3
#if defined(__cplusplus)
8
#pragma src "/sys/src/libsec"
14
typedef struct mpint mpint;
17
/*******************************************************/
19
/*******************************************************/
28
typedef struct AESstate AESstate;
34
uchar key[AESmaxkey]; /* unexpanded key */
35
u32int ekey[4*(AESmaxrounds + 1)]; /* encryption key */
36
u32int dkey[4*(AESmaxrounds + 1)]; /* decryption key */
37
uchar ivec[AESbsize]; /* initialization vector */
40
void setupAESstate(AESstate *s, uchar key[], int keybytes, uchar *ivec);
41
void aesCBCencrypt(uchar *p, int len, AESstate *s);
42
void aesCBCdecrypt(uchar *p, int len, AESstate *s);
44
/*******************************************************/
45
/* Blowfish Definitions */
46
/*******************************************************/
54
/* 16-round Blowfish */
55
typedef struct BFstate BFstate;
63
u32int pbox[BFrounds+2];
67
void setupBFstate(BFstate *s, uchar key[], int keybytes, uchar *ivec);
68
void bfCBCencrypt(uchar*, int, BFstate*);
69
void bfCBCdecrypt(uchar*, int, BFstate*);
70
void bfECBencrypt(uchar*, int, BFstate*);
71
void bfECBdecrypt(uchar*, int, BFstate*);
73
/*******************************************************/
75
/*******************************************************/
83
typedef struct DESstate DESstate;
87
uchar key[8]; /* unexpanded key */
88
ulong expanded[32]; /* expanded key */
89
uchar ivec[8]; /* initialization vector */
92
void setupDESstate(DESstate *s, uchar key[8], uchar *ivec);
93
void des_key_setup(uchar[8], ulong[32]);
94
void block_cipher(ulong*, uchar*, int);
95
void desCBCencrypt(uchar*, int, DESstate*);
96
void desCBCdecrypt(uchar*, int, DESstate*);
97
void desECBencrypt(uchar*, int, DESstate*);
98
void desECBdecrypt(uchar*, int, DESstate*);
100
/* for backward compatibility with 7 byte DES key format */
101
void des56to64(uchar *k56, uchar *k64);
102
void des64to56(uchar *k64, uchar *k56);
103
void key_setup(uchar[7], ulong[32]);
105
/* triple des encrypt/decrypt orderings */
115
typedef struct DES3state DES3state;
119
uchar key[3][8]; /* unexpanded key */
120
ulong expanded[3][32]; /* expanded key */
121
uchar ivec[8]; /* initialization vector */
124
void setupDES3state(DES3state *s, uchar key[3][8], uchar *ivec);
125
void triple_block_cipher(ulong keys[3][32], uchar*, int);
126
void des3CBCencrypt(uchar*, int, DES3state*);
127
void des3CBCdecrypt(uchar*, int, DES3state*);
128
void des3ECBencrypt(uchar*, int, DES3state*);
129
void des3ECBdecrypt(uchar*, int, DES3state*);
131
/*******************************************************/
133
/*******************************************************/
137
SHA1dlen= 20, /* SHA digest length */
138
MD4dlen= 16, /* MD4 digest length */
139
MD5dlen= 16 /* MD5 digest length */
142
typedef struct DigestState DigestState;
152
typedef struct DigestState SHAstate; /* obsolete name */
153
typedef struct DigestState SHA1state;
154
typedef struct DigestState MD5state;
155
typedef struct DigestState MD4state;
157
DigestState* md4(uchar*, ulong, uchar*, DigestState*);
158
DigestState* md5(uchar*, ulong, uchar*, DigestState*);
159
DigestState* sha1(uchar*, ulong, uchar*, DigestState*);
160
DigestState* hmac_md5(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
161
DigestState* hmac_sha1(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
162
char* sha1pickle(SHA1state*);
163
SHA1state* sha1unpickle(char*);
165
/*******************************************************/
166
/* random number generation */
167
/*******************************************************/
168
void genrandom(uchar *buf, int nbytes);
169
void prng(uchar *buf, int nbytes);
170
ulong fastrand(void);
171
ulong nfastrand(ulong);
173
/*******************************************************/
175
/*******************************************************/
176
void genprime(mpint *p, int n, int accuracy); /* generate an n bit probable prime */
177
void gensafeprime(mpint *p, mpint *alpha, int n, int accuracy); /* prime and generator */
178
void genstrongprime(mpint *p, int n, int accuracy); /* generate an n bit strong prime */
179
void DSAprimes(mpint *q, mpint *p, uchar seed[SHA1dlen]);
180
int probably_prime(mpint *n, int nrep); /* miller-rabin test */
181
int smallprimetest(mpint *p); /* returns -1 if not prime, 0 otherwise */
183
/*******************************************************/
185
/*******************************************************/
186
typedef struct RC4state RC4state;
194
void setupRC4state(RC4state*, uchar*, int);
195
void rc4(RC4state*, uchar*, int);
196
void rc4skip(RC4state*, int);
197
void rc4back(RC4state*, int);
199
/*******************************************************/
201
/*******************************************************/
202
typedef struct RSApub RSApub;
203
typedef struct RSApriv RSApriv;
204
typedef struct PEMChain PEMChain;
206
/* public/encryption key */
209
mpint *n; /* modulus */
210
mpint *ek; /* exp (encryption key) */
213
/* private/decryption key */
218
mpint *dk; /* exp (decryption key) */
220
/* precomputed values to help with chinese remainder theorem calc */
223
mpint *kp; /* dk mod p-1 */
224
mpint *kq; /* dk mod q-1 */
225
mpint *c2; /* (inv p) mod q */
235
RSApriv* rsagen(int nlen, int elen, int rounds);
236
mpint* rsaencrypt(RSApub *k, mpint *in, mpint *out);
237
mpint* rsadecrypt(RSApriv *k, mpint *in, mpint *out);
238
RSApub* rsapuballoc(void);
239
void rsapubfree(RSApub*);
240
RSApriv* rsaprivalloc(void);
241
void rsaprivfree(RSApriv*);
242
RSApub* rsaprivtopub(RSApriv*);
243
RSApub* X509toRSApub(uchar*, int, char*, int);
244
RSApriv* asn1toRSApriv(uchar*, int);
245
uchar* decodepem(char *s, char *type, int *len, char**);
246
PEMChain* decodepemchain(char *s, char *type);
247
uchar* X509gen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
248
RSApriv* rsafill(mpint *n, mpint *ek, mpint *dk, mpint *p, mpint *q);
249
uchar* X509req(RSApriv *priv, char *subj, int *certlen);
251
/*******************************************************/
253
/*******************************************************/
254
typedef struct EGpub EGpub;
255
typedef struct EGpriv EGpriv;
256
typedef struct EGsig EGsig;
258
/* public/encryption key */
261
mpint *p; /* modulus */
262
mpint *alpha; /* generator */
263
mpint *key; /* (encryption key) alpha**secret mod p */
266
/* private/decryption key */
270
mpint *secret; /* (decryption key) */
279
EGpriv* eggen(int nlen, int rounds);
280
mpint* egencrypt(EGpub *k, mpint *in, mpint *out);
281
mpint* egdecrypt(EGpriv *k, mpint *in, mpint *out);
282
EGsig* egsign(EGpriv *k, mpint *m);
283
int egverify(EGpub *k, EGsig *sig, mpint *m);
284
EGpub* egpuballoc(void);
285
void egpubfree(EGpub*);
286
EGpriv* egprivalloc(void);
287
void egprivfree(EGpriv*);
288
EGsig* egsigalloc(void);
289
void egsigfree(EGsig*);
290
EGpub* egprivtopub(EGpriv*);
292
/*******************************************************/
294
/*******************************************************/
295
typedef struct DSApub DSApub;
296
typedef struct DSApriv DSApriv;
297
typedef struct DSAsig DSAsig;
299
/* public/encryption key */
302
mpint *p; /* modulus */
303
mpint *q; /* group order, q divides p-1 */
304
mpint *alpha; /* group generator */
305
mpint *key; /* (encryption key) alpha**secret mod p */
308
/* private/decryption key */
312
mpint *secret; /* (decryption key) */
321
DSApriv* dsagen(DSApub *opub);
322
DSAsig* dsasign(DSApriv *k, mpint *m);
323
int dsaverify(DSApub *k, DSAsig *sig, mpint *m);
324
DSApub* dsapuballoc(void);
325
void dsapubfree(DSApub*);
326
DSApriv* dsaprivalloc(void);
327
void dsaprivfree(DSApriv*);
328
DSAsig* dsasigalloc(void);
329
void dsasigfree(DSAsig*);
330
DSApub* dsaprivtopub(DSApriv*);
331
DSApriv* asn1toDSApriv(uchar*, int);
333
/*******************************************************/
335
/*******************************************************/
336
typedef struct Thumbprint{
337
struct Thumbprint *next;
338
uchar sha1[SHA1dlen];
341
typedef struct TLSconn{
342
char dir[40]; /* connection directory */
343
uchar *cert; /* certificate (local on input, remote on output) */
345
int certlen, sessionIDlen;
346
int (*trace)(char*fmt, ...);
351
extern int tlsClient(int fd, TLSconn *c);
352
extern int tlsServer(int fd, TLSconn *c);
355
extern Thumbprint* initThumbprints(char *ok, char *crl);
356
extern void freeThumbprints(Thumbprint *ok);
357
extern int okThumbprint(uchar *sha1, Thumbprint *ok);
360
extern uchar *readcert(char *filename, int *pcertlen);
361
PEMChain *readcertchain(char *filename);
363
#if defined(__cplusplus)