search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add.
[gnutls.git] / lgl / gc-gnulib.c
blobce4ff029c252dd0be810e1bb1d681845d1c15077
1 /* gc-gnulib.c --- Common gnulib internal crypto interface functions
2 * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007 Simon Josefsson
3 *
4 * This file is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU Lesser General Public License as published
6 * by the Free Software Foundation; either version 2.1, or (at your
7 * option) any later version.
8 *
9 * This file is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public License
15 * along with this file; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17 * 02110-1301, USA.
18 *
19 */
20
21 /* Note: This file is only built if GC uses internal functions. */
22
23 #include <config.h>
24
25 /* Get prototype. */
26 #include "gc.h"
27
28 #include <stdlib.h>
29 #include <string.h>
30
31 /* For randomize. */
32 #ifdef GNULIB_GC_RANDOM
33 # include <unistd.h>
34 # include <sys/types.h>
35 # include <sys/stat.h>
36 # include <fcntl.h>
37 # include <errno.h>
38 #endif
39
40 /* Hashes. */
41 #ifdef GNULIB_GC_MD2
42 # include "md2.h"
43 #endif
44 #ifdef GNULIB_GC_MD4
45 # include "md4.h"
46 #endif
47 #ifdef GNULIB_GC_MD5
48 # include "md5.h"
49 #endif
50 #ifdef GNULIB_GC_SHA1
51 # include "sha1.h"
52 #endif
53 #if defined(GNULIB_GC_HMAC_MD5) || defined(GNULIB_GC_HMAC_SHA1)
54 # include "hmac.h"
55 #endif
56
57 /* Ciphers. */
58 #ifdef GNULIB_GC_ARCFOUR
59 # include "arcfour.h"
60 #endif
61 #ifdef GNULIB_GC_ARCTWO
62 # include "arctwo.h"
63 #endif
64 #ifdef GNULIB_GC_DES
65 # include "des.h"
66 #endif
67 #ifdef GNULIB_GC_RIJNDAEL
68 # include "rijndael-api-fst.h"
69 #endif
70
71 /* The results of open() in this file are not used with fchdir,
72 therefore save some unnecessary work in fchdir.c. */
73 #undef open
74 #undef close
75
76 Gc_rc
77 gc_init (void)
78 {
79 return GC_OK;
80 }
81
82 void
83 gc_done (void)
84 {
85 return;
86 }
87
88 #ifdef GNULIB_GC_RANDOM
89
90 /* Randomness. */
91
92 static Gc_rc
93 randomize (int level, char *data, size_t datalen)
94 {
95 int fd;
96 const char *device;
97 size_t len = 0;
98 int rc;
99
100 switch (level)
101 {
102 case 0:
103 device = NAME_OF_NONCE_DEVICE;
104 break;
105
106 case 1:
107 device = NAME_OF_PSEUDO_RANDOM_DEVICE;
108 break;
109
110 default:
111 device = NAME_OF_RANDOM_DEVICE;
112 break;
113 }
114
115 if (strcmp (device, "no") == 0)
116 return GC_RANDOM_ERROR;
117
118 fd = open (device, O_RDONLY);
119 if (fd < 0)
120 return GC_RANDOM_ERROR;
121
122 do
123 {
124 ssize_t tmp;
125
126 tmp = read (fd, data, datalen);
127
128 if (tmp < 0)
129 {
130 int save_errno = errno;
131 close (fd);
132 errno = save_errno;
133 return GC_RANDOM_ERROR;
134 }
135
136 len += tmp;
137 }
138 while (len < datalen);
139
140 rc = close (fd);
141 if (rc < 0)
142 return GC_RANDOM_ERROR;
143
144 return GC_OK;
145 }
146
147 Gc_rc
148 gc_nonce (char *data, size_t datalen)
149 {
150 return randomize (0, data, datalen);
151 }
152
153 Gc_rc
154 gc_pseudo_random (char *data, size_t datalen)
155 {
156 return randomize (1, data, datalen);
157 }
158
159 Gc_rc
160 gc_random (char *data, size_t datalen)
161 {
162 return randomize (2, data, datalen);
163 }
164
165 #endif
166
167 /* Memory allocation. */
168
169 void
170 gc_set_allocators (gc_malloc_t func_malloc,
171 gc_malloc_t secure_malloc,
172 gc_secure_check_t secure_check,
173 gc_realloc_t func_realloc, gc_free_t func_free)
174 {
175 return;
176 }
177 /* Ciphers. */
178
179 typedef struct _gc_cipher_ctx {
180 Gc_cipher alg;
181 Gc_cipher_mode mode;
182 #ifdef GNULIB_GC_ARCTWO
183 arctwo_context arctwoContext;
184 char arctwoIV[ARCTWO_BLOCK_SIZE];
185 #endif
186 #ifdef GNULIB_GC_ARCFOUR
187 arcfour_context arcfourContext;
188 #endif
189 #ifdef GNULIB_GC_DES
190 gl_des_ctx desContext;
191 #endif
192 #ifdef GNULIB_GC_RIJNDAEL
193 rijndaelKeyInstance aesEncKey;
194 rijndaelKeyInstance aesDecKey;
195 rijndaelCipherInstance aesContext;
196 #endif
197 } _gc_cipher_ctx;
198
199 Gc_rc
200 gc_cipher_open (Gc_cipher alg, Gc_cipher_mode mode,
201 gc_cipher_handle * outhandle)
202 {
203 _gc_cipher_ctx *ctx;
204 Gc_rc rc = GC_OK;
205
206 ctx = calloc (sizeof (*ctx), 1);
207 if (!ctx)
208 return GC_MALLOC_ERROR;
209
210 ctx->alg = alg;
211 ctx->mode = mode;
212
213 switch (alg)
214 {
215 #ifdef GNULIB_GC_ARCTWO
216 case GC_ARCTWO40:
217 switch (mode)
218 {
219 case GC_ECB:
220 case GC_CBC:
221 break;
222
223 default:
224 rc = GC_INVALID_CIPHER;
225 }
226 break;
227 #endif
228
229 #ifdef GNULIB_GC_ARCFOUR
230 case GC_ARCFOUR128:
231 case GC_ARCFOUR40:
232 switch (mode)
233 {
234 case GC_STREAM:
235 break;
236
237 default:
238 rc = GC_INVALID_CIPHER;
239 }
240 break;
241 #endif
242
243 #ifdef GNULIB_GC_DES
244 case GC_DES:
245 switch (mode)
246 {
247 case GC_ECB:
248 break;
249
250 default:
251 rc = GC_INVALID_CIPHER;
252 }
253 break;
254 #endif
255
256 #ifdef GNULIB_GC_RIJNDAEL
257 case GC_AES128:
258 case GC_AES192:
259 case GC_AES256:
260 switch (mode)
261 {
262 case GC_ECB:
263 case GC_CBC:
264 break;
265
266 default:
267 rc = GC_INVALID_CIPHER;
268 }
269 break;
270 #endif
271
272 default:
273 rc = GC_INVALID_CIPHER;
274 }
275
276 if (rc == GC_OK)
277 *outhandle = ctx;
278 else
279 free (ctx);
280
281 return rc;
282 }
283
284 Gc_rc
285 gc_cipher_setkey (gc_cipher_handle handle, size_t keylen, const char *key)
286 {
287 _gc_cipher_ctx *ctx = handle;
288
289 switch (ctx->alg)
290 {
291 #ifdef GNULIB_GC_ARCTWO
292 case GC_ARCTWO40:
293 arctwo_setkey (&ctx->arctwoContext, keylen, key);
294 break;
295 #endif
296
297 #ifdef GNULIB_GC_ARCFOUR
298 case GC_ARCFOUR128:
299 case GC_ARCFOUR40:
300 arcfour_setkey (&ctx->arcfourContext, key, keylen);
301 break;
302 #endif
303
304 #ifdef GNULIB_GC_DES
305 case GC_DES:
306 if (keylen != 8)
307 return GC_INVALID_CIPHER;
308 gl_des_setkey (&ctx->desContext, key);
309 break;
310 #endif
311
312 #ifdef GNULIB_GC_RIJNDAEL
313 case GC_AES128:
314 case GC_AES192:
315 case GC_AES256:
316 {
317 rijndael_rc rc;
318 size_t i;
319 char keyMaterial[RIJNDAEL_MAX_KEY_SIZE + 1];
320
321 for (i = 0; i < keylen; i++)
322 sprintf (&keyMaterial[2*i], "%02x", key[i] & 0xFF);
323
324 rc = rijndaelMakeKey (&ctx->aesEncKey, RIJNDAEL_DIR_ENCRYPT,
325 keylen * 8, keyMaterial);
326 if (rc < 0)
327 return GC_INVALID_CIPHER;
328
329 rc = rijndaelMakeKey (&ctx->aesDecKey, RIJNDAEL_DIR_DECRYPT,
330 keylen * 8, keyMaterial);
331 if (rc < 0)
332 return GC_INVALID_CIPHER;
333
334 rc = rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_ECB, NULL);
335 if (rc < 0)
336 return GC_INVALID_CIPHER;
337 }
338 break;
339 #endif
340
341 default:
342 return GC_INVALID_CIPHER;
343 }
344
345 return GC_OK;
346 }
347
348 Gc_rc
349 gc_cipher_setiv (gc_cipher_handle handle, size_t ivlen, const char *iv)
350 {
351 _gc_cipher_ctx *ctx = handle;
352
353 switch (ctx->alg)
354 {
355 #ifdef GNULIB_GC_ARCTWO
356 case GC_ARCTWO40:
357 if (ivlen != ARCTWO_BLOCK_SIZE)
358 return GC_INVALID_CIPHER;
359 memcpy (ctx->arctwoIV, iv, ivlen);
360 break;
361 #endif
362
363 #ifdef GNULIB_GC_RIJNDAEL
364 case GC_AES128:
365 case GC_AES192:
366 case GC_AES256:
367 switch (ctx->mode)
368 {
369 case GC_ECB:
370 /* Doesn't use IV. */
371 break;
372
373 case GC_CBC:
374 {
375 rijndael_rc rc;
376 size_t i;
377 char ivMaterial[2 * RIJNDAEL_MAX_IV_SIZE + 1];
378
379 for (i = 0; i < ivlen; i++)
380 sprintf (&ivMaterial[2*i], "%02x", iv[i] & 0xFF);
381
382 rc = rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_CBC,
383 ivMaterial);
384 if (rc < 0)
385 return GC_INVALID_CIPHER;
386 }
387 break;
388
389 default:
390 return GC_INVALID_CIPHER;
391 }
392 break;
393 #endif
394
395 default:
396 return GC_INVALID_CIPHER;
397 }
398
399 return GC_OK;
400 }
401
402 Gc_rc
403 gc_cipher_encrypt_inline (gc_cipher_handle handle, size_t len, char *data)
404 {
405 _gc_cipher_ctx *ctx = handle;
406
407 switch (ctx->alg)
408 {
409 #ifdef GNULIB_GC_ARCTWO
410 case GC_ARCTWO40:
411 switch (ctx->mode)
412 {
413 case GC_ECB:
414 arctwo_encrypt (&ctx->arctwoContext, data, data, len);
415 break;
416
417 case GC_CBC:
418 for (; len >= ARCTWO_BLOCK_SIZE; len -= ARCTWO_BLOCK_SIZE,
419 data += ARCTWO_BLOCK_SIZE)
420 {
421 size_t i;
422 for (i = 0; i < ARCTWO_BLOCK_SIZE; i++)
423 data[i] ^= ctx->arctwoIV[i];
424 arctwo_encrypt (&ctx->arctwoContext, data, data,
425 ARCTWO_BLOCK_SIZE);
426 memcpy (ctx->arctwoIV, data, ARCTWO_BLOCK_SIZE);
427 }
428 break;
429
430 default:
431 return GC_INVALID_CIPHER;
432 }
433 break;
434 #endif
435
436 #ifdef GNULIB_GC_ARCFOUR
437 case GC_ARCFOUR128:
438 case GC_ARCFOUR40:
439 arcfour_stream (&ctx->arcfourContext, data, data, len);
440 break;
441 #endif
442
443 #ifdef GNULIB_GC_DES
444 case GC_DES:
445 for (; len >= 8; len -= 8, data += 8)
446 gl_des_ecb_encrypt (&ctx->desContext, data, data);
447 break;
448 #endif
449
450 #ifdef GNULIB_GC_RIJNDAEL
451 case GC_AES128:
452 case GC_AES192:
453 case GC_AES256:
454 {
455 int nblocks;
456
457 nblocks = rijndaelBlockEncrypt (&ctx->aesContext, &ctx->aesEncKey,
458 data, 8 * len, data);
459 if (nblocks < 0)
460 return GC_INVALID_CIPHER;
461 }
462 break;
463 #endif
464
465 default:
466 return GC_INVALID_CIPHER;
467 }
468
469 return GC_OK;
470 }
471
472 Gc_rc
473 gc_cipher_decrypt_inline (gc_cipher_handle handle, size_t len, char *data)
474 {
475 _gc_cipher_ctx *ctx = handle;
476
477 switch (ctx->alg)
478 {
479 #ifdef GNULIB_GC_ARCTWO
480 case GC_ARCTWO40:
481 switch (ctx->mode)
482 {
483 case GC_ECB:
484 arctwo_decrypt (&ctx->arctwoContext, data, data, len);
485 break;
486
487 case GC_CBC:
488 for (; len >= ARCTWO_BLOCK_SIZE; len -= ARCTWO_BLOCK_SIZE,
489 data += ARCTWO_BLOCK_SIZE)
490 {
491 char tmpIV[ARCTWO_BLOCK_SIZE];
492 size_t i;
493 memcpy (tmpIV, data, ARCTWO_BLOCK_SIZE);
494 arctwo_decrypt (&ctx->arctwoContext, data, data,
495 ARCTWO_BLOCK_SIZE);
496 for (i = 0; i < ARCTWO_BLOCK_SIZE; i++)
497 data[i] ^= ctx->arctwoIV[i];
498 memcpy (ctx->arctwoIV, tmpIV, ARCTWO_BLOCK_SIZE);
499 }
500 break;
501
502 default:
503 return GC_INVALID_CIPHER;
504 }
505 break;
506 #endif
507
508 #ifdef GNULIB_GC_ARCFOUR
509 case GC_ARCFOUR128:
510 case GC_ARCFOUR40:
511 arcfour_stream (&ctx->arcfourContext, data, data, len);
512 break;
513 #endif
514
515 #ifdef GNULIB_GC_DES
516 case GC_DES:
517 for (; len >= 8; len -= 8, data += 8)
518 gl_des_ecb_decrypt (&ctx->desContext, data, data);
519 break;
520 #endif
521
522 #ifdef GNULIB_GC_RIJNDAEL
523 case GC_AES128:
524 case GC_AES192:
525 case GC_AES256:
526 {
527 int nblocks;
528
529 nblocks = rijndaelBlockDecrypt (&ctx->aesContext, &ctx->aesDecKey,
530 data, 8 * len, data);
531 if (nblocks < 0)
532 return GC_INVALID_CIPHER;
533 }
534 break;
535 #endif
536
537 default:
538 return GC_INVALID_CIPHER;
539 }
540
541 return GC_OK;
542 }
543
544 Gc_rc
545 gc_cipher_close (gc_cipher_handle handle)
546 {
547 _gc_cipher_ctx *ctx = handle;
548
549 free (ctx);
550
551 return GC_OK;
552 }
553
554 /* Hashes. */
555
556 #define MAX_DIGEST_SIZE 20
557
558 typedef struct _gc_hash_ctx {
559 Gc_hash alg;
560 Gc_hash_mode mode;
561 char hash[MAX_DIGEST_SIZE];
562 #ifdef GNULIB_GC_MD2
563 struct md2_ctx md2Context;
564 #endif
565 #ifdef GNULIB_GC_MD4
566 struct md4_ctx md4Context;
567 #endif
568 #ifdef GNULIB_GC_MD5
569 struct md5_ctx md5Context;
570 #endif
571 #ifdef GNULIB_GC_SHA1
572 struct sha1_ctx sha1Context;
573 #endif
574 } _gc_hash_ctx;
575
576 Gc_rc
577 gc_hash_open (Gc_hash hash, Gc_hash_mode mode, gc_hash_handle * outhandle)
578 {
579 _gc_hash_ctx *ctx;
580 Gc_rc rc = GC_OK;
581
582 ctx = calloc (sizeof (*ctx), 1);
583 if (!ctx)
584 return GC_MALLOC_ERROR;
585
586 ctx->alg = hash;
587 ctx->mode = mode;
588
589 switch (hash)
590 {
591 #ifdef GNULIB_GC_MD2
592 case GC_MD2:
593 md2_init_ctx (&ctx->md2Context);
594 break;
595 #endif
596
597 #ifdef GNULIB_GC_MD4
598 case GC_MD4:
599 md4_init_ctx (&ctx->md4Context);
600 break;
601 #endif
602
603 #ifdef GNULIB_GC_MD5
604 case GC_MD5:
605 md5_init_ctx (&ctx->md5Context);
606 break;
607 #endif
608
609 #ifdef GNULIB_GC_SHA1
610 case GC_SHA1:
611 sha1_init_ctx (&ctx->sha1Context);
612 break;
613 #endif
614
615 default:
616 rc = GC_INVALID_HASH;
617 break;
618 }
619
620 switch (mode)
621 {
622 case 0:
623 break;
624
625 default:
626 rc = GC_INVALID_HASH;
627 break;
628 }
629
630 if (rc == GC_OK)
631 *outhandle = ctx;
632 else
633 free (ctx);
634
635 return rc;
636 }
637
638 Gc_rc
639 gc_hash_clone (gc_hash_handle handle, gc_hash_handle * outhandle)
640 {
641 _gc_hash_ctx *in = handle;
642 _gc_hash_ctx *out;
643
644 *outhandle = out = calloc (sizeof (*out), 1);
645 if (!out)
646 return GC_MALLOC_ERROR;
647
648 memcpy (out, in, sizeof (*out));
649
650 return GC_OK;
651 }
652
653 size_t
654 gc_hash_digest_length (Gc_hash hash)
655 {
656 size_t len;
657
658 switch (hash)
659 {
660 case GC_MD2:
661 len = GC_MD2_DIGEST_SIZE;
662 break;
663
664 case GC_MD4:
665 len = GC_MD4_DIGEST_SIZE;
666 break;
667
668 case GC_MD5:
669 len = GC_MD5_DIGEST_SIZE;
670 break;
671
672 case GC_RMD160:
673 len = GC_RMD160_DIGEST_SIZE;
674 break;
675
676 case GC_SHA1:
677 len = GC_SHA1_DIGEST_SIZE;
678 break;
679
680 default:
681 return 0;
682 }
683
684 return len;
685 }
686
687 void
688 gc_hash_write (gc_hash_handle handle, size_t len, const char *data)
689 {
690 _gc_hash_ctx *ctx = handle;
691
692 switch (ctx->alg)
693 {
694 #ifdef GNULIB_GC_MD2
695 case GC_MD2:
696 md2_process_bytes (data, len, &ctx->md2Context);
697 break;
698 #endif
699
700 #ifdef GNULIB_GC_MD4
701 case GC_MD4:
702 md4_process_bytes (data, len, &ctx->md4Context);
703 break;
704 #endif
705
706 #ifdef GNULIB_GC_MD5
707 case GC_MD5:
708 md5_process_bytes (data, len, &ctx->md5Context);
709 break;
710 #endif
711
712 #ifdef GNULIB_GC_SHA1
713 case GC_SHA1:
714 sha1_process_bytes (data, len, &ctx->sha1Context);
715 break;
716 #endif
717
718 default:
719 break;
720 }
721 }
722
723 const char *
724 gc_hash_read (gc_hash_handle handle)
725 {
726 _gc_hash_ctx *ctx = handle;
727 const char *ret = NULL;
728
729 switch (ctx->alg)
730 {
731 #ifdef GNULIB_GC_MD2
732 case GC_MD2:
733 md2_finish_ctx (&ctx->md2Context, ctx->hash);
734 ret = ctx->hash;
735 break;
736 #endif
737
738 #ifdef GNULIB_GC_MD4
739 case GC_MD4:
740 md4_finish_ctx (&ctx->md4Context, ctx->hash);
741 ret = ctx->hash;
742 break;
743 #endif
744
745 #ifdef GNULIB_GC_MD5
746 case GC_MD5:
747 md5_finish_ctx (&ctx->md5Context, ctx->hash);
748 ret = ctx->hash;
749 break;
750 #endif
751
752 #ifdef GNULIB_GC_SHA1
753 case GC_SHA1:
754 sha1_finish_ctx (&ctx->sha1Context, ctx->hash);
755 ret = ctx->hash;
756 break;
757 #endif
758
759 default:
760 return NULL;
761 }
762
763 return ret;
764 }
765
766 void
767 gc_hash_close (gc_hash_handle handle)
768 {
769 _gc_hash_ctx *ctx = handle;
770
771 free (ctx);
772 }
773
774 Gc_rc
775 gc_hash_buffer (Gc_hash hash, const void *in, size_t inlen, char *resbuf)
776 {
777 switch (hash)
778 {
779 #ifdef GNULIB_GC_MD2
780 case GC_MD2:
781 md2_buffer (in, inlen, resbuf);
782 break;
783 #endif
784
785 #ifdef GNULIB_GC_MD4
786 case GC_MD4:
787 md4_buffer (in, inlen, resbuf);
788 break;
789 #endif
790
791 #ifdef GNULIB_GC_MD5
792 case GC_MD5:
793 md5_buffer (in, inlen, resbuf);
794 break;
795 #endif
796
797 #ifdef GNULIB_GC_SHA1
798 case GC_SHA1:
799 sha1_buffer (in, inlen, resbuf);
800 break;
801 #endif
802
803 default:
804 return GC_INVALID_HASH;
805 }
806
807 return GC_OK;
808 }
809
810 #ifdef GNULIB_GC_MD2
811 Gc_rc
812 gc_md2 (const void *in, size_t inlen, void *resbuf)
813 {
814 md2_buffer (in, inlen, resbuf);
815 return GC_OK;
816 }
817 #endif
818
819 #ifdef GNULIB_GC_MD4
820 Gc_rc
821 gc_md4 (const void *in, size_t inlen, void *resbuf)
822 {
823 md4_buffer (in, inlen, resbuf);
824 return GC_OK;
825 }
826 #endif
827
828 #ifdef GNULIB_GC_MD5
829 Gc_rc
830 gc_md5 (const void *in, size_t inlen, void *resbuf)
831 {
832 md5_buffer (in, inlen, resbuf);
833 return GC_OK;
834 }
835 #endif
836
837 #ifdef GNULIB_GC_SHA1
838 Gc_rc
839 gc_sha1 (const void *in, size_t inlen, void *resbuf)
840 {
841 sha1_buffer (in, inlen, resbuf);
842 return GC_OK;
843 }
844 #endif
845
846 #ifdef GNULIB_GC_HMAC_MD5
847 Gc_rc
848 gc_hmac_md5 (const void *key, size_t keylen,
849 const void *in, size_t inlen, char *resbuf)
850 {
851 hmac_md5 (key, keylen, in, inlen, resbuf);
852 return GC_OK;
853 }
854 #endif
855
856 #ifdef GNULIB_GC_HMAC_SHA1
857 Gc_rc
858 gc_hmac_sha1 (const void *key, size_t keylen,
859 const void *in, size_t inlen, char *resbuf)
860 {
861 hmac_sha1 (key, keylen, in, inlen, resbuf);
862 return GC_OK;
863 }
864 #endif
Implementation of the SSL/TLS protocol