diff options
author | Jo-Philipp Wich <jow@openwrt.org> | 2014-12-03 15:17:05 +0100 |
---|---|---|
committer | Jo-Philipp Wich <jow@openwrt.org> | 2015-01-08 16:26:20 +0100 |
commit | 1bb4822dca6113f73e3bc89e2acf15935e6f8e92 (patch) | |
tree | 35e16f100466e4e00657199b38bb3d87d52bf73f /libs/nixio/axTLS/crypto/crypto_misc.c | |
parent | 9edd0e46c3f880727738ce8ca6ff1c8b85f99ef4 (diff) |
Rework LuCI build system
* Rename subdirectories to their repective OpenWrt package names
* Make each LuCI module its own standalone package
* Deploy a shared luci.mk which is used by each module Makefile
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Diffstat (limited to 'libs/nixio/axTLS/crypto/crypto_misc.c')
-rw-r--r-- | libs/nixio/axTLS/crypto/crypto_misc.c | 357 |
1 files changed, 0 insertions, 357 deletions
diff --git a/libs/nixio/axTLS/crypto/crypto_misc.c b/libs/nixio/axTLS/crypto/crypto_misc.c deleted file mode 100644 index 59b72ec08..000000000 --- a/libs/nixio/axTLS/crypto/crypto_misc.c +++ /dev/null @@ -1,357 +0,0 @@ -/* - * Copyright (c) 2007, Cameron Rich - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * * Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * * Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * * Neither the name of the axTLS project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/** - * Some misc. routines to help things out - */ - -#include <stdlib.h> -#include <string.h> -#include <stdarg.h> -#include <stdio.h> -#include "crypto_misc.h" -#ifdef CONFIG_WIN32_USE_CRYPTO_LIB -#include "wincrypt.h" -#endif - -#ifndef WIN32 -static int rng_fd = -1; -#elif defined(CONFIG_WIN32_USE_CRYPTO_LIB) -static HCRYPTPROV gCryptProv; -#endif - -#if (!defined(CONFIG_USE_DEV_URANDOM) && !defined(CONFIG_WIN32_USE_CRYPTO_LIB)) -static uint64_t rng_num; -#endif - -static int rng_ref_count; -const char * const unsupported_str = "Error: Feature not supported\n"; - -#ifndef CONFIG_SSL_SKELETON_MODE -/** - * Retrieve a file and put it into memory - * @return The size of the file, or -1 on failure. - */ -int get_file(const char *filename, uint8_t **buf) -{ - int total_bytes = 0; - int bytes_read = 0; - int filesize; - FILE *stream = fopen(filename, "rb"); - - if (stream == NULL) - { -#ifdef CONFIG_SSL_FULL_MODE - printf("file '%s' does not exist\n", filename); TTY_FLUSH(); -#endif - return -1; - } - - /* Win CE doesn't support stat() */ - fseek(stream, 0, SEEK_END); - filesize = ftell(stream); - *buf = (uint8_t *)malloc(filesize); - fseek(stream, 0, SEEK_SET); - - do - { - bytes_read = fread(*buf+total_bytes, 1, filesize-total_bytes, stream); - total_bytes += bytes_read; - } while (total_bytes < filesize && bytes_read > 0); - - fclose(stream); - return filesize; -} -#endif - -/** - * Initialise the Random Number Generator engine. - * - On Win32 use the platform SDK's crypto engine. - * - On Linux use /dev/urandom - * - If none of these work then use a custom RNG. - */ -EXP_FUNC void STDCALL RNG_initialize(const uint8_t *seed_buf, int size) -{ - if (rng_ref_count == 0) - { -#if !defined(WIN32) && defined(CONFIG_USE_DEV_URANDOM) - rng_fd = ax_open("/dev/urandom", O_RDONLY); -#elif defined(WIN32) && defined(CONFIG_WIN32_USE_CRYPTO_LIB) - if (!CryptAcquireContext(&gCryptProv, - NULL, NULL, PROV_RSA_FULL, 0)) - { - if (GetLastError() == NTE_BAD_KEYSET && - !CryptAcquireContext(&gCryptProv, - NULL, - NULL, - PROV_RSA_FULL, - CRYPT_NEWKEYSET)) - { - printf("CryptoLib: %x\n", unsupported_str, GetLastError()); - exit(1); - } - } -#else - /* help seed with the user's private key - this is a number that - should be hard to find, due to the fact that it relies on knowing - the private key */ - int i; - - for (i = 0; i < size/(int)sizeof(uint64_t); i++) - rng_num ^= *((uint64_t *)&seed_buf[i*sizeof(uint64_t)]); - - srand((long)&seed_buf); /* use the stack ptr as another rnd seed */ -#endif - } - - rng_ref_count++; -} - -/** - * Terminate the RNG engine. - */ -EXP_FUNC void STDCALL RNG_terminate(void) -{ - if (--rng_ref_count == 0) - { -#ifndef WIN32 - close(rng_fd); -#elif defined(CONFIG_WIN32_USE_CRYPTO_LIB) - CryptReleaseContext(gCryptProv, 0); -#endif - } -} - -/** - * Set a series of bytes with a random number. Individual bytes can be 0 - */ -EXP_FUNC void STDCALL get_random(int num_rand_bytes, uint8_t *rand_data) -{ -#if !defined(WIN32) && defined(CONFIG_USE_DEV_URANDOM) - /* use the Linux default */ - read(rng_fd, rand_data, num_rand_bytes); /* read from /dev/urandom */ -#elif defined(WIN32) && defined(CONFIG_WIN32_USE_CRYPTO_LIB) - /* use Microsoft Crypto Libraries */ - CryptGenRandom(gCryptProv, num_rand_bytes, rand_data); -#else /* nothing else to use, so use a custom RNG */ - /* The method we use when we've got nothing better. Use RC4, time - and a couple of random seeds to generate a random sequence */ - RC4_CTX rng_ctx; - struct timeval tv; - uint64_t big_num1, big_num2; - - gettimeofday(&tv, NULL); /* yes I know we shouldn't do this */ - - /* all numbers by themselves are pretty simple, but combined should - * be a challenge */ - big_num1 = (uint64_t)tv.tv_sec*(tv.tv_usec+1); - big_num2 = (uint64_t)rand()*big_num1; - big_num1 ^= rng_num; - - memcpy(rand_data, &big_num1, sizeof(uint64_t)); - if (num_rand_bytes > sizeof(uint64_t)) - memcpy(&rand_data[8], &big_num2, sizeof(uint64_t)); - - if (num_rand_bytes > 16) - { - /* clear rest of data */ - memset(&rand_data[16], 0, num_rand_bytes-16); - } - - RC4_setup(&rng_ctx, rand_data, 16); /* use as a key */ - RC4_crypt(&rng_ctx, rand_data, rand_data, num_rand_bytes); - - /* use last 8 bytes for next time */ - memcpy(&rng_num, &rand_data[num_rand_bytes-8], sizeof(uint64_t)); -#endif -} - -/** - * Set a series of bytes with a random number. Individual bytes are not zero. - */ -void get_random_NZ(int num_rand_bytes, uint8_t *rand_data) -{ - int i; - get_random(num_rand_bytes, rand_data); - - for (i = 0; i < num_rand_bytes; i++) - { - while (rand_data[i] == 0) /* can't be 0 */ - rand_data[i] = (uint8_t)(rand()); - } -} - -/** - * Some useful diagnostic routines - */ -#if defined(CONFIG_SSL_FULL_MODE) || defined(CONFIG_DEBUG) -int hex_finish; -int hex_index; - -static void print_hex_init(int finish) -{ - hex_finish = finish; - hex_index = 0; -} - -static void print_hex(uint8_t hex) -{ - static int column; - - if (hex_index == 0) - { - column = 0; - } - - printf("%02x ", hex); - if (++column == 8) - { - printf(": "); - } - else if (column >= 16) - { - printf("\n"); - column = 0; - } - - if (++hex_index >= hex_finish && column > 0) - { - printf("\n"); - } -} - -/** - * Spit out a blob of data for diagnostics. The data is is a nice column format - * for easy reading. - * - * @param format [in] The string (with possible embedded format characters) - * @param size [in] The number of numbers to print - * @param data [in] The start of data to use - * @param ... [in] Any additional arguments - */ -EXP_FUNC void STDCALL print_blob(const char *format, - const uint8_t *data, int size, ...) -{ - int i; - char tmp[80]; - va_list(ap); - - va_start(ap, size); - sprintf(tmp, "%s\n", format); - vprintf(tmp, ap); - print_hex_init(size); - for (i = 0; i < size; i++) - { - print_hex(data[i]); - } - - va_end(ap); - TTY_FLUSH(); -} -#elif defined(WIN32) -/* VC6.0 doesn't handle variadic macros */ -EXP_FUNC void STDCALL print_blob(const char *format, const unsigned char *data, - int size, ...) {} -#endif - -#if defined(CONFIG_SSL_HAS_PEM) || defined(CONFIG_HTTP_HAS_AUTHORIZATION) -/* base64 to binary lookup table */ -static const uint8_t map[128] = -{ - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 62, 255, 255, 255, 63, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255, - 255, 254, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6, - 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, - 19, 20, 21, 22, 23, 24, 25, 255, 255, 255, 255, 255, - 255, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, - 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, - 49, 50, 51, 255, 255, 255, 255, 255 -}; - -EXP_FUNC int STDCALL base64_decode(const char *in, int len, - uint8_t *out, int *outlen) -{ - int g, t, x, y, z; - uint8_t c; - int ret = -1; - - g = 3; - for (x = y = z = t = 0; x < len; x++) - { - if ((c = map[in[x]&0x7F]) == 0xff) - continue; - - if (c == 254) /* this is the end... */ - { - c = 0; - - if (--g < 0) - goto error; - } - else if (g != 3) /* only allow = at end */ - goto error; - - t = (t<<6) | c; - - if (++y == 4) - { - out[z++] = (uint8_t)((t>>16)&255); - - if (g > 1) - out[z++] = (uint8_t)((t>>8)&255); - - if (g > 2) - out[z++] = (uint8_t)(t&255); - - y = t = 0; - } - } - - if (y != 0) - goto error; - - if (outlen) - *outlen = z; - ret = 0; - -error: -#ifdef CONFIG_SSL_FULL_MODE - if (ret < 0) - printf("Error: Invalid base64\n"); TTY_FLUSH(); -#endif - TTY_FLUSH(); - return ret; - -} -#endif - |