diff options
Diffstat (limited to 'src/daemon/https/lgl')
-rw-r--r-- | src/daemon/https/lgl/Makefile.am | 11 | ||||
-rw-r--r-- | src/daemon/https/lgl/gc-libgcrypt.c | 40 | ||||
-rw-r--r-- | src/daemon/https/lgl/gc-pbkdf2-sha1.c | 185 | ||||
-rw-r--r-- | src/daemon/https/lgl/gc.h | 140 | ||||
-rw-r--r-- | src/daemon/https/lgl/hmac-md5.c | 81 | ||||
-rw-r--r-- | src/daemon/https/lgl/hmac-sha1.c | 81 | ||||
-rw-r--r-- | src/daemon/https/lgl/hmac.h | 41 | ||||
-rw-r--r-- | src/daemon/https/lgl/md5.c | 453 | ||||
-rw-r--r-- | src/daemon/https/lgl/md5.h | 128 | ||||
-rw-r--r-- | src/daemon/https/lgl/memxor.c | 35 | ||||
-rw-r--r-- | src/daemon/https/lgl/memxor.h | 31 | ||||
-rw-r--r-- | src/daemon/https/lgl/rijndael-alg-fst.c | 1093 | ||||
-rw-r--r-- | src/daemon/https/lgl/rijndael-alg-fst.h | 67 | ||||
-rw-r--r-- | src/daemon/https/lgl/rijndael-api-fst.c | 519 | ||||
-rw-r--r-- | src/daemon/https/lgl/rijndael-api-fst.h | 207 | ||||
-rw-r--r-- | src/daemon/https/lgl/sha1.c | 419 | ||||
-rw-r--r-- | src/daemon/https/lgl/sha1.h | 87 | ||||
-rw-r--r-- | src/daemon/https/lgl/strverscmp.c | 130 | ||||
-rw-r--r-- | src/daemon/https/lgl/strverscmp.h | 24 |
19 files changed, 1 insertions, 3771 deletions
diff --git a/src/daemon/https/lgl/Makefile.am b/src/daemon/https/lgl/Makefile.am index bf0faf11..7db09d80 100644 --- a/src/daemon/https/lgl/Makefile.am +++ b/src/daemon/https/lgl/Makefile.am | |||
@@ -9,15 +9,6 @@ noinst_LTLIBRARIES = liblgl.la | |||
9 | 9 | ||
10 | liblgl_la_LDFLAGS = -lgcrypt | 10 | liblgl_la_LDFLAGS = -lgcrypt |
11 | liblgl_la_SOURCES = \ | 11 | liblgl_la_SOURCES = \ |
12 | sha1.c sha1.h \ | ||
13 | gc-libgcrypt.c \ | 12 | gc-libgcrypt.c \ |
14 | rijndael-api-fst.c rijndael-api-fst.h \ | 13 | gc.h |
15 | gc-pbkdf2-sha1.c gc.h \ | ||
16 | rijndael-alg-fst.c rijndael-alg-fst.h \ | ||
17 | hmac-md5.c hmac.h \ | ||
18 | hmac-sha1.c \ | ||
19 | memxor.c memxor.h\ | ||
20 | strverscmp.c strverscmp.h \ | ||
21 | md5.c md5.h | ||
22 | |||
23 | 14 | ||
diff --git a/src/daemon/https/lgl/gc-libgcrypt.c b/src/daemon/https/lgl/gc-libgcrypt.c index 3653f0fc..2247e18d 100644 --- a/src/daemon/https/lgl/gc-libgcrypt.c +++ b/src/daemon/https/lgl/gc-libgcrypt.c | |||
@@ -416,43 +416,3 @@ MHD_gc_hash_close (MHD_gc_hash_handle handle) | |||
416 | free (ctx); | 416 | free (ctx); |
417 | } | 417 | } |
418 | 418 | ||
419 | #ifdef GNULIB_GC_HMAC_SHA1 | ||
420 | Gc_rc | ||
421 | MHD_gc_MHD_hmac_sha1 (const void *key, | ||
422 | size_t keylen, const void *in, size_t inlen, | ||
423 | char *resbuf) | ||
424 | { | ||
425 | size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_SHA1); | ||
426 | gcry_md_hd_t mdh; | ||
427 | unsigned char *hash; | ||
428 | gpg_error_t err; | ||
429 | |||
430 | assert (hlen == GC_SHA1_DIGEST_SIZE); | ||
431 | |||
432 | err = gcry_md_open (&mdh, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC); | ||
433 | if (err != GPG_ERR_NO_ERROR) | ||
434 | return GC_INVALID_HASH; | ||
435 | |||
436 | err = gcry_md_setkey (mdh, key, keylen); | ||
437 | if (err != GPG_ERR_NO_ERROR) | ||
438 | { | ||
439 | gcry_md_close (mdh); | ||
440 | return GC_INVALID_HASH; | ||
441 | } | ||
442 | |||
443 | gcry_md_write (mdh, in, inlen); | ||
444 | |||
445 | hash = gcry_md_read (mdh, GCRY_MD_SHA1); | ||
446 | if (hash == NULL) | ||
447 | { | ||
448 | gcry_md_close (mdh); | ||
449 | return GC_INVALID_HASH; | ||
450 | } | ||
451 | |||
452 | memcpy (resbuf, hash, hlen); | ||
453 | |||
454 | gcry_md_close (mdh); | ||
455 | |||
456 | return GC_OK; | ||
457 | } | ||
458 | #endif | ||
diff --git a/src/daemon/https/lgl/gc-pbkdf2-sha1.c b/src/daemon/https/lgl/gc-pbkdf2-sha1.c deleted file mode 100644 index f58ba491..00000000 --- a/src/daemon/https/lgl/gc-pbkdf2-sha1.c +++ /dev/null | |||
@@ -1,185 +0,0 @@ | |||
1 | /* gc-pbkdf2-sha1.c --- Password-Based Key Derivation Function a'la PKCS#5 | ||
2 | Copyright (C) 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. | ||
3 | |||
4 | This program is free software; you can redistribute it and/or modify | ||
5 | it under the terms of the GNU Lesser General Public License as published by | ||
6 | the Free Software Foundation; either version 2.1, or (at your option) | ||
7 | any later version. | ||
8 | |||
9 | This program is distributed in the hope that it will be useful, | ||
10 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
12 | GNU Lesser General Public License for more details. | ||
13 | |||
14 | You should have received a copy of the GNU Lesser General Public License | ||
15 | along with this program; if not, write to the Free Software Foundation, | ||
16 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ | ||
17 | |||
18 | /* Written by Simon Josefsson. The comments in this file are taken | ||
19 | from RFC 2898. */ | ||
20 | |||
21 | #include "MHD_config.h" | ||
22 | |||
23 | #include "gc.h" | ||
24 | |||
25 | #include <stdlib.h> | ||
26 | #include <string.h> | ||
27 | |||
28 | /* | ||
29 | * 5.2 PBKDF2 | ||
30 | * | ||
31 | * PBKDF2 applies a pseudorandom function (see Appendix B.1 for an | ||
32 | * example) to derive keys. The length of the derived key is essentially | ||
33 | * unbounded. (However, the maximum effective search space for the | ||
34 | * derived key may be limited by the structure of the underlying | ||
35 | * pseudorandom function. See Appendix B.1 for further discussion.) | ||
36 | * PBKDF2 is recommended for new applications. | ||
37 | * | ||
38 | * PBKDF2 (P, S, c, dkLen) | ||
39 | * | ||
40 | * Options: PRF underlying pseudorandom function (hLen | ||
41 | * denotes the length in octets of the | ||
42 | * pseudorandom function output) | ||
43 | * | ||
44 | * Input: P password, an octet string (ASCII or UTF-8) | ||
45 | * S salt, an octet string | ||
46 | * c iteration count, a positive integer | ||
47 | * dkLen intended length in octets of the derived | ||
48 | * key, a positive integer, at most | ||
49 | * (2^32 - 1) * hLen | ||
50 | * | ||
51 | * Output: DK derived key, a dkLen-octet string | ||
52 | */ | ||
53 | |||
54 | Gc_rc | ||
55 | MHD_gc_pbkdf2_sha1 (const char *P, size_t Plen, | ||
56 | const char *S, size_t Slen, | ||
57 | unsigned int c, char *DK, size_t dkLen) | ||
58 | { | ||
59 | unsigned int hLen = 20; | ||
60 | char U[20]; | ||
61 | char T[20]; | ||
62 | unsigned int u; | ||
63 | unsigned int l; | ||
64 | unsigned int r; | ||
65 | unsigned int i; | ||
66 | unsigned int k; | ||
67 | int rc; | ||
68 | char *tmp; | ||
69 | size_t tmplen = Slen + 4; | ||
70 | |||
71 | if (c == 0) | ||
72 | return GC_PKCS5_INVALID_ITERATION_COUNT; | ||
73 | |||
74 | if (dkLen == 0) | ||
75 | return GC_PKCS5_INVALID_DERIVED_KEY_LENGTH; | ||
76 | |||
77 | /* | ||
78 | * | ||
79 | * Steps: | ||
80 | * | ||
81 | * 1. If dkLen > (2^32 - 1) * hLen, output "derived key too long" and | ||
82 | * stop. | ||
83 | */ | ||
84 | |||
85 | if (dkLen > 4294967295U) | ||
86 | return GC_PKCS5_DERIVED_KEY_TOO_LONG; | ||
87 | |||
88 | /* | ||
89 | * 2. Let l be the number of hLen-octet blocks in the derived key, | ||
90 | * rounding up, and let r be the number of octets in the last | ||
91 | * block: | ||
92 | * | ||
93 | * l = CEIL (dkLen / hLen) , | ||
94 | * r = dkLen - (l - 1) * hLen . | ||
95 | * | ||
96 | * Here, CEIL (x) is the "ceiling" function, i.e. the smallest | ||
97 | * integer greater than, or equal to, x. | ||
98 | */ | ||
99 | |||
100 | l = ((dkLen - 1) / hLen) + 1; | ||
101 | r = dkLen - (l - 1) * hLen; | ||
102 | |||
103 | /* | ||
104 | * 3. For each block of the derived key apply the function F defined | ||
105 | * below to the password P, the salt S, the iteration count c, and | ||
106 | * the block index to compute the block: | ||
107 | * | ||
108 | * T_1 = F (P, S, c, 1) , | ||
109 | * T_2 = F (P, S, c, 2) , | ||
110 | * ... | ||
111 | * T_l = F (P, S, c, l) , | ||
112 | * | ||
113 | * where the function F is defined as the exclusive-or sum of the | ||
114 | * first c iterates of the underlying pseudorandom function PRF | ||
115 | * applied to the password P and the concatenation of the salt S | ||
116 | * and the block index i: | ||
117 | * | ||
118 | * F (P, S, c, i) = U_1 \xor U_2 \xor ... \xor U_c | ||
119 | * | ||
120 | * where | ||
121 | * | ||
122 | * U_1 = PRF (P, S || INT (i)) , | ||
123 | * U_2 = PRF (P, U_1) , | ||
124 | * ... | ||
125 | * U_c = PRF (P, U_{c-1}) . | ||
126 | * | ||
127 | * Here, INT (i) is a four-octet encoding of the integer i, most | ||
128 | * significant octet first. | ||
129 | * | ||
130 | * 4. Concatenate the blocks and extract the first dkLen octets to | ||
131 | * produce a derived key DK: | ||
132 | * | ||
133 | * DK = T_1 || T_2 || ... || T_l<0..r-1> | ||
134 | * | ||
135 | * 5. Output the derived key DK. | ||
136 | * | ||
137 | * Note. The construction of the function F follows a "belt-and- | ||
138 | * suspenders" approach. The iterates U_i are computed recursively to | ||
139 | * remove a degree of parallelism from an opponent; they are exclusive- | ||
140 | * ored together to reduce concerns about the recursion degenerating | ||
141 | * into a small set of values. | ||
142 | * | ||
143 | */ | ||
144 | |||
145 | tmp = malloc (tmplen); | ||
146 | if (tmp == NULL) | ||
147 | return GC_MALLOC_ERROR; | ||
148 | |||
149 | memcpy (tmp, S, Slen); | ||
150 | |||
151 | for (i = 1; i <= l; i++) | ||
152 | { | ||
153 | memset (T, 0, hLen); | ||
154 | |||
155 | for (u = 1; u <= c; u++) | ||
156 | { | ||
157 | if (u == 1) | ||
158 | { | ||
159 | tmp[Slen + 0] = (i & 0xff000000) >> 24; | ||
160 | tmp[Slen + 1] = (i & 0x00ff0000) >> 16; | ||
161 | tmp[Slen + 2] = (i & 0x0000ff00) >> 8; | ||
162 | tmp[Slen + 3] = (i & 0x000000ff) >> 0; | ||
163 | |||
164 | rc = MHD_gc_MHD_hmac_sha1 (P, Plen, tmp, tmplen, U); | ||
165 | } | ||
166 | else | ||
167 | rc = MHD_gc_MHD_hmac_sha1 (P, Plen, U, hLen, U); | ||
168 | |||
169 | if (rc != GC_OK) | ||
170 | { | ||
171 | free (tmp); | ||
172 | return rc; | ||
173 | } | ||
174 | |||
175 | for (k = 0; k < hLen; k++) | ||
176 | T[k] ^= U[k]; | ||
177 | } | ||
178 | |||
179 | memcpy (DK + (i - 1) * hLen, T, i == l ? r : hLen); | ||
180 | } | ||
181 | |||
182 | free (tmp); | ||
183 | |||
184 | return GC_OK; | ||
185 | } | ||
diff --git a/src/daemon/https/lgl/gc.h b/src/daemon/https/lgl/gc.h index dc873a54..30c4e45b 100644 --- a/src/daemon/https/lgl/gc.h +++ b/src/daemon/https/lgl/gc.h | |||
@@ -169,144 +169,4 @@ Gc_rc MHD_gc_pbkdf2_sha1 (const char *P, | |||
169 | size_t Slen, unsigned int c, char *DK, | 169 | size_t Slen, unsigned int c, char *DK, |
170 | size_t dkLen); | 170 | size_t dkLen); |
171 | 171 | ||
172 | /* | ||
173 | TODO: | ||
174 | |||
175 | From: Simon Josefsson <jas@extundo.com> | ||
176 | Subject: Re: generic crypto | ||
177 | Newsgroups: gmane.comp.lib.gnulib.bugs | ||
178 | Cc: bug-gnulib@gnu.org | ||
179 | Date: Fri, 07 Oct 2005 12:50:57 +0200 | ||
180 | Mail-Copies-To: nobody | ||
181 | |||
182 | Paul Eggert <eggert@CS.UCLA.EDU> writes: | ||
183 | |||
184 | > Simon Josefsson <jas@extundo.com> writes: | ||
185 | > | ||
186 | >> * Perhaps the /dev/?random reading should be separated into a separate | ||
187 | >> module? It might be useful outside of the gc layer too. | ||
188 | > | ||
189 | > Absolutely. I've been meaning to do that for months (for a "shuffle" | ||
190 | > program I want to add to coreutils), but hadn't gotten around to it. | ||
191 | > It would have to be generalized a bit. I'd like to have the file | ||
192 | > descriptor cached, for example. | ||
193 | |||
194 | I'll write a separate module for that part. | ||
195 | |||
196 | I think we should even add a good PRNG that is re-seeded from | ||
197 | /dev/?random frequently. GnuTLS can need a lot of random data on a | ||
198 | big server, more than /dev/random can supply. And /dev/urandom might | ||
199 | not be strong enough. Further, the security of /dev/?random can also | ||
200 | be questionable. | ||
201 | |||
202 | >> I'm also not sure about the names of those functions, they suggest | ||
203 | >> a more higher-level API than what is really offered (i.e., the | ||
204 | >> names "nonce" and "pseudo_random" and "random" imply certain | ||
205 | >> cryptographic properties). | ||
206 | > | ||
207 | > Could you expand a bit more on that? What is the relationship between | ||
208 | > nonce/pseudorandom/random and the /dev/ values you are using? | ||
209 | |||
210 | There is none, that is the problem. | ||
211 | |||
212 | Applications generally need different kind of "random" numbers. | ||
213 | Sometimes they just need some random data and doesn't care whether it | ||
214 | is possible for an attacker to compute the string (aka a "nonce"). | ||
215 | Sometimes they need data that is very difficult to compute (i.e., | ||
216 | computing it require inverting SHA1 or similar). Sometimes they need | ||
217 | data that is not possible to compute, i.e., it wants real entropy | ||
218 | collected over time on the system. Collecting the last kind of random | ||
219 | data is very expensive, so it must not be used too often. The second | ||
220 | kind of random data ("pseudo random") is typically generated by | ||
221 | seeding a good PRNG with a couple of hundred bytes of real entropy | ||
222 | from the "real random" data pool. The "nonce" is usually computed | ||
223 | using the PRNG as well, because PRNGs are usually fast. | ||
224 | |||
225 | Pseudo-random data is typically used for session keys. Strong random | ||
226 | data is often used to generate long-term keys (e.g., private RSA | ||
227 | keys). | ||
228 | |||
229 | Of course, there are many subtleties. There are several different | ||
230 | kind of nonce:s. Sometimes a nonce is just an ever-increasing | ||
231 | integer, starting from 0. Sometimes it is assumed to be unlikely to | ||
232 | be the same as previous nonces, but without a requirement that the | ||
233 | nonce is possible to guess. MD5(system clock) would thus suffice, if | ||
234 | it isn't called too often. You can guess what the next value will be, | ||
235 | but it will always be different. | ||
236 | |||
237 | The problem is that /dev/?random doesn't offer any kind of semantic | ||
238 | guarantees. But applications need an API that make that promise. | ||
239 | |||
240 | I think we should do this in several steps: | ||
241 | |||
242 | 1) Write a module that can read from /dev/?random. | ||
243 | |||
244 | 2) Add a module for a known-good PRNG suitable for random number | ||
245 | generation, that can be continuously re-seeded. | ||
246 | |||
247 | 3) Add a high-level module that provide various different randomness | ||
248 | functions. One for nonces, perhaps even different kind of nonces, | ||
249 | one for pseudo random data, and one for strong random data. It is | ||
250 | not clear whether we can hope to achieve the last one in a portable | ||
251 | way. | ||
252 | |||
253 | Further, it would be useful to allow users to provide their own | ||
254 | entropy source as a file, used to seed the PRNG or initialize the | ||
255 | strong randomness pool. This is used on embedded platforms that | ||
256 | doesn't have enough interrupts to hope to generate good random data. | ||
257 | |||
258 | > For example, why not use OpenBSD's /dev/arandom? | ||
259 | |||
260 | I don't trust ARC4. For example, recent cryptographic efforts | ||
261 | indicate that you must throw away the first 512 bytes generated from | ||
262 | the PRNG for it to be secure. I don't know whether OpenBSD do this. | ||
263 | Further, I recall some eprint paper on RC4 security that didn't | ||
264 | inspire confidence. | ||
265 | |||
266 | While I trust the random devices in OpenBSD more than | ||
267 | Solaris/AIX/HPUX/etc, I think that since we need something better on | ||
268 | Solaris/AIX/HPUX we'd might as well use it on OpenBSD or even Linux | ||
269 | too. | ||
270 | |||
271 | > Here is one thought. The user could specify a desired quality level | ||
272 | > range, and the implementation then would supply random data that is at | ||
273 | > least as good as the lower bound of the range. I.e., ihe | ||
274 | > implementation refuses to produce any random data if it can't generate | ||
275 | > data that is at least as good as the lower end of the range. The | ||
276 | > upper bound of the range is advice from the user not to be any more | ||
277 | > expensive than that, but the implementation can ignore the advice if | ||
278 | > it doesn't have anything cheaper. | ||
279 | |||
280 | I'm not sure this is a good idea. Users can't really be expected to | ||
281 | understand this. Further, applications need many different kind of | ||
282 | random data. Selecting the randomness level for each by the user will | ||
283 | be too complicated. | ||
284 | |||
285 | I think it is better if the application decide, from its cryptographic | ||
286 | requirement, what entropy quality it require, and call the proper API. | ||
287 | Meeting the implied semantic properties should be the job for gnulib. | ||
288 | |||
289 | >> Perhaps MHD_gc_dev_random and MHD_gc_dev_urandom? | ||
290 | > | ||
291 | > To some extent. I'd rather insulate the user from the details of | ||
292 | > where the random numbers come from. On the other hand we need to | ||
293 | > provide a way for applications to specify a file that contains | ||
294 | > random bits, so that people can override the defaults. | ||
295 | |||
296 | Agreed. | ||
297 | |||
298 | This may require some thinking before it is finalized. Is it ok to | ||
299 | install the GC module as-is meanwhile? Then I can continue to add the | ||
300 | stuff that GnuTLS need, and then come back to re-working the | ||
301 | randomness module. That way, we have two different projects that use | ||
302 | the code. GnuTLS includes the same randomness code that was in GNU | ||
303 | SASL and that is in the current gc module. I feel much more | ||
304 | comfortable working in small steps at a time, rather then working on | ||
305 | this for a long time in gnulib and only later integrate the stuff in | ||
306 | GnuTLS. | ||
307 | |||
308 | Thanks, | ||
309 | Simon | ||
310 | */ | ||
311 | |||
312 | #endif /* GC_H */ | 172 | #endif /* GC_H */ |
diff --git a/src/daemon/https/lgl/hmac-md5.c b/src/daemon/https/lgl/hmac-md5.c deleted file mode 100644 index 1fd943f0..00000000 --- a/src/daemon/https/lgl/hmac-md5.c +++ /dev/null | |||
@@ -1,81 +0,0 @@ | |||
1 | /* hmac-md5.c -- hashed message authentication codes | ||
2 | Copyright (C) 2005, 2006 Free Software Foundation, Inc. | ||
3 | |||
4 | This program is free software; you can redistribute it and/or modify | ||
5 | it under the terms of the GNU Lesser General Public License as published by | ||
6 | the Free Software Foundation; either version 2.1, or (at your option) | ||
7 | any later version. | ||
8 | |||
9 | This program is distributed in the hope that it will be useful, | ||
10 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
12 | GNU Lesser General Public License for more details. | ||
13 | |||
14 | You should have received a copy of the GNU Lesser General Public License | ||
15 | along with this program; if not, write to the Free Software Foundation, | ||
16 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ | ||
17 | |||
18 | /* Written by Simon Josefsson. */ | ||
19 | |||
20 | #include "MHD_config.h" | ||
21 | |||
22 | #include "hmac.h" | ||
23 | |||
24 | #include "memxor.h" | ||
25 | #include "md5.h" | ||
26 | |||
27 | #include <string.h> | ||
28 | |||
29 | #define IPAD 0x36 | ||
30 | #define OPAD 0x5c | ||
31 | |||
32 | int | ||
33 | MHD_hmac_md5 (const void *key, size_t keylen, | ||
34 | const void *in, size_t inlen, void *resbuf) | ||
35 | { | ||
36 | struct MHD_md5_ctx inner; | ||
37 | struct MHD_md5_ctx outer; | ||
38 | char optkeybuf[16]; | ||
39 | char block[64]; | ||
40 | char innerhash[16]; | ||
41 | |||
42 | /* Reduce the key's size, so that it becomes <= 64 bytes large. */ | ||
43 | |||
44 | if (keylen > 64) | ||
45 | { | ||
46 | struct MHD_md5_ctx keyhash; | ||
47 | |||
48 | MHD_md5_init_ctx (&keyhash); | ||
49 | MHD_md5_process_bytes (key, keylen, &keyhash); | ||
50 | MHD_md5_finish_ctx (&keyhash, optkeybuf); | ||
51 | |||
52 | key = optkeybuf; | ||
53 | keylen = 16; | ||
54 | } | ||
55 | |||
56 | /* Compute INNERHASH from KEY and IN. */ | ||
57 | |||
58 | MHD_md5_init_ctx (&inner); | ||
59 | |||
60 | memset (block, IPAD, sizeof (block)); | ||
61 | MHD_memxor (block, key, keylen); | ||
62 | |||
63 | MHD_md5_process_block (block, 64, &inner); | ||
64 | MHD_md5_process_bytes (in, inlen, &inner); | ||
65 | |||
66 | MHD_md5_finish_ctx (&inner, innerhash); | ||
67 | |||
68 | /* Compute result from KEY and INNERHASH. */ | ||
69 | |||
70 | MHD_md5_init_ctx (&outer); | ||
71 | |||
72 | memset (block, OPAD, sizeof (block)); | ||
73 | MHD_memxor (block, key, keylen); | ||
74 | |||
75 | MHD_md5_process_block (block, 64, &outer); | ||
76 | MHD_md5_process_bytes (innerhash, 16, &outer); | ||
77 | |||
78 | MHD_md5_finish_ctx (&outer, resbuf); | ||
79 | |||
80 | return 0; | ||
81 | } | ||
diff --git a/src/daemon/https/lgl/hmac-sha1.c b/src/daemon/https/lgl/hmac-sha1.c deleted file mode 100644 index 4d2e4f37..00000000 --- a/src/daemon/https/lgl/hmac-sha1.c +++ /dev/null | |||
@@ -1,81 +0,0 @@ | |||
1 | /* hmac-sha1.c -- hashed message authentication codes | ||
2 | Copyright (C) 2005, 2006 Free Software Foundation, Inc. | ||
3 | |||
4 | This program is free software; you can redistribute it and/or modify | ||
5 | it under the terms of the GNU Lesser General Public License as published by | ||
6 | the Free Software Foundation; either version 2.1, or (at your option) | ||
7 | any later version. | ||
8 | |||
9 | This program is distributed in the hope that it will be useful, | ||
10 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
12 | GNU Lesser General Public License for more details. | ||
13 | |||
14 | You should have received a copy of the GNU Lesser General Public License | ||
15 | along with this program; if not, write to the Free Software Foundation, | ||
16 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ | ||
17 | |||
18 | /* Written by Simon Josefsson. */ | ||
19 | |||
20 | #include "MHD_config.h" | ||
21 | |||
22 | #include "hmac.h" | ||
23 | |||
24 | #include "memxor.h" | ||
25 | #include "sha1.h" | ||
26 | |||
27 | #include <string.h> | ||
28 | |||
29 | #define IPAD 0x36 | ||
30 | #define OPAD 0x5c | ||
31 | |||
32 | int | ||
33 | MHD_hmac_sha1 (const void *key, size_t keylen, | ||
34 | const void *in, size_t inlen, void *resbuf) | ||
35 | { | ||
36 | struct MHD_sha1_ctx inner; | ||
37 | struct MHD_sha1_ctx outer; | ||
38 | char optkeybuf[20]; | ||
39 | char block[64]; | ||
40 | char innerhash[20]; | ||
41 | |||
42 | /* Reduce the key's size, so that it becomes <= 64 bytes large. */ | ||
43 | |||
44 | if (keylen > 64) | ||
45 | { | ||
46 | struct MHD_sha1_ctx keyhash; | ||
47 | |||
48 | MHD_sha1_init_ctx (&keyhash); | ||
49 | MHD_sha1_process_bytes (key, keylen, &keyhash); | ||
50 | MHD_sha1_finish_ctx (&keyhash, optkeybuf); | ||
51 | |||
52 | key = optkeybuf; | ||
53 | keylen = 20; | ||
54 | } | ||
55 | |||
56 | /* Compute INNERHASH from KEY and IN. */ | ||
57 | |||
58 | MHD_sha1_init_ctx (&inner); | ||
59 | |||
60 | memset (block, IPAD, sizeof (block)); | ||
61 | MHD_memxor (block, key, keylen); | ||
62 | |||
63 | MHD_sha1_process_block (block, 64, &inner); | ||
64 | MHD_sha1_process_bytes (in, inlen, &inner); | ||
65 | |||
66 | MHD_sha1_finish_ctx (&inner, innerhash); | ||
67 | |||
68 | /* Compute result from KEY and INNERHASH. */ | ||
69 | |||
70 | MHD_sha1_init_ctx (&outer); | ||
71 | |||
72 | memset (block, OPAD, sizeof (block)); | ||
73 | MHD_memxor (block, key, keylen); | ||
74 | |||
75 | MHD_sha1_process_block (block, 64, &outer); | ||
76 | MHD_sha1_process_bytes (innerhash, 20, &outer); | ||
77 | |||
78 | MHD_sha1_finish_ctx (&outer, resbuf); | ||
79 | |||
80 | return 0; | ||
81 | } | ||
diff --git a/src/daemon/https/lgl/hmac.h b/src/daemon/https/lgl/hmac.h deleted file mode 100644 index c4791504..00000000 --- a/src/daemon/https/lgl/hmac.h +++ /dev/null | |||
@@ -1,41 +0,0 @@ | |||
1 | /* hmac.h -- hashed message authentication codes | ||
2 | Copyright (C) 2005 Free Software Foundation, Inc. | ||
3 | |||
4 | This program is free software; you can redistribute it and/or modify | ||
5 | it under the terms of the GNU Lesser General Public License as published by | ||
6 | the Free Software Foundation; either version 2.1, or (at your option) | ||
7 | any later version. | ||
8 | |||
9 | This program is distributed in the hope that it will be useful, | ||
10 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
12 | GNU Lesser General Public License for more details. | ||
13 | |||
14 | You should have received a copy of the GNU Lesser General Public License | ||
15 | along with this program; if not, write to the Free Software Foundation, | ||
16 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ | ||
17 | |||
18 | /* Written by Simon Josefsson. */ | ||
19 | |||
20 | #ifndef HMAC_H | ||
21 | # define HMAC_H 1 | ||
22 | |||
23 | #include <stddef.h> | ||
24 | |||
25 | /* Compute Hashed Message Authentication Code with MD5, as described | ||
26 | in RFC 2104, over BUFFER data of BUFLEN bytes using the KEY of | ||
27 | KEYLEN bytes, writing the output to pre-allocated 16 byte minimum | ||
28 | RESBUF buffer. Return 0 on success. */ | ||
29 | int | ||
30 | MHD_hmac_md5 (const void *key, size_t keylen, | ||
31 | const void *buffer, size_t buflen, void *resbuf); | ||
32 | |||
33 | /* Compute Hashed Message Authentication Code with SHA-1, over BUFFER | ||
34 | data of BUFLEN bytes using the KEY of KEYLEN bytes, writing the | ||
35 | output to pre-allocated 20 byte minimum RESBUF buffer. Return 0 on | ||
36 | success. */ | ||
37 | int | ||
38 | MHD_hmac_sha1 (const void *key, size_t keylen, | ||
39 | const void *in, size_t inlen, void *resbuf); | ||
40 | |||
41 | #endif /* HMAC_H */ | ||
diff --git a/src/daemon/https/lgl/md5.c b/src/daemon/https/lgl/md5.c deleted file mode 100644 index 8cca27f5..00000000 --- a/src/daemon/https/lgl/md5.c +++ /dev/null | |||
@@ -1,453 +0,0 @@ | |||
1 | /* Functions to compute MD5 message digest of files or memory blocks. | ||
2 | according to the definition of MD5 in RFC 1321 from April 1992. | ||
3 | Copyright (C) 1995,1996,1997,1999,2000,2001,2005,2006 | ||
4 | Free Software Foundation, Inc. | ||
5 | This file is part of the GNU C Library. | ||
6 | |||
7 | This program is free software; you can redistribute it and/or modify it | ||
8 | under the terms of the GNU Lesser General Public License as published by the | ||
9 | Free Software Foundation; either version 2.1, or (at your option) any | ||
10 | later version. | ||
11 | |||
12 | This program is distributed in the hope that it will be useful, | ||
13 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
15 | GNU Lesser General Public License for more details. | ||
16 | |||
17 | You should have received a copy of the GNU Lesser General Public License | ||
18 | along with this program; if not, write to the Free Software Foundation, | ||
19 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ | ||
20 | |||
21 | /* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. */ | ||
22 | |||
23 | #include "MHD_config.h" | ||
24 | |||
25 | #include "md5.h" | ||
26 | |||
27 | #include <stddef.h> | ||
28 | #include <stdlib.h> | ||
29 | #include <string.h> | ||
30 | #include <sys/types.h> | ||
31 | |||
32 | #if USE_UNLOCKED_IO | ||
33 | # include "unlocked-io.h" | ||
34 | #endif | ||
35 | |||
36 | #ifdef _LIBC | ||
37 | # include <endian.h> | ||
38 | # if __BYTE_ORDER == __BIG_ENDIAN | ||
39 | # define WORDS_BIGENDIAN 1 | ||
40 | # endif | ||
41 | /* We need to keep the namespace clean so define the MD5 function | ||
42 | protected using leading __ . */ | ||
43 | # define MHD_md5_init_ctx __MHD_md5_init_ctx | ||
44 | # define MHD_md5_process_block __MHD_md5_process_block | ||
45 | # define MHD_md5_process_bytes __MHD_md5_process_bytes | ||
46 | # define MHD_md5_finish_ctx __MHD_md5_finish_ctx | ||
47 | # define MHD_md5_read_ctx __MHD_md5_read_ctx | ||
48 | # define MHD_md5_stream __MHD_md5_stream | ||
49 | # define MHD_md5_buffer __MHD_md5_buffer | ||
50 | #endif | ||
51 | |||
52 | #ifdef WORDS_BIGENDIAN | ||
53 | # define SWAP(n) \ | ||
54 | (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24)) | ||
55 | #else | ||
56 | # define SWAP(n) (n) | ||
57 | #endif | ||
58 | |||
59 | #define BLOCKSIZE 4096 | ||
60 | #if BLOCKSIZE % 64 != 0 | ||
61 | # error "invalid BLOCKSIZE" | ||
62 | #endif | ||
63 | |||
64 | /* This array contains the bytes used to pad the buffer to the next | ||
65 | 64-byte boundary. (RFC 1321, 3.1: Step 1) */ | ||
66 | static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ }; | ||
67 | |||
68 | |||
69 | /* Initialize structure containing state of computation. | ||
70 | (RFC 1321, 3.3: Step 3) */ | ||
71 | void | ||
72 | MHD_md5_init_ctx (struct MHD_md5_ctx *ctx) | ||
73 | { | ||
74 | ctx->A = 0x67452301; | ||
75 | ctx->B = 0xefcdab89; | ||
76 | ctx->C = 0x98badcfe; | ||
77 | ctx->D = 0x10325476; | ||
78 | |||
79 | ctx->total[0] = ctx->total[1] = 0; | ||
80 | ctx->buflen = 0; | ||
81 | } | ||
82 | |||
83 | /* Put result from CTX in first 16 bytes following RESBUF. The result | ||
84 | must be in little endian byte order. | ||
85 | |||
86 | IMPORTANT: On some systems it is required that RESBUF is correctly | ||
87 | aligned for a 32-bit value. */ | ||
88 | void * | ||
89 | MHD_md5_read_ctx (const struct MHD_md5_ctx *ctx, void *resbuf) | ||
90 | { | ||
91 | ((uint32_t *) resbuf)[0] = SWAP (ctx->A); | ||
92 | ((uint32_t *) resbuf)[1] = SWAP (ctx->B); | ||
93 | ((uint32_t *) resbuf)[2] = SWAP (ctx->C); | ||
94 | ((uint32_t *) resbuf)[3] = SWAP (ctx->D); | ||
95 | |||
96 | return resbuf; | ||
97 | } | ||
98 | |||
99 | /* Process the remaining bytes in the internal buffer and the usual | ||
100 | prolog according to the standard and write the result to RESBUF. | ||
101 | |||
102 | IMPORTANT: On some systems it is required that RESBUF is correctly | ||
103 | aligned for a 32-bit value. */ | ||
104 | void * | ||
105 | MHD_md5_finish_ctx (struct MHD_md5_ctx *ctx, void *resbuf) | ||
106 | { | ||
107 | /* Take yet unprocessed bytes into account. */ | ||
108 | uint32_t bytes = ctx->buflen; | ||
109 | size_t size = (bytes < 56) ? 64 / 4 : 64 * 2 / 4; | ||
110 | |||
111 | /* Now count remaining bytes. */ | ||
112 | ctx->total[0] += bytes; | ||
113 | if (ctx->total[0] < bytes) | ||
114 | ++ctx->total[1]; | ||
115 | |||
116 | /* Put the 64-bit file length in *bits* at the end of the buffer. */ | ||
117 | ctx->buffer[size - 2] = SWAP (ctx->total[0] << 3); | ||
118 | ctx->buffer[size - 1] = SWAP ((ctx->total[1] << 3) | (ctx->total[0] >> 29)); | ||
119 | |||
120 | memcpy (&((char *) ctx->buffer)[bytes], fillbuf, (size - 2) * 4 - bytes); | ||
121 | |||
122 | /* Process last bytes. */ | ||
123 | MHD_md5_process_block (ctx->buffer, size * 4, ctx); | ||
124 | |||
125 | return MHD_md5_read_ctx (ctx, resbuf); | ||
126 | } | ||
127 | |||
128 | /* Compute MD5 message digest for bytes read from STREAM. The | ||
129 | resulting message digest number will be written into the 16 bytes | ||
130 | beginning at RESBLOCK. */ | ||
131 | int | ||
132 | MHD_md5_stream (FILE * stream, void *resblock) | ||
133 | { | ||
134 | struct MHD_md5_ctx ctx; | ||
135 | char buffer[BLOCKSIZE + 72]; | ||
136 | size_t sum; | ||
137 | |||
138 | /* Initialize the computation context. */ | ||
139 | MHD_md5_init_ctx (&ctx); | ||
140 | |||
141 | /* Iterate over full file contents. */ | ||
142 | while (1) | ||
143 | { | ||
144 | /* We read the file in blocks of BLOCKSIZE bytes. One call of the | ||
145 | computation function processes the whole buffer so that with the | ||
146 | next round of the loop another block can be read. */ | ||
147 | size_t n; | ||
148 | sum = 0; | ||
149 | |||
150 | /* Read block. Take care for partial reads. */ | ||
151 | while (1) | ||
152 | { | ||
153 | n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream); | ||
154 | |||
155 | sum += n; | ||
156 | |||
157 | if (sum == BLOCKSIZE) | ||
158 | break; | ||
159 | |||
160 | if (n == 0) | ||
161 | { | ||
162 | /* Check for the error flag IFF N == 0, so that we don't | ||
163 | exit the loop after a partial read due to e.g., EAGAIN | ||
164 | or EWOULDBLOCK. */ | ||
165 | if (ferror (stream)) | ||
166 | return 1; | ||
167 | goto process_partial_block; | ||
168 | } | ||
169 | |||
170 | /* We've read at least one byte, so ignore errors. But always | ||
171 | check for EOF, since feof may be true even though N > 0. | ||
172 | Otherwise, we could end up calling fread after EOF. */ | ||
173 | if (feof (stream)) | ||
174 | goto process_partial_block; | ||
175 | } | ||
176 | |||
177 | /* Process buffer with BLOCKSIZE bytes. Note that | ||
178 | BLOCKSIZE % 64 == 0 | ||
179 | */ | ||
180 | MHD_md5_process_block (buffer, BLOCKSIZE, &ctx); | ||
181 | } | ||
182 | |||
183 | process_partial_block: | ||
184 | |||
185 | /* Process any remaining bytes. */ | ||
186 | if (sum > 0) | ||
187 | MHD_md5_process_bytes (buffer, sum, &ctx); | ||
188 | |||
189 | /* Construct result in desired memory. */ | ||
190 | MHD_md5_finish_ctx (&ctx, resblock); | ||
191 | return 0; | ||
192 | } | ||
193 | |||
194 | /* Compute MD5 message digest for LEN bytes beginning at BUFFER. The | ||
195 | result is always in little endian byte order, so that a byte-wise | ||
196 | output yields to the wanted ASCII representation of the message | ||
197 | digest. */ | ||
198 | void * | ||
199 | MHD_md5_buffer (const char *buffer, size_t len, void *resblock) | ||
200 | { | ||
201 | struct MHD_md5_ctx ctx; | ||
202 | |||
203 | /* Initialize the computation context. */ | ||
204 | MHD_md5_init_ctx (&ctx); | ||
205 | |||
206 | /* Process whole buffer but last len % 64 bytes. */ | ||
207 | MHD_md5_process_bytes (buffer, len, &ctx); | ||
208 | |||
209 | /* Put result in desired memory area. */ | ||
210 | return MHD_md5_finish_ctx (&ctx, resblock); | ||
211 | } | ||
212 | |||
213 | |||
214 | void | ||
215 | MHD_md5_process_bytes (const void *buffer, size_t len, | ||
216 | struct MHD_md5_ctx *ctx) | ||
217 | { | ||
218 | /* When we already have some bits in our internal buffer concatenate | ||
219 | both inputs first. */ | ||
220 | if (ctx->buflen != 0) | ||
221 | { | ||
222 | size_t left_over = ctx->buflen; | ||
223 | size_t add = 128 - left_over > len ? len : 128 - left_over; | ||
224 | |||
225 | memcpy (&((char *) ctx->buffer)[left_over], buffer, add); | ||
226 | ctx->buflen += add; | ||
227 | |||
228 | if (ctx->buflen > 64) | ||
229 | { | ||
230 | MHD_md5_process_block (ctx->buffer, ctx->buflen & ~63, ctx); | ||
231 | |||
232 | ctx->buflen &= 63; | ||
233 | /* The regions in the following copy operation cannot overlap. */ | ||
234 | memcpy (ctx->buffer, | ||
235 | &((char *) ctx->buffer)[(left_over + add) & ~63], | ||
236 | ctx->buflen); | ||
237 | } | ||
238 | |||
239 | buffer = (const char *) buffer + add; | ||
240 | len -= add; | ||
241 | } | ||
242 | |||
243 | /* Process available complete blocks. */ | ||
244 | if (len >= 64) | ||
245 | { | ||
246 | #if !_STRING_ARCH_unaligned | ||
247 | # define alignof(type) offsetof (struct { char c; type x; }, x) | ||
248 | # define UNALIGNED_P(p) (((size_t) p) % alignof (uint32_t) != 0) | ||
249 | if (UNALIGNED_P (buffer)) | ||
250 | while (len > 64) | ||
251 | { | ||
252 | MHD_md5_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx); | ||
253 | buffer = (const char *) buffer + 64; | ||
254 | len -= 64; | ||
255 | } | ||
256 | else | ||
257 | #endif | ||
258 | { | ||
259 | MHD_md5_process_block (buffer, len & ~63, ctx); | ||
260 | buffer = (const char *) buffer + (len & ~63); | ||
261 | len &= 63; | ||
262 | } | ||
263 | } | ||
264 | |||
265 | /* Move remaining bytes in internal buffer. */ | ||
266 | if (len > 0) | ||
267 | { | ||
268 | size_t left_over = ctx->buflen; | ||
269 | |||
270 | memcpy (&((char *) ctx->buffer)[left_over], buffer, len); | ||
271 | left_over += len; | ||
272 | if (left_over >= 64) | ||
273 | { | ||
274 | MHD_md5_process_block (ctx->buffer, 64, ctx); | ||
275 | left_over -= 64; | ||
276 | memcpy (ctx->buffer, &ctx->buffer[16], left_over); | ||
277 | } | ||
278 | ctx->buflen = left_over; | ||
279 | } | ||
280 | } | ||
281 | |||
282 | |||
283 | /* These are the four functions used in the four steps of the MD5 algorithm | ||
284 | and defined in the RFC 1321. The first function is a little bit optimized | ||
285 | (as found in Colin Plumbs public domain implementation). */ | ||
286 | /* #define FF(b, c, d) ((b & c) | (~b & d)) */ | ||
287 | #define FF(b, c, d) (d ^ (b & (c ^ d))) | ||
288 | #define FG(b, c, d) FF (d, b, c) | ||
289 | #define FH(b, c, d) (b ^ c ^ d) | ||
290 | #define FI(b, c, d) (c ^ (b | ~d)) | ||
291 | |||
292 | /* Process LEN bytes of BUFFER, accumulating context into CTX. | ||
293 | It is assumed that LEN % 64 == 0. */ | ||
294 | |||
295 | void | ||
296 | MHD_md5_process_block (const void *buffer, size_t len, | ||
297 | struct MHD_md5_ctx *ctx) | ||
298 | { | ||
299 | uint32_t correct_words[16]; | ||
300 | const uint32_t *words = buffer; | ||
301 | size_t nwords = len / sizeof (uint32_t); | ||
302 | const uint32_t *endp = words + nwords; | ||
303 | uint32_t A = ctx->A; | ||
304 | uint32_t B = ctx->B; | ||
305 | uint32_t C = ctx->C; | ||
306 | uint32_t D = ctx->D; | ||
307 | |||
308 | /* First increment the byte count. RFC 1321 specifies the possible | ||
309 | length of the file up to 2^64 bits. Here we only compute the | ||
310 | number of bytes. Do a double word increment. */ | ||
311 | ctx->total[0] += len; | ||
312 | if (ctx->total[0] < len) | ||
313 | ++ctx->total[1]; | ||
314 | |||
315 | /* Process all bytes in the buffer with 64 bytes in each round of | ||
316 | the loop. */ | ||
317 | while (words < endp) | ||
318 | { | ||
319 | uint32_t *cwp = correct_words; | ||
320 | uint32_t A_save = A; | ||
321 | uint32_t B_save = B; | ||
322 | uint32_t C_save = C; | ||
323 | uint32_t D_save = D; | ||
324 | |||
325 | /* First round: using the given function, the context and a constant | ||
326 | the next context is computed. Because the algorithms processing | ||
327 | unit is a 32-bit word and it is determined to work on words in | ||
328 | little endian byte order we perhaps have to change the byte order | ||
329 | before the computation. To reduce the work for the next steps | ||
330 | we store the swapped words in the array CORRECT_WORDS. */ | ||
331 | |||
332 | #define OP(a, b, c, d, s, T) \ | ||
333 | do \ | ||
334 | { \ | ||
335 | a += FF (b, c, d) + (*cwp++ = SWAP (*words)) + T; \ | ||
336 | ++words; \ | ||
337 | CYCLIC (a, s); \ | ||
338 | a += b; \ | ||
339 | } \ | ||
340 | while (0) | ||
341 | |||
342 | /* It is unfortunate that C does not provide an operator for | ||
343 | cyclic rotation. Hope the C compiler is smart enough. */ | ||
344 | #define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s))) | ||
345 | |||
346 | /* Before we start, one word to the strange constants. | ||
347 | They are defined in RFC 1321 as | ||
348 | |||
349 | T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64 | ||
350 | |||
351 | Here is an equivalent invocation using Perl: | ||
352 | |||
353 | perl -e 'foreach(1..64){printf "0x%08x\n", int (4294967296 * abs (sin $_))}' | ||
354 | */ | ||
355 | |||
356 | /* Round 1. */ | ||
357 | OP (A, B, C, D, 7, 0xd76aa478); | ||
358 | OP (D, A, B, C, 12, 0xe8c7b756); | ||
359 | OP (C, D, A, B, 17, 0x242070db); | ||
360 | OP (B, C, D, A, 22, 0xc1bdceee); | ||
361 | OP (A, B, C, D, 7, 0xf57c0faf); | ||
362 | OP (D, A, B, C, 12, 0x4787c62a); | ||
363 | OP (C, D, A, B, 17, 0xa8304613); | ||
364 | OP (B, C, D, A, 22, 0xfd469501); | ||
365 | OP (A, B, C, D, 7, 0x698098d8); | ||
366 | OP (D, A, B, C, 12, 0x8b44f7af); | ||
367 | OP (C, D, A, B, 17, 0xffff5bb1); | ||
368 | OP (B, C, D, A, 22, 0x895cd7be); | ||
369 | OP (A, B, C, D, 7, 0x6b901122); | ||
370 | OP (D, A, B, C, 12, 0xfd987193); | ||
371 | OP (C, D, A, B, 17, 0xa679438e); | ||
372 | OP (B, C, D, A, 22, 0x49b40821); | ||
373 | |||
374 | /* For the second to fourth round we have the possibly swapped words | ||
375 | in CORRECT_WORDS. Redefine the macro to take an additional first | ||
376 | argument specifying the function to use. */ | ||
377 | #undef OP | ||
378 | #define OP(f, a, b, c, d, k, s, T) \ | ||
379 | do \ | ||
380 | { \ | ||
381 | a += f (b, c, d) + correct_words[k] + T; \ | ||
382 | CYCLIC (a, s); \ | ||
383 | a += b; \ | ||
384 | } \ | ||
385 | while (0) | ||
386 | |||
387 | /* Round 2. */ | ||
388 | OP (FG, A, B, C, D, 1, 5, 0xf61e2562); | ||
389 | OP (FG, D, A, B, C, 6, 9, 0xc040b340); | ||
390 | OP (FG, C, D, A, B, 11, 14, 0x265e5a51); | ||
391 | OP (FG, B, C, D, A, 0, 20, 0xe9b6c7aa); | ||
392 | OP (FG, A, B, C, D, 5, 5, 0xd62f105d); | ||
393 | OP (FG, D, A, B, C, 10, 9, 0x02441453); | ||
394 | OP (FG, C, D, A, B, 15, 14, 0xd8a1e681); | ||
395 | OP (FG, B, C, D, A, 4, 20, 0xe7d3fbc8); | ||
396 | OP (FG, A, B, C, D, 9, 5, 0x21e1cde6); | ||
397 | OP (FG, D, A, B, C, 14, 9, 0xc33707d6); | ||
398 | OP (FG, C, D, A, B, 3, 14, 0xf4d50d87); | ||
399 | OP (FG, B, C, D, A, 8, 20, 0x455a14ed); | ||
400 | OP (FG, A, B, C, D, 13, 5, 0xa9e3e905); | ||
401 | OP (FG, D, A, B, C, 2, 9, 0xfcefa3f8); | ||
402 | OP (FG, C, D, A, B, 7, 14, 0x676f02d9); | ||
403 | OP (FG, B, C, D, A, 12, 20, 0x8d2a4c8a); | ||
404 | |||
405 | /* Round 3. */ | ||
406 | OP (FH, A, B, C, D, 5, 4, 0xfffa3942); | ||
407 | OP (FH, D, A, B, C, 8, 11, 0x8771f681); | ||
408 | OP (FH, C, D, A, B, 11, 16, 0x6d9d6122); | ||
409 | OP (FH, B, C, D, A, 14, 23, 0xfde5380c); | ||
410 | OP (FH, A, B, C, D, 1, 4, 0xa4beea44); | ||
411 | OP (FH, D, A, B, C, 4, 11, 0x4bdecfa9); | ||
412 | OP (FH, C, D, A, B, 7, 16, 0xf6bb4b60); | ||
413 | OP (FH, B, C, D, A, 10, 23, 0xbebfbc70); | ||
414 | OP (FH, A, B, C, D, 13, 4, 0x289b7ec6); | ||
415 | OP (FH, D, A, B, C, 0, 11, 0xeaa127fa); | ||
416 | OP (FH, C, D, A, B, 3, 16, 0xd4ef3085); | ||
417 | OP (FH, B, C, D, A, 6, 23, 0x04881d05); | ||
418 | OP (FH, A, B, C, D, 9, 4, 0xd9d4d039); | ||
419 | OP (FH, D, A, B, C, 12, 11, 0xe6db99e5); | ||
420 | OP (FH, C, D, A, B, 15, 16, 0x1fa27cf8); | ||
421 | OP (FH, B, C, D, A, 2, 23, 0xc4ac5665); | ||
422 | |||
423 | /* Round 4. */ | ||
424 | OP (FI, A, B, C, D, 0, 6, 0xf4292244); | ||
425 | OP (FI, D, A, B, C, 7, 10, 0x432aff97); | ||
426 | OP (FI, C, D, A, B, 14, 15, 0xab9423a7); | ||
427 | OP (FI, B, C, D, A, 5, 21, 0xfc93a039); | ||
428 | OP (FI, A, B, C, D, 12, 6, 0x655b59c3); | ||
429 | OP (FI, D, A, B, C, 3, 10, 0x8f0ccc92); | ||
430 | OP (FI, C, D, A, B, 10, 15, 0xffeff47d); | ||
431 | OP (FI, B, C, D, A, 1, 21, 0x85845dd1); | ||
432 | OP (FI, A, B, C, D, 8, 6, 0x6fa87e4f); | ||
433 | OP (FI, D, A, B, C, 15, 10, 0xfe2ce6e0); | ||
434 | OP (FI, C, D, A, B, 6, 15, 0xa3014314); | ||
435 | OP (FI, B, C, D, A, 13, 21, 0x4e0811a1); | ||
436 | OP (FI, A, B, C, D, 4, 6, 0xf7537e82); | ||
437 | OP (FI, D, A, B, C, 11, 10, 0xbd3af235); | ||
438 | OP (FI, C, D, A, B, 2, 15, 0x2ad7d2bb); | ||
439 | OP (FI, B, C, D, A, 9, 21, 0xeb86d391); | ||
440 | |||
441 | /* Add the starting values of the context. */ | ||
442 | A += A_save; | ||
443 | B += B_save; | ||
444 | C += C_save; | ||
445 | D += D_save; | ||
446 | } | ||
447 | |||
448 | /* Put checksum in context given as argument. */ | ||
449 | ctx->A = A; | ||
450 | ctx->B = B; | ||
451 | ctx->C = C; | ||
452 | ctx->D = D; | ||
453 | } | ||
diff --git a/src/daemon/https/lgl/md5.h b/src/daemon/https/lgl/md5.h deleted file mode 100644 index 94247e46..00000000 --- a/src/daemon/https/lgl/md5.h +++ /dev/null | |||
@@ -1,128 +0,0 @@ | |||
1 | /* Declaration of functions and data types used for MD5 sum computing | ||
2 | library functions. | ||
3 | Copyright (C) 1995-1997,1999,2000,2001,2004,2005,2006 | ||
4 | Free Software Foundation, Inc. | ||
5 | This file is part of the GNU C Library. | ||
6 | |||
7 | This program is free software; you can redistribute it and/or modify it | ||
8 | under the terms of the GNU Lesser General Public License as published by the | ||
9 | Free Software Foundation; either version 2.1, or (at your option) any | ||
10 | later version. | ||
11 | |||
12 | This program is distributed in the hope that it will be useful, | ||
13 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
15 | GNU Lesser General Public License for more details. | ||
16 | |||
17 | You should have received a copy of the GNU Lesser General Public License | ||
18 | along with this program; if not, write to the Free Software Foundation, | ||
19 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ | ||
20 | |||
21 | #ifndef _MD5_H | ||
22 | #define _MD5_H 1 | ||
23 | |||
24 | #include <stdio.h> | ||
25 | #include <stdint.h> | ||
26 | |||
27 | #define MD5_DIGEST_SIZE 16 | ||
28 | #define MD5_BLOCK_SIZE 64 | ||
29 | |||
30 | #ifndef __GNUC_PREREQ | ||
31 | # if defined __GNUC__ && defined __GNUC_MINOR__ | ||
32 | # define __GNUC_PREREQ(maj, min) \ | ||
33 | ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min)) | ||
34 | # else | ||
35 | # define __GNUC_PREREQ(maj, min) 0 | ||
36 | # endif | ||
37 | #endif | ||
38 | |||
39 | #ifndef __THROW | ||
40 | # if defined __cplusplus && __GNUC_PREREQ (2,8) | ||
41 | # define __THROW throw () | ||
42 | # else | ||
43 | # define __THROW | ||
44 | # endif | ||
45 | #endif | ||
46 | |||
47 | #ifndef _LIBC | ||
48 | # define __MHD_md5_buffer MHD_md5_buffer | ||
49 | # define __MHD_md5_finish_ctx MHD_md5_finish_ctx | ||
50 | # define __MHD_md5_init_ctx MHD_md5_init_ctx | ||
51 | # define __MHD_md5_process_block MHD_md5_process_block | ||
52 | # define __MHD_md5_process_bytes MHD_md5_process_bytes | ||
53 | # define __MHD_md5_read_ctx MHD_md5_read_ctx | ||
54 | # define __MHD_md5_stream MHD_md5_stream | ||
55 | #endif | ||
56 | |||
57 | /* Structure to save state of computation between the single steps. */ | ||
58 | struct MHD_md5_ctx | ||
59 | { | ||
60 | uint32_t A; | ||
61 | uint32_t B; | ||
62 | uint32_t C; | ||
63 | uint32_t D; | ||
64 | |||
65 | uint32_t total[2]; | ||
66 | uint32_t buflen; | ||
67 | uint32_t buffer[32]; | ||
68 | }; | ||
69 | |||
70 | /* | ||
71 | * The following three functions are build up the low level used in | ||
72 | * the functions `MHD_md5_stream' and `MHD_md5_buffer'. | ||
73 | */ | ||
74 | |||
75 | /* Initialize structure containing state of computation. | ||
76 | (RFC 1321, 3.3: Step 3) */ | ||
77 | extern void | ||
78 | __MHD_md5_init_ctx (struct MHD_md5_ctx *ctx) | ||
79 | __THROW; | ||
80 | |||
81 | /* Starting with the result of former calls of this function (or the | ||
82 | initialization function update the context for the next LEN bytes | ||
83 | starting at BUFFER. | ||
84 | It is necessary that LEN is a multiple of 64!!! */ | ||
85 | extern void __MHD_md5_process_block (const void *buffer, size_t len, | ||
86 | struct MHD_md5_ctx *ctx) __THROW; | ||
87 | |||
88 | /* Starting with the result of former calls of this function (or the | ||
89 | initialization function update the context for the next LEN bytes | ||
90 | starting at BUFFER. | ||
91 | It is NOT required that LEN is a multiple of 64. */ | ||
92 | extern void __MHD_md5_process_bytes (const void *buffer, size_t len, | ||
93 | struct MHD_md5_ctx *ctx) __THROW; | ||
94 | |||
95 | /* Process the remaining bytes in the buffer and put result from CTX | ||
96 | in first 16 bytes following RESBUF. The result is always in little | ||
97 | endian byte order, so that a byte-wise output yields to the wanted | ||
98 | ASCII representation of the message digest. | ||
99 | |||
100 | IMPORTANT: On some systems, RESBUF must be aligned to a 32-bit | ||
101 | boundary. */ | ||
102 | extern void *__MHD_md5_finish_ctx (struct MHD_md5_ctx *ctx, | ||
103 | void *resbuf) __THROW; | ||
104 | |||
105 | |||
106 | /* Put result from CTX in first 16 bytes following RESBUF. The result is | ||
107 | always in little endian byte order, so that a byte-wise output yields | ||
108 | to the wanted ASCII representation of the message digest. | ||
109 | |||
110 | IMPORTANT: On some systems, RESBUF must be aligned to a 32-bit | ||
111 | boundary. */ | ||
112 | extern void *__MHD_md5_read_ctx (const struct MHD_md5_ctx *ctx, | ||
113 | void *resbuf) __THROW; | ||
114 | |||
115 | |||
116 | /* Compute MD5 message digest for bytes read from STREAM. The | ||
117 | resulting message digest number will be written into the 16 bytes | ||
118 | beginning at RESBLOCK. */ | ||
119 | extern int __MHD_md5_stream (FILE * stream, void *resblock) __THROW; | ||
120 | |||
121 | /* Compute MD5 message digest for LEN bytes beginning at BUFFER. The | ||
122 | result is always in little endian byte order, so that a byte-wise | ||
123 | output yields to the wanted ASCII representation of the message | ||
124 | digest. */ | ||
125 | extern void *__MHD_md5_buffer (const char *buffer, size_t len, | ||
126 | void *resblock) __THROW; | ||
127 | |||
128 | #endif /* md5.h */ | ||
diff --git a/src/daemon/https/lgl/memxor.c b/src/daemon/https/lgl/memxor.c deleted file mode 100644 index 46c6542e..00000000 --- a/src/daemon/https/lgl/memxor.c +++ /dev/null | |||
@@ -1,35 +0,0 @@ | |||
1 | /* MHD_memxor.c -- perform binary exclusive OR operation of two memory blocks. | ||
2 | Copyright (C) 2005, 2006 Free Software Foundation, Inc. | ||
3 | |||
4 | This program is free software; you can redistribute it and/or modify | ||
5 | it under the terms of the GNU Lesser General Public License as published by | ||
6 | the Free Software Foundation; either version 2.1, or (at your option) | ||
7 | any later version. | ||
8 | |||
9 | This program is distributed in the hope that it will be useful, | ||
10 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
12 | GNU Lesser General Public License for more details. | ||
13 | |||
14 | You should have received a copy of the GNU Lesser General Public License | ||
15 | along with this program; if not, write to the Free Software Foundation, | ||
16 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ | ||
17 | |||
18 | /* Written by Simon Josefsson. The interface was inspired by MHD_memxor | ||
19 | in Niels Möller's Nettle. */ | ||
20 | |||
21 | #include "MHD_config.h" | ||
22 | |||
23 | #include "memxor.h" | ||
24 | |||
25 | void * | ||
26 | MHD_memxor (void * dest, const void * src, size_t n) | ||
27 | { | ||
28 | char const *s = src; | ||
29 | char *d = dest; | ||
30 | |||
31 | for (; n > 0; n--) | ||
32 | *d++ ^= *s++; | ||
33 | |||
34 | return dest; | ||
35 | } | ||
diff --git a/src/daemon/https/lgl/memxor.h b/src/daemon/https/lgl/memxor.h deleted file mode 100644 index 6ccb3ba6..00000000 --- a/src/daemon/https/lgl/memxor.h +++ /dev/null | |||
@@ -1,31 +0,0 @@ | |||
1 | /* MHD_memxor.h -- perform binary exclusive OR operation on memory blocks. | ||
2 | Copyright (C) 2005 Free Software Foundation, Inc. | ||
3 | |||
4 | This program is free software; you can redistribute it and/or modify | ||
5 | it under the terms of the GNU Lesser General Public License as published by | ||
6 | the Free Software Foundation; either version 2.1, or (at your option) | ||
7 | any later version. | ||
8 | |||
9 | This program is distributed in the hope that it will be useful, | ||
10 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
12 | GNU Lesser General Public License for more details. | ||
13 | |||
14 | You should have received a copy of the GNU Lesser General Public License | ||
15 | along with this program; if not, write to the Free Software Foundation, | ||
16 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ | ||
17 | |||
18 | /* Written by Simon Josefsson. The interface was inspired by MHD_memxor | ||
19 | in Niels Möller's Nettle. */ | ||
20 | |||
21 | #ifndef MEMXOR_H | ||
22 | # define MEMXOR_H | ||
23 | |||
24 | #include <stddef.h> | ||
25 | |||
26 | /* Compute binary exclusive OR of memory areas DEST and SRC, putting | ||
27 | the result in DEST, of length N bytes. Returns a pointer to | ||
28 | DEST. */ | ||
29 | void *MHD_memxor (void * dest, const void * src, size_t n); | ||
30 | |||
31 | #endif /* MEMXOR_H */ | ||
diff --git a/src/daemon/https/lgl/rijndael-alg-fst.c b/src/daemon/https/lgl/rijndael-alg-fst.c deleted file mode 100644 index 516fff15..00000000 --- a/src/daemon/https/lgl/rijndael-alg-fst.c +++ /dev/null | |||
@@ -1,1093 +0,0 @@ | |||
1 | /* rijndael-alg-fst.c --- Rijndael cipher implementation. | ||
2 | * Copyright (C) 2005, 2006 Free Software Foundation, Inc. | ||
3 | * | ||
4 | * This file is free software; you can redistribute it and/or modify | ||
5 | * it under the terms of the GNU Lesser General Public License as published | ||
6 | * by the Free Software Foundation; either version 2.1, or (at your | ||
7 | * option) any later version. | ||
8 | * | ||
9 | * This file is distributed in the hope that it will be useful, but | ||
10 | * WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
12 | * General Public License for more details. | ||
13 | * | ||
14 | * You should have received a copy of the GNU Lesser General Public License | ||
15 | * along with this file; if not, write to the Free Software | ||
16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA | ||
17 | * 02110-1301, USA. | ||
18 | * | ||
19 | */ | ||
20 | |||
21 | /* Adapted for gnulib by Simon Josefsson. | ||
22 | * | ||
23 | * Based on public domain "Optimised C code" retrieved from (SHA1 | ||
24 | * 7c8e4b00d06685d1dbc6724a9e0d502353de339e): | ||
25 | * http://www.iaik.tu-graz.ac.at/research/krypto/AES/old/~rijmen/rijndael/rijndael-fst-3.0.zip | ||
26 | */ | ||
27 | |||
28 | #include "MHD_config.h" | ||
29 | |||
30 | /** | ||
31 | * rijndael-alg-fst.c | ||
32 | * | ||
33 | * @version 3.0 (December 2000) | ||
34 | * | ||
35 | * Optimised ANSI C code for the Rijndael cipher (now AES) | ||
36 | * | ||
37 | * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> | ||
38 | * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> | ||
39 | * @author Paulo Barreto <paulo.barreto@terra.com.br> | ||
40 | * | ||
41 | * This code is hereby placed in the public domain. | ||
42 | * | ||
43 | * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS | ||
44 | * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
45 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
46 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE | ||
47 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | ||
48 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | ||
49 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR | ||
50 | * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, | ||
51 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE | ||
52 | * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, | ||
53 | * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
54 | */ | ||
55 | |||
56 | #include "rijndael-alg-fst.h" | ||
57 | |||
58 | /* | ||
59 | Te0[x] = S [x].[02, 01, 01, 03]; | ||
60 | Te1[x] = S [x].[03, 02, 01, 01]; | ||
61 | Te2[x] = S [x].[01, 03, 02, 01]; | ||
62 | Te3[x] = S [x].[01, 01, 03, 02]; | ||
63 | Te4[x] = S [x].[01, 01, 01, 01]; | ||
64 | |||
65 | Td0[x] = Si[x].[0e, 09, 0d, 0b]; | ||
66 | Td1[x] = Si[x].[0b, 0e, 09, 0d]; | ||
67 | Td2[x] = Si[x].[0d, 0b, 0e, 09]; | ||
68 | Td3[x] = Si[x].[09, 0d, 0b, 0e]; | ||
69 | Td4[x] = Si[x].[01, 01, 01, 01]; | ||
70 | */ | ||
71 | |||
72 | static const uint32_t Te0[256] = { | ||
73 | 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, | ||
74 | 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554, | ||
75 | 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d, | ||
76 | 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, | ||
77 | 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87, | ||
78 | 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b, | ||
79 | 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, | ||
80 | 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b, | ||
81 | 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a, | ||
82 | 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, | ||
83 | 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108, | ||
84 | 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f, | ||
85 | 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, | ||
86 | 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5, | ||
87 | 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d, | ||
88 | 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, | ||
89 | 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e, | ||
90 | 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb, | ||
91 | 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, | ||
92 | 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497, | ||
93 | 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c, | ||
94 | 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, | ||
95 | 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b, | ||
96 | 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a, | ||
97 | 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, | ||
98 | 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594, | ||
99 | 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81, | ||
100 | 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, | ||
101 | 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a, | ||
102 | 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504, | ||
103 | 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, | ||
104 | 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d, | ||
105 | 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f, | ||
106 | 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, | ||
107 | 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47, | ||
108 | 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395, | ||
109 | 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, | ||
110 | 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883, | ||
111 | 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c, | ||
112 | 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, | ||
113 | 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e, | ||
114 | 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4, | ||
115 | 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, | ||
116 | 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b, | ||
117 | 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7, | ||
118 | 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, | ||
119 | 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25, | ||
120 | 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818, | ||
121 | 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, | ||
122 | 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651, | ||
123 | 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21, | ||
124 | 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, | ||
125 | 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa, | ||
126 | 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12, | ||
127 | 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, | ||
128 | 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9, | ||
129 | 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133, | ||
130 | 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, | ||
131 | 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920, | ||
132 | 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a, | ||
133 | 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, | ||
134 | 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8, | ||
135 | 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11, | ||
136 | 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a, | ||
137 | }; | ||
138 | |||
139 | static const uint32_t Te1[256] = { | ||
140 | 0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b, | ||
141 | 0x0dfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5, | ||
142 | 0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b, | ||
143 | 0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676, | ||
144 | 0x458fcaca, 0x9d1f8282, 0x4089c9c9, 0x87fa7d7d, | ||
145 | 0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0, | ||
146 | 0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf, | ||
147 | 0xbf239c9c, 0xf753a4a4, 0x96e47272, 0x5b9bc0c0, | ||
148 | 0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626, | ||
149 | 0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc, | ||
150 | 0x5c683434, 0xf451a5a5, 0x34d1e5e5, 0x08f9f1f1, | ||
151 | 0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515, | ||
152 | 0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3, | ||
153 | 0x28301818, 0xa1379696, 0x0f0a0505, 0xb52f9a9a, | ||
154 | 0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2, | ||
155 | 0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575, | ||
156 | 0x1b120909, 0x9e1d8383, 0x74582c2c, 0x2e341a1a, | ||
157 | 0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0, | ||
158 | 0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3, | ||
159 | 0x7b522929, 0x3edde3e3, 0x715e2f2f, 0x97138484, | ||
160 | 0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded, | ||
161 | 0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b, | ||
162 | 0xbed46a6a, 0x468dcbcb, 0xd967bebe, 0x4b723939, | ||
163 | 0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf, | ||
164 | 0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb, | ||
165 | 0xc5864343, 0xd79a4d4d, 0x55663333, 0x94118585, | ||
166 | 0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f, | ||
167 | 0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8, | ||
168 | 0xf3a25151, 0xfe5da3a3, 0xc0804040, 0x8a058f8f, | ||
169 | 0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5, | ||
170 | 0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121, | ||
171 | 0x30201010, 0x1ae5ffff, 0x0efdf3f3, 0x6dbfd2d2, | ||
172 | 0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec, | ||
173 | 0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717, | ||
174 | 0x5793c4c4, 0xf255a7a7, 0x82fc7e7e, 0x477a3d3d, | ||
175 | 0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373, | ||
176 | 0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc, | ||
177 | 0x66442222, 0x7e542a2a, 0xab3b9090, 0x830b8888, | ||
178 | 0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414, | ||
179 | 0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb, | ||
180 | 0x3bdbe0e0, 0x56643232, 0x4e743a3a, 0x1e140a0a, | ||
181 | 0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c, | ||
182 | 0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262, | ||
183 | 0xa8399191, 0xa4319595, 0x37d3e4e4, 0x8bf27979, | ||
184 | 0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d, | ||
185 | 0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9, | ||
186 | 0xb4d86c6c, 0xfaac5656, 0x07f3f4f4, 0x25cfeaea, | ||
187 | 0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808, | ||
188 | 0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e, | ||
189 | 0x24381c1c, 0xf157a6a6, 0xc773b4b4, 0x5197c6c6, | ||
190 | 0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f, | ||
191 | 0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a, | ||
192 | 0x90e07070, 0x427c3e3e, 0xc471b5b5, 0xaacc6666, | ||
193 | 0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e, | ||
194 | 0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9, | ||
195 | 0x91178686, 0x5899c1c1, 0x273a1d1d, 0xb9279e9e, | ||
196 | 0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111, | ||
197 | 0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494, | ||
198 | 0xb62d9b9b, 0x223c1e1e, 0x92158787, 0x20c9e9e9, | ||
199 | 0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf, | ||
200 | 0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d, | ||
201 | 0xda65bfbf, 0x31d7e6e6, 0xc6844242, 0xb8d06868, | ||
202 | 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f, | ||
203 | 0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616, | ||
204 | }; | ||
205 | |||
206 | static const uint32_t Te2[256] = { | ||
207 | 0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b, | ||
208 | 0xf20dfff2, 0x6bbdd66b, 0x6fb1de6f, 0xc55491c5, | ||
209 | 0x30506030, 0x01030201, 0x67a9ce67, 0x2b7d562b, | ||
210 | 0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76, | ||
211 | 0xca458fca, 0x829d1f82, 0xc94089c9, 0x7d87fa7d, | ||
212 | 0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0, | ||
213 | 0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af, | ||
214 | 0x9cbf239c, 0xa4f753a4, 0x7296e472, 0xc05b9bc0, | ||
215 | 0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26, | ||
216 | 0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc, | ||
217 | 0x345c6834, 0xa5f451a5, 0xe534d1e5, 0xf108f9f1, | ||
218 | 0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15, | ||
219 | 0x040c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3, | ||
220 | 0x18283018, 0x96a13796, 0x050f0a05, 0x9ab52f9a, | ||
221 | 0x07090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2, | ||
222 | 0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75, | ||
223 | 0x091b1209, 0x839e1d83, 0x2c74582c, 0x1a2e341a, | ||
224 | 0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0, | ||
225 | 0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3, | ||
226 | 0x297b5229, 0xe33edde3, 0x2f715e2f, 0x84971384, | ||
227 | 0x53f5a653, 0xd168b9d1, 0x00000000, 0xed2cc1ed, | ||
228 | 0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b, | ||
229 | 0x6abed46a, 0xcb468dcb, 0xbed967be, 0x394b7239, | ||
230 | 0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf, | ||
231 | 0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb, | ||
232 | 0x43c58643, 0x4dd79a4d, 0x33556633, 0x85941185, | ||
233 | 0x45cf8a45, 0xf910e9f9, 0x02060402, 0x7f81fe7f, | ||
234 | 0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8, | ||
235 | 0x51f3a251, 0xa3fe5da3, 0x40c08040, 0x8f8a058f, | ||
236 | 0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5, | ||
237 | 0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221, | ||
238 | 0x10302010, 0xff1ae5ff, 0xf30efdf3, 0xd26dbfd2, | ||
239 | 0xcd4c81cd, 0x0c14180c, 0x13352613, 0xec2fc3ec, | ||
240 | 0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17, | ||
241 | 0xc45793c4, 0xa7f255a7, 0x7e82fc7e, 0x3d477a3d, | ||
242 | 0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673, | ||
243 | 0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc, | ||
244 | 0x22664422, 0x2a7e542a, 0x90ab3b90, 0x88830b88, | ||
245 | 0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814, | ||
246 | 0xde79a7de, 0x5ee2bc5e, 0x0b1d160b, 0xdb76addb, | ||
247 | 0xe03bdbe0, 0x32566432, 0x3a4e743a, 0x0a1e140a, | ||
248 | 0x49db9249, 0x060a0c06, 0x246c4824, 0x5ce4b85c, | ||
249 | 0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462, | ||
250 | 0x91a83991, 0x95a43195, 0xe437d3e4, 0x798bf279, | ||
251 | 0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d, | ||
252 | 0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9, | ||
253 | 0x6cb4d86c, 0x56faac56, 0xf407f3f4, 0xea25cfea, | ||
254 | 0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x08181008, | ||
255 | 0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e, | ||
256 | 0x1c24381c, 0xa6f157a6, 0xb4c773b4, 0xc65197c6, | ||
257 | 0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f, | ||
258 | 0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a, | ||
259 | 0x7090e070, 0x3e427c3e, 0xb5c471b5, 0x66aacc66, | ||
260 | 0x48d89048, 0x03050603, 0xf601f7f6, 0x0e121c0e, | ||
261 | 0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9, | ||
262 | 0x86911786, 0xc15899c1, 0x1d273a1d, 0x9eb9279e, | ||
263 | 0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211, | ||
264 | 0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394, | ||
265 | 0x9bb62d9b, 0x1e223c1e, 0x87921587, 0xe920c9e9, | ||
266 | 0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df, | ||
267 | 0x8c8f038c, 0xa1f859a1, 0x89800989, 0x0d171a0d, | ||
268 | 0xbfda65bf, 0xe631d7e6, 0x42c68442, 0x68b8d068, | ||
269 | 0x41c38241, 0x99b02999, 0x2d775a2d, 0x0f111e0f, | ||
270 | 0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16, | ||
271 | }; | ||
272 | |||
273 | static const uint32_t Te3[256] = { | ||
274 | 0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6, | ||
275 | 0xf2f20dff, 0x6b6bbdd6, 0x6f6fb1de, 0xc5c55491, | ||
276 | 0x30305060, 0x01010302, 0x6767a9ce, 0x2b2b7d56, | ||
277 | 0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec, | ||
278 | 0xcaca458f, 0x82829d1f, 0xc9c94089, 0x7d7d87fa, | ||
279 | 0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb, | ||
280 | 0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45, | ||
281 | 0x9c9cbf23, 0xa4a4f753, 0x727296e4, 0xc0c05b9b, | ||
282 | 0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c, | ||
283 | 0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83, | ||
284 | 0x34345c68, 0xa5a5f451, 0xe5e534d1, 0xf1f108f9, | ||
285 | 0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a, | ||
286 | 0x04040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d, | ||
287 | 0x18182830, 0x9696a137, 0x05050f0a, 0x9a9ab52f, | ||
288 | 0x0707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf, | ||
289 | 0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea, | ||
290 | 0x09091b12, 0x83839e1d, 0x2c2c7458, 0x1a1a2e34, | ||
291 | 0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b, | ||
292 | 0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d, | ||
293 | 0x29297b52, 0xe3e33edd, 0x2f2f715e, 0x84849713, | ||
294 | 0x5353f5a6, 0xd1d168b9, 0x00000000, 0xeded2cc1, | ||
295 | 0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6, | ||
296 | 0x6a6abed4, 0xcbcb468d, 0xbebed967, 0x39394b72, | ||
297 | 0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85, | ||
298 | 0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed, | ||
299 | 0x4343c586, 0x4d4dd79a, 0x33335566, 0x85859411, | ||
300 | 0x4545cf8a, 0xf9f910e9, 0x02020604, 0x7f7f81fe, | ||
301 | 0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b, | ||
302 | 0x5151f3a2, 0xa3a3fe5d, 0x4040c080, 0x8f8f8a05, | ||
303 | 0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1, | ||
304 | 0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342, | ||
305 | 0x10103020, 0xffff1ae5, 0xf3f30efd, 0xd2d26dbf, | ||
306 | 0xcdcd4c81, 0x0c0c1418, 0x13133526, 0xecec2fc3, | ||
307 | 0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e, | ||
308 | 0xc4c45793, 0xa7a7f255, 0x7e7e82fc, 0x3d3d477a, | ||
309 | 0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6, | ||
310 | 0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3, | ||
311 | 0x22226644, 0x2a2a7e54, 0x9090ab3b, 0x8888830b, | ||
312 | 0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28, | ||
313 | 0xdede79a7, 0x5e5ee2bc, 0x0b0b1d16, 0xdbdb76ad, | ||
314 | 0xe0e03bdb, 0x32325664, 0x3a3a4e74, 0x0a0a1e14, | ||
315 | 0x4949db92, 0x06060a0c, 0x24246c48, 0x5c5ce4b8, | ||
316 | 0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4, | ||
317 | 0x9191a839, 0x9595a431, 0xe4e437d3, 0x79798bf2, | ||
318 | 0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da, | ||
319 | 0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049, | ||
320 | 0x6c6cb4d8, 0x5656faac, 0xf4f407f3, 0xeaea25cf, | ||
321 | 0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x08081810, | ||
322 | 0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c, | ||
323 | 0x1c1c2438, 0xa6a6f157, 0xb4b4c773, 0xc6c65197, | ||
324 | 0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e, | ||
325 | 0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f, | ||
326 | 0x707090e0, 0x3e3e427c, 0xb5b5c471, 0x6666aacc, | ||
327 | 0x4848d890, 0x03030506, 0xf6f601f7, 0x0e0e121c, | ||
328 | 0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069, | ||
329 | 0x86869117, 0xc1c15899, 0x1d1d273a, 0x9e9eb927, | ||
330 | 0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322, | ||
331 | 0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733, | ||
332 | 0x9b9bb62d, 0x1e1e223c, 0x87879215, 0xe9e920c9, | ||
333 | 0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5, | ||
334 | 0x8c8c8f03, 0xa1a1f859, 0x89898009, 0x0d0d171a, | ||
335 | 0xbfbfda65, 0xe6e631d7, 0x4242c684, 0x6868b8d0, | ||
336 | 0x4141c382, 0x9999b029, 0x2d2d775a, 0x0f0f111e, | ||
337 | 0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c, | ||
338 | }; | ||
339 | |||
340 | static const uint32_t Te4[256] = { | ||
341 | 0x63636363, 0x7c7c7c7c, 0x77777777, 0x7b7b7b7b, | ||
342 | 0xf2f2f2f2, 0x6b6b6b6b, 0x6f6f6f6f, 0xc5c5c5c5, | ||
343 | 0x30303030, 0x01010101, 0x67676767, 0x2b2b2b2b, | ||
344 | 0xfefefefe, 0xd7d7d7d7, 0xabababab, 0x76767676, | ||
345 | 0xcacacaca, 0x82828282, 0xc9c9c9c9, 0x7d7d7d7d, | ||
346 | 0xfafafafa, 0x59595959, 0x47474747, 0xf0f0f0f0, | ||
347 | 0xadadadad, 0xd4d4d4d4, 0xa2a2a2a2, 0xafafafaf, | ||
348 | 0x9c9c9c9c, 0xa4a4a4a4, 0x72727272, 0xc0c0c0c0, | ||
349 | 0xb7b7b7b7, 0xfdfdfdfd, 0x93939393, 0x26262626, | ||
350 | 0x36363636, 0x3f3f3f3f, 0xf7f7f7f7, 0xcccccccc, | ||
351 | 0x34343434, 0xa5a5a5a5, 0xe5e5e5e5, 0xf1f1f1f1, | ||
352 | 0x71717171, 0xd8d8d8d8, 0x31313131, 0x15151515, | ||
353 | 0x04040404, 0xc7c7c7c7, 0x23232323, 0xc3c3c3c3, | ||
354 | 0x18181818, 0x96969696, 0x05050505, 0x9a9a9a9a, | ||
355 | 0x07070707, 0x12121212, 0x80808080, 0xe2e2e2e2, | ||
356 | 0xebebebeb, 0x27272727, 0xb2b2b2b2, 0x75757575, | ||
357 | 0x09090909, 0x83838383, 0x2c2c2c2c, 0x1a1a1a1a, | ||
358 | 0x1b1b1b1b, 0x6e6e6e6e, 0x5a5a5a5a, 0xa0a0a0a0, | ||
359 | 0x52525252, 0x3b3b3b3b, 0xd6d6d6d6, 0xb3b3b3b3, | ||
360 | 0x29292929, 0xe3e3e3e3, 0x2f2f2f2f, 0x84848484, | ||
361 | 0x53535353, 0xd1d1d1d1, 0x00000000, 0xedededed, | ||
362 | 0x20202020, 0xfcfcfcfc, 0xb1b1b1b1, 0x5b5b5b5b, | ||
363 | 0x6a6a6a6a, 0xcbcbcbcb, 0xbebebebe, 0x39393939, | ||
364 | 0x4a4a4a4a, 0x4c4c4c4c, 0x58585858, 0xcfcfcfcf, | ||
365 | 0xd0d0d0d0, 0xefefefef, 0xaaaaaaaa, 0xfbfbfbfb, | ||
366 | 0x43434343, 0x4d4d4d4d, 0x33333333, 0x85858585, | ||
367 | 0x45454545, 0xf9f9f9f9, 0x02020202, 0x7f7f7f7f, | ||
368 | 0x50505050, 0x3c3c3c3c, 0x9f9f9f9f, 0xa8a8a8a8, | ||
369 | 0x51515151, 0xa3a3a3a3, 0x40404040, 0x8f8f8f8f, | ||
370 | 0x92929292, 0x9d9d9d9d, 0x38383838, 0xf5f5f5f5, | ||
371 | 0xbcbcbcbc, 0xb6b6b6b6, 0xdadadada, 0x21212121, | ||
372 | 0x10101010, 0xffffffff, 0xf3f3f3f3, 0xd2d2d2d2, | ||
373 | 0xcdcdcdcd, 0x0c0c0c0c, 0x13131313, 0xecececec, | ||
374 | 0x5f5f5f5f, 0x97979797, 0x44444444, 0x17171717, | ||
375 | 0xc4c4c4c4, 0xa7a7a7a7, 0x7e7e7e7e, 0x3d3d3d3d, | ||
376 | 0x64646464, 0x5d5d5d5d, 0x19191919, 0x73737373, | ||
377 | 0x60606060, 0x81818181, 0x4f4f4f4f, 0xdcdcdcdc, | ||
378 | 0x22222222, 0x2a2a2a2a, 0x90909090, 0x88888888, | ||
379 | 0x46464646, 0xeeeeeeee, 0xb8b8b8b8, 0x14141414, | ||
380 | 0xdededede, 0x5e5e5e5e, 0x0b0b0b0b, 0xdbdbdbdb, | ||
381 | 0xe0e0e0e0, 0x32323232, 0x3a3a3a3a, 0x0a0a0a0a, | ||
382 | 0x49494949, 0x06060606, 0x24242424, 0x5c5c5c5c, | ||
383 | 0xc2c2c2c2, 0xd3d3d3d3, 0xacacacac, 0x62626262, | ||
384 | 0x91919191, 0x95959595, 0xe4e4e4e4, 0x79797979, | ||
385 | 0xe7e7e7e7, 0xc8c8c8c8, 0x37373737, 0x6d6d6d6d, | ||
386 | 0x8d8d8d8d, 0xd5d5d5d5, 0x4e4e4e4e, 0xa9a9a9a9, | ||
387 | 0x6c6c6c6c, 0x56565656, 0xf4f4f4f4, 0xeaeaeaea, | ||
388 | 0x65656565, 0x7a7a7a7a, 0xaeaeaeae, 0x08080808, | ||
389 | 0xbabababa, 0x78787878, 0x25252525, 0x2e2e2e2e, | ||
390 | 0x1c1c1c1c, 0xa6a6a6a6, 0xb4b4b4b4, 0xc6c6c6c6, | ||
391 | 0xe8e8e8e8, 0xdddddddd, 0x74747474, 0x1f1f1f1f, | ||
392 | 0x4b4b4b4b, 0xbdbdbdbd, 0x8b8b8b8b, 0x8a8a8a8a, | ||
393 | 0x70707070, 0x3e3e3e3e, 0xb5b5b5b5, 0x66666666, | ||
394 | 0x48484848, 0x03030303, 0xf6f6f6f6, 0x0e0e0e0e, | ||
395 | 0x61616161, 0x35353535, 0x57575757, 0xb9b9b9b9, | ||
396 | 0x86868686, 0xc1c1c1c1, 0x1d1d1d1d, 0x9e9e9e9e, | ||
397 | 0xe1e1e1e1, 0xf8f8f8f8, 0x98989898, 0x11111111, | ||
398 | 0x69696969, 0xd9d9d9d9, 0x8e8e8e8e, 0x94949494, | ||
399 | 0x9b9b9b9b, 0x1e1e1e1e, 0x87878787, 0xe9e9e9e9, | ||
400 | 0xcececece, 0x55555555, 0x28282828, 0xdfdfdfdf, | ||
401 | 0x8c8c8c8c, 0xa1a1a1a1, 0x89898989, 0x0d0d0d0d, | ||
402 | 0xbfbfbfbf, 0xe6e6e6e6, 0x42424242, 0x68686868, | ||
403 | 0x41414141, 0x99999999, 0x2d2d2d2d, 0x0f0f0f0f, | ||
404 | 0xb0b0b0b0, 0x54545454, 0xbbbbbbbb, 0x16161616, | ||
405 | }; | ||
406 | |||
407 | static const uint32_t Td0[256] = { | ||
408 | 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, | ||
409 | 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393, | ||
410 | 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25, | ||
411 | 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, | ||
412 | 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1, | ||
413 | 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6, | ||
414 | 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, | ||
415 | 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844, | ||
416 | 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd, | ||
417 | 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, | ||
418 | 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45, | ||
419 | 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94, | ||
420 | 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, | ||
421 | 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a, | ||
422 | 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5, | ||
423 | 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, | ||
424 | 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1, | ||
425 | 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a, | ||
426 | 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, | ||
427 | 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051, | ||
428 | 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46, | ||
429 | 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, | ||
430 | 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77, | ||
431 | 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb, | ||
432 | 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, | ||
433 | 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e, | ||
434 | 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927, | ||
435 | 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, | ||
436 | 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e, | ||
437 | 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16, | ||
438 | 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, | ||
439 | 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8, | ||
440 | 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd, | ||
441 | 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, | ||
442 | 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163, | ||
443 | 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120, | ||
444 | 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, | ||
445 | 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0, | ||
446 | 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422, | ||
447 | 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, | ||
448 | 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36, | ||
449 | 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4, | ||
450 | 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, | ||
451 | 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5, | ||
452 | 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3, | ||
453 | 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, | ||
454 | 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8, | ||
455 | 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6, | ||
456 | 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, | ||
457 | 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0, | ||
458 | 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815, | ||
459 | 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f, | ||
460 | 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df, | ||
461 | 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f, | ||
462 | 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, | ||
463 | 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713, | ||
464 | 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89, | ||
465 | 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, | ||
466 | 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf, | ||
467 | 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86, | ||
468 | 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, | ||
469 | 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541, | ||
470 | 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190, | ||
471 | 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742, | ||
472 | }; | ||
473 | |||
474 | static const uint32_t Td1[256] = { | ||
475 | 0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e, | ||
476 | 0xcb3bab6b, 0xf11f9d45, 0xabacfa58, 0x934be303, | ||
477 | 0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c, | ||
478 | 0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3, | ||
479 | 0x49deb15a, 0x6725ba1b, 0x9845ea0e, 0xe15dfec0, | ||
480 | 0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9, | ||
481 | 0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259, | ||
482 | 0x2dd4be83, 0xd3587421, 0x2949e069, 0x448ec9c8, | ||
483 | 0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971, | ||
484 | 0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a, | ||
485 | 0x1863df4a, 0x82e51a31, 0x60975133, 0x4562537f, | ||
486 | 0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b, | ||
487 | 0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8, | ||
488 | 0x23ab73d3, 0xe2724b02, 0x57e31f8f, 0x2a6655ab, | ||
489 | 0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708, | ||
490 | 0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682, | ||
491 | 0x2b8acf1c, 0x92a779b4, 0xf0f307f2, 0xa14e69e2, | ||
492 | 0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe, | ||
493 | 0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb, | ||
494 | 0x390b83ec, 0xaa4060ef, 0x065e719f, 0x51bd6e10, | ||
495 | 0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd, | ||
496 | 0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015, | ||
497 | 0x241998fb, 0x97d6bde9, 0xcc894043, 0x7767d99e, | ||
498 | 0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee, | ||
499 | 0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000, | ||
500 | 0x83098086, 0x48322bed, 0xac1e1170, 0x4e6c5a72, | ||
501 | 0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39, | ||
502 | 0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e, | ||
503 | 0xb10c0a67, 0x0f9357e7, 0xd2b4ee96, 0x9e1b9b91, | ||
504 | 0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a, | ||
505 | 0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17, | ||
506 | 0x0b0e090d, 0xadf28bc7, 0xb92db6a8, 0xc8141ea9, | ||
507 | 0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60, | ||
508 | 0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e, | ||
509 | 0x768b4329, 0xdccb23c6, 0x68b6edfc, 0x63b8e4f1, | ||
510 | 0xcad731dc, 0x10426385, 0x40139722, 0x2084c611, | ||
511 | 0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1, | ||
512 | 0x4b1d9e2f, 0xf3dcb230, 0xec0d8652, 0xd077c1e3, | ||
513 | 0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964, | ||
514 | 0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390, | ||
515 | 0xc787494e, 0xc1d938d1, 0xfe8ccaa2, 0x3698d40b, | ||
516 | 0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf, | ||
517 | 0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46, | ||
518 | 0xc2f68d13, 0xe890d8b8, 0x5e2e39f7, 0xf582c3af, | ||
519 | 0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512, | ||
520 | 0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb, | ||
521 | 0x09cd2678, 0xf46e5918, 0x01ec9ab7, 0xa8834f9a, | ||
522 | 0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8, | ||
523 | 0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c, | ||
524 | 0xaf31a4b2, 0x312a3f23, 0x30c6a594, 0xc035a266, | ||
525 | 0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8, | ||
526 | 0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6, | ||
527 | 0x8d764dd6, 0x4d43efb0, 0x54ccaa4d, 0xdfe49604, | ||
528 | 0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551, | ||
529 | 0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41, | ||
530 | 0x5ab3671d, 0x5292dbd2, 0x33e91056, 0x136dd647, | ||
531 | 0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c, | ||
532 | 0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1, | ||
533 | 0x599cd2df, 0x3f55f273, 0x791814ce, 0xbf73c737, | ||
534 | 0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db, | ||
535 | 0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340, | ||
536 | 0x72161dc3, 0x0cbce225, 0x8b283c49, 0x41ff0d95, | ||
537 | 0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1, | ||
538 | 0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857, | ||
539 | }; | ||
540 | |||
541 | static const uint32_t Td2[256] = { | ||
542 | 0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27, | ||
543 | 0x6bcb3bab, 0x45f11f9d, 0x58abacfa, 0x03934be3, | ||
544 | 0xfa552030, 0x6df6ad76, 0x769188cc, 0x4c25f502, | ||
545 | 0xd7fc4fe5, 0xcbd7c52a, 0x44802635, 0xa38fb562, | ||
546 | 0x5a49deb1, 0x1b6725ba, 0x0e9845ea, 0xc0e15dfe, | ||
547 | 0x7502c32f, 0xf012814c, 0x97a38d46, 0xf9c66bd3, | ||
548 | 0x5fe7038f, 0x9c951592, 0x7aebbf6d, 0x59da9552, | ||
549 | 0x832dd4be, 0x21d35874, 0x692949e0, 0xc8448ec9, | ||
550 | 0x896a75c2, 0x7978f48e, 0x3e6b9958, 0x71dd27b9, | ||
551 | 0x4fb6bee1, 0xad17f088, 0xac66c920, 0x3ab47dce, | ||
552 | 0x4a1863df, 0x3182e51a, 0x33609751, 0x7f456253, | ||
553 | 0x77e0b164, 0xae84bb6b, 0xa01cfe81, 0x2b94f908, | ||
554 | 0x68587048, 0xfd198f45, 0x6c8794de, 0xf8b7527b, | ||
555 | 0xd323ab73, 0x02e2724b, 0x8f57e31f, 0xab2a6655, | ||
556 | 0x2807b2eb, 0xc2032fb5, 0x7b9a86c5, 0x08a5d337, | ||
557 | 0x87f23028, 0xa5b223bf, 0x6aba0203, 0x825ced16, | ||
558 | 0x1c2b8acf, 0xb492a779, 0xf2f0f307, 0xe2a14e69, | ||
559 | 0xf4cd65da, 0xbed50605, 0x621fd134, 0xfe8ac4a6, | ||
560 | 0x539d342e, 0x55a0a2f3, 0xe132058a, 0xeb75a4f6, | ||
561 | 0xec390b83, 0xefaa4060, 0x9f065e71, 0x1051bd6e, | ||
562 | 0x8af93e21, 0x063d96dd, 0x05aedd3e, 0xbd464de6, | ||
563 | 0x8db59154, 0x5d0571c4, 0xd46f0406, 0x15ff6050, | ||
564 | 0xfb241998, 0xe997d6bd, 0x43cc8940, 0x9e7767d9, | ||
565 | 0x42bdb0e8, 0x8b880789, 0x5b38e719, 0xeedb79c8, | ||
566 | 0x0a47a17c, 0x0fe97c42, 0x1ec9f884, 0x00000000, | ||
567 | 0x86830980, 0xed48322b, 0x70ac1e11, 0x724e6c5a, | ||
568 | 0xfffbfd0e, 0x38560f85, 0xd51e3dae, 0x3927362d, | ||
569 | 0xd9640a0f, 0xa621685c, 0x54d19b5b, 0x2e3a2436, | ||
570 | 0x67b10c0a, 0xe70f9357, 0x96d2b4ee, 0x919e1b9b, | ||
571 | 0xc54f80c0, 0x20a261dc, 0x4b695a77, 0x1a161c12, | ||
572 | 0xba0ae293, 0x2ae5c0a0, 0xe0433c22, 0x171d121b, | ||
573 | 0x0d0b0e09, 0xc7adf28b, 0xa8b92db6, 0xa9c8141e, | ||
574 | 0x198557f1, 0x074caf75, 0xddbbee99, 0x60fda37f, | ||
575 | 0x269ff701, 0xf5bc5c72, 0x3bc54466, 0x7e345bfb, | ||
576 | 0x29768b43, 0xc6dccb23, 0xfc68b6ed, 0xf163b8e4, | ||
577 | 0xdccad731, 0x85104263, 0x22401397, 0x112084c6, | ||
578 | 0x247d854a, 0x3df8d2bb, 0x3211aef9, 0xa16dc729, | ||
579 | 0x2f4b1d9e, 0x30f3dcb2, 0x52ec0d86, 0xe3d077c1, | ||
580 | 0x166c2bb3, 0xb999a970, 0x48fa1194, 0x642247e9, | ||
581 | 0x8cc4a8fc, 0x3f1aa0f0, 0x2cd8567d, 0x90ef2233, | ||
582 | 0x4ec78749, 0xd1c1d938, 0xa2fe8cca, 0x0b3698d4, | ||
583 | 0x81cfa6f5, 0xde28a57a, 0x8e26dab7, 0xbfa43fad, | ||
584 | 0x9de42c3a, 0x920d5078, 0xcc9b6a5f, 0x4662547e, | ||
585 | 0x13c2f68d, 0xb8e890d8, 0xf75e2e39, 0xaff582c3, | ||
586 | 0x80be9f5d, 0x937c69d0, 0x2da96fd5, 0x12b3cf25, | ||
587 | 0x993bc8ac, 0x7da71018, 0x636ee89c, 0xbb7bdb3b, | ||
588 | 0x7809cd26, 0x18f46e59, 0xb701ec9a, 0x9aa8834f, | ||
589 | 0x6e65e695, 0xe67eaaff, 0xcf0821bc, 0xe8e6ef15, | ||
590 | 0x9bd9bae7, 0x36ce4a6f, 0x09d4ea9f, 0x7cd629b0, | ||
591 | 0xb2af31a4, 0x23312a3f, 0x9430c6a5, 0x66c035a2, | ||
592 | 0xbc37744e, 0xcaa6fc82, 0xd0b0e090, 0xd81533a7, | ||
593 | 0x984af104, 0xdaf741ec, 0x500e7fcd, 0xf62f1791, | ||
594 | 0xd68d764d, 0xb04d43ef, 0x4d54ccaa, 0x04dfe496, | ||
595 | 0xb5e39ed1, 0x881b4c6a, 0x1fb8c12c, 0x517f4665, | ||
596 | 0xea049d5e, 0x355d018c, 0x7473fa87, 0x412efb0b, | ||
597 | 0x1d5ab367, 0xd25292db, 0x5633e910, 0x47136dd6, | ||
598 | 0x618c9ad7, 0x0c7a37a1, 0x148e59f8, 0x3c89eb13, | ||
599 | 0x27eecea9, 0xc935b761, 0xe5ede11c, 0xb13c7a47, | ||
600 | 0xdf599cd2, 0x733f55f2, 0xce791814, 0x37bf73c7, | ||
601 | 0xcdea53f7, 0xaa5b5ffd, 0x6f14df3d, 0xdb867844, | ||
602 | 0xf381caaf, 0xc43eb968, 0x342c3824, 0x405fc2a3, | ||
603 | 0xc372161d, 0x250cbce2, 0x498b283c, 0x9541ff0d, | ||
604 | 0x017139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456, | ||
605 | 0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8, | ||
606 | }; | ||
607 | |||
608 | static const uint32_t Td3[256] = { | ||
609 | 0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a, | ||
610 | 0xab6bcb3b, 0x9d45f11f, 0xfa58abac, 0xe303934b, | ||
611 | 0x30fa5520, 0x766df6ad, 0xcc769188, 0x024c25f5, | ||
612 | 0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5, | ||
613 | 0xb15a49de, 0xba1b6725, 0xea0e9845, 0xfec0e15d, | ||
614 | 0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b, | ||
615 | 0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95, | ||
616 | 0xbe832dd4, 0x7421d358, 0xe0692949, 0xc9c8448e, | ||
617 | 0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27, | ||
618 | 0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d, | ||
619 | 0xdf4a1863, 0x1a3182e5, 0x51336097, 0x537f4562, | ||
620 | 0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x082b94f9, | ||
621 | 0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752, | ||
622 | 0x73d323ab, 0x4b02e272, 0x1f8f57e3, 0x55ab2a66, | ||
623 | 0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3, | ||
624 | 0x2887f230, 0xbfa5b223, 0x036aba02, 0x16825ced, | ||
625 | 0xcf1c2b8a, 0x79b492a7, 0x07f2f0f3, 0x69e2a14e, | ||
626 | 0xdaf4cd65, 0x05bed506, 0x34621fd1, 0xa6fe8ac4, | ||
627 | 0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4, | ||
628 | 0x83ec390b, 0x60efaa40, 0x719f065e, 0x6e1051bd, | ||
629 | 0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d, | ||
630 | 0x548db591, 0xc45d0571, 0x06d46f04, 0x5015ff60, | ||
631 | 0x98fb2419, 0xbde997d6, 0x4043cc89, 0xd99e7767, | ||
632 | 0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79, | ||
633 | 0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x00000000, | ||
634 | 0x80868309, 0x2bed4832, 0x1170ac1e, 0x5a724e6c, | ||
635 | 0x0efffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736, | ||
636 | 0x0fd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24, | ||
637 | 0x0a67b10c, 0x57e70f93, 0xee96d2b4, 0x9b919e1b, | ||
638 | 0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c, | ||
639 | 0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12, | ||
640 | 0x090d0b0e, 0x8bc7adf2, 0xb6a8b92d, 0x1ea9c814, | ||
641 | 0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3, | ||
642 | 0x01269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b, | ||
643 | 0x4329768b, 0x23c6dccb, 0xedfc68b6, 0xe4f163b8, | ||
644 | 0x31dccad7, 0x63851042, 0x97224013, 0xc6112084, | ||
645 | 0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7, | ||
646 | 0x9e2f4b1d, 0xb230f3dc, 0x8652ec0d, 0xc1e3d077, | ||
647 | 0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247, | ||
648 | 0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22, | ||
649 | 0x494ec787, 0x38d1c1d9, 0xcaa2fe8c, 0xd40b3698, | ||
650 | 0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f, | ||
651 | 0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254, | ||
652 | 0x8d13c2f6, 0xd8b8e890, 0x39f75e2e, 0xc3aff582, | ||
653 | 0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf, | ||
654 | 0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb, | ||
655 | 0x267809cd, 0x5918f46e, 0x9ab701ec, 0x4f9aa883, | ||
656 | 0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef, | ||
657 | 0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629, | ||
658 | 0xa4b2af31, 0x3f23312a, 0xa59430c6, 0xa266c035, | ||
659 | 0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533, | ||
660 | 0x04984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17, | ||
661 | 0x4dd68d76, 0xefb04d43, 0xaa4d54cc, 0x9604dfe4, | ||
662 | 0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46, | ||
663 | 0x5eea049d, 0x8c355d01, 0x877473fa, 0x0b412efb, | ||
664 | 0x671d5ab3, 0xdbd25292, 0x105633e9, 0xd647136d, | ||
665 | 0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb, | ||
666 | 0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a, | ||
667 | 0xd2df599c, 0xf2733f55, 0x14ce7918, 0xc737bf73, | ||
668 | 0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678, | ||
669 | 0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2, | ||
670 | 0x1dc37216, 0xe2250cbc, 0x3c498b28, 0x0d9541ff, | ||
671 | 0xa8017139, 0x0cb3de08, 0xb4e49cd8, 0x56c19064, | ||
672 | 0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0, | ||
673 | }; | ||
674 | |||
675 | static const uint32_t Td4[256] = { | ||
676 | 0x52525252, 0x09090909, 0x6a6a6a6a, 0xd5d5d5d5, | ||
677 | 0x30303030, 0x36363636, 0xa5a5a5a5, 0x38383838, | ||
678 | 0xbfbfbfbf, 0x40404040, 0xa3a3a3a3, 0x9e9e9e9e, | ||
679 | 0x81818181, 0xf3f3f3f3, 0xd7d7d7d7, 0xfbfbfbfb, | ||
680 | 0x7c7c7c7c, 0xe3e3e3e3, 0x39393939, 0x82828282, | ||
681 | 0x9b9b9b9b, 0x2f2f2f2f, 0xffffffff, 0x87878787, | ||
682 | 0x34343434, 0x8e8e8e8e, 0x43434343, 0x44444444, | ||
683 | 0xc4c4c4c4, 0xdededede, 0xe9e9e9e9, 0xcbcbcbcb, | ||
684 | 0x54545454, 0x7b7b7b7b, 0x94949494, 0x32323232, | ||
685 | 0xa6a6a6a6, 0xc2c2c2c2, 0x23232323, 0x3d3d3d3d, | ||
686 | 0xeeeeeeee, 0x4c4c4c4c, 0x95959595, 0x0b0b0b0b, | ||
687 | 0x42424242, 0xfafafafa, 0xc3c3c3c3, 0x4e4e4e4e, | ||
688 | 0x08080808, 0x2e2e2e2e, 0xa1a1a1a1, 0x66666666, | ||
689 | 0x28282828, 0xd9d9d9d9, 0x24242424, 0xb2b2b2b2, | ||
690 | 0x76767676, 0x5b5b5b5b, 0xa2a2a2a2, 0x49494949, | ||
691 | 0x6d6d6d6d, 0x8b8b8b8b, 0xd1d1d1d1, 0x25252525, | ||
692 | 0x72727272, 0xf8f8f8f8, 0xf6f6f6f6, 0x64646464, | ||
693 | 0x86868686, 0x68686868, 0x98989898, 0x16161616, | ||
694 | 0xd4d4d4d4, 0xa4a4a4a4, 0x5c5c5c5c, 0xcccccccc, | ||
695 | 0x5d5d5d5d, 0x65656565, 0xb6b6b6b6, 0x92929292, | ||
696 | 0x6c6c6c6c, 0x70707070, 0x48484848, 0x50505050, | ||
697 | 0xfdfdfdfd, 0xedededed, 0xb9b9b9b9, 0xdadadada, | ||
698 | 0x5e5e5e5e, 0x15151515, 0x46464646, 0x57575757, | ||
699 | 0xa7a7a7a7, 0x8d8d8d8d, 0x9d9d9d9d, 0x84848484, | ||
700 | 0x90909090, 0xd8d8d8d8, 0xabababab, 0x00000000, | ||
701 | 0x8c8c8c8c, 0xbcbcbcbc, 0xd3d3d3d3, 0x0a0a0a0a, | ||
702 | 0xf7f7f7f7, 0xe4e4e4e4, 0x58585858, 0x05050505, | ||
703 | 0xb8b8b8b8, 0xb3b3b3b3, 0x45454545, 0x06060606, | ||
704 | 0xd0d0d0d0, 0x2c2c2c2c, 0x1e1e1e1e, 0x8f8f8f8f, | ||
705 | 0xcacacaca, 0x3f3f3f3f, 0x0f0f0f0f, 0x02020202, | ||
706 | 0xc1c1c1c1, 0xafafafaf, 0xbdbdbdbd, 0x03030303, | ||
707 | 0x01010101, 0x13131313, 0x8a8a8a8a, 0x6b6b6b6b, | ||
708 | 0x3a3a3a3a, 0x91919191, 0x11111111, 0x41414141, | ||
709 | 0x4f4f4f4f, 0x67676767, 0xdcdcdcdc, 0xeaeaeaea, | ||
710 | 0x97979797, 0xf2f2f2f2, 0xcfcfcfcf, 0xcececece, | ||
711 | 0xf0f0f0f0, 0xb4b4b4b4, 0xe6e6e6e6, 0x73737373, | ||
712 | 0x96969696, 0xacacacac, 0x74747474, 0x22222222, | ||
713 | 0xe7e7e7e7, 0xadadadad, 0x35353535, 0x85858585, | ||
714 | 0xe2e2e2e2, 0xf9f9f9f9, 0x37373737, 0xe8e8e8e8, | ||
715 | 0x1c1c1c1c, 0x75757575, 0xdfdfdfdf, 0x6e6e6e6e, | ||
716 | 0x47474747, 0xf1f1f1f1, 0x1a1a1a1a, 0x71717171, | ||
717 | 0x1d1d1d1d, 0x29292929, 0xc5c5c5c5, 0x89898989, | ||
718 | 0x6f6f6f6f, 0xb7b7b7b7, 0x62626262, 0x0e0e0e0e, | ||
719 | 0xaaaaaaaa, 0x18181818, 0xbebebebe, 0x1b1b1b1b, | ||
720 | 0xfcfcfcfc, 0x56565656, 0x3e3e3e3e, 0x4b4b4b4b, | ||
721 | 0xc6c6c6c6, 0xd2d2d2d2, 0x79797979, 0x20202020, | ||
722 | 0x9a9a9a9a, 0xdbdbdbdb, 0xc0c0c0c0, 0xfefefefe, | ||
723 | 0x78787878, 0xcdcdcdcd, 0x5a5a5a5a, 0xf4f4f4f4, | ||
724 | 0x1f1f1f1f, 0xdddddddd, 0xa8a8a8a8, 0x33333333, | ||
725 | 0x88888888, 0x07070707, 0xc7c7c7c7, 0x31313131, | ||
726 | 0xb1b1b1b1, 0x12121212, 0x10101010, 0x59595959, | ||
727 | 0x27272727, 0x80808080, 0xecececec, 0x5f5f5f5f, | ||
728 | 0x60606060, 0x51515151, 0x7f7f7f7f, 0xa9a9a9a9, | ||
729 | 0x19191919, 0xb5b5b5b5, 0x4a4a4a4a, 0x0d0d0d0d, | ||
730 | 0x2d2d2d2d, 0xe5e5e5e5, 0x7a7a7a7a, 0x9f9f9f9f, | ||
731 | 0x93939393, 0xc9c9c9c9, 0x9c9c9c9c, 0xefefefef, | ||
732 | 0xa0a0a0a0, 0xe0e0e0e0, 0x3b3b3b3b, 0x4d4d4d4d, | ||
733 | 0xaeaeaeae, 0x2a2a2a2a, 0xf5f5f5f5, 0xb0b0b0b0, | ||
734 | 0xc8c8c8c8, 0xebebebeb, 0xbbbbbbbb, 0x3c3c3c3c, | ||
735 | 0x83838383, 0x53535353, 0x99999999, 0x61616161, | ||
736 | 0x17171717, 0x2b2b2b2b, 0x04040404, 0x7e7e7e7e, | ||
737 | 0xbabababa, 0x77777777, 0xd6d6d6d6, 0x26262626, | ||
738 | 0xe1e1e1e1, 0x69696969, 0x14141414, 0x63636363, | ||
739 | 0x55555555, 0x21212121, 0x0c0c0c0c, 0x7d7d7d7d, | ||
740 | }; | ||
741 | |||
742 | static const uint32_t rcon[] = { | ||
743 | 0x01000000, 0x02000000, 0x04000000, 0x08000000, | ||
744 | 0x10000000, 0x20000000, 0x40000000, 0x80000000, | ||
745 | 0x1B000000, 0x36000000 | ||
746 | /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ | ||
747 | }; | ||
748 | |||
749 | #define GETU32(pt) (((uint32_t)((pt)[0] & 0xFF) << 24) ^ \ | ||
750 | ((uint32_t)((pt)[1] & 0xFF) << 16) ^ \ | ||
751 | ((uint32_t)((pt)[2] & 0xFF) << 8) ^ \ | ||
752 | ((uint32_t)((pt)[3] & 0xFF))) | ||
753 | #define PUTU32(ct, st) { \ | ||
754 | (ct)[0] = (char)((st) >> 24); \ | ||
755 | (ct)[1] = (char)((st) >> 16); \ | ||
756 | (ct)[2] = (char)((st) >> 8); \ | ||
757 | (ct)[3] = (char)(st); } | ||
758 | |||
759 | /** | ||
760 | * Expand the cipher key into the encryption key schedule. | ||
761 | * | ||
762 | * @return the number of rounds for the given cipher key size. | ||
763 | */ | ||
764 | int | ||
765 | MHD_rijndaelKeySetupEnc (uint32_t rk[ /*4*(Nr + 1) */ ], | ||
766 | const char cipherKey[], size_t keyBits) | ||
767 | { | ||
768 | size_t i = 0; | ||
769 | uint32_t temp; | ||
770 | |||
771 | rk[0] = GETU32 (cipherKey); | ||
772 | rk[1] = GETU32 (cipherKey + 4); | ||
773 | rk[2] = GETU32 (cipherKey + 8); | ||
774 | rk[3] = GETU32 (cipherKey + 12); | ||
775 | if (keyBits == 128) | ||
776 | { | ||
777 | for (;;) | ||
778 | { | ||
779 | temp = rk[3]; | ||
780 | rk[4] = rk[0] ^ | ||
781 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | ||
782 | (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ | ||
783 | (Te4[(temp) & 0xff] & 0x0000ff00) ^ | ||
784 | (Te4[(temp >> 24)] & 0x000000ff) ^ rcon[i]; | ||
785 | rk[5] = rk[1] ^ rk[4]; | ||
786 | rk[6] = rk[2] ^ rk[5]; | ||
787 | rk[7] = rk[3] ^ rk[6]; | ||
788 | if (++i == 10) | ||
789 | { | ||
790 | return 10; | ||
791 | } | ||
792 | rk += 4; | ||
793 | } | ||
794 | } | ||
795 | rk[4] = GETU32 (cipherKey + 16); | ||
796 | rk[5] = GETU32 (cipherKey + 20); | ||
797 | if (keyBits == 192) | ||
798 | { | ||
799 | for (;;) | ||
800 | { | ||
801 | temp = rk[5]; | ||
802 | rk[6] = rk[0] ^ | ||
803 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | ||
804 | (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ | ||
805 | (Te4[(temp) & 0xff] & 0x0000ff00) ^ | ||
806 | (Te4[(temp >> 24)] & 0x000000ff) ^ rcon[i]; | ||
807 | rk[7] = rk[1] ^ rk[6]; | ||
808 | rk[8] = rk[2] ^ rk[7]; | ||
809 | rk[9] = rk[3] ^ rk[8]; | ||
810 | if (++i == 8) | ||
811 | { | ||
812 | return 12; | ||
813 | } | ||
814 | rk[10] = rk[4] ^ rk[9]; | ||
815 | rk[11] = rk[5] ^ rk[10]; | ||
816 | rk += 6; | ||
817 | } | ||
818 | } | ||
819 | rk[6] = GETU32 (cipherKey + 24); | ||
820 | rk[7] = GETU32 (cipherKey + 28); | ||
821 | if (keyBits == 256) | ||
822 | { | ||
823 | for (;;) | ||
824 | { | ||
825 | temp = rk[7]; | ||
826 | rk[8] = rk[0] ^ | ||
827 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | ||
828 | (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ | ||
829 | (Te4[(temp) & 0xff] & 0x0000ff00) ^ | ||
830 | (Te4[(temp >> 24)] & 0x000000ff) ^ rcon[i]; | ||
831 | rk[9] = rk[1] ^ rk[8]; | ||
832 | rk[10] = rk[2] ^ rk[9]; | ||
833 | rk[11] = rk[3] ^ rk[10]; | ||
834 | if (++i == 7) | ||
835 | { | ||
836 | return 14; | ||
837 | } | ||
838 | temp = rk[11]; | ||
839 | rk[12] = rk[4] ^ | ||
840 | (Te4[(temp >> 24)] & 0xff000000) ^ | ||
841 | (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^ | ||
842 | (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^ | ||
843 | (Te4[(temp) & 0xff] & 0x000000ff); | ||
844 | rk[13] = rk[5] ^ rk[12]; | ||
845 | rk[14] = rk[6] ^ rk[13]; | ||
846 | rk[15] = rk[7] ^ rk[14]; | ||
847 | |||
848 | rk += 8; | ||
849 | } | ||
850 | } | ||
851 | return 0; | ||
852 | } | ||
853 | |||
854 | /** | ||
855 | * Expand the cipher key into the decryption key schedule. | ||
856 | * | ||
857 | * @return the number of rounds for the given cipher key size. | ||
858 | */ | ||
859 | int | ||
860 | MHD_rijndaelKeySetupDec (uint32_t rk[ /*4*(Nr + 1) */ ], | ||
861 | const char cipherKey[], size_t keyBits) | ||
862 | { | ||
863 | size_t Nr, i, j; | ||
864 | uint32_t temp; | ||
865 | |||
866 | /* expand the cipher key: */ | ||
867 | Nr = MHD_rijndaelKeySetupEnc (rk, cipherKey, keyBits); | ||
868 | /* invert the order of the round keys: */ | ||
869 | for (i = 0, j = 4 * Nr; i < j; i += 4, j -= 4) | ||
870 | { | ||
871 | temp = rk[i]; | ||
872 | rk[i] = rk[j]; | ||
873 | rk[j] = temp; | ||
874 | temp = rk[i + 1]; | ||
875 | rk[i + 1] = rk[j + 1]; | ||
876 | rk[j + 1] = temp; | ||
877 | temp = rk[i + 2]; | ||
878 | rk[i + 2] = rk[j + 2]; | ||
879 | rk[j + 2] = temp; | ||
880 | temp = rk[i + 3]; | ||
881 | rk[i + 3] = rk[j + 3]; | ||
882 | rk[j + 3] = temp; | ||
883 | } | ||
884 | /* apply the inverse MixColumn transform to all round keys but the | ||
885 | first and the last: */ | ||
886 | for (i = 1; i < Nr; i++) | ||
887 | { | ||
888 | rk += 4; | ||
889 | rk[0] = | ||
890 | Td0[Te4[(rk[0] >> 24)] & 0xff] ^ | ||
891 | Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^ | ||
892 | Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^ | ||
893 | Td3[Te4[(rk[0]) & 0xff] & 0xff]; | ||
894 | rk[1] = | ||
895 | Td0[Te4[(rk[1] >> 24)] & 0xff] ^ | ||
896 | Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^ | ||
897 | Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^ | ||
898 | Td3[Te4[(rk[1]) & 0xff] & 0xff]; | ||
899 | rk[2] = | ||
900 | Td0[Te4[(rk[2] >> 24)] & 0xff] ^ | ||
901 | Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^ | ||
902 | Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^ | ||
903 | Td3[Te4[(rk[2]) & 0xff] & 0xff]; | ||
904 | rk[3] = | ||
905 | Td0[Te4[(rk[3] >> 24)] & 0xff] ^ | ||
906 | Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^ | ||
907 | Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^ | ||
908 | Td3[Te4[(rk[3]) & 0xff] & 0xff]; | ||
909 | } | ||
910 | return Nr; | ||
911 | } | ||
912 | |||
913 | void | ||
914 | MHD_rijndaelEncrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, | ||
915 | const char pt[16], char ct[16]) | ||
916 | { | ||
917 | uint32_t s0, s1, s2, s3, t0, t1, t2, t3; | ||
918 | size_t r; | ||
919 | |||
920 | /* | ||
921 | * map byte array block to cipher state | ||
922 | * and add initial round key: | ||
923 | */ | ||
924 | s0 = GETU32 (pt) ^ rk[0]; | ||
925 | s1 = GETU32 (pt + 4) ^ rk[1]; | ||
926 | s2 = GETU32 (pt + 8) ^ rk[2]; | ||
927 | s3 = GETU32 (pt + 12) ^ rk[3]; | ||
928 | /* | ||
929 | * Nr - 1 full rounds: | ||
930 | */ | ||
931 | r = Nr >> 1; | ||
932 | for (;;) | ||
933 | { | ||
934 | t0 = | ||
935 | Te0[(s0 >> 24)] ^ | ||
936 | Te1[(s1 >> 16) & 0xff] ^ | ||
937 | Te2[(s2 >> 8) & 0xff] ^ Te3[(s3) & 0xff] ^ rk[4]; | ||
938 | t1 = | ||
939 | Te0[(s1 >> 24)] ^ | ||
940 | Te1[(s2 >> 16) & 0xff] ^ | ||
941 | Te2[(s3 >> 8) & 0xff] ^ Te3[(s0) & 0xff] ^ rk[5]; | ||
942 | t2 = | ||
943 | Te0[(s2 >> 24)] ^ | ||
944 | Te1[(s3 >> 16) & 0xff] ^ | ||
945 | Te2[(s0 >> 8) & 0xff] ^ Te3[(s1) & 0xff] ^ rk[6]; | ||
946 | t3 = | ||
947 | Te0[(s3 >> 24)] ^ | ||
948 | Te1[(s0 >> 16) & 0xff] ^ | ||
949 | Te2[(s1 >> 8) & 0xff] ^ Te3[(s2) & 0xff] ^ rk[7]; | ||
950 | |||
951 | rk += 8; | ||
952 | if (--r == 0) | ||
953 | { | ||
954 | break; | ||
955 | } | ||
956 | |||
957 | s0 = | ||
958 | Te0[(t0 >> 24)] ^ | ||
959 | Te1[(t1 >> 16) & 0xff] ^ | ||
960 | Te2[(t2 >> 8) & 0xff] ^ Te3[(t3) & 0xff] ^ rk[0]; | ||
961 | s1 = | ||
962 | Te0[(t1 >> 24)] ^ | ||
963 | Te1[(t2 >> 16) & 0xff] ^ | ||
964 | Te2[(t3 >> 8) & 0xff] ^ Te3[(t0) & 0xff] ^ rk[1]; | ||
965 | s2 = | ||
966 | Te0[(t2 >> 24)] ^ | ||
967 | Te1[(t3 >> 16) & 0xff] ^ | ||
968 | Te2[(t0 >> 8) & 0xff] ^ Te3[(t1) & 0xff] ^ rk[2]; | ||
969 | s3 = | ||
970 | Te0[(t3 >> 24)] ^ | ||
971 | Te1[(t0 >> 16) & 0xff] ^ | ||
972 | Te2[(t1 >> 8) & 0xff] ^ Te3[(t2) & 0xff] ^ rk[3]; | ||
973 | } | ||
974 | /* | ||
975 | * apply last round and | ||
976 | * map cipher state to byte array block: | ||
977 | */ | ||
978 | s0 = | ||
979 | (Te4[(t0 >> 24)] & 0xff000000) ^ | ||
980 | (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ | ||
981 | (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ | ||
982 | (Te4[(t3) & 0xff] & 0x000000ff) ^ rk[0]; | ||
983 | PUTU32 (ct, s0); | ||
984 | s1 = | ||
985 | (Te4[(t1 >> 24)] & 0xff000000) ^ | ||
986 | (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ | ||
987 | (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ | ||
988 | (Te4[(t0) & 0xff] & 0x000000ff) ^ rk[1]; | ||
989 | PUTU32 (ct + 4, s1); | ||
990 | s2 = | ||
991 | (Te4[(t2 >> 24)] & 0xff000000) ^ | ||
992 | (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ | ||
993 | (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ | ||
994 | (Te4[(t1) & 0xff] & 0x000000ff) ^ rk[2]; | ||
995 | PUTU32 (ct + 8, s2); | ||
996 | s3 = | ||
997 | (Te4[(t3 >> 24)] & 0xff000000) ^ | ||
998 | (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ | ||
999 | (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ | ||
1000 | (Te4[(t2) & 0xff] & 0x000000ff) ^ rk[3]; | ||
1001 | PUTU32 (ct + 12, s3); | ||
1002 | } | ||
1003 | |||
1004 | void | ||
1005 | MHD_rijndaelDecrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, | ||
1006 | const char ct[16], char pt[16]) | ||
1007 | { | ||
1008 | uint32_t s0, s1, s2, s3, t0, t1, t2, t3; | ||
1009 | size_t r; | ||
1010 | |||
1011 | /* | ||
1012 | * map byte array block to cipher state | ||
1013 | * and add initial round key: | ||
1014 | */ | ||
1015 | s0 = GETU32 (ct) ^ rk[0]; | ||
1016 | s1 = GETU32 (ct + 4) ^ rk[1]; | ||
1017 | s2 = GETU32 (ct + 8) ^ rk[2]; | ||
1018 | s3 = GETU32 (ct + 12) ^ rk[3]; | ||
1019 | /* | ||
1020 | * Nr - 1 full rounds: | ||
1021 | */ | ||
1022 | r = Nr >> 1; | ||
1023 | for (;;) | ||
1024 | { | ||
1025 | t0 = | ||
1026 | Td0[(s0 >> 24)] ^ | ||
1027 | Td1[(s3 >> 16) & 0xff] ^ | ||
1028 | Td2[(s2 >> 8) & 0xff] ^ Td3[(s1) & 0xff] ^ rk[4]; | ||
1029 | t1 = | ||
1030 | Td0[(s1 >> 24)] ^ | ||
1031 | Td1[(s0 >> 16) & 0xff] ^ | ||
1032 | Td2[(s3 >> 8) & 0xff] ^ Td3[(s2) & 0xff] ^ rk[5]; | ||
1033 | t2 = | ||
1034 | Td0[(s2 >> 24)] ^ | ||
1035 | Td1[(s1 >> 16) & 0xff] ^ | ||
1036 | Td2[(s0 >> 8) & 0xff] ^ Td3[(s3) & 0xff] ^ rk[6]; | ||
1037 | t3 = | ||
1038 | Td0[(s3 >> 24)] ^ | ||
1039 | Td1[(s2 >> 16) & 0xff] ^ | ||
1040 | Td2[(s1 >> 8) & 0xff] ^ Td3[(s0) & 0xff] ^ rk[7]; | ||
1041 | |||
1042 | rk += 8; | ||
1043 | if (--r == 0) | ||
1044 | { | ||
1045 | break; | ||
1046 | } | ||
1047 | |||
1048 | s0 = | ||
1049 | Td0[(t0 >> 24)] ^ | ||
1050 | Td1[(t3 >> 16) & 0xff] ^ | ||
1051 | Td2[(t2 >> 8) & 0xff] ^ Td3[(t1) & 0xff] ^ rk[0]; | ||
1052 | s1 = | ||
1053 | Td0[(t1 >> 24)] ^ | ||
1054 | Td1[(t0 >> 16) & 0xff] ^ | ||
1055 | Td2[(t3 >> 8) & 0xff] ^ Td3[(t2) & 0xff] ^ rk[1]; | ||
1056 | s2 = | ||
1057 | Td0[(t2 >> 24)] ^ | ||
1058 | Td1[(t1 >> 16) & 0xff] ^ | ||
1059 | Td2[(t0 >> 8) & 0xff] ^ Td3[(t3) & 0xff] ^ rk[2]; | ||
1060 | s3 = | ||
1061 | Td0[(t3 >> 24)] ^ | ||
1062 | Td1[(t2 >> 16) & 0xff] ^ | ||
1063 | Td2[(t1 >> 8) & 0xff] ^ Td3[(t0) & 0xff] ^ rk[3]; | ||
1064 | } | ||
1065 | /* | ||
1066 | * apply last round and | ||
1067 | * map cipher state to byte array block: | ||
1068 | */ | ||
1069 | s0 = | ||
1070 | (Td4[(t0 >> 24)] & 0xff000000) ^ | ||
1071 | (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ | ||
1072 | (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ | ||
1073 | (Td4[(t1) & 0xff] & 0x000000ff) ^ rk[0]; | ||
1074 | PUTU32 (pt, s0); | ||
1075 | s1 = | ||
1076 | (Td4[(t1 >> 24)] & 0xff000000) ^ | ||
1077 | (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ | ||
1078 | (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ | ||
1079 | (Td4[(t2) & 0xff] & 0x000000ff) ^ rk[1]; | ||
1080 | PUTU32 (pt + 4, s1); | ||
1081 | s2 = | ||
1082 | (Td4[(t2 >> 24)] & 0xff000000) ^ | ||
1083 | (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ | ||
1084 | (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ | ||
1085 | (Td4[(t3) & 0xff] & 0x000000ff) ^ rk[2]; | ||
1086 | PUTU32 (pt + 8, s2); | ||
1087 | s3 = | ||
1088 | (Td4[(t3 >> 24)] & 0xff000000) ^ | ||
1089 | (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ | ||
1090 | (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ | ||
1091 | (Td4[(t0) & 0xff] & 0x000000ff) ^ rk[3]; | ||
1092 | PUTU32 (pt + 12, s3); | ||
1093 | } | ||
diff --git a/src/daemon/https/lgl/rijndael-alg-fst.h b/src/daemon/https/lgl/rijndael-alg-fst.h deleted file mode 100644 index b04c1deb..00000000 --- a/src/daemon/https/lgl/rijndael-alg-fst.h +++ /dev/null | |||
@@ -1,67 +0,0 @@ | |||
1 | /* rijndael-alg-fst.h --- Rijndael cipher implementation. | ||
2 | * Copyright (C) 2005 Free Software Foundation, Inc. | ||
3 | * | ||
4 | * This file is free software; you can redistribute it and/or modify | ||
5 | * it under the terms of the GNU Lesser General Public License as published | ||
6 | * by the Free Software Foundation; either version 2.1, or (at your | ||
7 | * option) any later version. | ||
8 | * | ||
9 | * This file is distributed in the hope that it will be useful, but | ||
10 | * WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
12 | * General Public License for more details. | ||
13 | * | ||
14 | * You should have received a copy of the GNU Lesser General Public License | ||
15 | * along with this file; if not, write to the Free Software | ||
16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA | ||
17 | * 02110-1301, USA. | ||
18 | * | ||
19 | */ | ||
20 | |||
21 | /* Adapted for gnulib by Simon Josefsson. */ | ||
22 | |||
23 | /** | ||
24 | * rijndael-alg-fst.h | ||
25 | * | ||
26 | * @version 3.0 (December 2000) | ||
27 | * | ||
28 | * Optimised ANSI C code for the Rijndael cipher (now AES) | ||
29 | * | ||
30 | * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> | ||
31 | * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> | ||
32 | * @author Paulo Barreto <paulo.barreto@terra.com.br> | ||
33 | * | ||
34 | * This code is hereby placed in the public domain. | ||
35 | * | ||
36 | * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS | ||
37 | * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
38 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
39 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE | ||
40 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | ||
41 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | ||
42 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR | ||
43 | * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, | ||
44 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE | ||
45 | * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, | ||
46 | * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | */ | ||
48 | #ifndef __RIJNDAEL_ALG_FST_H | ||
49 | #define __RIJNDAEL_ALG_FST_H | ||
50 | |||
51 | #include <stdint.h> | ||
52 | #include <stddef.h> | ||
53 | |||
54 | #define RIJNDAEL_MAXKC (256/32) | ||
55 | #define RIJNDAEL_MAXKB (256/8) | ||
56 | #define RIJNDAEL_MAXNR 14 | ||
57 | |||
58 | int MHD_rijndaelKeySetupEnc (uint32_t rk[ /*4*(Nr + 1) */ ], | ||
59 | const char cipherKey[], size_t keyBits); | ||
60 | int MHD_rijndaelKeySetupDec (uint32_t rk[ /*4*(Nr + 1) */ ], | ||
61 | const char cipherKey[], size_t keyBits); | ||
62 | void MHD_rijndaelEncrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, | ||
63 | const char pt[16], char ct[16]); | ||
64 | void MHD_rijndaelDecrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, | ||
65 | const char ct[16], char pt[16]); | ||
66 | |||
67 | #endif /* __RIJNDAEL_ALG_FST_H */ | ||
diff --git a/src/daemon/https/lgl/rijndael-api-fst.c b/src/daemon/https/lgl/rijndael-api-fst.c deleted file mode 100644 index d4196948..00000000 --- a/src/daemon/https/lgl/rijndael-api-fst.c +++ /dev/null | |||
@@ -1,519 +0,0 @@ | |||
1 | /* rijndael-api-fst.c --- Rijndael cipher implementation. | ||
2 | * Copyright (C) 2005, 2006 Free Software Foundation, Inc. | ||
3 | * | ||
4 | * This file is free software; you can redistribute it and/or modify | ||
5 | * it under the terms of the GNU Lesser General Public License as published | ||
6 | * by the Free Software Foundation; either version 2.1, or (at your | ||
7 | * option) any later version. | ||
8 | * | ||
9 | * This file is distributed in the hope that it will be useful, but | ||
10 | * WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
12 | * General Public License for more details. | ||
13 | * | ||
14 | * You should have received a copy of the GNU Lesser General Public License | ||
15 | * along with this file; if not, write to the Free Software | ||
16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA | ||
17 | * 02110-1301, USA. | ||
18 | * | ||
19 | */ | ||
20 | |||
21 | /* Adapted for gnulib by Simon Josefsson. | ||
22 | * | ||
23 | * Based on public domain "Optimised C code" retrieved from (SHA1 | ||
24 | * 7c8e4b00d06685d1dbc6724a9e0d502353de339e): | ||
25 | * http://www.iaik.tu-graz.ac.at/research/krypto/AES/old/~rijmen/rijndael/rijndael-fst-3.0.zip | ||
26 | */ | ||
27 | |||
28 | #include "MHD_config.h" | ||
29 | |||
30 | /** | ||
31 | * rijndael-api-fst.c | ||
32 | * | ||
33 | * @version 2.9 (December 2000) | ||
34 | * | ||
35 | * Optimised ANSI C code for the Rijndael cipher (now AES) | ||
36 | * | ||
37 | * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> | ||
38 | * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> | ||
39 | * @author Paulo Barreto <paulo.barreto@terra.com.br> | ||
40 | * | ||
41 | * This code is hereby placed in the public domain. | ||
42 | * | ||
43 | * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS | ||
44 | * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
45 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
46 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE | ||
47 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | ||
48 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | ||
49 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR | ||
50 | * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, | ||
51 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE | ||
52 | * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, | ||
53 | * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
54 | * | ||
55 | * Acknowledgements: | ||
56 | * | ||
57 | * We are deeply indebted to the following people for their bug reports, | ||
58 | * fixes, and improvement suggestions to this implementation. Though we | ||
59 | * tried to list all contributions, we apologise in advance for any | ||
60 | * missing reference. | ||
61 | * | ||
62 | * Andrew Bales <Andrew.Bales@Honeywell.com> | ||
63 | * Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | ||
64 | * John Skodon <skodonj@webquill.com> | ||
65 | */ | ||
66 | |||
67 | #include "rijndael-alg-fst.h" | ||
68 | #include "rijndael-api-fst.h" | ||
69 | |||
70 | #include <assert.h> | ||
71 | #include <stdlib.h> | ||
72 | #include <string.h> | ||
73 | |||
74 | rijndael_rc | ||
75 | MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction, | ||
76 | size_t keyLen, const char *keyMaterial) | ||
77 | { | ||
78 | size_t i; | ||
79 | char *keyMat; | ||
80 | char cipherKey[RIJNDAEL_MAXKB]; | ||
81 | |||
82 | if (key == NULL) | ||
83 | { | ||
84 | return RIJNDAEL_BAD_KEY_INSTANCE; | ||
85 | } | ||
86 | |||
87 | if ((direction == RIJNDAEL_DIR_ENCRYPT) | ||
88 | || (direction == RIJNDAEL_DIR_DECRYPT)) | ||
89 | { | ||
90 | key->direction = direction; | ||
91 | } | ||
92 | else | ||
93 | { | ||
94 | return RIJNDAEL_BAD_KEY_DIR; | ||
95 | } | ||
96 | |||
97 | if ((keyLen == 128) || (keyLen == 192) || (keyLen == 256)) | ||
98 | { | ||
99 | key->keyLen = keyLen; | ||
100 | } | ||
101 | else | ||
102 | { | ||
103 | return RIJNDAEL_BAD_KEY_MAT; | ||
104 | } | ||
105 | |||
106 | if (keyMaterial != NULL) | ||
107 | { | ||
108 | strncpy (key->keyMaterial, keyMaterial, keyLen / 4); | ||
109 | } | ||
110 | |||
111 | /* initialize key schedule: */ | ||
112 | keyMat = key->keyMaterial; | ||
113 | for (i = 0; i < key->keyLen / 8; i++) | ||
114 | { | ||
115 | char t, v; | ||
116 | |||
117 | t = *keyMat++; | ||
118 | if ((t >= '0') && (t <= '9')) | ||
119 | v = (t - '0') << 4; | ||
120 | else if ((t >= 'a') && (t <= 'f')) | ||
121 | v = (t - 'a' + 10) << 4; | ||
122 | else if ((t >= 'A') && (t <= 'F')) | ||
123 | v = (t - 'A' + 10) << 4; | ||
124 | else | ||
125 | return RIJNDAEL_BAD_KEY_MAT; | ||
126 | |||
127 | t = *keyMat++; | ||
128 | if ((t >= '0') && (t <= '9')) | ||
129 | v ^= (t - '0'); | ||
130 | else if ((t >= 'a') && (t <= 'f')) | ||
131 | v ^= (t - 'a' + 10); | ||
132 | else if ((t >= 'A') && (t <= 'F')) | ||
133 | v ^= (t - 'A' + 10); | ||
134 | else | ||
135 | return RIJNDAEL_BAD_KEY_MAT; | ||
136 | |||
137 | cipherKey[i] = v; | ||
138 | } | ||
139 | if (direction == RIJNDAEL_DIR_ENCRYPT) | ||
140 | { | ||
141 | key->Nr = MHD_rijndaelKeySetupEnc (key->rk, cipherKey, keyLen); | ||
142 | } | ||
143 | else | ||
144 | { | ||
145 | key->Nr = MHD_rijndaelKeySetupDec (key->rk, cipherKey, keyLen); | ||
146 | } | ||
147 | MHD_rijndaelKeySetupEnc (key->ek, cipherKey, keyLen); | ||
148 | return 0; | ||
149 | } | ||
150 | |||
151 | rijndael_rc | ||
152 | MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher, | ||
153 | rijndael_mode mode, const char *IV) | ||
154 | { | ||
155 | if ((mode == RIJNDAEL_MODE_ECB) || (mode == RIJNDAEL_MODE_CBC) | ||
156 | || (mode == RIJNDAEL_MODE_CFB1)) | ||
157 | { | ||
158 | cipher->mode = mode; | ||
159 | } | ||
160 | else | ||
161 | { | ||
162 | return RIJNDAEL_BAD_CIPHER_MODE; | ||
163 | } | ||
164 | if (IV != NULL) | ||
165 | { | ||
166 | int i; | ||
167 | for (i = 0; i < RIJNDAEL_MAX_IV_SIZE; i++) | ||
168 | { | ||
169 | int t, j; | ||
170 | |||
171 | t = IV[2 * i]; | ||
172 | if ((t >= '0') && (t <= '9')) | ||
173 | j = (t - '0') << 4; | ||
174 | else if ((t >= 'a') && (t <= 'f')) | ||
175 | j = (t - 'a' + 10) << 4; | ||
176 | else if ((t >= 'A') && (t <= 'F')) | ||
177 | j = (t - 'A' + 10) << 4; | ||
178 | else | ||
179 | return RIJNDAEL_BAD_CIPHER_INSTANCE; | ||
180 | |||
181 | t = IV[2 * i + 1]; | ||
182 | if ((t >= '0') && (t <= '9')) | ||
183 | j ^= (t - '0'); | ||
184 | else if ((t >= 'a') && (t <= 'f')) | ||
185 | j ^= (t - 'a' + 10); | ||
186 | else if ((t >= 'A') && (t <= 'F')) | ||
187 | j ^= (t - 'A' + 10); | ||
188 | else | ||
189 | return RIJNDAEL_BAD_CIPHER_INSTANCE; | ||
190 | |||
191 | cipher->IV[i] = (uint8_t) j; | ||
192 | } | ||
193 | } | ||
194 | else | ||
195 | { | ||
196 | memset (cipher->IV, 0, RIJNDAEL_MAX_IV_SIZE); | ||
197 | } | ||
198 | return 0; | ||
199 | } | ||
200 | |||
201 | int | ||
202 | MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher, | ||
203 | const rijndaelKeyInstance * key, | ||
204 | const char *input, size_t inputLen, char *outBuffer) | ||
205 | { | ||
206 | size_t i, k, t, numBlocks; | ||
207 | char block[16], *iv; | ||
208 | |||
209 | if (cipher == NULL || key == NULL || key->direction == RIJNDAEL_DIR_DECRYPT) | ||
210 | { | ||
211 | return RIJNDAEL_BAD_CIPHER_STATE; | ||
212 | } | ||
213 | if (input == NULL || inputLen <= 0) | ||
214 | { | ||
215 | return 0; /* nothing to do */ | ||
216 | } | ||
217 | |||
218 | numBlocks = inputLen / 128; | ||
219 | |||
220 | switch (cipher->mode) | ||
221 | { | ||
222 | case RIJNDAEL_MODE_ECB: | ||
223 | for (i = numBlocks; i > 0; i--) | ||
224 | { | ||
225 | MHD_rijndaelEncrypt (key->rk, key->Nr, input, outBuffer); | ||
226 | input += 16; | ||
227 | outBuffer += 16; | ||
228 | } | ||
229 | break; | ||
230 | |||
231 | case RIJNDAEL_MODE_CBC: | ||
232 | iv = cipher->IV; | ||
233 | for (i = numBlocks; i > 0; i--) | ||
234 | { | ||
235 | ((uint32_t *) block)[0] = ((uint32_t *) input)[0] ^ | ||
236 | ((uint32_t *) iv)[0]; | ||
237 | ((uint32_t *) block)[1] = ((uint32_t *) input)[1] ^ | ||
238 | ((uint32_t *) iv)[1]; | ||
239 | ((uint32_t *) block)[2] = ((uint32_t *) input)[2] ^ | ||
240 | ((uint32_t *) iv)[2]; | ||
241 | ((uint32_t *) block)[3] = ((uint32_t *) input)[3] ^ | ||
242 | ((uint32_t *) iv)[3]; | ||
243 | MHD_rijndaelEncrypt (key->rk, key->Nr, block, outBuffer); | ||
244 | memcpy (cipher->IV, outBuffer, 16); | ||
245 | input += 16; | ||
246 | outBuffer += 16; | ||
247 | } | ||
248 | break; | ||
249 | |||
250 | case RIJNDAEL_MODE_CFB1: | ||
251 | iv = cipher->IV; | ||
252 | for (i = numBlocks; i > 0; i--) | ||
253 | { | ||
254 | memcpy (outBuffer, input, 16); | ||
255 | for (k = 0; k < 128; k++) | ||
256 | { | ||
257 | MHD_rijndaelEncrypt (key->ek, key->Nr, iv, block); | ||
258 | outBuffer[k >> 3] ^= (block[0] & 0x80U) >> (k & 7); | ||
259 | for (t = 0; t < 15; t++) | ||
260 | { | ||
261 | iv[t] = (iv[t] << 1) | (iv[t + 1] >> 7); | ||
262 | } | ||
263 | iv[15] = (iv[15] << 1) | | ||
264 | ((outBuffer[k >> 3] >> (7 - (k & 7))) & 1); | ||
265 | } | ||
266 | outBuffer += 16; | ||
267 | input += 16; | ||
268 | } | ||
269 | break; | ||
270 | |||
271 | default: | ||
272 | return RIJNDAEL_BAD_CIPHER_STATE; | ||
273 | } | ||
274 | |||
275 | return 128 * numBlocks; | ||
276 | } | ||
277 | |||
278 | int | ||
279 | MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher, | ||
280 | const rijndaelKeyInstance * key, | ||
281 | const char *input, size_t inputOctets, | ||
282 | char *outBuffer) | ||
283 | { | ||
284 | size_t i, numBlocks, padLen; | ||
285 | char block[16], *iv; | ||
286 | |||
287 | if (cipher == NULL || key == NULL || key->direction == RIJNDAEL_DIR_DECRYPT) | ||
288 | { | ||
289 | return RIJNDAEL_BAD_CIPHER_STATE; | ||
290 | } | ||
291 | if (input == NULL || inputOctets <= 0) | ||
292 | { | ||
293 | return 0; /* nothing to do */ | ||
294 | } | ||
295 | |||
296 | numBlocks = inputOctets / 16; | ||
297 | |||
298 | switch (cipher->mode) | ||
299 | { | ||
300 | case RIJNDAEL_MODE_ECB: | ||
301 | for (i = numBlocks; i > 0; i--) | ||
302 | { | ||
303 | MHD_rijndaelEncrypt (key->rk, key->Nr, input, outBuffer); | ||
304 | input += 16; | ||
305 | outBuffer += 16; | ||
306 | } | ||
307 | padLen = 16 - (inputOctets - 16 * numBlocks); | ||
308 | assert (padLen > 0 && padLen <= 16); | ||
309 | memcpy (block, input, 16 - padLen); | ||
310 | memset (block + 16 - padLen, padLen, padLen); | ||
311 | MHD_rijndaelEncrypt (key->rk, key->Nr, block, outBuffer); | ||
312 | break; | ||
313 | |||
314 | case RIJNDAEL_MODE_CBC: | ||
315 | iv = cipher->IV; | ||
316 | for (i = numBlocks; i > 0; i--) | ||
317 | { | ||
318 | ((uint32_t *) block)[0] = ((uint32_t *) input)[0] ^ | ||
319 | ((uint32_t *) iv)[0]; | ||
320 | ((uint32_t *) block)[1] = ((uint32_t *) input)[1] ^ | ||
321 | ((uint32_t *) iv)[1]; | ||
322 | ((uint32_t *) block)[2] = ((uint32_t *) input)[2] ^ | ||
323 | ((uint32_t *) iv)[2]; | ||
324 | ((uint32_t *) block)[3] = ((uint32_t *) input)[3] ^ | ||
325 | ((uint32_t *) iv)[3]; | ||
326 | MHD_rijndaelEncrypt (key->rk, key->Nr, block, outBuffer); | ||
327 | memcpy (cipher->IV, outBuffer, 16); | ||
328 | input += 16; | ||
329 | outBuffer += 16; | ||
330 | } | ||
331 | padLen = 16 - (inputOctets - 16 * numBlocks); | ||
332 | assert (padLen > 0 && padLen <= 16); | ||
333 | for (i = 0; i < 16 - padLen; i++) | ||
334 | { | ||
335 | block[i] = input[i] ^ iv[i]; | ||
336 | } | ||
337 | for (i = 16 - padLen; i < 16; i++) | ||
338 | { | ||
339 | block[i] = (char) padLen ^ iv[i]; | ||
340 | } | ||
341 | MHD_rijndaelEncrypt (key->rk, key->Nr, block, outBuffer); | ||
342 | memcpy (cipher->IV, outBuffer, 16); | ||
343 | break; | ||
344 | |||
345 | default: | ||
346 | return RIJNDAEL_BAD_CIPHER_STATE; | ||
347 | } | ||
348 | |||
349 | return 16 * (numBlocks + 1); | ||
350 | } | ||
351 | |||
352 | int | ||
353 | MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher, | ||
354 | const rijndaelKeyInstance * key, | ||
355 | const char *input, size_t inputLen, char *outBuffer) | ||
356 | { | ||
357 | size_t i, k, t, numBlocks; | ||
358 | char block[16], *iv; | ||
359 | |||
360 | if (cipher == NULL | ||
361 | || key == NULL | ||
362 | || (cipher->mode != RIJNDAEL_MODE_CFB1 | ||
363 | && key->direction == RIJNDAEL_DIR_ENCRYPT)) | ||
364 | { | ||
365 | return RIJNDAEL_BAD_CIPHER_STATE; | ||
366 | } | ||
367 | if (input == NULL || inputLen <= 0) | ||
368 | { | ||
369 | return 0; /* nothing to do */ | ||
370 | } | ||
371 | |||
372 | numBlocks = inputLen / 128; | ||
373 | |||
374 | switch (cipher->mode) | ||
375 | { | ||
376 | case RIJNDAEL_MODE_ECB: | ||
377 | for (i = numBlocks; i > 0; i--) | ||
378 | { | ||
379 | MHD_rijndaelDecrypt (key->rk, key->Nr, input, outBuffer); | ||
380 | input += 16; | ||
381 | outBuffer += 16; | ||
382 | } | ||
383 | break; | ||
384 | |||
385 | case RIJNDAEL_MODE_CBC: | ||
386 | iv = cipher->IV; | ||
387 | for (i = numBlocks; i > 0; i--) | ||
388 | { | ||
389 | MHD_rijndaelDecrypt (key->rk, key->Nr, input, block); | ||
390 | ((uint32_t *) block)[0] ^= ((uint32_t *) iv)[0]; | ||
391 | ((uint32_t *) block)[1] ^= ((uint32_t *) iv)[1]; | ||
392 | ((uint32_t *) block)[2] ^= ((uint32_t *) iv)[2]; | ||
393 | ((uint32_t *) block)[3] ^= ((uint32_t *) iv)[3]; | ||
394 | memcpy (cipher->IV, input, 16); | ||
395 | memcpy (outBuffer, block, 16); | ||
396 | input += 16; | ||
397 | outBuffer += 16; | ||
398 | } | ||
399 | break; | ||
400 | |||
401 | case RIJNDAEL_MODE_CFB1: | ||
402 | iv = cipher->IV; | ||
403 | for (i = numBlocks; i > 0; i--) | ||
404 | { | ||
405 | memcpy (outBuffer, input, 16); | ||
406 | for (k = 0; k < 128; k++) | ||
407 | { | ||
408 | MHD_rijndaelEncrypt (key->ek, key->Nr, iv, block); | ||
409 | for (t = 0; t < 15; t++) | ||
410 | { | ||
411 | iv[t] = (iv[t] << 1) | (iv[t + 1] >> 7); | ||
412 | } | ||
413 | iv[15] = (iv[15] << 1) | ((input[k >> 3] >> (7 - (k & 7))) & 1); | ||
414 | outBuffer[k >> 3] ^= (block[0] & 0x80U) >> (k & 7); | ||
415 | } | ||
416 | outBuffer += 16; | ||
417 | input += 16; | ||
418 | } | ||
419 | break; | ||
420 | |||
421 | default: | ||
422 | return RIJNDAEL_BAD_CIPHER_STATE; | ||
423 | } | ||
424 | |||
425 | return 128 * numBlocks; | ||
426 | } | ||
427 | |||
428 | int | ||
429 | MHD_rijndaelPadDecrypt (rijndaelCipherInstance * cipher, | ||
430 | const rijndaelKeyInstance * key, | ||
431 | const char *input, size_t inputOctets, | ||
432 | char *outBuffer) | ||
433 | { | ||
434 | size_t i, numBlocks, padLen; | ||
435 | char block[16]; | ||
436 | |||
437 | if (cipher == NULL || key == NULL || key->direction == RIJNDAEL_DIR_ENCRYPT) | ||
438 | { | ||
439 | return RIJNDAEL_BAD_CIPHER_STATE; | ||
440 | } | ||
441 | if (input == NULL || inputOctets <= 0) | ||
442 | { | ||
443 | return 0; /* nothing to do */ | ||
444 | } | ||
445 | if (inputOctets % 16 != 0) | ||
446 | { | ||
447 | return RIJNDAEL_BAD_DATA; | ||
448 | } | ||
449 | |||
450 | numBlocks = inputOctets / 16; | ||
451 | |||
452 | switch (cipher->mode) | ||
453 | { | ||
454 | case RIJNDAEL_MODE_ECB: | ||
455 | /* all blocks but last */ | ||
456 | for (i = numBlocks - 1; i > 0; i--) | ||
457 | { | ||
458 | MHD_rijndaelDecrypt (key->rk, key->Nr, input, outBuffer); | ||
459 | input += 16; | ||
460 | outBuffer += 16; | ||
461 | } | ||
462 | /* last block */ | ||
463 | MHD_rijndaelDecrypt (key->rk, key->Nr, input, block); | ||
464 | padLen = block[15]; | ||
465 | if (padLen >= 16) | ||
466 | { | ||
467 | return RIJNDAEL_BAD_DATA; | ||
468 | } | ||
469 | for (i = 16 - padLen; i < 16; i++) | ||
470 | { | ||
471 | if (block[i] != padLen) | ||
472 | { | ||
473 | return RIJNDAEL_BAD_DATA; | ||
474 | } | ||
475 | } | ||
476 | memcpy (outBuffer, block, 16 - padLen); | ||
477 | break; | ||
478 | |||
479 | case RIJNDAEL_MODE_CBC: | ||
480 | /* all blocks but last */ | ||
481 | for (i = numBlocks - 1; i > 0; i--) | ||
482 | { | ||
483 | MHD_rijndaelDecrypt (key->rk, key->Nr, input, block); | ||
484 | ((uint32_t *) block)[0] ^= ((uint32_t *) cipher->IV)[0]; | ||
485 | ((uint32_t *) block)[1] ^= ((uint32_t *) cipher->IV)[1]; | ||
486 | ((uint32_t *) block)[2] ^= ((uint32_t *) cipher->IV)[2]; | ||
487 | ((uint32_t *) block)[3] ^= ((uint32_t *) cipher->IV)[3]; | ||
488 | memcpy (cipher->IV, input, 16); | ||
489 | memcpy (outBuffer, block, 16); | ||
490 | input += 16; | ||
491 | outBuffer += 16; | ||
492 | } | ||
493 | /* last block */ | ||
494 | MHD_rijndaelDecrypt (key->rk, key->Nr, input, block); | ||
495 | ((uint32_t *) block)[0] ^= ((uint32_t *) cipher->IV)[0]; | ||
496 | ((uint32_t *) block)[1] ^= ((uint32_t *) cipher->IV)[1]; | ||
497 | ((uint32_t *) block)[2] ^= ((uint32_t *) cipher->IV)[2]; | ||
498 | ((uint32_t *) block)[3] ^= ((uint32_t *) cipher->IV)[3]; | ||
499 | padLen = block[15]; | ||
500 | if (padLen <= 0 || padLen > 16) | ||
501 | { | ||
502 | return RIJNDAEL_BAD_DATA; | ||
503 | } | ||
504 | for (i = 16 - padLen; i < 16; i++) | ||
505 | { | ||
506 | if (block[i] != padLen) | ||
507 | { | ||
508 | return RIJNDAEL_BAD_DATA; | ||
509 | } | ||
510 | } | ||
511 | memcpy (outBuffer, block, 16 - padLen); | ||
512 | break; | ||
513 | |||
514 | default: | ||
515 | return RIJNDAEL_BAD_CIPHER_STATE; | ||
516 | } | ||
517 | |||
518 | return 16 * numBlocks - padLen; | ||
519 | } | ||
diff --git a/src/daemon/https/lgl/rijndael-api-fst.h b/src/daemon/https/lgl/rijndael-api-fst.h deleted file mode 100644 index 893021fc..00000000 --- a/src/daemon/https/lgl/rijndael-api-fst.h +++ /dev/null | |||
@@ -1,207 +0,0 @@ | |||
1 | /* rijndael-api-fst.h --- Rijndael cipher implementation. | ||
2 | * Copyright (C) 2005 Free Software Foundation, Inc. | ||
3 | * | ||
4 | * This file is free software; you can redistribute it and/or modify | ||
5 | * it under the terms of the GNU Lesser General Public License as published | ||
6 | * by the Free Software Foundation; either version 2.1, or (at your | ||
7 | * option) any later version. | ||
8 | * | ||
9 | * This file is distributed in the hope that it will be useful, but | ||
10 | * WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
12 | * General Public License for more details. | ||
13 | * | ||
14 | * You should have received a copy of the GNU Lesser General Public License | ||
15 | * along with this file; if not, write to the Free Software | ||
16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA | ||
17 | * 02110-1301, USA. | ||
18 | * | ||
19 | */ | ||
20 | |||
21 | /* Adapted for gnulib by Simon Josefsson. */ | ||
22 | |||
23 | /** | ||
24 | * rijndael-api-fst.h | ||
25 | * | ||
26 | * @version 2.9 (December 2000) | ||
27 | * | ||
28 | * Optimised ANSI C code for the Rijndael cipher (now AES) | ||
29 | * | ||
30 | * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> | ||
31 | * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> | ||
32 | * @author Paulo Barreto <paulo.barreto@terra.com.br> | ||
33 | * | ||
34 | * This code is hereby placed in the public domain. | ||
35 | * | ||
36 | * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS | ||
37 | * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
38 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
39 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE | ||
40 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | ||
41 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | ||
42 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR | ||
43 | * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, | ||
44 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE | ||
45 | * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, | ||
46 | * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * | ||
48 | * Acknowledgements: | ||
49 | * | ||
50 | * We are deeply indebted to the following people for their bug reports, | ||
51 | * fixes, and improvement suggestions to this implementation. Though we | ||
52 | * tried to list all contributions, we apologise in advance for any | ||
53 | * missing reference. | ||
54 | * | ||
55 | * Andrew Bales <Andrew.Bales@Honeywell.com> | ||
56 | * Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | ||
57 | * John Skodon <skodonj@webquill.com> | ||
58 | */ | ||
59 | |||
60 | #ifndef __RIJNDAEL_API_FST_H | ||
61 | #define __RIJNDAEL_API_FST_H | ||
62 | |||
63 | #include "rijndael-alg-fst.h" | ||
64 | |||
65 | #include <stdio.h> | ||
66 | |||
67 | /* Default number of bits in a cipher block */ | ||
68 | #define RIJNDAEL_BITSPERBLOCK 128 | ||
69 | |||
70 | /* Number of ASCII char's needed to represent a key */ | ||
71 | #define RIJNDAEL_MAX_KEY_SIZE 64 | ||
72 | |||
73 | /* Number bytes needed to represent an IV */ | ||
74 | #define RIJNDAEL_MAX_IV_SIZE 16 | ||
75 | |||
76 | typedef enum | ||
77 | { | ||
78 | /* Key direction is invalid, e.g., unknown value */ | ||
79 | RIJNDAEL_BAD_KEY_DIR = -1, | ||
80 | /* Key material not of correct length */ | ||
81 | RIJNDAEL_BAD_KEY_MAT = -2, | ||
82 | /* Key passed is not valid */ | ||
83 | RIJNDAEL_BAD_KEY_INSTANCE = -3, | ||
84 | /* Params struct passed to cipherInit invalid */ | ||
85 | RIJNDAEL_BAD_CIPHER_MODE = -4, | ||
86 | /* Cipher in wrong state (e.g., not initialized) */ | ||
87 | RIJNDAEL_BAD_CIPHER_STATE = -5, | ||
88 | RIJNDAEL_BAD_BLOCK_LENGTH = -6, | ||
89 | RIJNDAEL_BAD_CIPHER_INSTANCE = -7, | ||
90 | /* Data contents are invalid, e.g., invalid padding */ | ||
91 | RIJNDAEL_BAD_DATA = -8, | ||
92 | /* Unknown error */ | ||
93 | RIJNDAEL_BAD_OTHER = -9 | ||
94 | } rijndael_rc; | ||
95 | |||
96 | typedef enum | ||
97 | { | ||
98 | RIJNDAEL_DIR_ENCRYPT = 0, /* Are we encrypting? */ | ||
99 | RIJNDAEL_DIR_DECRYPT = 1 /* Are we decrypting? */ | ||
100 | } rijndael_direction; | ||
101 | |||
102 | typedef enum | ||
103 | { | ||
104 | RIJNDAEL_MODE_ECB = 1, /* Are we ciphering in ECB mode? */ | ||
105 | RIJNDAEL_MODE_CBC = 2, /* Are we ciphering in CBC mode? */ | ||
106 | RIJNDAEL_MODE_CFB1 = 3 /* Are we ciphering in 1-bit CFB mode? */ | ||
107 | } rijndael_mode; | ||
108 | |||
109 | /* The structure for key information */ | ||
110 | typedef struct | ||
111 | { | ||
112 | /* Key used for encrypting or decrypting? */ | ||
113 | rijndael_direction direction; | ||
114 | /* Length of the key */ | ||
115 | size_t keyLen; | ||
116 | /* Raw key data in ASCII, e.g., user input or KAT values */ | ||
117 | char keyMaterial[RIJNDAEL_MAX_KEY_SIZE + 1]; | ||
118 | /* key-length-dependent number of rounds */ | ||
119 | int Nr; | ||
120 | /* key schedule */ | ||
121 | uint32_t rk[4 * (RIJNDAEL_MAXNR + 1)]; | ||
122 | /* CFB1 key schedule (encryption only) */ | ||
123 | uint32_t ek[4 * (RIJNDAEL_MAXNR + 1)]; | ||
124 | } rijndaelKeyInstance; | ||
125 | |||
126 | /* The structure for cipher information */ | ||
127 | typedef struct | ||
128 | { /* changed order of the components */ | ||
129 | rijndael_mode mode; /* MODE_ECB, MODE_CBC, or MODE_CFB1 */ | ||
130 | /* A possible Initialization Vector for ciphering */ | ||
131 | char IV[RIJNDAEL_MAX_IV_SIZE]; | ||
132 | } rijndaelCipherInstance; | ||
133 | |||
134 | /* Function prototypes */ | ||
135 | |||
136 | /* Create KEY, for encryption or decryption depending on DIRECTION, | ||
137 | from KEYMATERIAL, a hex string, of KEYLEN size. KEYLEN should be | ||
138 | 128, 192 or 256. Returns 0 on success, or an error code. */ | ||
139 | extern rijndael_rc | ||
140 | MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction, | ||
141 | size_t keyLen, const char *keyMaterial); | ||
142 | |||
143 | /* Initialize cipher state CIPHER for encryption MODE (e.g., | ||
144 | RIJNDAEL_MODE_CBC) with initialization vector IV, a hex string of | ||
145 | 2*RIJNDAEL_MAX_IV_SIZE length. IV may be NULL for modes that do | ||
146 | not need an IV (i.e., RIJNDAEL_MODE_ECB). */ | ||
147 | extern rijndael_rc | ||
148 | MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher, | ||
149 | rijndael_mode mode, const char *IV); | ||
150 | |||
151 | /* Encrypt data in INPUT, of INPUTLEN/8 bytes length, placing the | ||
152 | output in the pre-allocated OUTBUFFER which must hold at least | ||
153 | INPUTLEN/8 bytes of data. The CIPHER is used as state, and must be | ||
154 | initialized with MHD_MHD_rijndaelCipherInit before calling this function. | ||
155 | The encryption KEY must be initialized with MHD_rijndaelMakeKey before | ||
156 | calling this function. Return the number of bits written, or a | ||
157 | negative rijndael_rc error code. */ | ||
158 | extern int | ||
159 | MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher, | ||
160 | const rijndaelKeyInstance * key, | ||
161 | const char *input, size_t inputLen, | ||
162 | char *outBuffer); | ||
163 | |||
164 | /* Encrypt data in INPUT, of INPUTOCTETS bytes length, placing the | ||
165 | output in the pre-allocated OUTBUFFER which must hold at least | ||
166 | INPUTOCTETS aligned to the next block size boundary. | ||
167 | Ciphertext-Stealing as described in RFC 2040 is used to encrypt | ||
168 | partial blocks. The CIPHER is used as state, and must be | ||
169 | initialized with MHD_MHD_rijndaelCipherInit before calling this function. | ||
170 | The encryption KEY must be initialized with MHD_rijndaelMakeKey before | ||
171 | calling this function. Return the number of bits written, or a | ||
172 | negative rijndael_rc error code. */ | ||
173 | extern int | ||
174 | MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher, | ||
175 | const rijndaelKeyInstance * key, | ||
176 | const char *input, size_t inputOctets, | ||
177 | char *outBuffer); | ||
178 | |||
179 | /* Decrypt data in INPUT, of INPUTLEN/8 bytes length, placing the | ||
180 | output in the pre-allocated OUTBUFFER which must hold at least | ||
181 | INPUTLEN/8 bytes of data. The CIPHER is used as state, and must be | ||
182 | initialized with MHD_MHD_rijndaelCipherInit before calling this function. | ||
183 | The encryption KEY must be initialized with MHD_rijndaelMakeKey before | ||
184 | calling this function. Return the number of bits written, or a | ||
185 | negative rijndael_rc error code. */ | ||
186 | extern int | ||
187 | MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher, | ||
188 | const rijndaelKeyInstance * key, | ||
189 | const char *input, size_t inputLen, | ||
190 | char *outBuffer); | ||
191 | |||
192 | /* Decrypt data in INPUT, of INPUTOCTETS bytes length, placing the | ||
193 | output in the pre-allocated OUTBUFFER which must hold at least | ||
194 | INPUTOCTETS aligned to the next block size boundary. | ||
195 | Ciphertext-Stealing as described in RFC 2040 is used to encrypt | ||
196 | partial blocks. The CIPHER is used as state, and must be | ||
197 | initialized with MHD_MHD_rijndaelCipherInit before calling this function. | ||
198 | The encryption KEY must be initialized with MHD_rijndaelMakeKey before | ||
199 | calling this function. Return the number of bits written, or a | ||
200 | negative rijndael_rc error code. */ | ||
201 | extern int | ||
202 | MHD_rijndaelPadDecrypt (rijndaelCipherInstance * cipher, | ||
203 | const rijndaelKeyInstance * key, | ||
204 | const char *input, size_t inputOctets, | ||
205 | char *outBuffer); | ||
206 | |||
207 | #endif /* __RIJNDAEL_API_FST_H */ | ||
diff --git a/src/daemon/https/lgl/sha1.c b/src/daemon/https/lgl/sha1.c deleted file mode 100644 index 573e7c69..00000000 --- a/src/daemon/https/lgl/sha1.c +++ /dev/null | |||
@@ -1,419 +0,0 @@ | |||
1 | /* sha1.c - Functions to compute SHA1 message digest of files or | ||
2 | memory blocks according to the NIST specification FIPS-180-1. | ||
3 | |||
4 | Copyright (C) 2000, 2001, 2003, 2004, 2005, 2006 Free Software | ||
5 | Foundation, Inc. | ||
6 | |||
7 | This program is free software; you can redistribute it and/or modify it | ||
8 | under the terms of the GNU Lesser General Public License as published by the | ||
9 | Free Software Foundation; either version 2.1, or (at your option) any | ||
10 | later version. | ||
11 | |||
12 | This program is distributed in the hope that it will be useful, | ||
13 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
15 | GNU Lesser General Public License for more details. | ||
16 | |||
17 | You should have received a copy of the GNU Lesser General Public License | ||
18 | along with this program; if not, write to the Free Software Foundation, | ||
19 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ | ||
20 | |||
21 | /* Written by Scott G. Miller | ||
22 | Credits: | ||
23 | Robert Klep <robert@ilse.nl> -- Expansion function fix | ||
24 | */ | ||
25 | |||
26 | #include "MHD_config.h" | ||
27 | |||
28 | #include "sha1.h" | ||
29 | |||
30 | #include <stddef.h> | ||
31 | #include <string.h> | ||
32 | |||
33 | #if USE_UNLOCKED_IO | ||
34 | # include "unlocked-io.h" | ||
35 | #endif | ||
36 | |||
37 | #ifdef WORDS_BIGENDIAN | ||
38 | # define SWAP(n) (n) | ||
39 | #else | ||
40 | # define SWAP(n) \ | ||
41 | (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24)) | ||
42 | #endif | ||
43 | |||
44 | #define BLOCKSIZE 4096 | ||
45 | #if BLOCKSIZE % 64 != 0 | ||
46 | # error "invalid BLOCKSIZE" | ||
47 | #endif | ||
48 | |||
49 | /* This array contains the bytes used to pad the buffer to the next | ||
50 | 64-byte boundary. (RFC 1321, 3.1: Step 1) */ | ||
51 | static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ }; | ||
52 | |||
53 | |||
54 | /* Take a pointer to a 160 bit block of data (five 32 bit ints) and | ||
55 | initialize it to the start constants of the SHA1 algorithm. This | ||
56 | must be called before using hash in the call to MHD_sha1_hash. */ | ||
57 | void | ||
58 | MHD_sha1_init_ctx (struct MHD_sha1_ctx *ctx) | ||
59 | { | ||
60 | ctx->A = 0x67452301; | ||
61 | ctx->B = 0xefcdab89; | ||
62 | ctx->C = 0x98badcfe; | ||
63 | ctx->D = 0x10325476; | ||
64 | ctx->E = 0xc3d2e1f0; | ||
65 | |||
66 | ctx->total[0] = ctx->total[1] = 0; | ||
67 | ctx->buflen = 0; | ||
68 | } | ||
69 | |||
70 | /* Put result from CTX in first 20 bytes following RESBUF. The result | ||
71 | must be in little endian byte order. | ||
72 | |||
73 | IMPORTANT: On some systems it is required that RESBUF is correctly | ||
74 | aligned for a 32-bit value. */ | ||
75 | void * | ||
76 | MHD_sha1_read_ctx (const struct MHD_sha1_ctx *ctx, void *resbuf) | ||
77 | { | ||
78 | ((uint32_t *) resbuf)[0] = SWAP (ctx->A); | ||
79 | ((uint32_t *) resbuf)[1] = SWAP (ctx->B); | ||
80 | ((uint32_t *) resbuf)[2] = SWAP (ctx->C); | ||
81 | ((uint32_t *) resbuf)[3] = SWAP (ctx->D); | ||
82 | ((uint32_t *) resbuf)[4] = SWAP (ctx->E); | ||
83 | |||
84 | return resbuf; | ||
85 | } | ||
86 | |||
87 | /* Process the remaining bytes in the internal buffer and the usual | ||
88 | prolog according to the standard and write the result to RESBUF. | ||
89 | |||
90 | IMPORTANT: On some systems it is required that RESBUF is correctly | ||
91 | aligned for a 32-bit value. */ | ||
92 | void * | ||
93 | MHD_sha1_finish_ctx (struct MHD_sha1_ctx *ctx, void *resbuf) | ||
94 | { | ||
95 | /* Take yet unprocessed bytes into account. */ | ||
96 | uint32_t bytes = ctx->buflen; | ||
97 | size_t size = (bytes < 56) ? 64 / 4 : 64 * 2 / 4; | ||
98 | |||
99 | /* Now count remaining bytes. */ | ||
100 | ctx->total[0] += bytes; | ||
101 | if (ctx->total[0] < bytes) | ||
102 | ++ctx->total[1]; | ||
103 | |||
104 | /* Put the 64-bit file length in *bits* at the end of the buffer. */ | ||
105 | ctx->buffer[size - 2] = SWAP ((ctx->total[1] << 3) | (ctx->total[0] >> 29)); | ||
106 | ctx->buffer[size - 1] = SWAP (ctx->total[0] << 3); | ||
107 | |||
108 | memcpy (&((char *) ctx->buffer)[bytes], fillbuf, (size - 2) * 4 - bytes); | ||
109 | |||
110 | /* Process last bytes. */ | ||
111 | MHD_sha1_process_block (ctx->buffer, size * 4, ctx); | ||
112 | |||
113 | return MHD_sha1_read_ctx (ctx, resbuf); | ||
114 | } | ||
115 | |||
116 | /* Compute SHA1 message digest for bytes read from STREAM. The | ||
117 | resulting message digest number will be written into the 16 bytes | ||
118 | beginning at RESBLOCK. */ | ||
119 | int | ||
120 | MHD_sha1_stream (FILE * stream, void *resblock) | ||
121 | { | ||
122 | struct MHD_sha1_ctx ctx; | ||
123 | char buffer[BLOCKSIZE + 72]; | ||
124 | size_t sum; | ||
125 | |||
126 | /* Initialize the computation context. */ | ||
127 | MHD_sha1_init_ctx (&ctx); | ||
128 | |||
129 | /* Iterate over full file contents. */ | ||
130 | while (1) | ||
131 | { | ||
132 | /* We read the file in blocks of BLOCKSIZE bytes. One call of the | ||
133 | computation function processes the whole buffer so that with the | ||
134 | next round of the loop another block can be read. */ | ||
135 | size_t n; | ||
136 | sum = 0; | ||
137 | |||
138 | /* Read block. Take care for partial reads. */ | ||
139 | while (1) | ||
140 | { | ||
141 | n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream); | ||
142 | |||
143 | sum += n; | ||
144 | |||
145 | if (sum == BLOCKSIZE) | ||
146 | break; | ||
147 | |||
148 | if (n == 0) | ||
149 | { | ||
150 | /* Check for the error flag IFF N == 0, so that we don't | ||
151 | exit the loop after a partial read due to e.g., EAGAIN | ||
152 | or EWOULDBLOCK. */ | ||
153 | if (ferror (stream)) | ||
154 | return 1; | ||
155 | goto process_partial_block; | ||
156 | } | ||
157 | |||
158 | /* We've read at least one byte, so ignore errors. But always | ||
159 | check for EOF, since feof may be true even though N > 0. | ||
160 | Otherwise, we could end up calling fread after EOF. */ | ||
161 | if (feof (stream)) | ||
162 | goto process_partial_block; | ||
163 | } | ||
164 | |||
165 | /* Process buffer with BLOCKSIZE bytes. Note that | ||
166 | BLOCKSIZE % 64 == 0 | ||
167 | */ | ||
168 | MHD_sha1_process_block (buffer, BLOCKSIZE, &ctx); | ||
169 | } | ||
170 | |||
171 | process_partial_block:; | ||
172 | |||
173 | /* Process any remaining bytes. */ | ||
174 | if (sum > 0) | ||
175 | MHD_sha1_process_bytes (buffer, sum, &ctx); | ||
176 | |||
177 | /* Construct result in desired memory. */ | ||
178 | MHD_sha1_finish_ctx (&ctx, resblock); | ||
179 | return 0; | ||
180 | } | ||
181 | |||
182 | /* Compute SHA1 message digest for LEN bytes beginning at BUFFER. The | ||
183 | result is always in little endian byte order, so that a byte-wise | ||
184 | output yields to the wanted ASCII representation of the message | ||
185 | digest. */ | ||
186 | void * | ||
187 | MHD_sha1_buffer (const char *buffer, size_t len, void *resblock) | ||
188 | { | ||
189 | struct MHD_sha1_ctx ctx; | ||
190 | |||
191 | /* Initialize the computation context. */ | ||
192 | MHD_sha1_init_ctx (&ctx); | ||
193 | |||
194 | /* Process whole buffer but last len % 64 bytes. */ | ||
195 | MHD_sha1_process_bytes (buffer, len, &ctx); | ||
196 | |||
197 | /* Put result in desired memory area. */ | ||
198 | return MHD_sha1_finish_ctx (&ctx, resblock); | ||
199 | } | ||
200 | |||
201 | void | ||
202 | MHD_sha1_process_bytes (const void *buffer, size_t len, | ||
203 | struct MHD_sha1_ctx *ctx) | ||
204 | { | ||
205 | /* When we already have some bits in our internal buffer concatenate | ||
206 | both inputs first. */ | ||
207 | if (ctx->buflen != 0) | ||
208 | { | ||
209 | size_t left_over = ctx->buflen; | ||
210 | size_t add = 128 - left_over > len ? len : 128 - left_over; | ||
211 | |||
212 | memcpy (&((char *) ctx->buffer)[left_over], buffer, add); | ||
213 | ctx->buflen += add; | ||
214 | |||
215 | if (ctx->buflen > 64) | ||
216 | { | ||
217 | MHD_sha1_process_block (ctx->buffer, ctx->buflen & ~63, ctx); | ||
218 | |||
219 | ctx->buflen &= 63; | ||
220 | /* The regions in the following copy operation cannot overlap. */ | ||
221 | memcpy (ctx->buffer, | ||
222 | &((char *) ctx->buffer)[(left_over + add) & ~63], | ||
223 | ctx->buflen); | ||
224 | } | ||
225 | |||
226 | buffer = (const char *) buffer + add; | ||
227 | len -= add; | ||
228 | } | ||
229 | |||
230 | /* Process available complete blocks. */ | ||
231 | if (len >= 64) | ||
232 | { | ||
233 | #if !_STRING_ARCH_unaligned | ||
234 | # define alignof(type) offsetof (struct { char c; type x; }, x) | ||
235 | # define UNALIGNED_P(p) (((size_t) p) % alignof (uint32_t) != 0) | ||
236 | if (UNALIGNED_P (buffer)) | ||
237 | while (len > 64) | ||
238 | { | ||
239 | MHD_sha1_process_block (memcpy (ctx->buffer, buffer, 64), 64, | ||
240 | ctx); | ||
241 | buffer = (const char *) buffer + 64; | ||
242 | len -= 64; | ||
243 | } | ||
244 | else | ||
245 | #endif | ||
246 | { | ||
247 | MHD_sha1_process_block (buffer, len & ~63, ctx); | ||
248 | buffer = (const char *) buffer + (len & ~63); | ||
249 | len &= 63; | ||
250 | } | ||
251 | } | ||
252 | |||
253 | /* Move remaining bytes in internal buffer. */ | ||
254 | if (len > 0) | ||
255 | { | ||
256 | size_t left_over = ctx->buflen; | ||
257 | |||
258 | memcpy (&((char *) ctx->buffer)[left_over], buffer, len); | ||
259 | left_over += len; | ||
260 | if (left_over >= 64) | ||
261 | { | ||
262 | MHD_sha1_process_block (ctx->buffer, 64, ctx); | ||
263 | left_over -= 64; | ||
264 | memcpy (ctx->buffer, &ctx->buffer[16], left_over); | ||
265 | } | ||
266 | ctx->buflen = left_over; | ||
267 | } | ||
268 | } | ||
269 | |||
270 | /* --- Code below is the primary difference between md5.c and sha1.c --- */ | ||
271 | |||
272 | /* SHA1 round constants */ | ||
273 | #define K1 0x5a827999 | ||
274 | #define K2 0x6ed9eba1 | ||
275 | #define K3 0x8f1bbcdc | ||
276 | #define K4 0xca62c1d6 | ||
277 | |||
278 | /* Round functions. Note that F2 is the same as F4. */ | ||
279 | #define F1(B,C,D) ( D ^ ( B & ( C ^ D ) ) ) | ||
280 | #define F2(B,C,D) (B ^ C ^ D) | ||
281 | #define F3(B,C,D) ( ( B & C ) | ( D & ( B | C ) ) ) | ||
282 | #define F4(B,C,D) (B ^ C ^ D) | ||
283 | |||
284 | /* Process LEN bytes of BUFFER, accumulating context into CTX. | ||
285 | It is assumed that LEN % 64 == 0. | ||
286 | Most of this code comes from GnuPG's cipher/sha1.c. */ | ||
287 | |||
288 | void | ||
289 | MHD_sha1_process_block (const void *buffer, size_t len, | ||
290 | struct MHD_sha1_ctx *ctx) | ||
291 | { | ||
292 | const uint32_t *words = buffer; | ||
293 | size_t nwords = len / sizeof (uint32_t); | ||
294 | const uint32_t *endp = words + nwords; | ||
295 | uint32_t x[16]; | ||
296 | uint32_t a = ctx->A; | ||
297 | uint32_t b = ctx->B; | ||
298 | uint32_t c = ctx->C; | ||
299 | uint32_t d = ctx->D; | ||
300 | uint32_t e = ctx->E; | ||
301 | |||
302 | /* First increment the byte count. RFC 1321 specifies the possible | ||
303 | length of the file up to 2^64 bits. Here we only compute the | ||
304 | number of bytes. Do a double word increment. */ | ||
305 | ctx->total[0] += len; | ||
306 | if (ctx->total[0] < len) | ||
307 | ++ctx->total[1]; | ||
308 | |||
309 | #define rol(x, n) (((x) << (n)) | ((uint32_t) (x) >> (32 - (n)))) | ||
310 | |||
311 | #define M(I) ( tm = x[I&0x0f] ^ x[(I-14)&0x0f] \ | ||
312 | ^ x[(I-8)&0x0f] ^ x[(I-3)&0x0f] \ | ||
313 | , (x[I&0x0f] = rol(tm, 1)) ) | ||
314 | |||
315 | #define R(A,B,C,D,E,F,K,M) do { E += rol( A, 5 ) \ | ||
316 | + F( B, C, D ) \ | ||
317 | + K \ | ||
318 | + M; \ | ||
319 | B = rol( B, 30 ); \ | ||
320 | } while(0) | ||
321 | |||
322 | while (words < endp) | ||
323 | { | ||
324 | uint32_t tm; | ||
325 | int t; | ||
326 | for (t = 0; t < 16; t++) | ||
327 | { | ||
328 | x[t] = SWAP (*words); | ||
329 | words++; | ||
330 | } | ||
331 | |||
332 | R (a, b, c, d, e, F1, K1, x[0]); | ||
333 | R (e, a, b, c, d, F1, K1, x[1]); | ||
334 | R (d, e, a, b, c, F1, K1, x[2]); | ||
335 | R (c, d, e, a, b, F1, K1, x[3]); | ||
336 | R (b, c, d, e, a, F1, K1, x[4]); | ||
337 | R (a, b, c, d, e, F1, K1, x[5]); | ||
338 | R (e, a, b, c, d, F1, K1, x[6]); | ||
339 | R (d, e, a, b, c, F1, K1, x[7]); | ||
340 | R (c, d, e, a, b, F1, K1, x[8]); | ||
341 | R (b, c, d, e, a, F1, K1, x[9]); | ||
342 | R (a, b, c, d, e, F1, K1, x[10]); | ||
343 | R (e, a, b, c, d, F1, K1, x[11]); | ||
344 | R (d, e, a, b, c, F1, K1, x[12]); | ||
345 | R (c, d, e, a, b, F1, K1, x[13]); | ||
346 | R (b, c, d, e, a, F1, K1, x[14]); | ||
347 | R (a, b, c, d, e, F1, K1, x[15]); | ||
348 | R (e, a, b, c, d, F1, K1, M (16)); | ||
349 | R (d, e, a, b, c, F1, K1, M (17)); | ||
350 | R (c, d, e, a, b, F1, K1, M (18)); | ||
351 | R (b, c, d, e, a, F1, K1, M (19)); | ||
352 | R (a, b, c, d, e, F2, K2, M (20)); | ||
353 | R (e, a, b, c, d, F2, K2, M (21)); | ||
354 | R (d, e, a, b, c, F2, K2, M (22)); | ||
355 | R (c, d, e, a, b, F2, K2, M (23)); | ||
356 | R (b, c, d, e, a, F2, K2, M (24)); | ||
357 | R (a, b, c, d, e, F2, K2, M (25)); | ||
358 | R (e, a, b, c, d, F2, K2, M (26)); | ||
359 | R (d, e, a, b, c, F2, K2, M (27)); | ||
360 | R (c, d, e, a, b, F2, K2, M (28)); | ||
361 | R (b, c, d, e, a, F2, K2, M (29)); | ||
362 | R (a, b, c, d, e, F2, K2, M (30)); | ||
363 | R (e, a, b, c, d, F2, K2, M (31)); | ||
364 | R (d, e, a, b, c, F2, K2, M (32)); | ||
365 | R (c, d, e, a, b, F2, K2, M (33)); | ||
366 | R (b, c, d, e, a, F2, K2, M (34)); | ||
367 | R (a, b, c, d, e, F2, K2, M (35)); | ||
368 | R (e, a, b, c, d, F2, K2, M (36)); | ||
369 | R (d, e, a, b, c, F2, K2, M (37)); | ||
370 | R (c, d, e, a, b, F2, K2, M (38)); | ||
371 | R (b, c, d, e, a, F2, K2, M (39)); | ||
372 | R (a, b, c, d, e, F3, K3, M (40)); | ||
373 | R (e, a, b, c, d, F3, K3, M (41)); | ||
374 | R (d, e, a, b, c, F3, K3, M (42)); | ||
375 | R (c, d, e, a, b, F3, K3, M (43)); | ||
376 | R (b, c, d, e, a, F3, K3, M (44)); | ||
377 | R (a, b, c, d, e, F3, K3, M (45)); | ||
378 | R (e, a, b, c, d, F3, K3, M (46)); | ||
379 | R (d, e, a, b, c, F3, K3, M (47)); | ||
380 | R (c, d, e, a, b, F3, K3, M (48)); | ||
381 | R (b, c, d, e, a, F3, K3, M (49)); | ||
382 | R (a, b, c, d, e, F3, K3, M (50)); | ||
383 | R (e, a, b, c, d, F3, K3, M (51)); | ||
384 | R (d, e, a, b, c, F3, K3, M (52)); | ||
385 | R (c, d, e, a, b, F3, K3, M (53)); | ||
386 | R (b, c, d, e, a, F3, K3, M (54)); | ||
387 | R (a, b, c, d, e, F3, K3, M (55)); | ||
388 | R (e, a, b, c, d, F3, K3, M (56)); | ||
389 | R (d, e, a, b, c, F3, K3, M (57)); | ||
390 | R (c, d, e, a, b, F3, K3, M (58)); | ||
391 | R (b, c, d, e, a, F3, K3, M (59)); | ||
392 | R (a, b, c, d, e, F4, K4, M (60)); | ||
393 | R (e, a, b, c, d, F4, K4, M (61)); | ||
394 | R (d, e, a, b, c, F4, K4, M (62)); | ||
395 | R (c, d, e, a, b, F4, K4, M (63)); | ||
396 | R (b, c, d, e, a, F4, K4, M (64)); | ||
397 | R (a, b, c, d, e, F4, K4, M (65)); | ||
398 | R (e, a, b, c, d, F4, K4, M (66)); | ||
399 | R (d, e, a, b, c, F4, K4, M (67)); | ||
400 | R (c, d, e, a, b, F4, K4, M (68)); | ||
401 | R (b, c, d, e, a, F4, K4, M (69)); | ||
402 | R (a, b, c, d, e, F4, K4, M (70)); | ||
403 | R (e, a, b, c, d, F4, K4, M (71)); | ||
404 | R (d, e, a, b, c, F4, K4, M (72)); | ||
405 | R (c, d, e, a, b, F4, K4, M (73)); | ||
406 | R (b, c, d, e, a, F4, K4, M (74)); | ||
407 | R (a, b, c, d, e, F4, K4, M (75)); | ||
408 | R (e, a, b, c, d, F4, K4, M (76)); | ||
409 | R (d, e, a, b, c, F4, K4, M (77)); | ||
410 | R (c, d, e, a, b, F4, K4, M (78)); | ||
411 | R (b, c, d, e, a, F4, K4, M (79)); | ||
412 | |||
413 | a = ctx->A += a; | ||
414 | b = ctx->B += b; | ||
415 | c = ctx->C += c; | ||
416 | d = ctx->D += d; | ||
417 | e = ctx->E += e; | ||
418 | } | ||
419 | } | ||
diff --git a/src/daemon/https/lgl/sha1.h b/src/daemon/https/lgl/sha1.h deleted file mode 100644 index b6e40cdb..00000000 --- a/src/daemon/https/lgl/sha1.h +++ /dev/null | |||
@@ -1,87 +0,0 @@ | |||
1 | /* Declarations of functions and data types used for SHA1 sum | ||
2 | library functions. | ||
3 | Copyright (C) 2000, 2001, 2003, 2005, 2006 Free Software Foundation, Inc. | ||
4 | |||
5 | This program is free software; you can redistribute it and/or modify it | ||
6 | under the terms of the GNU Lesser General Public License as published by the | ||
7 | Free Software Foundation; either version 2.1, or (at your option) any | ||
8 | later version. | ||
9 | |||
10 | This program is distributed in the hope that it will be useful, | ||
11 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
13 | GNU Lesser General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU Lesser General Public License | ||
16 | along with this program; if not, write to the Free Software Foundation, | ||
17 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ | ||
18 | |||
19 | #ifndef SHA1_H | ||
20 | # define SHA1_H 1 | ||
21 | |||
22 | # include <stdio.h> | ||
23 | # include <stdint.h> | ||
24 | |||
25 | /* Structure to save state of computation between the single steps. */ | ||
26 | struct MHD_sha1_ctx | ||
27 | { | ||
28 | uint32_t A; | ||
29 | uint32_t B; | ||
30 | uint32_t C; | ||
31 | uint32_t D; | ||
32 | uint32_t E; | ||
33 | |||
34 | uint32_t total[2]; | ||
35 | uint32_t buflen; | ||
36 | uint32_t buffer[32]; | ||
37 | }; | ||
38 | |||
39 | |||
40 | /* Initialize structure containing state of computation. */ | ||
41 | extern void MHD_sha1_init_ctx (struct MHD_sha1_ctx *ctx); | ||
42 | |||
43 | /* Starting with the result of former calls of this function (or the | ||
44 | initialization function update the context for the next LEN bytes | ||
45 | starting at BUFFER. | ||
46 | It is necessary that LEN is a multiple of 64!!! */ | ||
47 | extern void MHD_sha1_process_block (const void *buffer, size_t len, | ||
48 | struct MHD_sha1_ctx *ctx); | ||
49 | |||
50 | /* Starting with the result of former calls of this function (or the | ||
51 | initialization function update the context for the next LEN bytes | ||
52 | starting at BUFFER. | ||
53 | It is NOT required that LEN is a multiple of 64. */ | ||
54 | extern void MHD_sha1_process_bytes (const void *buffer, size_t len, | ||
55 | struct MHD_sha1_ctx *ctx); | ||
56 | |||
57 | /* Process the remaining bytes in the buffer and put result from CTX | ||
58 | in first 20 bytes following RESBUF. The result is always in little | ||
59 | endian byte order, so that a byte-wise output yields to the wanted | ||
60 | ASCII representation of the message digest. | ||
61 | |||
62 | IMPORTANT: On some systems it is required that RESBUF be correctly | ||
63 | aligned for a 32 bits value. */ | ||
64 | extern void *MHD_sha1_finish_ctx (struct MHD_sha1_ctx *ctx, void *resbuf); | ||
65 | |||
66 | |||
67 | /* Put result from CTX in first 20 bytes following RESBUF. The result is | ||
68 | always in little endian byte order, so that a byte-wise output yields | ||
69 | to the wanted ASCII representation of the message digest. | ||
70 | |||
71 | IMPORTANT: On some systems it is required that RESBUF is correctly | ||
72 | aligned for a 32 bits value. */ | ||
73 | extern void *MHD_sha1_read_ctx (const struct MHD_sha1_ctx *ctx, void *resbuf); | ||
74 | |||
75 | |||
76 | /* Compute SHA1 message digest for bytes read from STREAM. The | ||
77 | resulting message digest number will be written into the 20 bytes | ||
78 | beginning at RESBLOCK. */ | ||
79 | extern int MHD_sha1_stream (FILE * stream, void *resblock); | ||
80 | |||
81 | /* Compute SHA1 message digest for LEN bytes beginning at BUFFER. The | ||
82 | result is always in little endian byte order, so that a byte-wise | ||
83 | output yields to the wanted ASCII representation of the message | ||
84 | digest. */ | ||
85 | extern void *MHD_sha1_buffer (const char *buffer, size_t len, void *resblock); | ||
86 | |||
87 | #endif | ||
diff --git a/src/daemon/https/lgl/strverscmp.c b/src/daemon/https/lgl/strverscmp.c deleted file mode 100644 index 83971034..00000000 --- a/src/daemon/https/lgl/strverscmp.c +++ /dev/null | |||
@@ -1,130 +0,0 @@ | |||
1 | /* Compare strings while treating digits characters numerically. | ||
2 | Copyright (C) 1997, 2000, 2002, 2004, 2006 Free Software Foundation, Inc. | ||
3 | This file is part of the GNU C Library. | ||
4 | Contributed by Jean-François Bignolles <bignolle@ecoledoc.ibp.fr>, 1997. | ||
5 | |||
6 | This program is free software; you can redistribute it and/or modify | ||
7 | it under the terms of the GNU Lesser General Public License as published by | ||
8 | the Free Software Foundation; either version 2.1, or (at your option) | ||
9 | any later version. | ||
10 | |||
11 | This program is distributed in the hope that it will be useful, | ||
12 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | GNU Lesser General Public License for more details. | ||
15 | |||
16 | You should have received a copy of the GNU Lesser General Public License along | ||
17 | with this program; if not, write to the Free Software Foundation, | ||
18 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ | ||
19 | |||
20 | #if !_LIBC | ||
21 | #include "MHD_config.h" | ||
22 | #endif | ||
23 | |||
24 | #include <string.h> | ||
25 | #include <ctype.h> | ||
26 | |||
27 | /* states: S_N: normal, S_I: comparing integral part, S_F: comparing | ||
28 | fractional parts, S_Z: idem but with leading Zeroes only */ | ||
29 | #define S_N 0x0 | ||
30 | #define S_I 0x4 | ||
31 | #define S_F 0x8 | ||
32 | #define S_Z 0xC | ||
33 | |||
34 | /* result_type: CMP: return diff; LEN: compare using len_diff/diff */ | ||
35 | #define CMP 2 | ||
36 | #define LEN 3 | ||
37 | |||
38 | |||
39 | /* ISDIGIT differs from isdigit, as follows: | ||
40 | - Its arg may be any int or unsigned int; it need not be an unsigned char | ||
41 | or EOF. | ||
42 | - It's typically faster. | ||
43 | POSIX says that only '0' through '9' are digits. Prefer ISDIGIT to | ||
44 | isdigit unless it's important to use the locale's definition | ||
45 | of `digit' even when the host does not conform to POSIX. */ | ||
46 | #define ISDIGIT(c) ((unsigned int) (c) - '0' <= 9) | ||
47 | |||
48 | #undef __MHD_strverscmp | ||
49 | #undef MHD_strverscmp | ||
50 | |||
51 | #ifndef weak_alias | ||
52 | # define __MHD_strverscmp MHD_strverscmp | ||
53 | #endif | ||
54 | |||
55 | /* Compare S1 and S2 as strings holding indices/version numbers, | ||
56 | returning less than, equal to or greater than zero if S1 is less than, | ||
57 | equal to or greater than S2 (for more info, see the texinfo doc). | ||
58 | */ | ||
59 | |||
60 | int | ||
61 | __MHD_strverscmp (const char *s1, const char *s2) | ||
62 | { | ||
63 | const unsigned char *p1 = (const unsigned char *) s1; | ||
64 | const unsigned char *p2 = (const unsigned char *) s2; | ||
65 | unsigned char c1, c2; | ||
66 | int state; | ||
67 | int diff; | ||
68 | |||
69 | /* Symbol(s) 0 [1-9] others (padding) | ||
70 | Transition (10) 0 (01) d (00) x (11) - */ | ||
71 | static const unsigned int next_state[] = { | ||
72 | /* state x d 0 - */ | ||
73 | /* S_N */ S_N, S_I, S_Z, S_N, | ||
74 | /* S_I */ S_N, S_I, S_I, S_I, | ||
75 | /* S_F */ S_N, S_F, S_F, S_F, | ||
76 | /* S_Z */ S_N, S_F, S_Z, S_Z | ||
77 | }; | ||
78 | |||
79 | static const int result_type[] = { | ||
80 | /* state x/x x/d x/0 x/- d/x d/d d/0 d/- | ||
81 | 0/x 0/d 0/0 0/- -/x -/d -/0 -/- */ | ||
82 | |||
83 | /* S_N */ CMP, CMP, CMP, CMP, CMP, LEN, CMP, CMP, | ||
84 | CMP, CMP, CMP, CMP, CMP, CMP, CMP, CMP, | ||
85 | /* S_I */ CMP, -1, -1, CMP, 1, LEN, LEN, CMP, | ||
86 | 1, LEN, LEN, CMP, CMP, CMP, CMP, CMP, | ||
87 | /* S_F */ CMP, CMP, CMP, CMP, CMP, LEN, CMP, CMP, | ||
88 | CMP, CMP, CMP, CMP, CMP, CMP, CMP, CMP, | ||
89 | /* S_Z */ CMP, 1, 1, CMP, -1, CMP, CMP, CMP, | ||
90 | -1, CMP, CMP, CMP | ||
91 | }; | ||
92 | |||
93 | if (p1 == p2) | ||
94 | return 0; | ||
95 | |||
96 | c1 = *p1++; | ||
97 | c2 = *p2++; | ||
98 | /* Hint: '0' is a digit too. */ | ||
99 | state = S_N | ((c1 == '0') + (ISDIGIT (c1) != 0)); | ||
100 | |||
101 | while ((diff = c1 - c2) == 0 && c1 != '\0') | ||
102 | { | ||
103 | state = next_state[state]; | ||
104 | c1 = *p1++; | ||
105 | c2 = *p2++; | ||
106 | state |= (c1 == '0') + (ISDIGIT (c1) != 0); | ||
107 | } | ||
108 | |||
109 | state = result_type[state << 2 | ((c2 == '0') + (ISDIGIT (c2) != 0))]; | ||
110 | |||
111 | switch (state) | ||
112 | { | ||
113 | case CMP: | ||
114 | return diff; | ||
115 | |||
116 | case LEN: | ||
117 | while (ISDIGIT (*p1++)) | ||
118 | if (!ISDIGIT (*p2++)) | ||
119 | return 1; | ||
120 | |||
121 | return ISDIGIT (*p2) ? -1 : diff; | ||
122 | |||
123 | default: | ||
124 | return state; | ||
125 | } | ||
126 | } | ||
127 | |||
128 | #ifdef weak_alias | ||
129 | weak_alias (__MHD_strverscmp, MHD_strverscmp) | ||
130 | #endif | ||
diff --git a/src/daemon/https/lgl/strverscmp.h b/src/daemon/https/lgl/strverscmp.h deleted file mode 100644 index 48919889..00000000 --- a/src/daemon/https/lgl/strverscmp.h +++ /dev/null | |||
@@ -1,24 +0,0 @@ | |||
1 | /* Compare strings while treating digits characters numerically. | ||
2 | |||
3 | Copyright (C) 1997, 2003 Free Software Foundation, Inc. | ||
4 | |||
5 | This program is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU Lesser General Public License as published by | ||
7 | the Free Software Foundation; either version 2.1, or (at your option) | ||
8 | any later version. | ||
9 | |||
10 | This program is distributed in the hope that it will be useful, | ||
11 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
13 | GNU Lesser General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU Lesser General Public License | ||
16 | along with this program; if not, write to the Free Software Foundation, | ||
17 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ | ||
18 | |||
19 | #ifndef STRVERSCMP_H_ | ||
20 | # define STRVERSCMP_H_ | ||
21 | |||
22 | int MHD_strverscmp (const char *, const char *); | ||
23 | |||
24 | #endif /* not STRVERSCMP_H_ */ | ||