000
* . PowerPC, 32-bit . MicroBlaze * . PowerPC, 32-bit . MicroBlaze
* . PowerPC, 64-bit . TriCore * . PowerPC, 64-bit . TriCore
* . SPARC v8 . ARM v3+ * . SPARC v8 . ARM v3+
* . Alpha . MIPS32 * . Alpha . MIPS32
* . C, longlong . C, generic * . C, longlong . C, generic
*/ */
#ifndef POLARSSL_BN_MUL_H #ifndef POLARSSL_BN_MUL_H
#define POLARSSL_BN_MUL_H #define POLARSSL_BN_MUL_H
#include "polarssl/config.h" #include "config.h"
#if defined(POLARSSL_HAVE_ASM) #if defined(POLARSSL_HAVE_ASM)
#if defined(__GNUC__) #if defined(__GNUC__)
#if defined(__i386__) #if defined(__i386__)
#define MULADDC_INIT \ #define MULADDC_INIT \
asm( " \ asm( " \
movl %%ebx, %0; \ movl %%ebx, %0; \
movl %5, %%esi; \ movl %5, %%esi; \
skipping to change at line 501 skipping to change at line 501
#define MULADDC_STOP \ #define MULADDC_STOP \
asm( "st.w %0, %%d4 " : "=m" (c)); \ asm( "st.w %0, %%d4 " : "=m" (c)); \
asm( "st.a %0, %%a3 " : "=m" (d)); \ asm( "st.a %0, %%a3 " : "=m" (d)); \
asm( "st.a %0, %%a2 " : "=m" (s) :: \ asm( "st.a %0, %%a2 " : "=m" (s) :: \
"d0", "d1", "e2", "d4", "a2", "a3" ); "d0", "d1", "e2", "d4", "a2", "a3" );
#endif /* TriCore */ #endif /* TriCore */
#if defined(__arm__) #if defined(__arm__)
#if !defined(__thumb__)
#define MULADDC_INIT \ #define MULADDC_INIT \
asm( "ldr r0, %0 " :: "m" (s)); \ asm( "ldr r0, %0 " :: "m" (s)); \
asm( "ldr r1, %0 " :: "m" (d)); \ asm( "ldr r1, %0 " :: "m" (d)); \
asm( "ldr r2, %0 " :: "m" (c)); \ asm( "ldr r2, %0 " :: "m" (c)); \
asm( "ldr r3, %0 " :: "m" (b)); asm( "ldr r3, %0 " :: "m" (b));
#define MULADDC_CORE \ #define MULADDC_CORE \
asm( "ldr r4, [r0], #4 " ); \ asm( "ldr r4, [r0], #4 " ); \
asm( "mov r5, #0 " ); \ asm( "mov r5, #0 " ); \
asm( "ldr r6, [r1] " ); \ asm( "ldr r6, [r1] " ); \
skipping to change at line 522 skipping to change at line 524
asm( "adds r7, r6, r2 " ); \ asm( "adds r7, r6, r2 " ); \
asm( "adc r2, r5, #0 " ); \ asm( "adc r2, r5, #0 " ); \
asm( "str r7, [r1], #4 " ); asm( "str r7, [r1], #4 " );
#define MULADDC_STOP \ #define MULADDC_STOP \
asm( "str r2, %0 " : "=m" (c)); \ asm( "str r2, %0 " : "=m" (c)); \
asm( "str r1, %0 " : "=m" (d)); \ asm( "str r1, %0 " : "=m" (d)); \
asm( "str r0, %0 " : "=m" (s) :: \ asm( "str r0, %0 " : "=m" (s) :: \
"r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7" ); "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7" );
#endif /* Thumb */
#endif /* ARMv3 */ #endif /* ARMv3 */
#if defined(__alpha__) #if defined(__alpha__)
#define MULADDC_INIT \ #define MULADDC_INIT \
asm( "ldq $1, %0 " :: "m" (s)); \ asm( "ldq $1, %0 " :: "m" (s)); \
asm( "ldq $2, %0 " :: "m" (d)); \ asm( "ldq $2, %0 " :: "m" (d)); \
asm( "ldq $3, %0 " :: "m" (c)); \ asm( "ldq $3, %0 " :: "m" (c)); \
asm( "ldq $4, %0 " :: "m" (b)); asm( "ldq $4, %0 " :: "m" (b));
 End of changes. 3 change blocks. 
1 lines changed or deleted 5 lines changed or added


 camellia.h   camellia.h 
skipping to change at line 120 skipping to change at line 120
int camellia_crypt_cbc( camellia_context *ctx, int camellia_crypt_cbc( camellia_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief CAMELLIA-CFB128 buffer encryption/decryption * \brief CAMELLIA-CFB128 buffer encryption/decryption
* *
* Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT.
*
* \param ctx CAMELLIA context * \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv_off offset in IV (updated after use) * \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
* *
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_ LENGTH * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_ LENGTH
*/ */
skipping to change at line 143 skipping to change at line 147
size_t *iv_off, size_t *iv_off,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/* /*
* \brief CAMELLIA-CTR buffer encryption/decryption * \brief CAMELLIA-CTR buffer encryption/decryption
* *
* Warning: You have to keep the maximum use of your counter in mind! * Warning: You have to keep the maximum use of your counter in mind!
* *
* Note: Due to the nature of CTR you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIA_DECRYPT.
*
* \param length The length of the data * \param length The length of the data
* \param nc_off The offset in the current stream_block (for resumin g * \param nc_off The offset in the current stream_block (for resumin g
* within current cipher stream). The offset pointer t o * within current cipher stream). The offset pointer t o
* should be 0 at the start of a stream. * should be 0 at the start of a stream.
* \param nonce_counter The 128-bit nonce and counter. * \param nonce_counter The 128-bit nonce and counter.
* \param stream_block The saved stream-block for resuming. Is overwritten * \param stream_block The saved stream-block for resuming. Is overwritten
* by the function. * by the function.
* \param input The input data stream * \param input The input data stream
* \param output The output data stream * \param output The output data stream
* *
 End of changes. 2 change blocks. 
0 lines changed or deleted 8 lines changed or added


 cipher.h   cipher.h 
/** /**
* \file cipher.h * \file cipher.h
* *
* \brief Generic cipher wrapper. * \brief Generic cipher wrapper.
* *
* \author Adriaan de Jong <dejong@fox-it.com> * \author Adriaan de Jong <dejong@fox-it.com>
* *
* Copyright (C) 2006-2010, Brainspark B.V. * Copyright (C) 2006-2011, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
* *
* All rights reserved. * All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
skipping to change at line 91 skipping to change at line 91
typedef enum { typedef enum {
POLARSSL_MODE_NONE = 0, POLARSSL_MODE_NONE = 0,
POLARSSL_MODE_CBC, POLARSSL_MODE_CBC,
POLARSSL_MODE_CFB128, POLARSSL_MODE_CFB128,
POLARSSL_MODE_OFB, POLARSSL_MODE_OFB,
POLARSSL_MODE_CTR, POLARSSL_MODE_CTR,
} cipher_mode_t; } cipher_mode_t;
typedef enum { typedef enum {
POLARSSL_OPERATION_NONE = -1,
POLARSSL_DECRYPT = 0, POLARSSL_DECRYPT = 0,
POLARSSL_ENCRYPT, POLARSSL_ENCRYPT,
} operation_t; } operation_t;
enum { enum {
/** Undefined key length */ /** Undefined key length */
POLARSSL_KEY_LENGTH_NONE = 0, POLARSSL_KEY_LENGTH_NONE = 0,
/** Key length, in bits, for DES keys */ /** Key length, in bits (including parity), for DES keys */
POLARSSL_KEY_LENGTH_DES = 56, POLARSSL_KEY_LENGTH_DES = 64,
/** Key length, in bits, for DES in two key EDE */ /** Key length, in bits (including parity), for DES in two key EDE */
POLARSSL_KEY_LENGTH_DES_EDE = 112, POLARSSL_KEY_LENGTH_DES_EDE = 128,
/** Key length, in bits, for DES in three-key EDE */ /** Key length, in bits (including parity), for DES in three-key EDE */
POLARSSL_KEY_LENGTH_DES_EDE3 = 168, POLARSSL_KEY_LENGTH_DES_EDE3 = 192,
/** Maximum length of any IV, in bytes */ /** Maximum length of any IV, in bytes */
POLARSSL_MAX_IV_LENGTH = 16, POLARSSL_MAX_IV_LENGTH = 16,
}; };
/** /**
* Base cipher information. The non-mode specific functions and values. * Base cipher information. The non-mode specific functions and values.
*/ */
typedef struct { typedef struct {
/** Base Cipher type (e.g. POLARSSL_CIPHER_ID_AES) */ /** Base Cipher type (e.g. POLARSSL_CIPHER_ID_AES) */
skipping to change at line 149 skipping to change at line 150
} cipher_base_t; } cipher_base_t;
/** /**
* Cipher information. Allows cipher functions to be called in a generic wa y. * Cipher information. Allows cipher functions to be called in a generic wa y.
*/ */
typedef struct { typedef struct {
/** Full cipher identifier (e.g. POLARSSL_CIPHER_AES_256_CBC) */ /** Full cipher identifier (e.g. POLARSSL_CIPHER_AES_256_CBC) */
cipher_type_t type; cipher_type_t type;
/** Cipher mode (e.g. POLARSSL_CIPHER_MODE_CBC) */ /** Cipher mode (e.g. POLARSSL_MODE_CBC) */
cipher_mode_t mode; cipher_mode_t mode;
/** Cipher key length, in bits (default length for variable sized ciphe /** Cipher key length, in bits (default length for variable sized ciphe
rs) */ rs)
* (Includes parity bits for ciphers like DES) */
unsigned int key_length; unsigned int key_length;
/** Name of the cipher */ /** Name of the cipher */
const char * name; const char * name;
/** IV size, in bytes */ /** IV size, in bytes */
unsigned int iv_size; unsigned int iv_size;
/** block size, in bytes */ /** block size, in bytes */
unsigned int block_size; unsigned int block_size;
/** Base cipher information and functions */ /** Base cipher information and functions */
const cipher_base_t *base; const cipher_base_t *base;
} cipher_info_t; } cipher_info_t;
/** /**
* Generic message digest context. * Generic cipher context.
*/ */
typedef struct { typedef struct {
/** Information about the associated cipher */ /** Information about the associated cipher */
const cipher_info_t *cipher_info; const cipher_info_t *cipher_info;
/** Key length to use */ /** Key length to use */
int key_length; int key_length;
/** Operation that the context's key has been initialised for */ /** Operation that the context's key has been initialised for */
operation_t operation; operation_t operation;
skipping to change at line 271 skipping to change at line 273
*/ */
static inline unsigned int cipher_get_block_size( const cipher_context_t *c tx ) static inline unsigned int cipher_get_block_size( const cipher_context_t *c tx )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
return 0; return 0;
return ctx->cipher_info->block_size; return ctx->cipher_info->block_size;
} }
/** /**
* \brief Returns the mode of operation for the cipher.
* (e.g. POLARSSL_MODE_CBC)
*
* \param ctx cipher's context. Must have been initialised.
*
* \return mode of operation, or POLARSSL_MODE_NONE if ctx
* has not been initialised.
*/
static inline cipher_mode_t cipher_get_cipher_mode( const cipher_context_t
*ctx )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return POLARSSL_MODE_NONE;
return ctx->cipher_info->mode;
}
/**
* \brief Returns the size of the cipher's IV. * \brief Returns the size of the cipher's IV.
* *
* \param ctx cipher's context. Must have been initialised. * \param ctx cipher's context. Must have been initialised.
* *
* \return size of the cipher's IV, or 0 if ctx has not been * \return size of the cipher's IV, or 0 if ctx has not been
* initialised. * initialised.
*/ */
static inline int cipher_get_iv_size( const cipher_context_t *ctx ) static inline int cipher_get_iv_size( const cipher_context_t *ctx )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
skipping to change at line 335 skipping to change at line 354
*/ */
static inline int cipher_get_key_size ( const cipher_context_t *ctx ) static inline int cipher_get_key_size ( const cipher_context_t *ctx )
{ {
if( NULL == ctx ) if( NULL == ctx )
return POLARSSL_KEY_LENGTH_NONE; return POLARSSL_KEY_LENGTH_NONE;
return ctx->key_length; return ctx->key_length;
} }
/** /**
* \brief Returns the operation of the given cipher.
*
* \param ctx cipher's context. Must have been initialised.
*
* \return operation (POLARSSL_ENCRYPT or POLARSSL_DECRYPT),
* or POLARSSL_OPERATION_NONE if ctx has not been
* initialised.
*/
static inline operation_t cipher_get_operation( const cipher_context_t *ctx
)
{
if( NULL == ctx || NULL == ctx->cipher_info )
return POLARSSL_OPERATION_NONE;
return ctx->operation;
}
/**
* \brief Set the key to use with the given context. * \brief Set the key to use with the given context.
* *
* \param ctx generic cipher context. May not be NULL. Must have been * \param ctx generic cipher context. May not be NULL. Must have been
* initialised using cipher_context_from_type or * initialised using cipher_context_from_type or
* cipher_context_from_string. * cipher_context_from_string.
* \param key The key to use. * \param key The key to use.
* \param key_length key length to use, in bits. * \param key_length key length to use, in bits.
* \param operation Operation that the key will be used for, either * \param operation Operation that the key will be used for, either
* POLARSSL_ENCRYPT or POLARSSL_DECRYPT. * POLARSSL_ENCRYPT or POLARSSL_DECRYPT.
* *
skipping to change at line 395 skipping to change at line 431
*/ */
int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_ t ilen, int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_ t ilen,
unsigned char *output, size_t *olen ); unsigned char *output, size_t *olen );
/** /**
* \brief Generic cipher finalisation function. If data still * \brief Generic cipher finalisation function. If data still
* needs to be flushed from an incomplete block, data * needs to be flushed from an incomplete block, data
* contained within it will be padded with the size of * contained within it will be padded with the size of
* the last block, and written to the output buffer. * the last block, and written to the output buffer.
* *
* \param ctx Generic message digest context * \param ctx Generic cipher context
* \param output buffer to write data to. Needs block_size data avai lable. * \param output buffer to write data to. Needs block_size data avai lable.
* \param olen length of the data written to the output buffer. * \param olen length of the data written to the output buffer.
* *
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if
* parameter verification fails, * parameter verification fails,
* POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decrypti on * POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decrypti on
* expected a full block but was not provided one, * expected a full block but was not provided one,
* POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padd ing * POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padd ing
* while decrypting or a cipher specific error code. * while decrypting or a cipher specific error code.
*/ */
 End of changes. 9 change blocks. 
12 lines changed or deleted 50 lines changed or added


 cipher_wrap.h   cipher_wrap.h 
/** /**
* \file cipher_wrap.h * \file cipher_wrap.h
* *
* \brief Cipher wrappers. * \brief Cipher wrappers.
* *
* \author Adriaan de Jong <dejong@fox-it.com> * \author Adriaan de Jong <dejong@fox-it.com>
* *
* Copyright (C) 2006-2010, Brainspark B.V. * Copyright (C) 2006-2011, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
* *
* All rights reserved. * All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#include "polarssl/config.h"
#include "polarssl/cipher.h"
#ifndef POLARSSL_CIPHER_WRAP_H #ifndef POLARSSL_CIPHER_WRAP_H
#define POLARSSL_CIPHER_WRAP_H #define POLARSSL_CIPHER_WRAP_H
#include "config.h"
#include "cipher.h"
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#if defined(POLARSSL_AES_C) #if defined(POLARSSL_AES_C)
extern const cipher_info_t aes_128_cbc_info; extern const cipher_info_t aes_128_cbc_info;
extern const cipher_info_t aes_192_cbc_info; extern const cipher_info_t aes_192_cbc_info;
extern const cipher_info_t aes_256_cbc_info; extern const cipher_info_t aes_256_cbc_info;
 End of changes. 3 change blocks. 
5 lines changed or deleted 4 lines changed or added


 config.h   config.h 
/** /**
* \file config.h * \file config.h
* *
* \brief Configuration options (set of defines) * \brief Configuration options (set of defines)
* *
* Copyright (C) 2006-2010, Brainspark B.V. * Copyright (C) 2006-2011, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
* *
* All rights reserved. * All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
skipping to change at line 34 skipping to change at line 34
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
* *
* This set of compile-time options may be used to enable * This set of compile-time options may be used to enable
* or disable features selectively, and reduce the global * or disable features selectively, and reduce the global
* memory footprint. * memory footprint.
*/ */
#ifndef POLARSSL_CONFIG_H #ifndef POLARSSL_CONFIG_H
#define POLARSSL_CONFIG_H #define POLARSSL_CONFIG_H
#ifndef _CRT_SECURE_NO_DEPRECATE #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
#define _CRT_SECURE_NO_DEPRECATE 1 #define _CRT_SECURE_NO_DEPRECATE 1
#endif #endif
/** /**
* \name SECTION: System support * \name SECTION: System support
* *
* This section sets system specific settings. * This section sets system specific settings.
* \{ * \{
*/ */
skipping to change at line 158 skipping to change at line 158
#define POLARSSL_GENPRIME #define POLARSSL_GENPRIME
/** /**
* \def POLARSSL_FS_IO * \def POLARSSL_FS_IO
* *
* Enable functions that use the filesystem. * Enable functions that use the filesystem.
*/ */
#define POLARSSL_FS_IO #define POLARSSL_FS_IO
/** /**
* \def POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
*
* Do not add default entropy sources. These are the platform specific,
* hardclock and HAVEGE based poll functions.
*
* This is useful to have more control over the added entropy sources in an
* application.
*
* Uncomment this macro to prevent loading of default entropy functions.
#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
*/
/**
* \def POLARSSL_NO_PLATFORM_ENTROPY
*
* Do not use built-in platform entropy functions.
* This is useful if your platform does not support
* standards like the /dev/urandom or Windows CryptoAPI.
*
* Uncomment this macro to disable the built-in platform entropy functions.
#define POLARSSL_NO_PLATFORM_ENTROPY
*/
/**
* \def POLARSSL_PKCS1_V21 * \def POLARSSL_PKCS1_V21
* *
* Requires: POLARSSL_MD_C, POLARSSL_RSA_C * Requires: POLARSSL_MD_C, POLARSSL_RSA_C
* *
* Enable support for PKCS#1 v2.1 encoding. * Enable support for PKCS#1 v2.1 encoding.
* This enables support for RSAES-OAEP and RSASSA-PSS operations. * This enables support for RSAES-OAEP and RSASSA-PSS operations.
*/ */
#define POLARSSL_PKCS1_V21 #define POLARSSL_PKCS1_V21
/** /**
skipping to change at line 211 skipping to change at line 235
*/ */
/** /**
* \def POLARSSL_AES_C * \def POLARSSL_AES_C
* *
* Enable the AES block cipher. * Enable the AES block cipher.
* *
* Module: library/aes.c * Module: library/aes.c
* Caller: library/ssl_tls.c * Caller: library/ssl_tls.c
* library/pem.c * library/pem.c
* library/ctr_drbg.c
* *
* This module enables the following ciphersuites: * This module enables the following ciphersuites:
* SSL_RSA_AES_128_SHA * SSL_RSA_AES_128_SHA
* SSL_RSA_AES_256_SHA * SSL_RSA_AES_256_SHA
* SSL_EDH_RSA_AES_256_SHA * SSL_EDH_RSA_AES_256_SHA
*/ */
#define POLARSSL_AES_C #define POLARSSL_AES_C
/** /**
* \def POLARSSL_ARC4_C * \def POLARSSL_ARC4_C
skipping to change at line 234 skipping to change at line 259
* Module: library/arc4.c * Module: library/arc4.c
* Caller: library/ssl_tls.c * Caller: library/ssl_tls.c
* *
* This module enables the following ciphersuites: * This module enables the following ciphersuites:
* SSL_RSA_RC4_128_MD5 * SSL_RSA_RC4_128_MD5
* SSL_RSA_RC4_128_SHA * SSL_RSA_RC4_128_SHA
*/ */
#define POLARSSL_ARC4_C #define POLARSSL_ARC4_C
/** /**
* \def POLARSSL_ASN1_PARSE_C
*
* Enable the generic ASN1 parser.
*
* Module: library/asn1.c
* Caller: library/x509parse.c
*/
#define POLARSSL_ASN1_PARSE_C
/**
* \def POLARSSL_BASE64_C * \def POLARSSL_BASE64_C
* *
* Enable the Base64 module. * Enable the Base64 module.
* *
* Module: library/base64.c * Module: library/base64.c
* Caller: library/pem.c * Caller: library/pem.c
* *
* This module is required for PEM support (required by X.509). * This module is required for PEM support (required by X.509).
*/ */
#define POLARSSL_BASE64_C #define POLARSSL_BASE64_C
skipping to change at line 300 skipping to change at line 335
* Enable the generic cipher layer. * Enable the generic cipher layer.
* *
* Module: library/cipher.c * Module: library/cipher.c
* Caller: * Caller:
* *
* Uncomment to enable generic cipher wrappers. * Uncomment to enable generic cipher wrappers.
*/ */
#define POLARSSL_CIPHER_C #define POLARSSL_CIPHER_C
/** /**
* \def POLARSSL_CTR_DRBG_C
*
* Enable the CTR_DRBG AES-256-based random generator
*
* Module: library/ctr_drbg.c
* Caller:
*
* Requires: POLARSSL_AES_C
*
* This module provides the CTR_DRBG AES-256 random number generator.
*/
#define POLARSSL_CTR_DRBG_C
/**
* \def POLARSSL_DEBUG_C * \def POLARSSL_DEBUG_C
* *
* Enable the debug functions. * Enable the debug functions.
* *
* Module: library/debug.c * Module: library/debug.c
* Caller: library/ssl_cli.c * Caller: library/ssl_cli.c
* library/ssl_srv.c * library/ssl_srv.c
* library/ssl_tls.c * library/ssl_tls.c
* *
* This module provides debugging functions. * This module provides debugging functions.
skipping to change at line 344 skipping to change at line 393
* library/ssl_srv.c * library/ssl_srv.c
* *
* This module enables the following ciphersuites: * This module enables the following ciphersuites:
* SSL_EDH_RSA_DES_168_SHA * SSL_EDH_RSA_DES_168_SHA
* SSL_EDH_RSA_AES_256_SHA * SSL_EDH_RSA_AES_256_SHA
* SSL_EDH_RSA_CAMELLIA_256_SHA * SSL_EDH_RSA_CAMELLIA_256_SHA
*/ */
#define POLARSSL_DHM_C #define POLARSSL_DHM_C
/** /**
* \def POLARSSL_ENTROPY_C
*
* Enable the platform-specific entropy code.
*
* Module: library/entropy.c
* Caller:
*
* Requires: POLARSSL_SHA4_C
*
* This module provides a generic entropy pool
*/
#define POLARSSL_ENTROPY_C
/**
* \def POLARSSL_ERROR_C * \def POLARSSL_ERROR_C
* *
* Enable error code to error string conversion. * Enable error code to error string conversion.
* *
* Module: library/error.c * Module: library/error.c
* Caller: * Caller:
* *
* This module enables err_strerror(). * This module enables err_strerror().
*/ */
#define POLARSSL_ERROR_C #define POLARSSL_ERROR_C
skipping to change at line 608 skipping to change at line 671
/** /**
* \def POLARSSL_X509_PARSE_C * \def POLARSSL_X509_PARSE_C
* *
* Enable X.509 certificate parsing. * Enable X.509 certificate parsing.
* *
* Module: library/x509parse.c * Module: library/x509parse.c
* Caller: library/ssl_cli.c * Caller: library/ssl_cli.c
* library/ssl_srv.c * library/ssl_srv.c
* library/ssl_tls.c * library/ssl_tls.c
* *
* Requires: POLARSSL_BIGNUM_C, POLARSSL_RSA_C * Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_BIGNUM_C, POLARSSL_RSA_C
* *
* This module is required for X.509 certificate parsing. * This module is required for X.509 certificate parsing.
*/ */
#define POLARSSL_X509_PARSE_C #define POLARSSL_X509_PARSE_C
/** /**
* \def POLARSSL_XTEA_C * \def POLARSSL_XTEA_C
* *
* Enable the XTEA block cipher. * Enable the XTEA block cipher.
* *
 End of changes. 8 change blocks. 
3 lines changed or deleted 66 lines changed or added


 debug.h   debug.h 
/** /**
* \file debug.h * \file debug.h
* *
* \brief Debug functions * \brief Debug functions
* *
* Copyright (C) 2006-2010, Brainspark B.V. * Copyright (C) 2006-2011, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
* *
* All rights reserved. * All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef SSL_DEBUG_H #ifndef POLARSSL_DEBUG_H
#define SSL_DEBUG_H #define POLARSSL_DEBUG_H
#include "polarssl/config.h" #include "config.h"
#include "polarssl/ssl.h" #include "ssl.h"
#if defined(POLARSSL_DEBUG_MSG) && defined(POLARSSL_DEBUG_C) #if defined(POLARSSL_DEBUG_MSG) && defined(POLARSSL_DEBUG_C)
#define SSL_DEBUG_MSG( level, args ) \ #define SSL_DEBUG_MSG( level, args ) \
debug_print_msg( ssl, level, __FILE__, __LINE__, debug_fmt args ); debug_print_msg( ssl, level, __FILE__, __LINE__, debug_fmt args );
#define SSL_DEBUG_RET( level, text, ret ) \ #define SSL_DEBUG_RET( level, text, ret ) \
debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret ); debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret );
#define SSL_DEBUG_BUF( level, text, buf, len ) \ #define SSL_DEBUG_BUF( level, text, buf, len ) \
 End of changes. 3 change blocks. 
5 lines changed or deleted 5 lines changed or added


 des.h   des.h 
skipping to change at line 90 skipping to change at line 90
* *
* \return 0 is parity was ok, 1 if parity was not correct. * \return 0 is parity was ok, 1 if parity was not correct.
*/ */
int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] ); int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] );
/** /**
* \brief Check that key is not a weak or semi-weak DES key * \brief Check that key is not a weak or semi-weak DES key
* *
* \param key 8-byte secret key * \param key 8-byte secret key
* *
* \resurn 0 if no weak key was found, 1 if a weak key was identifi ed. * \return 0 if no weak key was found, 1 if a weak key was identifi ed.
*/ */
int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] ); int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] );
/** /**
* \brief DES key schedule (56-bit, encryption) * \brief DES key schedule (56-bit, encryption)
* *
* \param ctx DES context to be initialized * \param ctx DES context to be initialized
* \param key 8-byte secret key * \param key 8-byte secret key
* *
* \return 0 * \return 0
 End of changes. 1 change blocks. 
1 lines changed or deleted 1 lines changed or added


 dhm.h   dhm.h 
skipping to change at line 30 skipping to change at line 30
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_DHM_H #ifndef POLARSSL_DHM_H
#define POLARSSL_DHM_H #define POLARSSL_DHM_H
#include "polarssl/bignum.h" #include "bignum.h"
/* /*
* DHM Error codes * DHM Error codes
*/ */
#define POLARSSL_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Ba d input parameters to function. */ #define POLARSSL_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Ba d input parameters to function. */
#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Re ading of the DHM parameters failed. */ #define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Re ading of the DHM parameters failed. */
#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Ma king of the DHM parameters failed. */ #define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Ma king of the DHM parameters failed. */
#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Re ading of the public values failed. */ #define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Re ading of the public values failed. */
#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Ma keing of the public value failed. */ #define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Ma keing of the public value failed. */
#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Ca lculation of the DHM secret failed. */ #define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Ca lculation of the DHM secret failed. */
skipping to change at line 93 skipping to change at line 93
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \note This function assumes that ctx->P and ctx->G * \note This function assumes that ctx->P and ctx->G
* have already been properly set (for example * have already been properly set (for example
* using mpi_read_string or mpi_read_binary). * using mpi_read_string or mpi_read_binary).
* *
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/ */
int dhm_make_params( dhm_context *ctx, int x_size, int dhm_make_params( dhm_context *ctx, int x_size,
unsigned char *output, size_t *olen, unsigned char *output, size_t *olen,
int (*f_rng)(void *), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/** /**
* \brief Import the peer's public value G^Y * \brief Import the peer's public value G^Y
* *
* \param ctx DHM context * \param ctx DHM context
* \param input input buffer * \param input input buffer
* \param ilen size of buffer * \param ilen size of buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/ */
skipping to change at line 121 skipping to change at line 122
* \param x_size private value size in bits * \param x_size private value size in bits
* \param output destination buffer * \param output destination buffer
* \param olen must be equal to ctx->P.len * \param olen must be equal to ctx->P.len
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/ */
int dhm_make_public( dhm_context *ctx, int x_size, int dhm_make_public( dhm_context *ctx, int x_size,
unsigned char *output, size_t olen, unsigned char *output, size_t olen,
int (*f_rng)(void *), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/** /**
* \brief Derive and export the shared secret (G^Y)^X mod P * \brief Derive and export the shared secret (G^Y)^X mod P
* *
* \param ctx DHM context * \param ctx DHM context
* \param output destination buffer * \param output destination buffer
* \param olen number of chars written * \param olen number of chars written
* *
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/ */
 End of changes. 3 change blocks. 
3 lines changed or deleted 5 lines changed or added


 error.h   error.h 
skipping to change at line 51 skipping to change at line 51
* *
* 1 bit - Intentionally not used * 1 bit - Intentionally not used
* 3 bits - High level module ID * 3 bits - High level module ID
* 5 bits - Module-dependent error code * 5 bits - Module-dependent error code
* 6 bits - Low level module errors * 6 bits - Low level module errors
* 1 bit - Intentionally not used * 1 bit - Intentionally not used
* *
* Low-level module errors (0x007E-0x0002) * Low-level module errors (0x007E-0x0002)
* *
* Module Nr Codes assigned * Module Nr Codes assigned
* MPI 7 0x0002-0x000E * MPI 7 0x0002-0x0010
* BASE64 2 0x0010-0x0012 * ASN1 6 0x0014-0x001E
* ASN1 5 0x0014-0x001C
* AES 2 0x0020-0x0022 * AES 2 0x0020-0x0022
* CAMELLIA 2 0x0024-0x0026 * CAMELLIA 2 0x0024-0x0026
* XTEA 1 0x0028-0x0028 * XTEA 1 0x0028-0x0028
* BASE64 2 0x002A-0x002C
* PADLOCK 1 0x0030-0x0030 * PADLOCK 1 0x0030-0x0030
* DES 1 0x0032-0x0032 * DES 1 0x0032-0x0032
* NET 11 0x0040-0x0054 * NET 11 0x0040-0x0054
* CTR_DBRG 3 0x0034-0x003A
* ENTROPY 3 0x003C-0x0040
* MD2 1 0x0070-0x0070
* MD4 1 0x0072-0x0072
* MD5 1 0x0074-0x0074
* SHA1 1 0x0076-0x0076
* SHA2 1 0x0078-0x0078
* SHA4 1 0x007A-0x007A
* *
* High-level module nr (3 bits - 0x1...-0x8...) * High-level module nr (3 bits - 0x1...-0x8...)
* Name ID Nr of Errors * Name ID Nr of Errors
* PEM 1 8 * PEM 1 8
* X509 2 20 * X509 2 21
* DHM 3 6 * DHM 3 6
* RSA 4 9 * RSA 4 9
* MD 5 1 * MD 5 1
* CIPER 6 1 * CIPER 6 1
* SSL 7 27 * SSL 7 30
* *
* Module dependent error code (5 bits 0x.08.-0x.F8.) * Module dependent error code (5 bits 0x.08.-0x.F8.)
*/ */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief Translate a PolarSSL error code into a string representation, * \brief Translate a PolarSSL error code into a string representation,
 End of changes. 5 change blocks. 
5 lines changed or deleted 13 lines changed or added


 havege.h   havege.h 
skipping to change at line 30 skipping to change at line 30
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_HAVEGE_H #ifndef POLARSSL_HAVEGE_H
#define POLARSSL_HAVEGE_H #define POLARSSL_HAVEGE_H
#include <string.h>
#define COLLECT_SIZE 1024 #define COLLECT_SIZE 1024
/** /**
* \brief HAVEGE state structure * \brief HAVEGE state structure
*/ */
typedef struct typedef struct
{ {
int PT1, PT2, offset[2]; int PT1, PT2, offset[2];
int pool[COLLECT_SIZE]; int pool[COLLECT_SIZE];
int WALK[8192]; int WALK[8192];
skipping to change at line 58 skipping to change at line 60
* \brief HAVEGE initialization * \brief HAVEGE initialization
* *
* \param hs HAVEGE state to be initialized * \param hs HAVEGE state to be initialized
*/ */
void havege_init( havege_state *hs ); void havege_init( havege_state *hs );
/** /**
* \brief HAVEGE rand function * \brief HAVEGE rand function
* *
* \param p_rng A HAVEGE state * \param p_rng A HAVEGE state
* \param output Buffer to fill
* \param len Length of buffer
* *
* \return A random int * \return A random int
*/ */
int havege_rand( void *p_rng ); int havege_random( void *p_rng, unsigned char *output, size_t len );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* havege.h */ #endif /* havege.h */
 End of changes. 3 change blocks. 
1 lines changed or deleted 5 lines changed or added


 md.h   md.h 
/** /**
* \file md.h * \file md.h
* *
* \brief Generic message digest wrapper * \brief Generic message digest wrapper
* *
* \author Adriaan de Jong <dejong@fox-it.com> * \author Adriaan de Jong <dejong@fox-it.com>
* *
* Copyright (C) 2006-2010, Brainspark B.V. * Copyright (C) 2006-2011, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
* *
* All rights reserved. * All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_MD_H #ifndef POLARSSL_MD_H
#define POLARSSL_MD_H #define POLARSSL_MD_H
#include <string.h> #include <string.h>
#if defined(_MSC_VER) && !defined(inline) #if defined(_MSC_VER) && !defined(inline)
#define inline _inline #define inline _inline
#else #else
#if defined(__ARMCC_VERSION) && !defined(inline) #if defined(__ARMCC_VERSION) && !defined(inline)
#define inline __inline #define inline __inline
skipping to change at line 179 skipping to change at line 178
* \brief Initialises and fills the message digest context structu re with * \brief Initialises and fills the message digest context structu re with
* the appropriate values. * the appropriate values.
* *
* \param ctx context to initialise. May not be NULL. The * \param ctx context to initialise. May not be NULL. The
* digest-specific context (ctx->md_ctx) must be NULL. It w ill * digest-specific context (ctx->md_ctx) must be NULL. It w ill
* be allocated, and must be freed using md_free_ctx() late r. * be allocated, and must be freed using md_free_ctx() late r.
* \param md_info message digest to use. * \param md_info message digest to use.
* *
* \returns \c 0 on success, \c POLARSSL_ERR_MD_BAD_INPUT_DATA on * \returns \c 0 on success, \c POLARSSL_ERR_MD_BAD_INPUT_DATA on
* parameter failure, \c POLARSSL_ERR_MD_ALLOC_FAILED if * parameter failure, \c POLARSSL_ERR_MD_ALLOC_FAILED if
* allocation of the cipher-specific context failed. * allocation of the digest-specific context failed.
*/ */
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ); int md_init_ctx( md_context_t *ctx, const md_info_t *md_info );
/** /**
* \brief Free the message-specific context of ctx. Freeing ctx it self * \brief Free the message-specific context of ctx. Freeing ctx it self
* remains the responsibility of the caller. * remains the responsibility of the caller.
* *
* \param ctx Free the message-specific context * \param ctx Free the message-specific context
* *
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if paramete r * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if paramete r
 End of changes. 3 change blocks. 
3 lines changed or deleted 2 lines changed or added


 md2.h   md2.h 
skipping to change at line 32 skipping to change at line 32
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_MD2_H #ifndef POLARSSL_MD2_H
#define POLARSSL_MD2_H #define POLARSSL_MD2_H
#include <string.h> #include <string.h>
#define POLARSSL_ERR_MD2_FILE_IO_ERROR -0x0070 /**< Read/w
rite error in file. */
/** /**
* \brief MD2 context structure * \brief MD2 context structure
*/ */
typedef struct typedef struct
{ {
unsigned char cksum[16]; /*!< checksum of the data block */ unsigned char cksum[16]; /*!< checksum of the data block */
unsigned char state[48]; /*!< intermediate digest state */ unsigned char state[48]; /*!< intermediate digest state */
unsigned char buffer[16]; /*!< data block being processed */ unsigned char buffer[16]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */ unsigned char ipad[16]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */ unsigned char opad[16]; /*!< HMAC: outer padding */
size_t left; /*!< amount of data in buffer */ size_t left; /*!< amount of data in buffer */
} }
md2_context; md2_context;
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/** /**
* \brief MD2 context setup * \brief MD2 context setup
skipping to change at line 90 skipping to change at line 92
* \param output MD2 checksum result * \param output MD2 checksum result
*/ */
void md2( const unsigned char *input, size_t ilen, unsigned char output[16] ); void md2( const unsigned char *input, size_t ilen, unsigned char output[16] );
/** /**
* \brief Output = MD2( file contents ) * \brief Output = MD2( file contents )
* *
* \param path input file name * \param path input file name
* \param output MD2 checksum result * \param output MD2 checksum result
* *
* \return 0 if successful, 1 if fopen failed, * \return 0 if successful, or POLARSSL_ERR_MD2_FILE_IO_ERROR
* or 2 if fread failed
*/ */
int md2_file( const char *path, unsigned char output[16] ); int md2_file( const char *path, unsigned char output[16] );
/** /**
* \brief MD2 HMAC context setup * \brief MD2 HMAC context setup
* *
* \param ctx HMAC context to be initialized * \param ctx HMAC context to be initialized
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
*/ */
 End of changes. 3 change blocks. 
4 lines changed or deleted 6 lines changed or added


 md4.h   md4.h 
skipping to change at line 32 skipping to change at line 32
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_MD4_H #ifndef POLARSSL_MD4_H
#define POLARSSL_MD4_H #define POLARSSL_MD4_H
#include <string.h> #include <string.h>
#define POLARSSL_ERR_MD4_FILE_IO_ERROR -0x0072 /**< Read/w
rite error in file. */
/** /**
* \brief MD4 context structure * \brief MD4 context structure
*/ */
typedef struct typedef struct
{ {
unsigned long total[2]; /*!< number of bytes processed */ unsigned long total[2]; /*!< number of bytes processed */
unsigned long state[4]; /*!< intermediate digest state */ unsigned long state[4]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */ unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */ unsigned char ipad[64]; /*!< HMAC: inner padding */
skipping to change at line 89 skipping to change at line 91
* \param output MD4 checksum result * \param output MD4 checksum result
*/ */
void md4( const unsigned char *input, size_t ilen, unsigned char output[16] ); void md4( const unsigned char *input, size_t ilen, unsigned char output[16] );
/** /**
* \brief Output = MD4( file contents ) * \brief Output = MD4( file contents )
* *
* \param path input file name * \param path input file name
* \param output MD4 checksum result * \param output MD4 checksum result
* *
* \return 0 if successful, 1 if fopen failed, * \return 0 if successful, or POLARSSL_ERR_MD4_FILE_IO_ERROR
* or 2 if fread failed
*/ */
int md4_file( const char *path, unsigned char output[16] ); int md4_file( const char *path, unsigned char output[16] );
/** /**
* \brief MD4 HMAC context setup * \brief MD4 HMAC context setup
* *
* \param ctx HMAC context to be initialized * \param ctx HMAC context to be initialized
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
*/ */
 End of changes. 2 change blocks. 
2 lines changed or deleted 4 lines changed or added


 md5.h   md5.h 
skipping to change at line 32 skipping to change at line 32
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_MD5_H #ifndef POLARSSL_MD5_H
#define POLARSSL_MD5_H #define POLARSSL_MD5_H
#include <string.h> #include <string.h>
#define POLARSSL_ERR_MD5_FILE_IO_ERROR -0x0074 /**< Read/w
rite error in file. */
/** /**
* \brief MD5 context structure * \brief MD5 context structure
*/ */
typedef struct typedef struct
{ {
unsigned long total[2]; /*!< number of bytes processed */ unsigned long total[2]; /*!< number of bytes processed */
unsigned long state[4]; /*!< intermediate digest state */ unsigned long state[4]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */ unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */ unsigned char ipad[64]; /*!< HMAC: inner padding */
skipping to change at line 89 skipping to change at line 91
* \param output MD5 checksum result * \param output MD5 checksum result
*/ */
void md5( const unsigned char *input, size_t ilen, unsigned char output[16] ); void md5( const unsigned char *input, size_t ilen, unsigned char output[16] );
/** /**
* \brief Output = MD5( file contents ) * \brief Output = MD5( file contents )
* *
* \param path input file name * \param path input file name
* \param output MD5 checksum result * \param output MD5 checksum result
* *
* \return 0 if successful, 1 if fopen failed, * \return 0 if successful, or POLARSSL_ERR_MD5_FILE_IO_ERROR
* or 2 if fread failed
*/ */
int md5_file( const char *path, unsigned char output[16] ); int md5_file( const char *path, unsigned char output[16] );
/** /**
* \brief MD5 HMAC context setup * \brief MD5 HMAC context setup
* *
* \param ctx HMAC context to be initialized * \param ctx HMAC context to be initialized
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
*/ */
 End of changes. 2 change blocks. 
2 lines changed or deleted 4 lines changed or added


 md_wrap.h   md_wrap.h 
/** /**
* \file md_wrap.h * \file md_wrap.h
* *
* \brief Message digest wrappers. * \brief Message digest wrappers.
* *
* \author Adriaan de Jong <dejong@fox-it.com> * \author Adriaan de Jong <dejong@fox-it.com>
* *
* Copyright (C) 2006-2010, Brainspark B.V. * Copyright (C) 2006-2011, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
* *
* All rights reserved. * All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#include "polarssl/config.h"
#include "polarssl/md.h"
#ifndef POLARSSL_MD_WRAP_H #ifndef POLARSSL_MD_WRAP_H
#define POLARSSL_MD_WRAP_H #define POLARSSL_MD_WRAP_H
#include "config.h"
#include "md.h"
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#if defined(POLARSSL_MD2_C) #if defined(POLARSSL_MD2_C)
extern const md_info_t md2_info; extern const md_info_t md2_info;
#endif #endif
#if defined(POLARSSL_MD4_C) #if defined(POLARSSL_MD4_C)
extern const md_info_t md4_info; extern const md_info_t md4_info;
#endif #endif
 End of changes. 3 change blocks. 
5 lines changed or deleted 4 lines changed or added


 net.h   net.h 
/** /**
* \file net.h * \file net.h
* *
* \brief MD5 message digest algorithm (hash function) * \brief Network communication functions
* *
* Copyright (C) 2006-2010, Brainspark B.V. * Copyright (C) 2006-2011, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
* *
* All rights reserved. * All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added


 openssl.h   openssl.h 
skipping to change at line 33 skipping to change at line 33
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
/* /*
* OpenSSL wrapper contributed by David Barett * OpenSSL wrapper contributed by David Barett
*/ */
#ifndef POLARSSL_OPENSSL_H #ifndef POLARSSL_OPENSSL_H
#define POLARSSL_OPENSSL_H #define POLARSSL_OPENSSL_H
#include "polarssl/aes.h" #include "aes.h"
#include "polarssl/md5.h" #include "md5.h"
#include "polarssl/rsa.h" #include "rsa.h"
#include "polarssl/sha1.h" #include "sha1.h"
#define AES_SIZE 16 #define AES_SIZE 16
#define AES_BLOCK_SIZE 16 #define AES_BLOCK_SIZE 16
#define AES_KEY aes_context #define AES_KEY aes_context
#define MD5_CTX md5_context #define MD5_CTX md5_context
#define SHA_CTX sha1_context #define SHA_CTX sha1_context
#define SHA1_Init( CTX ) \ #define SHA1_Init( CTX ) \
sha1_starts( (CTX) ) sha1_starts( (CTX) )
#define SHA1_Update( CTX, BUF, LEN ) \ #define SHA1_Update( CTX, BUF, LEN ) \
 End of changes. 1 change blocks. 
4 lines changed or deleted 4 lines changed or added


 padlock.h   padlock.h 
skipping to change at line 30 skipping to change at line 30
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_PADLOCK_H #ifndef POLARSSL_PADLOCK_H
#define POLARSSL_PADLOCK_H #define POLARSSL_PADLOCK_H
#include "polarssl/aes.h" #include "aes.h"
#define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< In put data should be aligned. */ #define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< In put data should be aligned. */
#if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) #if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && defined(__i386__)
#ifndef POLARSSL_HAVE_X86 #ifndef POLARSSL_HAVE_X86
#define POLARSSL_HAVE_X86 #define POLARSSL_HAVE_X86
#endif #endif
#define PADLOCK_RNG 0x000C #define PADLOCK_RNG 0x000C
 End of changes. 1 change blocks. 
1 lines changed or deleted 1 lines changed or added


 pkcs11.h   pkcs11.h 
/** /**
* \file pkcs11.h * \file pkcs11.h
* *
* \brief Wrapper for PKCS#11 library libpkcs11-helper * \brief Wrapper for PKCS#11 library libpkcs11-helper
* *
* \author Adriaan de Jong <dejong@fox-it.com> * \author Adriaan de Jong <dejong@fox-it.com>
* *
* Copyright (C) 2006-2010, Brainspark B.V. * Copyright (C) 2006-2011, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
* *
* All rights reserved. * All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_PKCS11_H
#define POLARSSL_PKCS11_H
#ifndef PKCS11_H_ #include "config.h"
#define PKCS11_H_
#include "polarssl/config.h"
#if defined(POLARSSL_PKCS11_C) #if defined(POLARSSL_PKCS11_C)
#include "polarssl/x509.h" #include "x509.h"
#include <pkcs11-helper-1.0/pkcs11h-certificate.h> #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
/** /**
* Context for PKCS #11 private keys. * Context for PKCS #11 private keys.
*/ */
typedef struct { typedef struct {
pkcs11h_certificate_t pkcs11h_cert; pkcs11h_certificate_t pkcs11h_cert;
int len; int len;
} pkcs11_context; } pkcs11_context;
skipping to change at line 127 skipping to change at line 126
*/ */
int pkcs11_sign( pkcs11_context *ctx, int pkcs11_sign( pkcs11_context *ctx,
int mode, int mode,
int hash_id, int hash_id,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
#endif /* POLARSSL_PKCS11_C */ #endif /* POLARSSL_PKCS11_C */
#endif /* PKCS11_H_ */ #endif /* POLARSSL_PKCS11_H */
 End of changes. 5 change blocks. 
6 lines changed or deleted 5 lines changed or added


 rsa.h   rsa.h 
skipping to change at line 30 skipping to change at line 30
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_RSA_H #ifndef POLARSSL_RSA_H
#define POLARSSL_RSA_H #define POLARSSL_RSA_H
#include "polarssl/bignum.h" #include "bignum.h"
/* /*
* RSA Error codes * RSA Error codes
*/ */
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Ba d input parameters to function. */ #define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Ba d input parameters to function. */
#define POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 /**< In put data contains invalid padding and is rejected. */ #define POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 /**< In put data contains invalid padding and is rejected. */
#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< So mething failed during generation of a key. */ #define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< So mething failed during generation of a key. */
#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Ke y failed to pass the libraries validity check. */ #define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Ke y failed to pass the libraries validity check. */
#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 /**< Th e public key operation failed. */ #define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 /**< Th e public key operation failed. */
#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 /**< Th e private key operation failed. */ #define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 /**< Th e private key operation failed. */
skipping to change at line 189 skipping to change at line 189
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param nbits size of the public key in bits * \param nbits size of the public key in bits
* \param exponent public exponent (e.g., 65537) * \param exponent public exponent (e.g., 65537)
* *
* \note rsa_init() must be called beforehand to setup * \note rsa_init() must be called beforehand to setup
* the RSA context. * the RSA context.
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/ */
int rsa_gen_key( rsa_context *ctx, int rsa_gen_key( rsa_context *ctx,
int (*f_rng)(void *), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
unsigned int nbits, int exponent ); unsigned int nbits, int exponent );
/** /**
* \brief Check a public RSA key * \brief Check a public RSA key
* *
* \param ctx RSA context to be checked * \param ctx RSA context to be checked
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/ */
skipping to change at line 264 skipping to change at line 264
* \param ilen contains the plaintext length * \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted * \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext * \param output buffer that will hold the ciphertext
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_pkcs1_encrypt( rsa_context *ctx, int rsa_pkcs1_encrypt( rsa_context *ctx,
int (*f_rng)(void *), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, size_t ilen, int mode, size_t ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Do an RSA operation, then remove the message padding * \brief Do an RSA operation, then remove the message padding
* *
* \param ctx RSA context * \param ctx RSA context
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
skipping to change at line 317 skipping to change at line 317
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
* *
* \note In case of PKCS#1 v2.1 encoding keep in mind that * \note In case of PKCS#1 v2.1 encoding keep in mind that
* the hash_id in the RSA context is the one used for the * the hash_id in the RSA context is the one used for the
* encoding. hash_id in the function call is the type of ha sh * encoding. hash_id in the function call is the type of ha sh
* that is encoded. According to RFC 3447 it is advised to * that is encoded. According to RFC 3447 it is advised to
* keep both hashes the same. * keep both hashes the same.
*/ */
int rsa_pkcs1_sign( rsa_context *ctx, int rsa_pkcs1_sign( rsa_context *ctx,
int (*f_rng)(void *), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, int mode,
int hash_id, int hash_id,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
/** /**
* \brief Do a public RSA and check the message digest * \brief Do a public RSA and check the message digest
* *
 End of changes. 4 change blocks. 
4 lines changed or deleted 4 lines changed or added


 sha1.h   sha1.h 
skipping to change at line 32 skipping to change at line 32
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_SHA1_H #ifndef POLARSSL_SHA1_H
#define POLARSSL_SHA1_H #define POLARSSL_SHA1_H
#include <string.h> #include <string.h>
#define POLARSSL_ERR_SHA1_FILE_IO_ERROR -0x0076 /**< Read/w
rite error in file. */
/** /**
* \brief SHA-1 context structure * \brief SHA-1 context structure
*/ */
typedef struct typedef struct
{ {
unsigned long total[2]; /*!< number of bytes processed */ unsigned long total[2]; /*!< number of bytes processed */
unsigned long state[5]; /*!< intermediate digest state */ unsigned long state[5]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */ unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */ unsigned char ipad[64]; /*!< HMAC: inner padding */
skipping to change at line 89 skipping to change at line 91
* \param output SHA-1 checksum result * \param output SHA-1 checksum result
*/ */
void sha1( const unsigned char *input, size_t ilen, unsigned char output[20 ] ); void sha1( const unsigned char *input, size_t ilen, unsigned char output[20 ] );
/** /**
* \brief Output = SHA-1( file contents ) * \brief Output = SHA-1( file contents )
* *
* \param path input file name * \param path input file name
* \param output SHA-1 checksum result * \param output SHA-1 checksum result
* *
* \return 0 if successful, 1 if fopen failed, * \return 0 if successful, or POLARSSL_ERR_SHA1_FILE_IO_ERROR
* or 2 if fread failed
*/ */
int sha1_file( const char *path, unsigned char output[20] ); int sha1_file( const char *path, unsigned char output[20] );
/** /**
* \brief SHA-1 HMAC context setup * \brief SHA-1 HMAC context setup
* *
* \param ctx HMAC context to be initialized * \param ctx HMAC context to be initialized
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
*/ */
 End of changes. 2 change blocks. 
2 lines changed or deleted 4 lines changed or added


 sha2.h   sha2.h 
skipping to change at line 32 skipping to change at line 32
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_SHA2_H #ifndef POLARSSL_SHA2_H
#define POLARSSL_SHA2_H #define POLARSSL_SHA2_H
#include <string.h> #include <string.h>
#define POLARSSL_ERR_SHA2_FILE_IO_ERROR -0x0078 /**< Read/w
rite error in file. */
/** /**
* \brief SHA-256 context structure * \brief SHA-256 context structure
*/ */
typedef struct typedef struct
{ {
unsigned long total[2]; /*!< number of bytes processed */ unsigned long total[2]; /*!< number of bytes processed */
unsigned long state[8]; /*!< intermediate digest state */ unsigned long state[8]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */ unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */ unsigned char ipad[64]; /*!< HMAC: inner padding */
skipping to change at line 94 skipping to change at line 96
void sha2( const unsigned char *input, size_t ilen, void sha2( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 ); unsigned char output[32], int is224 );
/** /**
* \brief Output = SHA-256( file contents ) * \brief Output = SHA-256( file contents )
* *
* \param path input file name * \param path input file name
* \param output SHA-224/256 checksum result * \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224 * \param is224 0 = use SHA256, 1 = use SHA224
* *
* \return 0 if successful, 1 if fopen failed, * \return 0 if successful, or POLARSSL_ERR_SHA2_FILE_IO_ERROR
* or 2 if fread failed
*/ */
int sha2_file( const char *path, unsigned char output[32], int is224 ); int sha2_file( const char *path, unsigned char output[32], int is224 );
/** /**
* \brief SHA-256 HMAC context setup * \brief SHA-256 HMAC context setup
* *
* \param ctx HMAC context to be initialized * \param ctx HMAC context to be initialized
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
* \param is224 0 = use SHA256, 1 = use SHA224 * \param is224 0 = use SHA256, 1 = use SHA224
 End of changes. 2 change blocks. 
2 lines changed or deleted 4 lines changed or added


 sha4.h   sha4.h 
skipping to change at line 32 skipping to change at line 32
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_SHA4_H #ifndef POLARSSL_SHA4_H
#define POLARSSL_SHA4_H #define POLARSSL_SHA4_H
#include <string.h> #include <string.h>
#define POLARSSL_ERR_SHA4_FILE_IO_ERROR -0x007A /**< Read/w
rite error in file. */
#if defined(_MSC_VER) || defined(__WATCOMC__) #if defined(_MSC_VER) || defined(__WATCOMC__)
#define UL64(x) x##ui64 #define UL64(x) x##ui64
#define int64 __int64 #define long64 __int64
#else #else
#define UL64(x) x##ULL #define UL64(x) x##ULL
#define int64 long long #define long64 long long
#endif #endif
/** /**
* \brief SHA-512 context structure * \brief SHA-512 context structure
*/ */
typedef struct typedef struct
{ {
unsigned int64 total[2]; /*!< number of bytes processed */ unsigned long64 total[2]; /*!< number of bytes processed */
unsigned int64 state[8]; /*!< intermediate digest state */ unsigned long64 state[8]; /*!< intermediate digest state */
unsigned char buffer[128]; /*!< data block being processed */ unsigned char buffer[128]; /*!< data block being processed */
unsigned char ipad[128]; /*!< HMAC: inner padding */ unsigned char ipad[128]; /*!< HMAC: inner padding */
unsigned char opad[128]; /*!< HMAC: outer padding */ unsigned char opad[128]; /*!< HMAC: outer padding */
int is384; /*!< 0 => SHA-512, else SHA-384 */ int is384; /*!< 0 => SHA-512, else SHA-384 */
} }
sha4_context; sha4_context;
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
skipping to change at line 102 skipping to change at line 104
void sha4( const unsigned char *input, size_t ilen, void sha4( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 ); unsigned char output[64], int is384 );
/** /**
* \brief Output = SHA-512( file contents ) * \brief Output = SHA-512( file contents )
* *
* \param path input file name * \param path input file name
* \param output SHA-384/512 checksum result * \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384 * \param is384 0 = use SHA512, 1 = use SHA384
* *
* \return 0 if successful, 1 if fopen failed, * \return 0 if successful, or POLARSSL_ERR_SHA4_FILE_IO_ERROR
* or 2 if fread failed
*/ */
int sha4_file( const char *path, unsigned char output[64], int is384 ); int sha4_file( const char *path, unsigned char output[64], int is384 );
/** /**
* \brief SHA-512 HMAC context setup * \brief SHA-512 HMAC context setup
* *
* \param ctx HMAC context to be initialized * \param ctx HMAC context to be initialized
* \param is384 0 = use SHA512, 1 = use SHA384 * \param is384 0 = use SHA512, 1 = use SHA384
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
 End of changes. 5 change blocks. 
6 lines changed or deleted 8 lines changed or added


 ssl.h   ssl.h 
skipping to change at line 32 skipping to change at line 32
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_SSL_H #ifndef POLARSSL_SSL_H
#define POLARSSL_SSL_H #define POLARSSL_SSL_H
#include <time.h> #include <time.h>
#include "polarssl/net.h" #include "net.h"
#include "polarssl/dhm.h" #include "dhm.h"
#include "polarssl/rsa.h" #include "rsa.h"
#include "polarssl/md5.h" #include "md5.h"
#include "polarssl/sha1.h" #include "sha1.h"
#include "polarssl/x509.h" #include "x509.h"
#include "polarssl/config.h" #include "config.h"
#if defined(POLARSSL_PKCS11_C) #if defined(POLARSSL_PKCS11_C)
#include "polarssl/pkcs11.h" #include "pkcs11.h"
#endif #endif
#if defined(_MSC_VER) && !defined(inline) #if defined(_MSC_VER) && !defined(inline)
#define inline _inline #define inline _inline
#else #else
#if defined(__ARMCC_VERSION) && !defined(inline) #if defined(__ARMCC_VERSION) && !defined(inline)
#define inline __inline #define inline __inline
#endif /* __ARMCC_VERSION */ #endif /* __ARMCC_VERSION */
#endif /*_MSC_VER */ #endif /*_MSC_VER */
skipping to change at line 84 skipping to change at line 84
#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Pr ocessing of the Certificate handshake message failed. */ #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Pr ocessing of the Certificate handshake message failed. */
#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Pr ocessing of the CertificateRequest handshake message failed. */ #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Pr ocessing of the CertificateRequest handshake message failed. */
#define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Pr ocessing of the ServerKeyExchange handshake message failed. */ #define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Pr ocessing of the ServerKeyExchange handshake message failed. */
#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Pr ocessing of the ServerHelloDone handshake message failed. */ #define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Pr ocessing of the ServerHelloDone handshake message failed. */
#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Pr ocessing of the ClientKeyExchange handshake message failed. */ #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Pr ocessing of the ClientKeyExchange handshake message failed. */
#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_RP -0x7C80 /**< Pr ocessing of the ClientKeyExchange handshake message failed in DHM Read Publ ic. */ #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_RP -0x7C80 /**< Pr ocessing of the ClientKeyExchange handshake message failed in DHM Read Publ ic. */
#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_CS -0x7D00 /**< Pr ocessing of the ClientKeyExchange handshake message failed in DHM Calculate Secret. */ #define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_CS -0x7D00 /**< Pr ocessing of the ClientKeyExchange handshake message failed in DHM Calculate Secret. */
#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Pr ocessing of the CertificateVerify handshake message failed. */ #define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Pr ocessing of the CertificateVerify handshake message failed. */
#define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Pr ocessing of the ChangeCipherSpec handshake message failed. */ #define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Pr ocessing of the ChangeCipherSpec handshake message failed. */
#define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Pr ocessing of the Finished handshake message failed. */ #define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Pr ocessing of the Finished handshake message failed. */
#define POLARSSL_ERR_SSL_MALLOC_FAILED -0x7F00 /**< Me mory allocation failed */
/* /*
* Various constants * Various constants
*/ */
#define SSL_MAJOR_VERSION_3 3 #define SSL_MAJOR_VERSION_3 3
#define SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */ #define SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */
#define SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */ #define SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */
#define SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */ #define SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */
#define SSL_IS_CLIENT 0 #define SSL_IS_CLIENT 0
skipping to change at line 235 skipping to change at line 236
int major_ver; /*!< equal to SSL_MAJOR_VERSION_3 */ int major_ver; /*!< equal to SSL_MAJOR_VERSION_3 */
int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */ int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */
int max_major_ver; /*!< max. major version from client */ int max_major_ver; /*!< max. major version from client */
int max_minor_ver; /*!< max. minor version from client */ int max_minor_ver; /*!< max. minor version from client */
/* /*
* Callbacks (RNG, debug, I/O, verification) * Callbacks (RNG, debug, I/O, verification)
*/ */
int (*f_rng)(void *); int (*f_rng)(void *, unsigned char *, size_t);
void (*f_dbg)(void *, int, const char *); void (*f_dbg)(void *, int, const char *);
int (*f_recv)(void *, unsigned char *, size_t); int (*f_recv)(void *, unsigned char *, size_t);
int (*f_send)(void *, const unsigned char *, size_t); int (*f_send)(void *, const unsigned char *, size_t);
int (*f_vrfy)(void *, x509_cert *, int, int); int (*f_vrfy)(void *, x509_cert *, int, int);
void *p_rng; /*!< context for the RNG function */ void *p_rng; /*!< context for the RNG function */
void *p_dbg; /*!< context for the debug function */ void *p_dbg; /*!< context for the debug function */
void *p_recv; /*!< context for reading operations */ void *p_recv; /*!< context for reading operations */
void *p_send; /*!< context for writing operations */ void *p_send; /*!< context for writing operations */
void *p_vrfy; /*!< context for verification */ void *p_vrfy; /*!< context for verification */
skipping to change at line 376 skipping to change at line 377
* *
* \return the ID with the ciphersuite or 0 if not found * \return the ID with the ciphersuite or 0 if not found
*/ */
int ssl_get_ciphersuite_id( const char *ciphersuite_name ); int ssl_get_ciphersuite_id( const char *ciphersuite_name );
/** /**
* \brief Initialize an SSL context * \brief Initialize an SSL context
* *
* \param ssl SSL context * \param ssl SSL context
* *
* \return 0 if successful, or 1 if memory allocation failed * \return 0 if successful, or POLARSSL_ERR_SSL_MALLOC_FAILED if
* memory allocation failed
*/ */
int ssl_init( ssl_context *ssl ); int ssl_init( ssl_context *ssl );
/** /**
* \brief Reset an already initialized SSL context for re-use
* while retaining application-set variables, function
* pointers and data.
*
* \param ssl SSL context
*/
void ssl_session_reset( ssl_context *ssl );
/**
* \brief Set the current endpoint type * \brief Set the current endpoint type
* *
* \param ssl SSL context * \param ssl SSL context
* \param endpoint must be SSL_IS_CLIENT or SSL_IS_SERVER * \param endpoint must be SSL_IS_CLIENT or SSL_IS_SERVER
*/ */
void ssl_set_endpoint( ssl_context *ssl, int endpoint ); void ssl_set_endpoint( ssl_context *ssl, int endpoint );
/** /**
* \brief Set the certificate verification mode * \brief Set the certificate verification mode
* *
skipping to change at line 432 skipping to change at line 443
void *p_vrfy ); void *p_vrfy );
/** /**
* \brief Set the random number generator callback * \brief Set the random number generator callback
* *
* \param ssl SSL context * \param ssl SSL context
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
*/ */
void ssl_set_rng( ssl_context *ssl, void ssl_set_rng( ssl_context *ssl,
int (*f_rng)(void *), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
/** /**
* \brief Set the debug callback * \brief Set the debug callback
* *
* \param ssl SSL context * \param ssl SSL context
* \param f_dbg debug function * \param f_dbg debug function
* \param p_dbg debug parameter * \param p_dbg debug parameter
*/ */
void ssl_set_dbg( ssl_context *ssl, void ssl_set_dbg( ssl_context *ssl,
skipping to change at line 559 skipping to change at line 570
* *
* *
* \param ssl SSL context * \param ssl SSL context
* \param hostname the server hostname * \param hostname the server hostname
* *
* \return 0 if successful * \return 0 if successful
*/ */
int ssl_set_hostname( ssl_context *ssl, const char *hostname ); int ssl_set_hostname( ssl_context *ssl, const char *hostname );
/** /**
* \brief Set the maximum supported version sent from the client s
ide
*
* \param ssl SSL context
* \param major Major version number (only SSL_MAJOR_VERSION_3 supported
)
* \param minor Minor version number (SSL_MINOR_VERSION_0,
* SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2 supported)
*/
void ssl_set_max_version( ssl_context *ssl, int major, int minor );
/**
* \brief Return the number of data bytes available to read * \brief Return the number of data bytes available to read
* *
* \param ssl SSL context * \param ssl SSL context
* *
* \return how many bytes are available in the read buffer * \return how many bytes are available in the read buffer
*/ */
size_t ssl_get_bytes_avail( const ssl_context *ssl ); size_t ssl_get_bytes_avail( const ssl_context *ssl );
/** /**
* \brief Return the result of the certificate verification * \brief Return the result of the certificate verification
 End of changes. 8 change blocks. 
11 lines changed or deleted 34 lines changed or added


 version.h   version.h 
skipping to change at line 34 skipping to change at line 34
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
/* /*
* This set of compile-time defines and run-time variables can be used to * This set of compile-time defines and run-time variables can be used to
* determine the version number of the PolarSSL library used. * determine the version number of the PolarSSL library used.
*/ */
#ifndef POLARSSL_VERSION_H #ifndef POLARSSL_VERSION_H
#define POLARSSL_VERSION_H #define POLARSSL_VERSION_H
#include "polarssl/config.h" #include "config.h"
/** /**
* The version number x.y.z is split into three parts. * The version number x.y.z is split into three parts.
* Major, Minor, Patchlevel * Major, Minor, Patchlevel
*/ */
#define POLARSSL_VERSION_MAJOR 1 #define POLARSSL_VERSION_MAJOR 1
#define POLARSSL_VERSION_MINOR 0 #define POLARSSL_VERSION_MINOR 1
#define POLARSSL_VERSION_PATCH 0 #define POLARSSL_VERSION_PATCH 0
/** /**
* The single version number has the following structure: * The single version number has the following structure:
* MMNNPP00 * MMNNPP00
* Major version | Minor version | Patch version * Major version | Minor version | Patch version
*/ */
#define POLARSSL_VERSION_NUMBER 0x01000000 #define POLARSSL_VERSION_NUMBER 0x01010000
#define POLARSSL_VERSION_STRING "1.0.0" #define POLARSSL_VERSION_STRING "1.1.0"
#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.0.0" #define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.1.0"
#if defined(POLARSSL_VERSION_C) #if defined(POLARSSL_VERSION_C)
/** /**
* Get the version number. * Get the version number.
* *
* \return The constructed version number in the format * \return The constructed version number in the format
* MMNNPP00 (Major, Minor, Patch). * MMNNPP00 (Major, Minor, Patch).
*/ */
unsigned int version_get_number( void ); unsigned int version_get_number( void );
 End of changes. 3 change blocks. 
5 lines changed or deleted 5 lines changed or added


 x509.h   x509.h 
/** /**
* \file x509.h * \file x509.h
* *
* \brief X.509 certificate and private key decoding * \brief X.509 certificate and private key decoding
* *
* Copyright (C) 2006-2010, Brainspark B.V. * Copyright (C) 2006-2011, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
* *
* All rights reserved. * All rights reserved.
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
skipping to change at line 30 skipping to change at line 30
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_X509_H #ifndef POLARSSL_X509_H
#define POLARSSL_X509_H #define POLARSSL_X509_H
#include "polarssl/rsa.h" #include "asn1.h"
#include "polarssl/dhm.h" #include "rsa.h"
#include "dhm.h"
/** /**
* \addtogroup x509_module * \addtogroup x509_module
* \{ * \{
*/ */
/** /**
* \name ASN1 Error codes
* These error codes are OR'ed to X509 error codes for
* higher error granularity.
* ASN1 is a standard to specify data structures.
* \{
*/
#define POLARSSL_ERR_ASN1_OUT_OF_DATA -0x0014 /**< Ou
t of data when parsing an ASN1 data structure. */
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG -0x0016 /**< AS
N1 tag was of an unexpected value. */
#define POLARSSL_ERR_ASN1_INVALID_LENGTH -0x0018 /**< Er
ror when trying to determine the length or invalid length. */
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH -0x001A /**< Ac
tual length differs from expected length. */
#define POLARSSL_ERR_ASN1_INVALID_DATA -0x001C /**< Da
ta is invalid. (not used) */
/* \} name */
/**
* \name X509 Error codes * \name X509 Error codes
* \{ * \{
*/ */
#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Un available feature, e.g. RSA hashing/encryption combination. */ #define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Un available feature, e.g. RSA hashing/encryption combination. */
#define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x2100 /**< Th e PEM-encoded certificate contains invalid elements, e.g. invalid character . */ #define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x2100 /**< Th e PEM-encoded certificate contains invalid elements, e.g. invalid character . */
#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x2180 /**< Th e certificate format is invalid, e.g. different type expected. */ #define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x2180 /**< Th e certificate format is invalid, e.g. different type expected. */
#define POLARSSL_ERR_X509_CERT_INVALID_VERSION -0x2200 /**< Th e certificate version element is invalid. */ #define POLARSSL_ERR_X509_CERT_INVALID_VERSION -0x2200 /**< Th e certificate version element is invalid. */
#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL -0x2280 /**< Th e serial tag or value is invalid. */ #define POLARSSL_ERR_X509_CERT_INVALID_SERIAL -0x2280 /**< Th e serial tag or value is invalid. */
#define POLARSSL_ERR_X509_CERT_INVALID_ALG -0x2300 /**< Th e algorithm tag or value is invalid. */ #define POLARSSL_ERR_X509_CERT_INVALID_ALG -0x2300 /**< Th e algorithm tag or value is invalid. */
#define POLARSSL_ERR_X509_CERT_INVALID_NAME -0x2380 /**< Th e name tag or value is invalid. */ #define POLARSSL_ERR_X509_CERT_INVALID_NAME -0x2380 /**< Th e name tag or value is invalid. */
skipping to change at line 74 skipping to change at line 61
#define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY -0x2480 /**< Th e pubkey tag or value is invalid (only RSA is supported). */ #define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY -0x2480 /**< Th e pubkey tag or value is invalid (only RSA is supported). */
#define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE -0x2500 /**< Th e signature tag or value invalid. */ #define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE -0x2500 /**< Th e signature tag or value invalid. */
#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x2580 /**< Th e extension tag or value is invalid. */ #define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x2580 /**< Th e extension tag or value is invalid. */
#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x2600 /**< Ce rtificate or CRL has an unsupported version number. */ #define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x2600 /**< Ce rtificate or CRL has an unsupported version number. */
#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x2680 /**< Si gnature algorithm (oid) is unsupported. */ #define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x2680 /**< Si gnature algorithm (oid) is unsupported. */
#define POLARSSL_ERR_X509_UNKNOWN_PK_ALG -0x2700 /**< Ke y algorithm is unsupported (only RSA is supported). */ #define POLARSSL_ERR_X509_UNKNOWN_PK_ALG -0x2700 /**< Ke y algorithm is unsupported (only RSA is supported). */
#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x2780 /**< Ce rtificate signature algorithms do not match. (see \c ::x509_cert sig_oid) * / #define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x2780 /**< Ce rtificate signature algorithms do not match. (see \c ::x509_cert sig_oid) * /
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2800 /**< Ce rtificate verification failed, e.g. CRL, CA or signature check failed. */ #define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2800 /**< Ce rtificate verification failed, e.g. CRL, CA or signature check failed. */
#define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x2880 /**< Un supported RSA key version */ #define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x2880 /**< Un supported RSA key version */
#define POLARSSL_ERR_X509_KEY_INVALID_FORMAT -0x2900 /**< In valid RSA key tag or value. */ #define POLARSSL_ERR_X509_KEY_INVALID_FORMAT -0x2900 /**< In valid RSA key tag or value. */
#define POLARSSL_ERR_X509_POINT_ERROR -0x2980 /**< No #define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2980 /**< Fo
t used. */ rmat not recognized as DER or PEM. */
#define POLARSSL_ERR_X509_VALUE_TO_LENGTH -0x2A00 /**< No #define POLARSSL_ERR_X509_INVALID_INPUT -0x2A00 /**< In
t used. */ put invalid. */
#define POLARSSL_ERR_X509_MALLOC_FAILED -0x2A80 /**< Al
location of memory failed. */
#define POLARSSL_ERR_X509_FILE_IO_ERROR -0x2B00 /**< Re
ad/write of file failed. */
/* \} name */ /* \} name */
/** /**
* \name X509 Verify codes * \name X509 Verify codes
* \{ * \{
*/ */
#define BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */ #define BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */
#define BADCERT_REVOKED 0x02 /**< The certificate has been rev oked (is on a CRL). */ #define BADCERT_REVOKED 0x02 /**< The certificate has been rev oked (is on a CRL). */
#define BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */ #define BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */
#define BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not corre ctly signed by the trusted CA. */ #define BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not corre ctly signed by the trusted CA. */
#define BADCRL_NOT_TRUSTED 0x10 /**< CRL is not correctly signed by the trusted CA. */ #define BADCRL_NOT_TRUSTED 0x10 /**< CRL is not correctly signed by the trusted CA. */
#define BADCRL_EXPIRED 0x20 /**< CRL is expired. */ #define BADCRL_EXPIRED 0x20 /**< CRL is expired. */
#define BADCERT_MISSING 0x40 /**< Certificate was missing. */ #define BADCERT_MISSING 0x40 /**< Certificate was missing. */
#define BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */ #define BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */
/* \} name */ /* \} name */
/**
* \name DER constants
* These constants comply with DER encoded the ANS1 type tags.
* DER encoding uses hexadecimal representation.
* An example DER sequence is:\n
* - 0x02 -- tag indicating INTEGER
* - 0x01 -- length in octets
* - 0x05 -- value
* Such sequences are typically read into \c ::x509_buf.
* \{
*/
#define ASN1_BOOLEAN 0x01
#define ASN1_INTEGER 0x02
#define ASN1_BIT_STRING 0x03
#define ASN1_OCTET_STRING 0x04
#define ASN1_NULL 0x05
#define ASN1_OID 0x06
#define ASN1_UTF8_STRING 0x0C
#define ASN1_SEQUENCE 0x10
#define ASN1_SET 0x11
#define ASN1_PRINTABLE_STRING 0x13
#define ASN1_T61_STRING 0x14
#define ASN1_IA5_STRING 0x16
#define ASN1_UTC_TIME 0x17
#define ASN1_GENERALIZED_TIME 0x18
#define ASN1_UNIVERSAL_STRING 0x1C
#define ASN1_BMP_STRING 0x1E
#define ASN1_PRIMITIVE 0x00
#define ASN1_CONSTRUCTED 0x20
#define ASN1_CONTEXT_SPECIFIC 0x80
/* \} name */
/* \} addtogroup x509_module */ /* \} addtogroup x509_module */
/* /*
* various object identifiers * various object identifiers
*/ */
#define X520_COMMON_NAME 3 #define X520_COMMON_NAME 3
#define X520_COUNTRY 6 #define X520_COUNTRY 6
#define X520_LOCALITY 7 #define X520_LOCALITY 7
#define X520_STATE 8 #define X520_STATE 8
#define X520_ORGANIZATION 10 #define X520_ORGANIZATION 10
#define X520_ORG_UNIT 11 #define X520_ORG_UNIT 11
#define PKCS9_EMAIL 1 #define PKCS9_EMAIL 1
#define X509_OUTPUT_DER 0x01 #define X509_OUTPUT_DER 0x01
#define X509_OUTPUT_PEM 0x02 #define X509_OUTPUT_PEM 0x02
#define PEM_LINE_LENGTH 72 #define PEM_LINE_LENGTH 72
#define X509_ISSUER 0x01 #define X509_ISSUER 0x01
#define X509_SUBJECT 0x02 #define X509_SUBJECT 0x02
/** Returns the size of the binary string, without the trailing \\0 */
#define OID_SIZE(x) (sizeof(x) - 1)
#define OID_X520 "\x55\x04" #define OID_X520 "\x55\x04"
#define OID_CN OID_X520 "\x03" #define OID_CN OID_X520 "\x03"
#define OID_PKCS1 "\x2A\x86\x48\x86\xF7\x0D\x01\x01" #define OID_PKCS1 "\x2A\x86\x48\x86\xF7\x0D\x01\x01"
#define OID_PKCS1_RSA OID_PKCS1 "\x01" #define OID_PKCS1_RSA OID_PKCS1 "\x01"
#define OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D" #define OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D"
#define OID_PKCS9 "\x2A\x86\x48\x86\xF7\x0D\x01\x09" #define OID_PKCS9 "\x2A\x86\x48\x86\xF7\x0D\x01\x09"
#define OID_PKCS9_EMAIL OID_PKCS9 "\x01" #define OID_PKCS9_EMAIL OID_PKCS9 "\x01"
skipping to change at line 270 skipping to change at line 224
#define EXT_BASIC_CONSTRAINTS (1 << 8) #define EXT_BASIC_CONSTRAINTS (1 << 8)
#define EXT_NAME_CONSTRAINTS (1 << 9) #define EXT_NAME_CONSTRAINTS (1 << 9)
#define EXT_POLICY_CONSTRAINTS (1 << 10) #define EXT_POLICY_CONSTRAINTS (1 << 10)
#define EXT_EXTENDED_KEY_USAGE (1 << 11) #define EXT_EXTENDED_KEY_USAGE (1 << 11)
#define EXT_CRL_DISTRIBUTION_POINTS (1 << 12) #define EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
#define EXT_INIHIBIT_ANYPOLICY (1 << 13) #define EXT_INIHIBIT_ANYPOLICY (1 << 13)
#define EXT_FRESHEST_CRL (1 << 14) #define EXT_FRESHEST_CRL (1 << 14)
#define EXT_NS_CERT_TYPE (1 << 16) #define EXT_NS_CERT_TYPE (1 << 16)
/*
* Storage format identifiers
* Recognized formats: PEM and DER
*/
#define X509_FORMAT_DER 1
#define X509_FORMAT_PEM 2
/** /**
* \addtogroup x509_module * \addtogroup x509_module
* \{ */ * \{ */
/** /**
* \name Structures for parsing X.509 certificates and CRLs * \name Structures for parsing X.509 certificates and CRLs
* \{ * \{
*/ */
/** /**
* Type-length-value structure that allows for ASN1 using DER. * Type-length-value structure that allows for ASN1 using DER.
*/ */
typedef struct _x509_buf typedef asn1_buf x509_buf;
{
int tag; /**< ASN1 type, e.g. ASN1_UTF8_STRING. */
size_t len; /**< ASN1 length, e.g. in octets. */
unsigned char *p; /**< ASN1 data, e.g. in ASCII. */
}
x509_buf;
/** /**
* Container for ASN1 bit strings. * Container for ASN1 bit strings.
*/ */
typedef struct _x509_bitstring typedef asn1_bitstring x509_bitstring;
{
size_t len; /**< ASN1 length, e.g. in octets. */
unsigned char unused_bits; /**< Number of unused bits at the end of th
e string */
unsigned char *p; /**< Raw ASN1 data for the bit string */
}
x509_bitstring;
/** /**
* Container for ASN1 named information objects. * Container for ASN1 named information objects.
* It allows for Relative Distinguished Names (e.g. cn=polarssl,ou=code,etc .). * It allows for Relative Distinguished Names (e.g. cn=polarssl,ou=code,etc .).
*/ */
typedef struct _x509_name typedef struct _x509_name
{ {
x509_buf oid; /**< The object identifier. */ x509_buf oid; /**< The object identifier. */
x509_buf val; /**< The named value. */ x509_buf val; /**< The named value. */
struct _x509_name *next; /**< The next named information object. */ struct _x509_name *next; /**< The next named information object. */
} }
x509_name; x509_name;
/** /**
* Container for a sequence of ASN.1 items * Container for a sequence of ASN.1 items
*/ */
typedef struct _x509_sequence typedef asn1_sequence x509_sequence;
{
x509_buf buf; /**< Buffer containing the given ASN.1
item. */
struct _x509_sequence *next; /**< The next entry in the sequence. */
}
x509_sequence;
/** Container for date and time (precision in seconds). */ /** Container for date and time (precision in seconds). */
typedef struct _x509_time typedef struct _x509_time
{ {
int year, mon, day; /**< Date. */ int year, mon, day; /**< Date. */
int hour, min, sec; /**< Time. */ int hour, min, sec; /**< Time. */
} }
x509_time; x509_time;
/** /**
skipping to change at line 476 skipping to change at line 420
#endif #endif
/** /**
* \name Functions to read in DHM parameters, a certificate, CRL or private RSA key * \name Functions to read in DHM parameters, a certificate, CRL or private RSA key
* \{ * \{
*/ */
/** \ingroup x509_module */ /** \ingroup x509_module */
/** /**
* \brief Parse one or more certificates and add them * \brief Parse one or more certificates and add them
* to the chained list * to the chained list. Parses permissively. If some
* certificates can be parsed, the result is the number
* of failed certificates it encountered. If none complete
* correctly, the first error is returned.
* *
* \param chain points to the start of the chain * \param chain points to the start of the chain
* \param buf buffer holding the certificate data * \param buf buffer holding the certificate data
* \param buflen size of the buffer * \param buflen size of the buffer
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if all certificates parsed successfully, a positive nu
mber
* if partly successful or a specific X509 or PEM error cod
e
*/ */
int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t bufle n ); int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t bufle n );
/** \ingroup x509_module */ /** \ingroup x509_module */
/** /**
* \brief Load one or more certificates and add them * \brief Load one or more certificates and add them
* to the chained list * to the chained list. Parses permissively. If some
* certificates can be parsed, the result is the number
* of failed certificates it encountered. If none complete
* correctly, the first error is returned.
* *
* \param chain points to the start of the chain * \param chain points to the start of the chain
* \param path filename to read the certificates from * \param path filename to read the certificates from
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if all certificates parsed successfully, a positive nu
mber
* if partly successful or a specific X509 or PEM error cod
e
*/ */
int x509parse_crtfile( x509_cert *chain, const char *path ); int x509parse_crtfile( x509_cert *chain, const char *path );
/** \ingroup x509_module */ /** \ingroup x509_module */
/** /**
* \brief Parse one or more CRLs and add them * \brief Parse one or more CRLs and add them
* to the chained list * to the chained list
* *
* \param chain points to the start of the chain * \param chain points to the start of the chain
* \param buf buffer holding the CRL data * \param buf buffer holding the CRL data
 End of changes. 14 change blocks. 
87 lines changed or deleted 38 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/