X-Git-Url: http://erislabs.net/gitweb/?a=blobdiff_plain;f=lib%2Fgc-gnulib.c;h=c5033c91e878248bcccc747bee48ce505b1e1806;hb=2d540c2cb293bff09a2fe1b1bab9d1775d7e2832;hp=98214ed15e6af534a45bb4049864283904d6480b;hpb=3c1548f0f31e41ec9e36e349094a59ea3702e08c;p=gnulib.git diff --git a/lib/gc-gnulib.c b/lib/gc-gnulib.c index 98214ed15..c5033c91e 100644 --- a/lib/gc-gnulib.c +++ b/lib/gc-gnulib.c @@ -1,5 +1,5 @@ /* gc-gnulib.c --- Common gnulib internal crypto interface functions - * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008 Simon Josefsson + * Copyright (C) 2002-2011 Free Software Foundation, Inc. * * This file is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published @@ -92,11 +92,22 @@ gc_init (void) { #ifdef GNULIB_GC_RANDOM # if (defined _WIN32 || defined __WIN32__) && ! defined __CYGWIN__ - if(g_hProv) - CryptReleaseContext(g_hProv, 0); - if(!CryptAcquireContext(&g_hProv, NULL, NULL, PROV_INTEL_SEC, CRYPT_VERIFY_CONTEXT)) - if(!CryptAcquireContext(&g_hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFY_CONTEXT)) - return GC_RANDOM_ERROR; + if (g_hProv) + CryptReleaseContext (g_hProv, 0); + + /* There is no need to create a container for just random data, so + we can use CRYPT_VERIFY_CONTEXT (one call) see: + http://blogs.msdn.com/dangriff/archive/2003/11/19/51709.aspx */ + + /* We first try to use the Intel PIII RNG if drivers are present */ + if (!CryptAcquireContext (&g_hProv, NULL, NULL, + PROV_INTEL_SEC, CRYPT_VERIFY_CONTEXT)) + { + /* not a PIII or no drivers available, use default RSA CSP */ + if (!CryptAcquireContext (&g_hProv, NULL, NULL, + PROV_RSA_FULL, CRYPT_VERIFY_CONTEXT)) + return GC_RANDOM_ERROR; + } # endif #endif @@ -108,9 +119,9 @@ gc_done (void) { #ifdef GNULIB_GC_RANDOM # if (defined _WIN32 || defined __WIN32__) && ! defined __CYGWIN__ - if(g_hProv) + if (g_hProv) { - CryptReleaseContext(g_hProv, 0); + CryptReleaseContext (g_hProv, 0); g_hProv = 0; } # endif @@ -127,9 +138,9 @@ static Gc_rc randomize (int level, char *data, size_t datalen) { #if (defined _WIN32 || defined __WIN32__) && ! defined __CYGWIN__ - if(!g_hProv) + if (!g_hProv) return GC_RANDOM_ERROR; - CryptGenRandom(g_hProv, (DWORD)datalen, data); + CryptGenRandom (g_hProv, (DWORD) datalen, data); #else int fd; const char *device; @@ -165,12 +176,12 @@ randomize (int level, char *data, size_t datalen) tmp = read (fd, data, datalen); if (tmp < 0) - { - int save_errno = errno; - close (fd); - errno = save_errno; - return GC_RANDOM_ERROR; - } + { + int save_errno = errno; + close (fd); + errno = save_errno; + return GC_RANDOM_ERROR; + } len += tmp; } @@ -208,15 +219,17 @@ gc_random (char *data, size_t datalen) void gc_set_allocators (gc_malloc_t func_malloc, - gc_malloc_t secure_malloc, - gc_secure_check_t secure_check, - gc_realloc_t func_realloc, gc_free_t func_free) + gc_malloc_t secure_malloc, + gc_secure_check_t secure_check, + gc_realloc_t func_realloc, gc_free_t func_free) { return; } + /* Ciphers. */ -typedef struct _gc_cipher_ctx { +typedef struct _gc_cipher_ctx +{ Gc_cipher alg; Gc_cipher_mode mode; #ifdef GNULIB_GC_ARCTWO @@ -238,7 +251,7 @@ typedef struct _gc_cipher_ctx { Gc_rc gc_cipher_open (Gc_cipher alg, Gc_cipher_mode mode, - gc_cipher_handle * outhandle) + gc_cipher_handle * outhandle) { _gc_cipher_ctx *ctx; Gc_rc rc = GC_OK; @@ -255,14 +268,14 @@ gc_cipher_open (Gc_cipher alg, Gc_cipher_mode mode, #ifdef GNULIB_GC_ARCTWO case GC_ARCTWO40: switch (mode) - { - case GC_ECB: - case GC_CBC: - break; + { + case GC_ECB: + case GC_CBC: + break; - default: - rc = GC_INVALID_CIPHER; - } + default: + rc = GC_INVALID_CIPHER; + } break; #endif @@ -270,26 +283,26 @@ gc_cipher_open (Gc_cipher alg, Gc_cipher_mode mode, case GC_ARCFOUR128: case GC_ARCFOUR40: switch (mode) - { - case GC_STREAM: - break; + { + case GC_STREAM: + break; - default: - rc = GC_INVALID_CIPHER; - } + default: + rc = GC_INVALID_CIPHER; + } break; #endif #ifdef GNULIB_GC_DES case GC_DES: switch (mode) - { - case GC_ECB: - break; + { + case GC_ECB: + break; - default: - rc = GC_INVALID_CIPHER; - } + default: + rc = GC_INVALID_CIPHER; + } break; #endif @@ -298,14 +311,14 @@ gc_cipher_open (Gc_cipher alg, Gc_cipher_mode mode, case GC_AES192: case GC_AES256: switch (mode) - { - case GC_ECB: - case GC_CBC: - break; + { + case GC_ECB: + case GC_CBC: + break; - default: - rc = GC_INVALID_CIPHER; - } + default: + rc = GC_INVALID_CIPHER; + } break; #endif @@ -344,7 +357,7 @@ gc_cipher_setkey (gc_cipher_handle handle, size_t keylen, const char *key) #ifdef GNULIB_GC_DES case GC_DES: if (keylen != 8) - return GC_INVALID_CIPHER; + return GC_INVALID_CIPHER; gl_des_setkey (&ctx->desContext, key); break; #endif @@ -354,26 +367,26 @@ gc_cipher_setkey (gc_cipher_handle handle, size_t keylen, const char *key) case GC_AES192: case GC_AES256: { - rijndael_rc rc; - size_t i; - char keyMaterial[RIJNDAEL_MAX_KEY_SIZE + 1]; - - for (i = 0; i < keylen; i++) - sprintf (&keyMaterial[2*i], "%02x", key[i] & 0xFF); - - rc = rijndaelMakeKey (&ctx->aesEncKey, RIJNDAEL_DIR_ENCRYPT, - keylen * 8, keyMaterial); - if (rc < 0) - return GC_INVALID_CIPHER; - - rc = rijndaelMakeKey (&ctx->aesDecKey, RIJNDAEL_DIR_DECRYPT, - keylen * 8, keyMaterial); - if (rc < 0) - return GC_INVALID_CIPHER; - - rc = rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_ECB, NULL); - if (rc < 0) - return GC_INVALID_CIPHER; + rijndael_rc rc; + size_t i; + char keyMaterial[RIJNDAEL_MAX_KEY_SIZE + 1]; + + for (i = 0; i < keylen; i++) + sprintf (&keyMaterial[2 * i], "%02x", key[i] & 0xFF); + + rc = rijndaelMakeKey (&ctx->aesEncKey, RIJNDAEL_DIR_ENCRYPT, + keylen * 8, keyMaterial); + if (rc < 0) + return GC_INVALID_CIPHER; + + rc = rijndaelMakeKey (&ctx->aesDecKey, RIJNDAEL_DIR_DECRYPT, + keylen * 8, keyMaterial); + if (rc < 0) + return GC_INVALID_CIPHER; + + rc = rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_ECB, NULL); + if (rc < 0) + return GC_INVALID_CIPHER; } break; #endif @@ -395,7 +408,7 @@ gc_cipher_setiv (gc_cipher_handle handle, size_t ivlen, const char *iv) #ifdef GNULIB_GC_ARCTWO case GC_ARCTWO40: if (ivlen != ARCTWO_BLOCK_SIZE) - return GC_INVALID_CIPHER; + return GC_INVALID_CIPHER; memcpy (ctx->arctwoIV, iv, ivlen); break; #endif @@ -405,30 +418,30 @@ gc_cipher_setiv (gc_cipher_handle handle, size_t ivlen, const char *iv) case GC_AES192: case GC_AES256: switch (ctx->mode) - { - case GC_ECB: - /* Doesn't use IV. */ - break; + { + case GC_ECB: + /* Doesn't use IV. */ + break; - case GC_CBC: - { - rijndael_rc rc; - size_t i; - char ivMaterial[2 * RIJNDAEL_MAX_IV_SIZE + 1]; + case GC_CBC: + { + rijndael_rc rc; + size_t i; + char ivMaterial[2 * RIJNDAEL_MAX_IV_SIZE + 1]; - for (i = 0; i < ivlen; i++) - sprintf (&ivMaterial[2*i], "%02x", iv[i] & 0xFF); + for (i = 0; i < ivlen; i++) + sprintf (&ivMaterial[2 * i], "%02x", iv[i] & 0xFF); - rc = rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_CBC, - ivMaterial); - if (rc < 0) - return GC_INVALID_CIPHER; - } - break; + rc = rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_CBC, + ivMaterial); + if (rc < 0) + return GC_INVALID_CIPHER; + } + break; - default: - return GC_INVALID_CIPHER; - } + default: + return GC_INVALID_CIPHER; + } break; #endif @@ -449,27 +462,27 @@ gc_cipher_encrypt_inline (gc_cipher_handle handle, size_t len, char *data) #ifdef GNULIB_GC_ARCTWO case GC_ARCTWO40: switch (ctx->mode) - { - case GC_ECB: - arctwo_encrypt (&ctx->arctwoContext, data, data, len); - break; - - case GC_CBC: - for (; len >= ARCTWO_BLOCK_SIZE; len -= ARCTWO_BLOCK_SIZE, - data += ARCTWO_BLOCK_SIZE) - { - size_t i; - for (i = 0; i < ARCTWO_BLOCK_SIZE; i++) - data[i] ^= ctx->arctwoIV[i]; - arctwo_encrypt (&ctx->arctwoContext, data, data, - ARCTWO_BLOCK_SIZE); - memcpy (ctx->arctwoIV, data, ARCTWO_BLOCK_SIZE); - } - break; - - default: - return GC_INVALID_CIPHER; - } + { + case GC_ECB: + arctwo_encrypt (&ctx->arctwoContext, data, data, len); + break; + + case GC_CBC: + for (; len >= ARCTWO_BLOCK_SIZE; len -= ARCTWO_BLOCK_SIZE, + data += ARCTWO_BLOCK_SIZE) + { + size_t i; + for (i = 0; i < ARCTWO_BLOCK_SIZE; i++) + data[i] ^= ctx->arctwoIV[i]; + arctwo_encrypt (&ctx->arctwoContext, data, data, + ARCTWO_BLOCK_SIZE); + memcpy (ctx->arctwoIV, data, ARCTWO_BLOCK_SIZE); + } + break; + + default: + return GC_INVALID_CIPHER; + } break; #endif @@ -483,7 +496,7 @@ gc_cipher_encrypt_inline (gc_cipher_handle handle, size_t len, char *data) #ifdef GNULIB_GC_DES case GC_DES: for (; len >= 8; len -= 8, data += 8) - gl_des_ecb_encrypt (&ctx->desContext, data, data); + gl_des_ecb_encrypt (&ctx->desContext, data, data); break; #endif @@ -492,12 +505,12 @@ gc_cipher_encrypt_inline (gc_cipher_handle handle, size_t len, char *data) case GC_AES192: case GC_AES256: { - int nblocks; + int nblocks; - nblocks = rijndaelBlockEncrypt (&ctx->aesContext, &ctx->aesEncKey, - data, 8 * len, data); - if (nblocks < 0) - return GC_INVALID_CIPHER; + nblocks = rijndaelBlockEncrypt (&ctx->aesContext, &ctx->aesEncKey, + data, 8 * len, data); + if (nblocks < 0) + return GC_INVALID_CIPHER; } break; #endif @@ -519,29 +532,29 @@ gc_cipher_decrypt_inline (gc_cipher_handle handle, size_t len, char *data) #ifdef GNULIB_GC_ARCTWO case GC_ARCTWO40: switch (ctx->mode) - { - case GC_ECB: - arctwo_decrypt (&ctx->arctwoContext, data, data, len); - break; - - case GC_CBC: - for (; len >= ARCTWO_BLOCK_SIZE; len -= ARCTWO_BLOCK_SIZE, - data += ARCTWO_BLOCK_SIZE) - { - char tmpIV[ARCTWO_BLOCK_SIZE]; - size_t i; - memcpy (tmpIV, data, ARCTWO_BLOCK_SIZE); - arctwo_decrypt (&ctx->arctwoContext, data, data, - ARCTWO_BLOCK_SIZE); - for (i = 0; i < ARCTWO_BLOCK_SIZE; i++) - data[i] ^= ctx->arctwoIV[i]; - memcpy (ctx->arctwoIV, tmpIV, ARCTWO_BLOCK_SIZE); - } - break; - - default: - return GC_INVALID_CIPHER; - } + { + case GC_ECB: + arctwo_decrypt (&ctx->arctwoContext, data, data, len); + break; + + case GC_CBC: + for (; len >= ARCTWO_BLOCK_SIZE; len -= ARCTWO_BLOCK_SIZE, + data += ARCTWO_BLOCK_SIZE) + { + char tmpIV[ARCTWO_BLOCK_SIZE]; + size_t i; + memcpy (tmpIV, data, ARCTWO_BLOCK_SIZE); + arctwo_decrypt (&ctx->arctwoContext, data, data, + ARCTWO_BLOCK_SIZE); + for (i = 0; i < ARCTWO_BLOCK_SIZE; i++) + data[i] ^= ctx->arctwoIV[i]; + memcpy (ctx->arctwoIV, tmpIV, ARCTWO_BLOCK_SIZE); + } + break; + + default: + return GC_INVALID_CIPHER; + } break; #endif @@ -555,7 +568,7 @@ gc_cipher_decrypt_inline (gc_cipher_handle handle, size_t len, char *data) #ifdef GNULIB_GC_DES case GC_DES: for (; len >= 8; len -= 8, data += 8) - gl_des_ecb_decrypt (&ctx->desContext, data, data); + gl_des_ecb_decrypt (&ctx->desContext, data, data); break; #endif @@ -564,12 +577,12 @@ gc_cipher_decrypt_inline (gc_cipher_handle handle, size_t len, char *data) case GC_AES192: case GC_AES256: { - int nblocks; + int nblocks; - nblocks = rijndaelBlockDecrypt (&ctx->aesContext, &ctx->aesDecKey, - data, 8 * len, data); - if (nblocks < 0) - return GC_INVALID_CIPHER; + nblocks = rijndaelBlockDecrypt (&ctx->aesContext, &ctx->aesDecKey, + data, 8 * len, data); + if (nblocks < 0) + return GC_INVALID_CIPHER; } break; #endif @@ -595,7 +608,8 @@ gc_cipher_close (gc_cipher_handle handle) #define MAX_DIGEST_SIZE 20 -typedef struct _gc_hash_ctx { +typedef struct _gc_hash_ctx +{ Gc_hash alg; Gc_hash_mode mode; char hash[MAX_DIGEST_SIZE]; @@ -886,7 +900,7 @@ gc_sha1 (const void *in, size_t inlen, void *resbuf) #ifdef GNULIB_GC_HMAC_MD5 Gc_rc gc_hmac_md5 (const void *key, size_t keylen, - const void *in, size_t inlen, char *resbuf) + const void *in, size_t inlen, char *resbuf) { hmac_md5 (key, keylen, in, inlen, resbuf); return GC_OK; @@ -896,7 +910,7 @@ gc_hmac_md5 (const void *key, size_t keylen, #ifdef GNULIB_GC_HMAC_SHA1 Gc_rc gc_hmac_sha1 (const void *key, size_t keylen, - const void *in, size_t inlen, char *resbuf) + const void *in, size_t inlen, char *resbuf) { hmac_sha1 (key, keylen, in, inlen, resbuf); return GC_OK;