1*8ccd4a63SDavid du Colombier 2*8ccd4a63SDavid du Colombier #ifndef _MPINT 3*8ccd4a63SDavid du Colombier typedef struct mpint mpint; 4*8ccd4a63SDavid du Colombier #endif 5*8ccd4a63SDavid du Colombier 6*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 7*8ccd4a63SDavid du Colombier // AES definitions 8*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 9*8ccd4a63SDavid du Colombier 10*8ccd4a63SDavid du Colombier enum 11*8ccd4a63SDavid du Colombier { 12*8ccd4a63SDavid du Colombier AESbsize= 16, 13*8ccd4a63SDavid du Colombier AESmaxkey= 32, 14*8ccd4a63SDavid du Colombier AESmaxrounds= 14 15*8ccd4a63SDavid du Colombier }; 16*8ccd4a63SDavid du Colombier 17*8ccd4a63SDavid du Colombier typedef struct AESstate AESstate; 18*8ccd4a63SDavid du Colombier struct AESstate 19*8ccd4a63SDavid du Colombier { 20*8ccd4a63SDavid du Colombier ulong setup; 21*8ccd4a63SDavid du Colombier int rounds; 22*8ccd4a63SDavid du Colombier int keybytes; 23*8ccd4a63SDavid du Colombier uchar key[AESmaxkey]; /* unexpanded key */ 24*8ccd4a63SDavid du Colombier u32int ekey[4*(AESmaxrounds + 1)]; /* encryption key */ 25*8ccd4a63SDavid du Colombier u32int dkey[4*(AESmaxrounds + 1)]; /* decryption key */ 26*8ccd4a63SDavid du Colombier uchar ivec[AESbsize]; /* initialization vector */ 27*8ccd4a63SDavid du Colombier }; 28*8ccd4a63SDavid du Colombier 29*8ccd4a63SDavid du Colombier void setupAESstate(AESstate *s, uchar key[], int keybytes, uchar *ivec); 30*8ccd4a63SDavid du Colombier void aesCBCencrypt(uchar *p, int len, AESstate *s); 31*8ccd4a63SDavid du Colombier void aesCBCdecrypt(uchar *p, int len, AESstate *s); 32*8ccd4a63SDavid du Colombier 33*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 34*8ccd4a63SDavid du Colombier // Blowfish Definitions 35*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 36*8ccd4a63SDavid du Colombier 37*8ccd4a63SDavid du Colombier enum 38*8ccd4a63SDavid du Colombier { 39*8ccd4a63SDavid du Colombier BFbsize = 8, 40*8ccd4a63SDavid du Colombier BFrounds = 16 41*8ccd4a63SDavid du Colombier }; 42*8ccd4a63SDavid du Colombier 43*8ccd4a63SDavid du Colombier // 16-round Blowfish 44*8ccd4a63SDavid du Colombier typedef struct BFstate BFstate; 45*8ccd4a63SDavid du Colombier struct BFstate 46*8ccd4a63SDavid du Colombier { 47*8ccd4a63SDavid du Colombier ulong setup; 48*8ccd4a63SDavid du Colombier 49*8ccd4a63SDavid du Colombier uchar key[56]; 50*8ccd4a63SDavid du Colombier uchar ivec[8]; 51*8ccd4a63SDavid du Colombier 52*8ccd4a63SDavid du Colombier u32int pbox[BFrounds+2]; 53*8ccd4a63SDavid du Colombier u32int sbox[1024]; 54*8ccd4a63SDavid du Colombier }; 55*8ccd4a63SDavid du Colombier 56*8ccd4a63SDavid du Colombier void setupBFstate(BFstate *s, uchar key[], int keybytes, uchar *ivec); 57*8ccd4a63SDavid du Colombier void bfCBCencrypt(uchar*, int, BFstate*); 58*8ccd4a63SDavid du Colombier void bfCBCdecrypt(uchar*, int, BFstate*); 59*8ccd4a63SDavid du Colombier void bfECBencrypt(uchar*, int, BFstate*); 60*8ccd4a63SDavid du Colombier void bfECBdecrypt(uchar*, int, BFstate*); 61*8ccd4a63SDavid du Colombier 62*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 63*8ccd4a63SDavid du Colombier // DES definitions 64*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 65*8ccd4a63SDavid du Colombier 66*8ccd4a63SDavid du Colombier enum 67*8ccd4a63SDavid du Colombier { 68*8ccd4a63SDavid du Colombier DESbsize= 8 69*8ccd4a63SDavid du Colombier }; 70*8ccd4a63SDavid du Colombier 71*8ccd4a63SDavid du Colombier // single des 72*8ccd4a63SDavid du Colombier typedef struct DESstate DESstate; 73*8ccd4a63SDavid du Colombier struct DESstate 74*8ccd4a63SDavid du Colombier { 75*8ccd4a63SDavid du Colombier ulong setup; 76*8ccd4a63SDavid du Colombier uchar key[8]; /* unexpanded key */ 77*8ccd4a63SDavid du Colombier ulong expanded[32]; /* expanded key */ 78*8ccd4a63SDavid du Colombier uchar ivec[8]; /* initialization vector */ 79*8ccd4a63SDavid du Colombier }; 80*8ccd4a63SDavid du Colombier 81*8ccd4a63SDavid du Colombier void setupDESstate(DESstate *s, uchar key[8], uchar *ivec); 82*8ccd4a63SDavid du Colombier void des_key_setup(uchar[8], ulong[32]); 83*8ccd4a63SDavid du Colombier void block_cipher(ulong*, uchar*, int); 84*8ccd4a63SDavid du Colombier void desCBCencrypt(uchar*, int, DESstate*); 85*8ccd4a63SDavid du Colombier void desCBCdecrypt(uchar*, int, DESstate*); 86*8ccd4a63SDavid du Colombier void desECBencrypt(uchar*, int, DESstate*); 87*8ccd4a63SDavid du Colombier void desECBdecrypt(uchar*, int, DESstate*); 88*8ccd4a63SDavid du Colombier 89*8ccd4a63SDavid du Colombier // for backward compatibility with 7 byte DES key format 90*8ccd4a63SDavid du Colombier void des56to64(uchar *k56, uchar *k64); 91*8ccd4a63SDavid du Colombier void des64to56(uchar *k64, uchar *k56); 92*8ccd4a63SDavid du Colombier void key_setup(uchar[7], ulong[32]); 93*8ccd4a63SDavid du Colombier 94*8ccd4a63SDavid du Colombier // triple des encrypt/decrypt orderings 95*8ccd4a63SDavid du Colombier enum { 96*8ccd4a63SDavid du Colombier DES3E= 0, 97*8ccd4a63SDavid du Colombier DES3D= 1, 98*8ccd4a63SDavid du Colombier DES3EEE= 0, 99*8ccd4a63SDavid du Colombier DES3EDE= 2, 100*8ccd4a63SDavid du Colombier DES3DED= 5, 101*8ccd4a63SDavid du Colombier DES3DDD= 7 102*8ccd4a63SDavid du Colombier }; 103*8ccd4a63SDavid du Colombier 104*8ccd4a63SDavid du Colombier typedef struct DES3state DES3state; 105*8ccd4a63SDavid du Colombier struct DES3state 106*8ccd4a63SDavid du Colombier { 107*8ccd4a63SDavid du Colombier ulong setup; 108*8ccd4a63SDavid du Colombier uchar key[3][8]; /* unexpanded key */ 109*8ccd4a63SDavid du Colombier ulong expanded[3][32]; /* expanded key */ 110*8ccd4a63SDavid du Colombier uchar ivec[8]; /* initialization vector */ 111*8ccd4a63SDavid du Colombier }; 112*8ccd4a63SDavid du Colombier 113*8ccd4a63SDavid du Colombier void setupDES3state(DES3state *s, uchar key[3][8], uchar *ivec); 114*8ccd4a63SDavid du Colombier void triple_block_cipher(ulong keys[3][32], uchar*, int); 115*8ccd4a63SDavid du Colombier void des3CBCencrypt(uchar*, int, DES3state*); 116*8ccd4a63SDavid du Colombier void des3CBCdecrypt(uchar*, int, DES3state*); 117*8ccd4a63SDavid du Colombier void des3ECBencrypt(uchar*, int, DES3state*); 118*8ccd4a63SDavid du Colombier void des3ECBdecrypt(uchar*, int, DES3state*); 119*8ccd4a63SDavid du Colombier 120*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 121*8ccd4a63SDavid du Colombier // digests 122*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 123*8ccd4a63SDavid du Colombier 124*8ccd4a63SDavid du Colombier enum 125*8ccd4a63SDavid du Colombier { 126*8ccd4a63SDavid du Colombier SHA1dlen= 20, /* SHA digest length */ 127*8ccd4a63SDavid du Colombier MD4dlen= 16, /* MD4 digest length */ 128*8ccd4a63SDavid du Colombier MD5dlen= 16 /* MD5 digest length */ 129*8ccd4a63SDavid du Colombier }; 130*8ccd4a63SDavid du Colombier 131*8ccd4a63SDavid du Colombier typedef struct DigestState DigestState; 132*8ccd4a63SDavid du Colombier struct DigestState 133*8ccd4a63SDavid du Colombier { 134*8ccd4a63SDavid du Colombier ulong len; 135*8ccd4a63SDavid du Colombier u32int state[5]; 136*8ccd4a63SDavid du Colombier uchar buf[128]; 137*8ccd4a63SDavid du Colombier int blen; 138*8ccd4a63SDavid du Colombier char malloced; 139*8ccd4a63SDavid du Colombier char seeded; 140*8ccd4a63SDavid du Colombier }; 141*8ccd4a63SDavid du Colombier typedef struct DigestState SHAstate; /* obsolete name */ 142*8ccd4a63SDavid du Colombier typedef struct DigestState SHA1state; 143*8ccd4a63SDavid du Colombier typedef struct DigestState MD5state; 144*8ccd4a63SDavid du Colombier typedef struct DigestState MD4state; 145*8ccd4a63SDavid du Colombier 146*8ccd4a63SDavid du Colombier DigestState* md4(uchar*, ulong, uchar*, DigestState*); 147*8ccd4a63SDavid du Colombier DigestState* md5(uchar*, ulong, uchar*, DigestState*); 148*8ccd4a63SDavid du Colombier DigestState* sha1(uchar*, ulong, uchar*, DigestState*); 149*8ccd4a63SDavid du Colombier DigestState* hmac_md5(uchar*, ulong, uchar*, ulong, uchar*, DigestState*); 150*8ccd4a63SDavid du Colombier DigestState* hmac_sha1(uchar*, ulong, uchar*, ulong, uchar*, DigestState*); 151*8ccd4a63SDavid du Colombier char* sha1pickle(SHA1state*); 152*8ccd4a63SDavid du Colombier SHA1state* sha1unpickle(char*); 153*8ccd4a63SDavid du Colombier 154*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 155*8ccd4a63SDavid du Colombier // random number generation 156*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 157*8ccd4a63SDavid du Colombier void genrandom(uchar *buf, int nbytes); 158*8ccd4a63SDavid du Colombier void prng(uchar *buf, int nbytes); 159*8ccd4a63SDavid du Colombier ulong fastrand(void); 160*8ccd4a63SDavid du Colombier ulong nfastrand(ulong); 161*8ccd4a63SDavid du Colombier 162*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 163*8ccd4a63SDavid du Colombier // primes 164*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 165*8ccd4a63SDavid du Colombier void genprime(mpint *p, int n, int accuracy); // generate an n bit probable prime 166*8ccd4a63SDavid du Colombier void gensafeprime(mpint *p, mpint *alpha, int n, int accuracy); // prime and generator 167*8ccd4a63SDavid du Colombier void genstrongprime(mpint *p, int n, int accuracy); // generate an n bit strong prime 168*8ccd4a63SDavid du Colombier void DSAprimes(mpint *q, mpint *p, uchar seed[SHA1dlen]); 169*8ccd4a63SDavid du Colombier int probably_prime(mpint *n, int nrep); // miller-rabin test 170*8ccd4a63SDavid du Colombier int smallprimetest(mpint *p); // returns -1 if not prime, 0 otherwise 171*8ccd4a63SDavid du Colombier 172*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 173*8ccd4a63SDavid du Colombier // rc4 174*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 175*8ccd4a63SDavid du Colombier typedef struct RC4state RC4state; 176*8ccd4a63SDavid du Colombier struct RC4state 177*8ccd4a63SDavid du Colombier { 178*8ccd4a63SDavid du Colombier uchar state[256]; 179*8ccd4a63SDavid du Colombier uchar x; 180*8ccd4a63SDavid du Colombier uchar y; 181*8ccd4a63SDavid du Colombier }; 182*8ccd4a63SDavid du Colombier 183*8ccd4a63SDavid du Colombier void setupRC4state(RC4state*, uchar*, int); 184*8ccd4a63SDavid du Colombier void rc4(RC4state*, uchar*, int); 185*8ccd4a63SDavid du Colombier void rc4skip(RC4state*, int); 186*8ccd4a63SDavid du Colombier void rc4back(RC4state*, int); 187*8ccd4a63SDavid du Colombier 188*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 189*8ccd4a63SDavid du Colombier // rsa 190*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 191*8ccd4a63SDavid du Colombier typedef struct RSApub RSApub; 192*8ccd4a63SDavid du Colombier typedef struct RSApriv RSApriv; 193*8ccd4a63SDavid du Colombier 194*8ccd4a63SDavid du Colombier // public/encryption key 195*8ccd4a63SDavid du Colombier struct RSApub 196*8ccd4a63SDavid du Colombier { 197*8ccd4a63SDavid du Colombier mpint *n; // modulus 198*8ccd4a63SDavid du Colombier mpint *ek; // exp (encryption key) 199*8ccd4a63SDavid du Colombier }; 200*8ccd4a63SDavid du Colombier 201*8ccd4a63SDavid du Colombier // private/decryption key 202*8ccd4a63SDavid du Colombier struct RSApriv 203*8ccd4a63SDavid du Colombier { 204*8ccd4a63SDavid du Colombier RSApub pub; 205*8ccd4a63SDavid du Colombier 206*8ccd4a63SDavid du Colombier mpint *dk; // exp (decryption key) 207*8ccd4a63SDavid du Colombier 208*8ccd4a63SDavid du Colombier // precomputed values to help with chinese remainder theorem calc 209*8ccd4a63SDavid du Colombier mpint *p; 210*8ccd4a63SDavid du Colombier mpint *q; 211*8ccd4a63SDavid du Colombier mpint *kp; // dk mod p-1 212*8ccd4a63SDavid du Colombier mpint *kq; // dk mod q-1 213*8ccd4a63SDavid du Colombier mpint *c2; // (inv p) mod q 214*8ccd4a63SDavid du Colombier }; 215*8ccd4a63SDavid du Colombier 216*8ccd4a63SDavid du Colombier RSApriv* rsagen(int nlen, int elen, int rounds); 217*8ccd4a63SDavid du Colombier RSApriv* rsafill(mpint *n, mpint *e, mpint *d, mpint *p, mpint *q); 218*8ccd4a63SDavid du Colombier mpint* rsaencrypt(RSApub *k, mpint *in, mpint *out); 219*8ccd4a63SDavid du Colombier mpint* rsadecrypt(RSApriv *k, mpint *in, mpint *out); 220*8ccd4a63SDavid du Colombier RSApub* rsapuballoc(void); 221*8ccd4a63SDavid du Colombier void rsapubfree(RSApub*); 222*8ccd4a63SDavid du Colombier RSApriv* rsaprivalloc(void); 223*8ccd4a63SDavid du Colombier void rsaprivfree(RSApriv*); 224*8ccd4a63SDavid du Colombier RSApub* rsaprivtopub(RSApriv*); 225*8ccd4a63SDavid du Colombier RSApub* X509toRSApub(uchar*, int, char*, int); 226*8ccd4a63SDavid du Colombier RSApriv* asn1toRSApriv(uchar*, int); 227*8ccd4a63SDavid du Colombier void asn1dump(uchar *der, int len); 228*8ccd4a63SDavid du Colombier uchar* decodepem(char *s, char *type, int *len); 229*8ccd4a63SDavid du Colombier uchar* X509gen(RSApriv *priv, char *subj, ulong valid[2], int *certlen); 230*8ccd4a63SDavid du Colombier uchar* X509req(RSApriv *priv, char *subj, int *certlen); 231*8ccd4a63SDavid du Colombier char* X509verify(uchar *cert, int ncert, RSApub *pk); 232*8ccd4a63SDavid du Colombier void X509dump(uchar *cert, int ncert); 233*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 234*8ccd4a63SDavid du Colombier // elgamal 235*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 236*8ccd4a63SDavid du Colombier typedef struct EGpub EGpub; 237*8ccd4a63SDavid du Colombier typedef struct EGpriv EGpriv; 238*8ccd4a63SDavid du Colombier typedef struct EGsig EGsig; 239*8ccd4a63SDavid du Colombier 240*8ccd4a63SDavid du Colombier // public/encryption key 241*8ccd4a63SDavid du Colombier struct EGpub 242*8ccd4a63SDavid du Colombier { 243*8ccd4a63SDavid du Colombier mpint *p; // modulus 244*8ccd4a63SDavid du Colombier mpint *alpha; // generator 245*8ccd4a63SDavid du Colombier mpint *key; // (encryption key) alpha**secret mod p 246*8ccd4a63SDavid du Colombier }; 247*8ccd4a63SDavid du Colombier 248*8ccd4a63SDavid du Colombier // private/decryption key 249*8ccd4a63SDavid du Colombier struct EGpriv 250*8ccd4a63SDavid du Colombier { 251*8ccd4a63SDavid du Colombier EGpub pub; 252*8ccd4a63SDavid du Colombier mpint *secret; // (decryption key) 253*8ccd4a63SDavid du Colombier }; 254*8ccd4a63SDavid du Colombier 255*8ccd4a63SDavid du Colombier // signature 256*8ccd4a63SDavid du Colombier struct EGsig 257*8ccd4a63SDavid du Colombier { 258*8ccd4a63SDavid du Colombier mpint *r, *s; 259*8ccd4a63SDavid du Colombier }; 260*8ccd4a63SDavid du Colombier 261*8ccd4a63SDavid du Colombier EGpriv* eggen(int nlen, int rounds); 262*8ccd4a63SDavid du Colombier mpint* egencrypt(EGpub *k, mpint *in, mpint *out); 263*8ccd4a63SDavid du Colombier mpint* egdecrypt(EGpriv *k, mpint *in, mpint *out); 264*8ccd4a63SDavid du Colombier EGsig* egsign(EGpriv *k, mpint *m); 265*8ccd4a63SDavid du Colombier int egverify(EGpub *k, EGsig *sig, mpint *m); 266*8ccd4a63SDavid du Colombier EGpub* egpuballoc(void); 267*8ccd4a63SDavid du Colombier void egpubfree(EGpub*); 268*8ccd4a63SDavid du Colombier EGpriv* egprivalloc(void); 269*8ccd4a63SDavid du Colombier void egprivfree(EGpriv*); 270*8ccd4a63SDavid du Colombier EGsig* egsigalloc(void); 271*8ccd4a63SDavid du Colombier void egsigfree(EGsig*); 272*8ccd4a63SDavid du Colombier EGpub* egprivtopub(EGpriv*); 273*8ccd4a63SDavid du Colombier 274*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 275*8ccd4a63SDavid du Colombier // dsa 276*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 277*8ccd4a63SDavid du Colombier typedef struct DSApub DSApub; 278*8ccd4a63SDavid du Colombier typedef struct DSApriv DSApriv; 279*8ccd4a63SDavid du Colombier typedef struct DSAsig DSAsig; 280*8ccd4a63SDavid du Colombier 281*8ccd4a63SDavid du Colombier // public/encryption key 282*8ccd4a63SDavid du Colombier struct DSApub 283*8ccd4a63SDavid du Colombier { 284*8ccd4a63SDavid du Colombier mpint *p; // modulus 285*8ccd4a63SDavid du Colombier mpint *q; // group order, q divides p-1 286*8ccd4a63SDavid du Colombier mpint *alpha; // group generator 287*8ccd4a63SDavid du Colombier mpint *key; // (encryption key) alpha**secret mod p 288*8ccd4a63SDavid du Colombier }; 289*8ccd4a63SDavid du Colombier 290*8ccd4a63SDavid du Colombier // private/decryption key 291*8ccd4a63SDavid du Colombier struct DSApriv 292*8ccd4a63SDavid du Colombier { 293*8ccd4a63SDavid du Colombier DSApub pub; 294*8ccd4a63SDavid du Colombier mpint *secret; // (decryption key) 295*8ccd4a63SDavid du Colombier }; 296*8ccd4a63SDavid du Colombier 297*8ccd4a63SDavid du Colombier // signature 298*8ccd4a63SDavid du Colombier struct DSAsig 299*8ccd4a63SDavid du Colombier { 300*8ccd4a63SDavid du Colombier mpint *r, *s; 301*8ccd4a63SDavid du Colombier }; 302*8ccd4a63SDavid du Colombier 303*8ccd4a63SDavid du Colombier DSApriv* dsagen(DSApub *opub); 304*8ccd4a63SDavid du Colombier DSAsig* dsasign(DSApriv *k, mpint *m); 305*8ccd4a63SDavid du Colombier int dsaverify(DSApub *k, DSAsig *sig, mpint *m); 306*8ccd4a63SDavid du Colombier DSApub* dsapuballoc(void); 307*8ccd4a63SDavid du Colombier void dsapubfree(DSApub*); 308*8ccd4a63SDavid du Colombier DSApriv* dsaprivalloc(void); 309*8ccd4a63SDavid du Colombier void dsaprivfree(DSApriv*); 310*8ccd4a63SDavid du Colombier DSAsig* dsasigalloc(void); 311*8ccd4a63SDavid du Colombier void dsasigfree(DSAsig*); 312*8ccd4a63SDavid du Colombier DSApub* dsaprivtopub(DSApriv*); 313*8ccd4a63SDavid du Colombier 314*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 315*8ccd4a63SDavid du Colombier // TLS 316*8ccd4a63SDavid du Colombier ///////////////////////////////////////////////////////// 317*8ccd4a63SDavid du Colombier typedef struct Thumbprint{ 318*8ccd4a63SDavid du Colombier struct Thumbprint *next; 319*8ccd4a63SDavid du Colombier uchar sha1[SHA1dlen]; 320*8ccd4a63SDavid du Colombier } Thumbprint; 321*8ccd4a63SDavid du Colombier 322*8ccd4a63SDavid du Colombier typedef struct TLSconn{ 323*8ccd4a63SDavid du Colombier char dir[40]; // connection directory 324*8ccd4a63SDavid du Colombier uchar *cert; // certificate (local on input, remote on output) 325*8ccd4a63SDavid du Colombier uchar *sessionID; 326*8ccd4a63SDavid du Colombier int certlen, sessionIDlen; 327*8ccd4a63SDavid du Colombier int (*trace)(char*fmt, ...); 328*8ccd4a63SDavid du Colombier } TLSconn; 329*8ccd4a63SDavid du Colombier 330*8ccd4a63SDavid du Colombier // tlshand.c 331*8ccd4a63SDavid du Colombier extern int tlsClient(int fd, TLSconn *c); 332*8ccd4a63SDavid du Colombier extern int tlsServer(int fd, TLSconn *c); 333*8ccd4a63SDavid du Colombier 334*8ccd4a63SDavid du Colombier // thumb.c 335*8ccd4a63SDavid du Colombier extern Thumbprint* initThumbprints(char *ok, char *crl); 336*8ccd4a63SDavid du Colombier extern void freeThumbprints(Thumbprint *ok); 337*8ccd4a63SDavid du Colombier extern int okThumbprint(uchar *sha1, Thumbprint *ok); 338*8ccd4a63SDavid du Colombier 339*8ccd4a63SDavid du Colombier // readcert.c 340*8ccd4a63SDavid du Colombier extern uchar *readcert(char *filename, int *pcertlen); 341