137da2899SCharles.Forsyth #pragma src "/usr/inferno/libsec" 237da2899SCharles.Forsyth 337da2899SCharles.Forsyth #ifndef _MPINT 437da2899SCharles.Forsyth typedef struct mpint mpint; 537da2899SCharles.Forsyth #endif 637da2899SCharles.Forsyth 737da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 837da2899SCharles.Forsyth /* AES definitions */ 937da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 1037da2899SCharles.Forsyth 1137da2899SCharles.Forsyth enum 1237da2899SCharles.Forsyth { 1337da2899SCharles.Forsyth AESbsize= 16, 1437da2899SCharles.Forsyth AESmaxkey= 32, 1537da2899SCharles.Forsyth AESmaxrounds= 14 1637da2899SCharles.Forsyth }; 1737da2899SCharles.Forsyth 1837da2899SCharles.Forsyth typedef struct AESstate AESstate; 1937da2899SCharles.Forsyth struct AESstate 2037da2899SCharles.Forsyth { 2137da2899SCharles.Forsyth ulong setup; 2237da2899SCharles.Forsyth int rounds; 2337da2899SCharles.Forsyth int keybytes; 2437da2899SCharles.Forsyth uchar key[AESmaxkey]; /* unexpanded key */ 2537da2899SCharles.Forsyth u32int ekey[4*(AESmaxrounds + 1)]; /* encryption key */ 2637da2899SCharles.Forsyth u32int dkey[4*(AESmaxrounds + 1)]; /* decryption key */ 2737da2899SCharles.Forsyth uchar ivec[AESbsize]; /* initialization vector */ 2837da2899SCharles.Forsyth }; 2937da2899SCharles.Forsyth 3037da2899SCharles.Forsyth void setupAESstate(AESstate *s, uchar key[], int keybytes, uchar *ivec); 3137da2899SCharles.Forsyth void aesCBCencrypt(uchar *p, int len, AESstate *s); 3237da2899SCharles.Forsyth void aesCBCdecrypt(uchar *p, int len, AESstate *s); 3337da2899SCharles.Forsyth 3437da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 3537da2899SCharles.Forsyth /* Blowfish Definitions */ 3637da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 3737da2899SCharles.Forsyth 3837da2899SCharles.Forsyth enum 3937da2899SCharles.Forsyth { 4037da2899SCharles.Forsyth BFbsize = 8, 4137da2899SCharles.Forsyth BFrounds = 16 4237da2899SCharles.Forsyth }; 4337da2899SCharles.Forsyth 4437da2899SCharles.Forsyth /* 16-round Blowfish */ 4537da2899SCharles.Forsyth typedef struct BFstate BFstate; 4637da2899SCharles.Forsyth struct BFstate 4737da2899SCharles.Forsyth { 4837da2899SCharles.Forsyth ulong setup; 4937da2899SCharles.Forsyth 5037da2899SCharles.Forsyth uchar key[56]; 5137da2899SCharles.Forsyth uchar ivec[8]; 5237da2899SCharles.Forsyth 5337da2899SCharles.Forsyth u32int pbox[BFrounds+2]; 5437da2899SCharles.Forsyth u32int sbox[1024]; 5537da2899SCharles.Forsyth }; 5637da2899SCharles.Forsyth 5737da2899SCharles.Forsyth void setupBFstate(BFstate *s, uchar key[], int keybytes, uchar *ivec); 5837da2899SCharles.Forsyth void bfCBCencrypt(uchar*, int, BFstate*); 5937da2899SCharles.Forsyth void bfCBCdecrypt(uchar*, int, BFstate*); 6037da2899SCharles.Forsyth void bfECBencrypt(uchar*, int, BFstate*); 6137da2899SCharles.Forsyth void bfECBdecrypt(uchar*, int, BFstate*); 6237da2899SCharles.Forsyth 6337da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 6437da2899SCharles.Forsyth /* DES definitions */ 6537da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 6637da2899SCharles.Forsyth 6737da2899SCharles.Forsyth enum 6837da2899SCharles.Forsyth { 6937da2899SCharles.Forsyth DESbsize= 8 7037da2899SCharles.Forsyth }; 7137da2899SCharles.Forsyth 7237da2899SCharles.Forsyth /* single des */ 7337da2899SCharles.Forsyth typedef struct DESstate DESstate; 7437da2899SCharles.Forsyth struct DESstate 7537da2899SCharles.Forsyth { 7637da2899SCharles.Forsyth ulong setup; 7737da2899SCharles.Forsyth uchar key[8]; /* unexpanded key */ 7837da2899SCharles.Forsyth ulong expanded[32]; /* expanded key */ 7937da2899SCharles.Forsyth uchar ivec[8]; /* initialization vector */ 8037da2899SCharles.Forsyth }; 8137da2899SCharles.Forsyth 8237da2899SCharles.Forsyth void setupDESstate(DESstate *s, uchar key[8], uchar *ivec); 8337da2899SCharles.Forsyth void des_key_setup(uchar[8], ulong[32]); 8437da2899SCharles.Forsyth void block_cipher(ulong*, uchar*, int); 8537da2899SCharles.Forsyth void desCBCencrypt(uchar*, int, DESstate*); 8637da2899SCharles.Forsyth void desCBCdecrypt(uchar*, int, DESstate*); 8737da2899SCharles.Forsyth void desECBencrypt(uchar*, int, DESstate*); 8837da2899SCharles.Forsyth void desECBdecrypt(uchar*, int, DESstate*); 8937da2899SCharles.Forsyth 9037da2899SCharles.Forsyth /* for backward compatibility with 7 byte DES key format */ 9137da2899SCharles.Forsyth void des56to64(uchar *k56, uchar *k64); 9237da2899SCharles.Forsyth void des64to56(uchar *k64, uchar *k56); 9337da2899SCharles.Forsyth void key_setup(uchar[7], ulong[32]); 9437da2899SCharles.Forsyth 9537da2899SCharles.Forsyth /* triple des encrypt/decrypt orderings */ 9637da2899SCharles.Forsyth enum { 9737da2899SCharles.Forsyth DES3E= 0, 9837da2899SCharles.Forsyth DES3D= 1, 9937da2899SCharles.Forsyth DES3EEE= 0, 10037da2899SCharles.Forsyth DES3EDE= 2, 10137da2899SCharles.Forsyth DES3DED= 5, 10237da2899SCharles.Forsyth DES3DDD= 7 10337da2899SCharles.Forsyth }; 10437da2899SCharles.Forsyth 10537da2899SCharles.Forsyth typedef struct DES3state DES3state; 10637da2899SCharles.Forsyth struct DES3state 10737da2899SCharles.Forsyth { 10837da2899SCharles.Forsyth ulong setup; 10937da2899SCharles.Forsyth uchar key[3][8]; /* unexpanded key */ 11037da2899SCharles.Forsyth ulong expanded[3][32]; /* expanded key */ 11137da2899SCharles.Forsyth uchar ivec[8]; /* initialization vector */ 11237da2899SCharles.Forsyth }; 11337da2899SCharles.Forsyth 11437da2899SCharles.Forsyth void setupDES3state(DES3state *s, uchar key[3][8], uchar *ivec); 11537da2899SCharles.Forsyth void triple_block_cipher(ulong keys[3][32], uchar*, int); 11637da2899SCharles.Forsyth void des3CBCencrypt(uchar*, int, DES3state*); 11737da2899SCharles.Forsyth void des3CBCdecrypt(uchar*, int, DES3state*); 11837da2899SCharles.Forsyth void des3ECBencrypt(uchar*, int, DES3state*); 11937da2899SCharles.Forsyth void des3ECBdecrypt(uchar*, int, DES3state*); 12037da2899SCharles.Forsyth 12137da2899SCharles.Forsyth /* IDEA */ 12237da2899SCharles.Forsyth typedef struct IDEAstate IDEAstate; 12337da2899SCharles.Forsyth struct IDEAstate 12437da2899SCharles.Forsyth { 12537da2899SCharles.Forsyth uchar key[16]; 12637da2899SCharles.Forsyth ushort edkey[104]; 12737da2899SCharles.Forsyth uchar ivec[8]; 12837da2899SCharles.Forsyth }; 12937da2899SCharles.Forsyth 13037da2899SCharles.Forsyth void setupIDEAstate(IDEAstate*, uchar*, uchar*); 13137da2899SCharles.Forsyth void idea_key_setup(uchar*, ushort*); 13237da2899SCharles.Forsyth void idea_cipher(ushort*, uchar*, int); 13337da2899SCharles.Forsyth 13437da2899SCharles.Forsyth 13537da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 13637da2899SCharles.Forsyth /* digests */ 13737da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 13837da2899SCharles.Forsyth 13937da2899SCharles.Forsyth enum 14037da2899SCharles.Forsyth { 141*f1dcfd03Sforsyth /* digest lengths */ 142*f1dcfd03Sforsyth SHA1dlen= 20, 143*f1dcfd03Sforsyth MD4dlen= 16, 144*f1dcfd03Sforsyth MD5dlen= 16, 145*f1dcfd03Sforsyth 146*f1dcfd03Sforsyth SHA224dlen= 28, 147*f1dcfd03Sforsyth SHA256dlen= 32, 148*f1dcfd03Sforsyth 149*f1dcfd03Sforsyth SHA384dlen= 48, 150*f1dcfd03Sforsyth SHA512dlen= 64, 151*f1dcfd03Sforsyth 152*f1dcfd03Sforsyth /* block sizes */ 153*f1dcfd03Sforsyth SHA256bsize= 64, 154*f1dcfd03Sforsyth SHA512bsize= 128, 155*f1dcfd03Sforsyth Digestbsize= 128, /* maximum */ 15637da2899SCharles.Forsyth }; 15737da2899SCharles.Forsyth 15837da2899SCharles.Forsyth typedef struct DigestState DigestState; 15937da2899SCharles.Forsyth struct DigestState 16037da2899SCharles.Forsyth { 161*f1dcfd03Sforsyth u64int len; 16237da2899SCharles.Forsyth u32int state[5]; 163*f1dcfd03Sforsyth uchar buf[Digestbsize]; 16437da2899SCharles.Forsyth int blen; 165*f1dcfd03Sforsyth u64int nb128[2]; 166*f1dcfd03Sforsyth u64int h64[8]; 167*f1dcfd03Sforsyth u32int h32[8]; 16837da2899SCharles.Forsyth char malloced; 16937da2899SCharles.Forsyth char seeded; 17037da2899SCharles.Forsyth }; 17137da2899SCharles.Forsyth typedef struct DigestState SHAstate; /* obsolete name */ 17237da2899SCharles.Forsyth typedef struct DigestState SHA1state; 17337da2899SCharles.Forsyth typedef struct DigestState MD5state; 17437da2899SCharles.Forsyth typedef struct DigestState MD4state; 175*f1dcfd03Sforsyth typedef struct DigestState SHA256state; 176*f1dcfd03Sforsyth typedef struct DigestState SHA512state; 17737da2899SCharles.Forsyth 17837da2899SCharles.Forsyth DigestState* md4(uchar*, ulong, uchar*, DigestState*); 17937da2899SCharles.Forsyth DigestState* md5(uchar*, ulong, uchar*, DigestState*); 18037da2899SCharles.Forsyth DigestState* sha1(uchar*, ulong, uchar*, DigestState*); 181*f1dcfd03Sforsyth DigestState* sha224(uchar*, ulong, uchar*, DigestState*); 182*f1dcfd03Sforsyth DigestState* sha256(uchar*, ulong, uchar*, DigestState*); 183*f1dcfd03Sforsyth DigestState* sha384(uchar*, ulong, uchar*, DigestState*); 184*f1dcfd03Sforsyth DigestState* sha512(uchar*, ulong, uchar*, DigestState*); 18537da2899SCharles.Forsyth DigestState* hmac_md5(uchar*, ulong, uchar*, ulong, uchar*, DigestState*); 18637da2899SCharles.Forsyth DigestState* hmac_sha1(uchar*, ulong, uchar*, ulong, uchar*, DigestState*); 18737da2899SCharles.Forsyth char* md5pickle(MD5state*); 18837da2899SCharles.Forsyth MD5state* md5unpickle(char*); 18937da2899SCharles.Forsyth char* sha1pickle(SHA1state*); 19037da2899SCharles.Forsyth SHA1state* sha1unpickle(char*); 19137da2899SCharles.Forsyth 19237da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 19337da2899SCharles.Forsyth /* random number generation */ 19437da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 19537da2899SCharles.Forsyth void genrandom(uchar *buf, int nbytes); 19637da2899SCharles.Forsyth void _genrandomqlock(void); 19737da2899SCharles.Forsyth void _genrandomqunlock(void); 19837da2899SCharles.Forsyth void prng(uchar *buf, int nbytes); 19937da2899SCharles.Forsyth ulong fastrand(void); 20037da2899SCharles.Forsyth ulong nfastrand(ulong); 20137da2899SCharles.Forsyth 20237da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 20337da2899SCharles.Forsyth /* primes */ 20437da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 20537da2899SCharles.Forsyth void genprime(mpint *p, int n, int accuracy); /* generate an n bit probable prime */ 20637da2899SCharles.Forsyth void gensafeprime(mpint *p, mpint *alpha, int n, int accuracy); /* prime and generator */ 20737da2899SCharles.Forsyth void genstrongprime(mpint *p, int n, int accuracy); /* generate an n bit strong prime */ 20837da2899SCharles.Forsyth void DSAprimes(mpint *q, mpint *p, uchar seed[SHA1dlen]); 20937da2899SCharles.Forsyth int probably_prime(mpint *n, int nrep); /* miller-rabin test */ 21037da2899SCharles.Forsyth int smallprimetest(mpint *p); /* returns -1 if not prime, 0 otherwise */ 21137da2899SCharles.Forsyth 21237da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 21337da2899SCharles.Forsyth /* rc4 */ 21437da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 21537da2899SCharles.Forsyth typedef struct RC4state RC4state; 21637da2899SCharles.Forsyth struct RC4state 21737da2899SCharles.Forsyth { 21837da2899SCharles.Forsyth uchar state[256]; 21937da2899SCharles.Forsyth uchar x; 22037da2899SCharles.Forsyth uchar y; 22137da2899SCharles.Forsyth }; 22237da2899SCharles.Forsyth 22337da2899SCharles.Forsyth void setupRC4state(RC4state*, uchar*, int); 22437da2899SCharles.Forsyth void rc4(RC4state*, uchar*, int); 22537da2899SCharles.Forsyth void rc4skip(RC4state*, int); 22637da2899SCharles.Forsyth void rc4back(RC4state*, int); 22737da2899SCharles.Forsyth 22837da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 22937da2899SCharles.Forsyth /* rsa */ 23037da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 23137da2899SCharles.Forsyth typedef struct RSApub RSApub; 23237da2899SCharles.Forsyth typedef struct RSApriv RSApriv; 23337da2899SCharles.Forsyth typedef struct PEMChain PEMChain; 23437da2899SCharles.Forsyth 23537da2899SCharles.Forsyth /* public/encryption key */ 23637da2899SCharles.Forsyth struct RSApub 23737da2899SCharles.Forsyth { 23837da2899SCharles.Forsyth mpint *n; /* modulus */ 23937da2899SCharles.Forsyth mpint *ek; /* exp (encryption key) */ 24037da2899SCharles.Forsyth }; 24137da2899SCharles.Forsyth 24237da2899SCharles.Forsyth /* private/decryption key */ 24337da2899SCharles.Forsyth struct RSApriv 24437da2899SCharles.Forsyth { 24537da2899SCharles.Forsyth RSApub pub; 24637da2899SCharles.Forsyth 24737da2899SCharles.Forsyth mpint *dk; /* exp (decryption key) */ 24837da2899SCharles.Forsyth 24937da2899SCharles.Forsyth /* precomputed values to help with chinese remainder theorem calc */ 25037da2899SCharles.Forsyth mpint *p; 25137da2899SCharles.Forsyth mpint *q; 25237da2899SCharles.Forsyth mpint *kp; /* dk mod p-1 */ 25337da2899SCharles.Forsyth mpint *kq; /* dk mod q-1 */ 25437da2899SCharles.Forsyth mpint *c2; /* (inv p) mod q */ 25537da2899SCharles.Forsyth }; 25637da2899SCharles.Forsyth 25737da2899SCharles.Forsyth struct PEMChain{ 25837da2899SCharles.Forsyth PEMChain *next; 25937da2899SCharles.Forsyth uchar *pem; 26037da2899SCharles.Forsyth int pemlen; 26137da2899SCharles.Forsyth }; 26237da2899SCharles.Forsyth 26337da2899SCharles.Forsyth RSApriv* rsagen(int nlen, int elen, int rounds); 26437da2899SCharles.Forsyth RSApriv* rsafill(mpint *n, mpint *e, mpint *d, mpint *p, mpint *q); 26537da2899SCharles.Forsyth mpint* rsaencrypt(RSApub *k, mpint *in, mpint *out); 26637da2899SCharles.Forsyth mpint* rsadecrypt(RSApriv *k, mpint *in, mpint *out); 26737da2899SCharles.Forsyth RSApub* rsapuballoc(void); 26837da2899SCharles.Forsyth void rsapubfree(RSApub*); 26937da2899SCharles.Forsyth RSApriv* rsaprivalloc(void); 27037da2899SCharles.Forsyth void rsaprivfree(RSApriv*); 27137da2899SCharles.Forsyth RSApub* rsaprivtopub(RSApriv*); 27237da2899SCharles.Forsyth RSApub* X509toRSApub(uchar*, int, char*, int); 27337da2899SCharles.Forsyth RSApriv* asn1toRSApriv(uchar*, int); 27437da2899SCharles.Forsyth void asn1dump(uchar *der, int len); 27537da2899SCharles.Forsyth uchar* decodePEM(char *s, char *type, int *len, char **new_s); 27637da2899SCharles.Forsyth PEMChain* decodepemchain(char *s, char *type); 27737da2899SCharles.Forsyth uchar* X509gen(RSApriv *priv, char *subj, ulong valid[2], int *certlen); 27837da2899SCharles.Forsyth uchar* X509req(RSApriv *priv, char *subj, int *certlen); 27937da2899SCharles.Forsyth char* X509verify(uchar *cert, int ncert, RSApub *pk); 28037da2899SCharles.Forsyth void X509dump(uchar *cert, int ncert); 28137da2899SCharles.Forsyth 28237da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 28337da2899SCharles.Forsyth /* elgamal */ 28437da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 28537da2899SCharles.Forsyth typedef struct EGpub EGpub; 28637da2899SCharles.Forsyth typedef struct EGpriv EGpriv; 28737da2899SCharles.Forsyth typedef struct EGsig EGsig; 28837da2899SCharles.Forsyth 28937da2899SCharles.Forsyth /* public/encryption key */ 29037da2899SCharles.Forsyth struct EGpub 29137da2899SCharles.Forsyth { 29237da2899SCharles.Forsyth mpint *p; /* modulus */ 29337da2899SCharles.Forsyth mpint *alpha; /* generator */ 29437da2899SCharles.Forsyth mpint *key; /* (encryption key) alpha**secret mod p */ 29537da2899SCharles.Forsyth }; 29637da2899SCharles.Forsyth 29737da2899SCharles.Forsyth /* private/decryption key */ 29837da2899SCharles.Forsyth struct EGpriv 29937da2899SCharles.Forsyth { 30037da2899SCharles.Forsyth EGpub pub; 30137da2899SCharles.Forsyth mpint *secret; /* (decryption key) */ 30237da2899SCharles.Forsyth }; 30337da2899SCharles.Forsyth 30437da2899SCharles.Forsyth /* signature */ 30537da2899SCharles.Forsyth struct EGsig 30637da2899SCharles.Forsyth { 30737da2899SCharles.Forsyth mpint *r, *s; 30837da2899SCharles.Forsyth }; 30937da2899SCharles.Forsyth 31037da2899SCharles.Forsyth EGpriv* eggen(int nlen, int rounds); 31137da2899SCharles.Forsyth mpint* egencrypt(EGpub *k, mpint *in, mpint *out); /* deprecated */ 31237da2899SCharles.Forsyth mpint* egdecrypt(EGpriv *k, mpint *in, mpint *out); 31337da2899SCharles.Forsyth EGsig* egsign(EGpriv *k, mpint *m); 31437da2899SCharles.Forsyth int egverify(EGpub *k, EGsig *sig, mpint *m); 31537da2899SCharles.Forsyth EGpub* egpuballoc(void); 31637da2899SCharles.Forsyth void egpubfree(EGpub*); 31737da2899SCharles.Forsyth EGpriv* egprivalloc(void); 31837da2899SCharles.Forsyth void egprivfree(EGpriv*); 31937da2899SCharles.Forsyth EGsig* egsigalloc(void); 32037da2899SCharles.Forsyth void egsigfree(EGsig*); 32137da2899SCharles.Forsyth EGpub* egprivtopub(EGpriv*); 32237da2899SCharles.Forsyth 32337da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 32437da2899SCharles.Forsyth /* dsa */ 32537da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 32637da2899SCharles.Forsyth typedef struct DSApub DSApub; 32737da2899SCharles.Forsyth typedef struct DSApriv DSApriv; 32837da2899SCharles.Forsyth typedef struct DSAsig DSAsig; 32937da2899SCharles.Forsyth 33037da2899SCharles.Forsyth /* public/encryption key */ 33137da2899SCharles.Forsyth struct DSApub 33237da2899SCharles.Forsyth { 33337da2899SCharles.Forsyth mpint *p; /* modulus */ 33437da2899SCharles.Forsyth mpint *q; /* group order, q divides p-1 */ 33537da2899SCharles.Forsyth mpint *alpha; /* group generator */ 33637da2899SCharles.Forsyth mpint *key; /* (encryption key) alpha**secret mod p */ 33737da2899SCharles.Forsyth }; 33837da2899SCharles.Forsyth 33937da2899SCharles.Forsyth /* private/decryption key */ 34037da2899SCharles.Forsyth struct DSApriv 34137da2899SCharles.Forsyth { 34237da2899SCharles.Forsyth DSApub pub; 34337da2899SCharles.Forsyth mpint *secret; /* (decryption key) */ 34437da2899SCharles.Forsyth }; 34537da2899SCharles.Forsyth 34637da2899SCharles.Forsyth /* signature */ 34737da2899SCharles.Forsyth struct DSAsig 34837da2899SCharles.Forsyth { 34937da2899SCharles.Forsyth mpint *r, *s; 35037da2899SCharles.Forsyth }; 35137da2899SCharles.Forsyth 35237da2899SCharles.Forsyth DSApriv* dsagen(DSApub *opub); /* opub not checked for consistency! */ 35337da2899SCharles.Forsyth DSAsig* dsasign(DSApriv *k, mpint *m); 35437da2899SCharles.Forsyth int dsaverify(DSApub *k, DSAsig *sig, mpint *m); 35537da2899SCharles.Forsyth DSApub* dsapuballoc(void); 35637da2899SCharles.Forsyth void dsapubfree(DSApub*); 35737da2899SCharles.Forsyth DSApriv* dsaprivalloc(void); 35837da2899SCharles.Forsyth void dsaprivfree(DSApriv*); 35937da2899SCharles.Forsyth DSAsig* dsasigalloc(void); 36037da2899SCharles.Forsyth void dsasigfree(DSAsig*); 36137da2899SCharles.Forsyth DSApub* dsaprivtopub(DSApriv*); 36237da2899SCharles.Forsyth 36337da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 36437da2899SCharles.Forsyth /* TLS */ 36537da2899SCharles.Forsyth /*/////////////////////////////////////////////////////// */ 36637da2899SCharles.Forsyth typedef struct Thumbprint{ 36737da2899SCharles.Forsyth struct Thumbprint *next; 36837da2899SCharles.Forsyth uchar sha1[SHA1dlen]; 36937da2899SCharles.Forsyth } Thumbprint; 37037da2899SCharles.Forsyth 37137da2899SCharles.Forsyth typedef struct TLSconn{ 37237da2899SCharles.Forsyth char dir[40]; /* connection directory */ 37337da2899SCharles.Forsyth uchar *cert; /* certificate (local on input, remote on output) */ 37437da2899SCharles.Forsyth uchar *sessionID; 37537da2899SCharles.Forsyth int certlen, sessionIDlen; 37637da2899SCharles.Forsyth int (*trace)(char*fmt, ...); 37737da2899SCharles.Forsyth PEMChain *chain; /* optional extra certificate evidence for servers to present */ 37837da2899SCharles.Forsyth } TLSconn; 37937da2899SCharles.Forsyth 38037da2899SCharles.Forsyth /* tlshand.c */ 38137da2899SCharles.Forsyth int tlsClient(int fd, TLSconn *c); 38237da2899SCharles.Forsyth int tlsServer(int fd, TLSconn *c); 38337da2899SCharles.Forsyth 38437da2899SCharles.Forsyth /* thumb.c */ 38537da2899SCharles.Forsyth Thumbprint* initThumbprints(char *ok, char *crl); 38637da2899SCharles.Forsyth void freeThumbprints(Thumbprint *ok); 38737da2899SCharles.Forsyth int okThumbprint(uchar *sha1, Thumbprint *ok); 38837da2899SCharles.Forsyth 38937da2899SCharles.Forsyth /* readcert.c */ 39037da2899SCharles.Forsyth uchar *readcert(char *filename, int *pcertlen); 39137da2899SCharles.Forsyth PEMChain *readcertchain(char *filename); 392