2 #pragma src "/sys/src/libsec"
6 typedef struct mpint mpint;
20 typedef struct AESstate AESstate;
27 uchar key[AESmaxkey]; /* unexpanded key */
28 ulong ekey[4*(AESmaxrounds + 1)]; /* encryption key */
29 ulong dkey[4*(AESmaxrounds + 1)]; /* decryption key */
30 uchar ivec[AESbsize]; /* initialization vector */
31 uchar mackey[3 * AESbsize]; /* 3 XCBC mac 96 keys */
35 void aes_encrypt(ulong rk[], int Nr, uchar pt[16], uchar ct[16]);
36 void aes_decrypt(ulong rk[], int Nr, uchar ct[16], uchar pt[16]);
38 void setupAESstate(AESstate *s, uchar key[], int keybytes, uchar *ivec);
39 void aesCBCencrypt(uchar *p, int len, AESstate *s);
40 void aesCBCdecrypt(uchar *p, int len, AESstate *s);
41 void aesCTRdecrypt(uchar *p, int len, AESstate *s);
42 void aesCTRencrypt(uchar *p, int len, AESstate *s);
44 void setupAESXCBCstate(AESstate *s);
45 uchar* aesXCBCmac(uchar *p, int len, AESstate *s);
48 * Blowfish Definitions
57 /* 16-round Blowfish */
58 typedef struct BFstate BFstate;
66 u32int pbox[BFrounds+2];
70 void setupBFstate(BFstate *s, uchar key[], int keybytes, uchar *ivec);
71 void bfCBCencrypt(uchar*, int, BFstate*);
72 void bfCBCdecrypt(uchar*, int, BFstate*);
73 void bfECBencrypt(uchar*, int, BFstate*);
74 void bfECBdecrypt(uchar*, int, BFstate*);
86 typedef struct DESstate DESstate;
90 uchar key[8]; /* unexpanded key */
91 ulong expanded[32]; /* expanded key */
92 uchar ivec[8]; /* initialization vector */
95 void setupDESstate(DESstate *s, uchar key[8], uchar *ivec);
96 void des_key_setup(uchar[8], ulong[32]);
97 void block_cipher(ulong*, uchar*, int);
98 void desCBCencrypt(uchar*, int, DESstate*);
99 void desCBCdecrypt(uchar*, int, DESstate*);
100 void desECBencrypt(uchar*, int, DESstate*);
101 void desECBdecrypt(uchar*, int, DESstate*);
103 /* for backward compatibility with 7-byte DES key format */
104 void des56to64(uchar *k56, uchar *k64);
105 void des64to56(uchar *k64, uchar *k56);
106 void key_setup(uchar[7], ulong[32]);
108 /* triple des encrypt/decrypt orderings */
118 typedef struct DES3state DES3state;
122 uchar key[3][8]; /* unexpanded key */
123 ulong expanded[3][32]; /* expanded key */
124 uchar ivec[8]; /* initialization vector */
127 void setupDES3state(DES3state *s, uchar key[3][8], uchar *ivec);
128 void triple_block_cipher(ulong keys[3][32], uchar*, int);
129 void des3CBCencrypt(uchar*, int, DES3state*);
130 void des3CBCdecrypt(uchar*, int, DES3state*);
131 void des3ECBencrypt(uchar*, int, DES3state*);
132 void des3ECBdecrypt(uchar*, int, DES3state*);
140 SHA1dlen= 20, /* SHA digest length */
141 SHA2_224dlen= 28, /* SHA-224 digest length */
142 SHA2_256dlen= 32, /* SHA-256 digest length */
143 SHA2_384dlen= 48, /* SHA-384 digest length */
144 SHA2_512dlen= 64, /* SHA-512 digest length */
145 MD4dlen= 16, /* MD4 digest length */
146 MD5dlen= 16, /* MD5 digest length */
147 AESdlen= 16, /* TODO: see rfc */
149 Hmacblksz = 64, /* in bytes; from rfc2104 */
152 typedef struct DigestState DigestState;
165 typedef struct DigestState SHAstate; /* obsolete name */
166 typedef struct DigestState SHA1state;
167 typedef struct DigestState SHA2_224state;
168 typedef struct DigestState SHA2_256state;
169 typedef struct DigestState SHA2_384state;
170 typedef struct DigestState SHA2_512state;
171 typedef struct DigestState MD5state;
172 typedef struct DigestState MD4state;
173 typedef struct DigestState AEShstate;
175 DigestState* md4(uchar*, ulong, uchar*, DigestState*);
176 DigestState* md5(uchar*, ulong, uchar*, DigestState*);
177 DigestState* sha1(uchar*, ulong, uchar*, DigestState*);
178 DigestState* sha2_224(uchar*, ulong, uchar*, DigestState*);
179 DigestState* sha2_256(uchar*, ulong, uchar*, DigestState*);
180 DigestState* sha2_384(uchar*, ulong, uchar*, DigestState*);
181 DigestState* sha2_512(uchar*, ulong, uchar*, DigestState*);
182 DigestState* aes(uchar*, ulong, uchar*, DigestState*);
183 DigestState* hmac_x(uchar *p, ulong len, uchar *key, ulong klen,
184 uchar *digest, DigestState *s,
185 DigestState*(*x)(uchar*, ulong, uchar*, DigestState*),
187 DigestState* hmac_md5(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
188 DigestState* hmac_sha1(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
189 DigestState* hmac_sha2_224(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
190 DigestState* hmac_sha2_256(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
191 DigestState* hmac_sha2_384(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
192 DigestState* hmac_sha2_512(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
193 DigestState* hmac_aes(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
194 char* md5pickle(MD5state*);
195 MD5state* md5unpickle(char*);
196 char* sha1pickle(SHA1state*);
197 SHA1state* sha1unpickle(char*);
200 * random number generation
202 void genrandom(uchar *buf, int nbytes);
203 void prng(uchar *buf, int nbytes);
204 ulong fastrand(void);
205 ulong nfastrand(ulong);
210 void genprime(mpint *p, int n, int accuracy); /* generate n-bit probable prime */
211 void gensafeprime(mpint *p, mpint *alpha, int n, int accuracy); /* prime & generator */
212 void genstrongprime(mpint *p, int n, int accuracy); /* generate n-bit strong prime */
213 void DSAprimes(mpint *q, mpint *p, uchar seed[SHA1dlen]);
214 int probably_prime(mpint *n, int nrep); /* miller-rabin test */
215 int smallprimetest(mpint *p); /* returns -1 if not prime, 0 otherwise */
220 typedef struct RC4state RC4state;
228 void setupRC4state(RC4state*, uchar*, int);
229 void rc4(RC4state*, uchar*, int);
230 void rc4skip(RC4state*, int);
231 void rc4back(RC4state*, int);
236 typedef struct RSApub RSApub;
237 typedef struct RSApriv RSApriv;
238 typedef struct PEMChain PEMChain;
240 /* public/encryption key */
243 mpint *n; /* modulus */
244 mpint *ek; /* exp (encryption key) */
247 /* private/decryption key */
252 mpint *dk; /* exp (decryption key) */
254 /* precomputed values to help with chinese remainder theorem calc */
257 mpint *kp; /* dk mod p-1 */
258 mpint *kq; /* dk mod q-1 */
259 mpint *c2; /* (inv p) mod q */
268 RSApriv* rsagen(int nlen, int elen, int rounds);
269 RSApriv* rsafill(mpint *n, mpint *e, mpint *d, mpint *p, mpint *q);
270 mpint* rsaencrypt(RSApub *k, mpint *in, mpint *out);
271 mpint* rsadecrypt(RSApriv *k, mpint *in, mpint *out);
272 RSApub* rsapuballoc(void);
273 void rsapubfree(RSApub*);
274 RSApriv* rsaprivalloc(void);
275 void rsaprivfree(RSApriv*);
276 RSApub* rsaprivtopub(RSApriv*);
277 RSApub* X509toRSApub(uchar*, int, char*, int);
278 RSApriv* asn1toRSApriv(uchar*, int);
279 void asn1dump(uchar *der, int len);
280 uchar* decodePEM(char *s, char *type, int *len, char **new_s);
281 PEMChain* decodepemchain(char *s, char *type);
282 uchar* X509gen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
283 uchar* X509req(RSApriv *priv, char *subj, int *certlen);
284 char* X509verify(uchar *cert, int ncert, RSApub *pk);
285 void X509dump(uchar *cert, int ncert);
290 typedef struct EGpub EGpub;
291 typedef struct EGpriv EGpriv;
292 typedef struct EGsig EGsig;
294 /* public/encryption key */
297 mpint *p; /* modulus */
298 mpint *alpha; /* generator */
299 mpint *key; /* (encryption key) alpha**secret mod p */
302 /* private/decryption key */
306 mpint *secret; /* (decryption key) */
315 EGpriv* eggen(int nlen, int rounds);
316 mpint* egencrypt(EGpub *k, mpint *in, mpint *out); /* deprecated */
317 mpint* egdecrypt(EGpriv *k, mpint *in, mpint *out);
318 EGsig* egsign(EGpriv *k, mpint *m);
319 int egverify(EGpub *k, EGsig *sig, mpint *m);
320 EGpub* egpuballoc(void);
321 void egpubfree(EGpub*);
322 EGpriv* egprivalloc(void);
323 void egprivfree(EGpriv*);
324 EGsig* egsigalloc(void);
325 void egsigfree(EGsig*);
326 EGpub* egprivtopub(EGpriv*);
331 typedef struct DSApub DSApub;
332 typedef struct DSApriv DSApriv;
333 typedef struct DSAsig DSAsig;
335 /* public/encryption key */
338 mpint *p; /* modulus */
339 mpint *q; /* group order, q divides p-1 */
340 mpint *alpha; /* group generator */
341 mpint *key; /* (encryption key) alpha**secret mod p */
344 /* private/decryption key */
348 mpint *secret; /* (decryption key) */
357 DSApriv* dsagen(DSApub *opub); /* opub not checked for consistency! */
358 DSAsig* dsasign(DSApriv *k, mpint *m);
359 int dsaverify(DSApub *k, DSAsig *sig, mpint *m);
360 DSApub* dsapuballoc(void);
361 void dsapubfree(DSApub*);
362 DSApriv* dsaprivalloc(void);
363 void dsaprivfree(DSApriv*);
364 DSAsig* dsasigalloc(void);
365 void dsasigfree(DSAsig*);
366 DSApub* dsaprivtopub(DSApriv*);
367 DSApriv* asn1toDSApriv(uchar*, int);
372 typedef struct Thumbprint{
373 struct Thumbprint *next;
374 uchar sha1[SHA1dlen];
377 typedef struct TLSconn{
378 char dir[40]; /* connection directory */
379 uchar *cert; /* certificate (local on input, remote on output) */
383 int (*trace)(char*fmt, ...);
384 PEMChain*chain; /* optional extra certificate evidence for servers to present */
392 int tlsClient(int fd, TLSconn *c);
393 int tlsServer(int fd, TLSconn *c);
396 Thumbprint* initThumbprints(char *ok, char *crl);
397 void freeThumbprints(Thumbprint *ok);
398 int okThumbprint(uchar *sha1, Thumbprint *ok);
401 uchar *readcert(char *filename, int *pcertlen);
402 PEMChain*readcertchain(char *filename);