missing patch & config file
[openwrt/svn-archive/archive.git] / package / uboot-lantiq / patches / 300-httpd.patch
1 --- a/common/cmd_net.c
2 +++ b/common/cmd_net.c
3 @@ -43,6 +43,18 @@ U_BOOT_CMD(
4 "[loadAddress] [[hostIPaddr:]bootfilename]"
5 );
6
7 +#if defined(CONFIG_CMD_HTTPD)
8 +int do_httpd (cmd_tbl_t *cmdtp, int flag, int argc, char *argv[])
9 +{
10 + return NetLoopHttpd();
11 +}
12 +
13 +U_BOOT_CMD(
14 + httpd, 1, 1, do_httpd,
15 + "httpd\t- start webserver\n", "\n"
16 +);
17 +#endif
18 +
19 int do_tftpb (cmd_tbl_t *cmdtp, int flag, int argc, char *argv[])
20 {
21 return netboot_common (TFTP, cmdtp, argc, argv);
22 --- a/include/net.h
23 +++ b/include/net.h
24 @@ -383,7 +383,8 @@ extern int NetTimeOffset; /* offset ti
25
26 /* Initialize the network adapter */
27 extern int NetLoop(proto_t);
28 -
29 +extern int NetLoopHttpd(void);
30 +extern void NetSendHttpd(void);
31 /* Shutdown adapters and cleanup */
32 extern void NetStop(void);
33
34 --- /dev/null
35 +++ b/net/httpd.c
36 @@ -0,0 +1,52 @@
37 +/*
38 + * Copyright 1994, 1995, 2000 Neil Russell.
39 + * (See License)
40 + * Copyright 2000, 2001 DENX Software Engineering, Wolfgang Denk, wd@denx.de
41 + */
42 +
43 +#include <common.h>
44 +#include <command.h>
45 +#include <net.h>
46 +#include "uip-0.9/uipopt.h"
47 +#include "uip-0.9/uip.h"
48 +#include "uip-0.9/uip_arp.h"
49 +
50 +
51 +#if defined(CONFIG_CMD_HTTPD)
52 +
53 +#define TIMEOUT 5
54 +
55 +static int arptimer = 0;
56 +
57 +void
58 +HttpdHandler (void)
59 +{
60 + int i;
61 + for(i = 0; i < UIP_CONNS; i++) {
62 + uip_periodic(i);
63 + if(uip_len > 0) {
64 + uip_arp_out();
65 + NetSendHttpd();
66 + }
67 + }
68 + if(++arptimer == 20) {
69 + uip_arp_timer();
70 + arptimer = 0;
71 + }
72 +}
73 +
74 +static void
75 +HttpdTimeout (void)
76 +{
77 + puts ("T ");
78 + NetSetTimeout (TIMEOUT * 1000, HttpdTimeout);
79 +}
80 +
81 +void
82 +HttpdStart (void)
83 +{
84 + uip_init();
85 + httpd_init();
86 +}
87 +
88 +#endif
89 --- /dev/null
90 +++ b/include/httpd.h
91 @@ -0,0 +1,17 @@
92 +#ifndef _UIP_HTTPD_H__
93 +#define _UIP_HTTPD_H__
94 +
95 +void HttpdStart (void);
96 +void HttpdHandler (void);
97 +
98 +/* board specific implementation */
99 +extern int do_http_upgrade(const unsigned char *data, const ulong size);
100 +
101 +#define HTTP_PROGRESS_START 0
102 +#define HTTP_PROGRESS_TIMEOUT 1
103 +#define HTTP_PROGRESS_UPLOAD_READY 2
104 +#define HTTP_PROGRESS_UGRADE_READY 3
105 +#define HTTP_PROGRESS_UGRADE_FAILED 4
106 +extern int do_http_progress(const int state);
107 +
108 +#endif
109 --- a/net/Makefile
110 +++ b/net/Makefile
111 @@ -26,6 +26,10 @@ include $(TOPDIR)/config.mk
112 # CFLAGS += -DDEBUG
113
114 LIB = $(obj)libnet.a
115 +UIPDIR = uip-0.9
116 +RSADIR = uip-0.9
117 +$(shell mkdir -p $(obj)$(UIPDIR))
118 +$(shell mkdir -p $(obj)$(RSADIR))
119
120 COBJS-y += bootp.o
121 COBJS-$(CONFIG_CMD_DNS) += dns.o
122 @@ -36,6 +40,9 @@ COBJS-y += rarp.o
123 COBJS-$(CONFIG_CMD_SNTP) += sntp.o
124 COBJS-y += tftp.o
125
126 +COBJS-$(CONFIG_CMD_HTTPD) += httpd.o $(UIPDIR)/fs.o $(UIPDIR)/httpd.o $(UIPDIR)/uip_arp.o $(UIPDIR)/uip_arch.o $(UIPDIR)/uip.o
127 +COBJS-$(CONFIG_CMD_RSA) += $(RSADIR)/bigint.o $(RSADIR)/base64.o $(RSADIR)/rmd160.o $(RSADIR)/rsa.o
128 +
129 COBJS := $(COBJS-y)
130 SRCS := $(COBJS:.o=.c)
131 OBJS := $(addprefix $(obj),$(COBJS))
132 --- a/net/net.c
133 +++ b/net/net.c
134 @@ -95,6 +95,19 @@
135 #if defined(CONFIG_CMD_DNS)
136 #include "dns.h"
137 #endif
138 +#if defined(CONFIG_CMD_HTTPD)
139 +#include "httpd.h"
140 +#include "uip-0.9/uipopt.h"
141 +#include "uip-0.9/uip.h"
142 +#include "uip-0.9/uip_arp.h"
143 +static int https_running = 0;
144 +int httpd_upload_complete = 0;
145 +unsigned char *httpd_upload_data = 0;
146 +extern int upload_running;
147 +void NetReceiveHttpd(volatile uchar * inpkt, int len);
148 +void NetSendHttpd(void);
149 +extern int do_reset (cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]);
150 +#endif
151
152 #if defined(CONFIG_CMD_NET)
153
154 @@ -1310,6 +1323,13 @@ NetReceive(volatile uchar * inpkt, int l
155
156 debug("packet received\n");
157
158 +#if defined(CONFIG_CMD_HTTPD)
159 + if(https_running) {
160 + NetReceiveHttpd(inpkt, len);
161 + return;
162 + }
163 +#endif
164 +
165 NetRxPacket = inpkt;
166 NetRxPacketLen = len;
167 et = (Ethernet_t *)inpkt;
168 @@ -1952,3 +1972,161 @@ ushort getenv_VLAN(char *var)
169 {
170 return (string_to_VLAN(getenv(var)));
171 }
172 +
173 +#if defined(CONFIG_CMD_HTTPD)
174 +
175 +void
176 +NetSendHttpd(void)
177 +{
178 + volatile uchar *tmpbuf = NetTxPacket;
179 + int i;
180 +
181 + for(i = 0; i < 40 + UIP_LLH_LEN; i++) {
182 + tmpbuf[i] = uip_buf[i];
183 + }
184 +
185 + for(; i < uip_len; i++) {
186 + tmpbuf[i] = uip_appdata[i - 40 - UIP_LLH_LEN];
187 + }
188 + eth_send(NetTxPacket, uip_len);
189 +}
190 +
191 +#define BUF ((struct uip_eth_hdr *)&uip_buf[0])
192 +
193 +void
194 +NetReceiveHttpd(volatile uchar * inpkt, int len)
195 +{
196 + memcpy(uip_buf, inpkt, len);
197 + uip_len = len;
198 + if(BUF->type == htons(UIP_ETHTYPE_IP)) {
199 + uip_arp_ipin();
200 + uip_input();
201 + if(uip_len > 0) {
202 + uip_arp_out();
203 + NetSendHttpd();
204 + }
205 + } else if(BUF->type == htons(UIP_ETHTYPE_ARP)) {
206 + uip_arp_arpin();
207 + if(uip_len > 0) {
208 + NetSendHttpd();
209 + }
210 + }
211 +}
212 +
213 +int
214 +NetLoopHttpd(void)
215 +{
216 + unsigned long long tout = 0;
217 + bd_t *bd = gd->bd;
218 + unsigned short int ip[2];
219 +
220 +#ifdef CONFIG_NET_MULTI
221 + NetRestarted = 0;
222 + NetDevExists = 0;
223 +#endif
224 +
225 + /* XXX problem with bss workaround */
226 + NetArpWaitPacketMAC = NULL;
227 + NetArpWaitTxPacket = NULL;
228 + NetArpWaitPacketIP = 0;
229 + NetArpWaitReplyIP = 0;
230 + NetArpWaitTxPacket = NULL;
231 + NetTxPacket = NULL;
232 + NetTryCount = 1;
233 +
234 + if (!NetTxPacket) {
235 + int i;
236 + /*
237 + * Setup packet buffers, aligned correctly.
238 + */
239 + NetTxPacket = &PktBuf[0] + (PKTALIGN - 1);
240 + NetTxPacket -= (ulong)NetTxPacket % PKTALIGN;
241 + for (i = 0; i < PKTBUFSRX; i++) {
242 + NetRxPackets[i] = NetTxPacket + (i+1)*PKTSIZE_ALIGN;
243 + }
244 + }
245 +
246 + if (!NetArpWaitTxPacket) {
247 + NetArpWaitTxPacket = &NetArpWaitPacketBuf[0] + (PKTALIGN - 1);
248 + NetArpWaitTxPacket -= (ulong)NetArpWaitTxPacket % PKTALIGN;
249 + NetArpWaitTxPacketSize = 0;
250 + }
251 +
252 + eth_halt();
253 +#ifdef CONFIG_NET_MULTI
254 + eth_set_current();
255 +#endif
256 + if (eth_init(bd) < 0) {
257 + eth_halt();
258 + return(-1);
259 + }
260 +
261 +restart:
262 +#ifdef CONFIG_NET_MULTI
263 + memcpy (NetOurEther, eth_get_dev()->enetaddr, 6);
264 +#else
265 + eth_getenv_enetaddr("ethaddr", NetOurEther);
266 +#endif
267 +
268 + NetCopyIP(&NetOurIP, &bd->bi_ip_addr);
269 + NetOurGatewayIP = getenv_IPaddr ("gatewayip");
270 + NetOurSubnetMask= getenv_IPaddr ("netmask");
271 + NetOurVLAN = getenv_VLAN("vlan");
272 + NetOurNativeVLAN = getenv_VLAN("nvlan");
273 +
274 + printf("starting httpd server from server %ld.%ld.%ld.%ld\n",
275 + (bd->bi_ip_addr & 0xff000000) >> 24,
276 + (bd->bi_ip_addr & 0x00ff0000) >> 16,
277 + (bd->bi_ip_addr & 0x0000ff00) >> 8,
278 + (bd->bi_ip_addr & 0x000000ff));
279 +
280 + HttpdStart();
281 +
282 + ip[0] = ((bd->bi_ip_addr & 0xffff0000) >> 16);
283 + ip[1] = (bd->bi_ip_addr & 0x0000ffff);
284 + uip_sethostaddr(ip);
285 +
286 + do_http_progress(HTTP_PROGRESS_START);
287 +
288 + https_running = 1;
289 + for (;;) {
290 + unsigned long long t1;
291 + WATCHDOG_RESET();
292 + if(eth_rx() > 0) {
293 + HttpdHandler();
294 + } else {
295 + t1 = get_ticks();
296 + if(t1 - tout > 1000) {
297 + do_http_progress(HTTP_PROGRESS_TIMEOUT);
298 + tout = t1;
299 + }
300 + }
301 + if(!httpd_upload_complete)
302 + continue;
303 + printf("Bytes transferred = %ld (%lx hex)\n",
304 + NetBootFileXferSize,
305 + NetBootFileXferSize);
306 + eth_halt();
307 + do_http_progress(HTTP_PROGRESS_UPLOAD_READY);
308 + if(do_http_upgrade(&httpd_upload_data[0], NetBootFileXferSize) == 0) {
309 + do_http_progress(HTTP_PROGRESS_UGRADE_READY);
310 + udelay(1000 * 10);
311 + do_reset (0,0,0,0);
312 + return 0;
313 + }
314 + break;
315 + }
316 + https_running = 0;
317 + NetBootFileXferSize = 0;
318 + httpd_upload_complete = 0;
319 + upload_running = 0;
320 +// free(httpd_upload_data);
321 +
322 + do_http_progress(HTTP_PROGRESS_UGRADE_FAILED);
323 +
324 + goto restart;
325 +
326 + return -1;
327 +}
328 +
329 +#endif
330 --- /dev/null
331 +++ b/net/rsa/base64.c
332 @@ -0,0 +1,137 @@
333 +#include "base64.h"
334 +
335 +static const char cb64[]="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
336 +/* Note that '=' (padding) is 0 */
337 +static const unsigned char fb64[256] = {
338 + 255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
339 + 255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
340 + 255,255,255,255,255,255,255,255,255,255,255, 62,255,255,255, 63,
341 + 52, 53, 54, 55, 56, 57, 58, 59, 60, 61,255,255,255, 0,255,255,
342 + 255, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
343 + 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25,255,255,255,255,255,
344 + 255, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
345 + 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51,255,255,255,255,255,
346 + 255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
347 + 255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
348 + 255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
349 + 255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
350 + 255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
351 + 255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
352 + 255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
353 + 255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
354 +};
355 +
356 +static int encodeblock( unsigned char *in, char *out, int len )
357 +{
358 + char s[3];
359 + int i;
360 +
361 + for (i = 0; i < len; i++)
362 + s[i] = in[i];
363 + for (i = len; i < 3; i++)
364 + s[i] = 0;
365 + out[0] = (unsigned char)(cb64[(s[0] & 0xfc) >> 2 ]);
366 + out[1] = (unsigned char)(cb64[((s[0] & 0x03) << 4) | ((s[1] & 0xf0) >> 4) ]);
367 + out[2] = (unsigned char)(cb64[((s[1] & 0x0f) << 2) | ((s[2] & 0xc0) >> 6) ]);
368 + out[3] = (unsigned char)(cb64[s[2] & 0x3f ]);
369 + switch (len) {
370 + case 1:
371 + out[3] = '=';
372 + case 2:
373 + out[2] = '=';
374 + break;
375 + default:
376 + break;
377 + }
378 +
379 + return 4;
380 +}
381 +
382 +static int decodeblock(char *ins, unsigned char *out, int len)
383 +{
384 + int i;
385 + unsigned char in[4];
386 + int skip = 0;
387 +
388 + if (len != 4)
389 + return -1;
390 + for (i = 0; i < len; i++) {
391 + if (ins[i] == '=') {
392 + in[i] = 0;
393 + skip++;
394 + } else
395 + in[i] = fb64[(int)(ins[i])];
396 + if (in[i] == 255) {
397 + return -1;
398 + }
399 + }
400 + out[0] = (unsigned char ) (in[0] << 2 | in[1] >> 4);
401 + if (skip == 2) {
402 + return 1;
403 + }
404 + out[1] = (unsigned char )((in[1] & 0x0f) << 4 | in[2] >> 2);
405 + if (skip == 1) {
406 + return 2;
407 + }
408 + out[2] = (unsigned char ) (((in[2] << 6) & 0xc0) | in[3]);
409 +
410 + return 3;
411 +}
412 +
413 +int B64_encode(char *source, char *destination, int size_source, int size_destination)
414 +{
415 + int chunks, reminder, size, d, i, size_expected;
416 + char *s;
417 + unsigned char *t;
418 +
419 + chunks = size_source / 3;
420 + reminder = size_source % 3;
421 + size = 0;
422 + size_expected = (chunks * 4) + (reminder?(reminder + 1):0);
423 + if (size_destination < ((chunks * 4) + (reminder?4:0))) {
424 + return 1;
425 + }
426 + for (i = 0; i < chunks; i++) {
427 + s = source + (i * 3);
428 + t = destination + (i * 4);
429 + d = encodeblock(s, t, 3);
430 + if (d == -1) {
431 + return 1;
432 + }
433 + size += d;
434 + }
435 + if (reminder) {
436 + d = encodeblock(source + (chunks * 3), destination + (chunks * 4), reminder);
437 + if (d == -1) {
438 + return 1;
439 + }
440 + size += d;
441 + }
442 + return size;
443 +}
444 +
445 +int B64_decode(char *source, char *destination, int size_source, int size_destination)
446 +{
447 + int chunks, reminder, size, d, i;
448 +
449 + chunks = size_source / 4;
450 + reminder = size_source % 4;
451 + size = 0;
452 + if (reminder) {
453 + return 1;
454 + }
455 + if (size_destination < ((chunks * 3))) {
456 + printf("%d, %d\n",
457 + size_destination, ((chunks * 3) + reminder));
458 + return -1;
459 + }
460 + for (i = 0; i < chunks; i++) {
461 + d = decodeblock(source + (i * 4), destination + (i * 3), 4);
462 + if (d == -1) {
463 + return -1;
464 + }
465 + size += d;
466 + }
467 + return size;
468 +}
469 +
470 --- /dev/null
471 +++ b/net/rsa/base64.h
472 @@ -0,0 +1,11 @@
473 +#ifndef _BASE64_H_
474 +#define _BASE64_H_
475 +#ifdef __cplusplus
476 +extern "C" {
477 +#endif
478 +int B64_encode(char *source, char *destination, int size_source, int size_destination);
479 +int B64_decode(char *source, char *destination, int size_source, int size_destination);
480 +#ifdef __cplusplus
481 +}
482 +#endif
483 +#endif
484 --- /dev/null
485 +++ b/net/rsa/bigint.c
486 @@ -0,0 +1,906 @@
487 +/*
488 + * Copyright(C) 2006
489 + *
490 + * This library is free software; you can redistribute it and/or modify
491 + * it under the terms of the GNU Lesser General Public License as published by
492 + * the Free Software Foundation; either version 2.1 of the License, or
493 + * (at your option) any later version.
494 + *
495 + * This library is distributed in the hope that it will be useful,
496 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
497 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
498 + * GNU Lesser General Public License for more details.
499 + *
500 + * You should have received a copy of the GNU Lesser General Public License
501 + * along with this library; if not, write to the Free Software
502 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
503 + */
504 +
505 +/**
506 + * @defgroup bigint_api Big Integer API
507 + * @brief The bigint implementation as used by the axTLS project.
508 + *
509 + * The bigint library is for RSA encryption/decryption as well as signing.
510 + * This code tries to minimise use of malloc/free by maintaining a small
511 + * cache. A bigint context may maintain state by being made "permanent".
512 + * It be be later released with a bi_depermanent() and bi_free() call.
513 + *
514 + * It supports the following reduction techniques:
515 + * - Classical
516 + * - Barrett
517 + * - Montgomery
518 + *
519 + * It also implements the following:
520 + * - Karatsuba multiplication
521 + * - Squaring
522 + * - Sliding window exponentiation
523 + * - Chinese Remainder Theorem (implemented in rsa.c).
524 + *
525 + * All the algorithms used are pretty standard, and designed for different
526 + * data bus sizes. Negative numbers are not dealt with at all, so a subtraction
527 + * may need to be tested for negativity.
528 + *
529 + * This library steals some ideas from Jef Poskanzer
530 + * <http://cs.marlboro.edu/term/cs-fall02/algorithms/crypto/RSA/bigint>
531 + * and GMP <http://www.swox.com/gmp>. It gets most of its implementation
532 + * detail from "The Handbook of Applied Cryptography"
533 + * <http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf>
534 + * @{
535 + */
536 +
537 +#include "bigint.h"
538 +#include <malloc.h>
539 +#include "div64.h"
540 +
541 +static bigint *bi_int_multiply(BI_CTX *ctx, bigint *bi, comp i);
542 +static bigint *bi_int_divide(BI_CTX *ctx, bigint *biR, comp denom);
543 +static bigint *alloc(BI_CTX *ctx, int size);
544 +static bigint *trim(bigint *bi);
545 +static void more_comps(bigint *bi, int n);
546 +
547 +/**
548 + * @brief Start a new bigint context.
549 + * @return A bigint context.
550 + */
551 +BI_CTX *bi_initialize(void)
552 +{
553 + BI_CTX *ctx = (BI_CTX *)calloc(1, sizeof(BI_CTX));
554 +
555 + ctx->active_list = NULL;
556 + ctx->active_count = 0;
557 + ctx->free_list = NULL;
558 + ctx->free_count = 0;
559 + ctx->mod_offset = 0;
560 +
561 + /* the radix */
562 + ctx->bi_radix = alloc(ctx, 2);
563 + ctx->bi_radix->comps[0] = 0;
564 + ctx->bi_radix->comps[1] = 1;
565 + bi_permanent(ctx->bi_radix);
566 +
567 + return ctx;
568 +}
569 +
570 +/**
571 + * @brief Close the bigint context and free any resources.
572 + *
573 + * Free up any used memory - a check is done if all objects were not
574 + * properly freed.
575 + * @param ctx [in] The bigint session context.
576 + */
577 +void bi_terminate(BI_CTX *ctx)
578 +{
579 + bigint *p, *pn;
580 +
581 + bi_depermanent(ctx->bi_radix);
582 + bi_free(ctx, ctx->bi_radix);
583 +
584 + if (ctx->active_count != 0)
585 + {
586 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
587 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
588 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
589 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
590 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
591 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
592 + return;
593 + }
594 +
595 + for (p = ctx->free_list; p != NULL; p = pn)
596 + {
597 + pn = p->next;
598 + free(p->comps);
599 + free(p);
600 + }
601 +
602 + free(ctx);
603 +}
604 +
605 +/**
606 + * @brief Increment the number of references to this object.
607 + * It does not do a full copy.
608 + * @param bi [in] The bigint to copy.
609 + * @return A referent to the same bigint.
610 + */
611 +bigint *bi_copy(bigint *bi)
612 +{
613 + check(bi);
614 + if (bi->refs != PERMANENT)
615 + bi->refs++;
616 + return bi;
617 +}
618 +
619 +/**
620 + * @brief Simply make a bigint object "unfreeable" if bi_free() is called on it.
621 + *
622 + * For this object to be freed, bi_depermanent() must be called.
623 + * @param bi [in] The bigint to be made permanent.
624 + */
625 +void bi_permanent(bigint *bi)
626 +{
627 + check(bi);
628 + if (bi->refs != 1)
629 + {
630 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
631 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
632 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
633 + return;
634 + }
635 +
636 + bi->refs = PERMANENT;
637 +}
638 +
639 +/**
640 + * @brief Take a permanent object and make it elligible for freedom.
641 + * @param bi [in] The bigint to be made back to temporary.
642 + */
643 +void bi_depermanent(bigint *bi)
644 +{
645 + check(bi);
646 + if (bi->refs != PERMANENT)
647 + {
648 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
649 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
650 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
651 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
652 + return;
653 + }
654 +
655 + bi->refs = 1;
656 +}
657 +
658 +/**
659 + * @brief Free a bigint object so it can be used again.
660 + *
661 + * The memory itself it not actually freed, just tagged as being available
662 + * @param ctx [in] The bigint session context.
663 + * @param bi [in] The bigint to be freed.
664 + */
665 +void bi_free(BI_CTX *ctx, bigint *bi)
666 +{
667 + check(bi);
668 + if (bi->refs == PERMANENT)
669 + {
670 + return;
671 + }
672 +
673 + if (--bi->refs > 0)
674 + {
675 + return;
676 + }
677 +
678 + bi->next = ctx->free_list;
679 + ctx->free_list = bi;
680 + ctx->free_count++;
681 +
682 + if (--ctx->active_count < 0)
683 + {
684 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
685 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
686 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
687 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
688 + return;
689 + }
690 +}
691 +
692 +/**
693 + * @brief Convert an (unsigned) integer into a bigint.
694 + * @param ctx [in] The bigint session context.
695 + * @param i [in] The (unsigned) integer to be converted.
696 + *
697 + */
698 +bigint *int_to_bi(BI_CTX *ctx, comp i)
699 +{
700 + bigint *biR = alloc(ctx, 1);
701 + biR->comps[0] = i;
702 + return biR;
703 +}
704 +
705 +/**
706 + * @brief Do a full copy of the bigint object.
707 + * @param ctx [in] The bigint session context.
708 + * @param bi [in] The bigint object to be copied.
709 + */
710 +bigint *bi_clone(BI_CTX *ctx, const bigint *bi)
711 +{
712 + bigint *biR = alloc(ctx, bi->size);
713 + check(bi);
714 + memcpy(biR->comps, bi->comps, bi->size*COMP_BYTE_SIZE);
715 + return biR;
716 +}
717 +
718 +/**
719 + * @brief Perform an additon operation between two bigints.
720 + * @param ctx [in] The bigint session context.
721 + * @param bia [in] A bigint.
722 + * @param bib [in] Another bigint.
723 + * @return The result of the addition.
724 + */
725 +bigint *bi_add(BI_CTX *ctx, bigint *bia, bigint *bib)
726 +{
727 + int n;
728 + comp carry = 0;
729 + comp *pa, *pb;
730 +
731 + check(bia);
732 + check(bib);
733 +
734 + if (bia->size > bib->size)
735 + n = bia->size;
736 + else
737 + n = bib->size;
738 + more_comps(bia, n+1);
739 + more_comps(bib, n);
740 + pa = bia->comps;
741 + pb = bib->comps;
742 +
743 + do
744 + {
745 + comp sl, rl, cy1;
746 + sl = *pa + *pb++;
747 + rl = sl + carry;
748 + cy1 = sl < *pa;
749 + carry = cy1 | (rl < sl);
750 + *pa++ = rl;
751 + } while (--n != 0);
752 +
753 + *pa = carry; /* do overflow */
754 + bi_free(ctx, bib);
755 + return trim(bia);
756 +}
757 +
758 +/**
759 + * @brief Perform a subtraction operation between two bigints.
760 + * @param ctx [in] The bigint session context.
761 + * @param bia [in] A bigint.
762 + * @param bib [in] Another bigint.
763 + * @param is_negative [out] If defined, indicates that the result was negative.
764 + * is_negative may be NULL.
765 + * @return The result of the subtraction. The result is always positive.
766 + */
767 +bigint *bi_subtract(BI_CTX *ctx,
768 + bigint *bia, bigint *bib, int *is_negative)
769 +{
770 + int n = bia->size;
771 + comp *pa, *pb, carry = 0;
772 +
773 + check(bia);
774 + check(bib);
775 +
776 + more_comps(bib, n);
777 + pa = bia->comps;
778 + pb = bib->comps;
779 +
780 + do
781 + {
782 + comp sl, rl, cy1;
783 + sl = *pa - *pb++;
784 + rl = sl - carry;
785 + cy1 = sl > *pa;
786 + carry = cy1 | (rl > sl);
787 + *pa++ = rl;
788 + } while (--n != 0);
789 +
790 + if (is_negative) /* indicate a negative result */
791 + {
792 + *is_negative = carry;
793 + }
794 +
795 + bi_free(ctx, trim(bib)); /* put bib back to the way it was */
796 + return trim(bia);
797 +}
798 +
799 +/**
800 + * Perform a multiply between a bigint an an (unsigned) integer
801 + */
802 +static bigint *bi_int_multiply(BI_CTX *ctx, bigint *bia, comp b)
803 +{
804 + int j = 0, n = bia->size;
805 + bigint *biR = alloc(ctx, n + 1);
806 + comp carry = 0;
807 + comp *r = biR->comps;
808 + comp *a = bia->comps;
809 +
810 + check(bia);
811 +
812 + /* clear things to start with */
813 + memset(r, 0, ((n+1)*COMP_BYTE_SIZE));
814 +
815 + do
816 + {
817 + long_comp tmp = *r + (long_comp)a[j]*b + carry;
818 + *r++ = (comp)tmp; /* downsize */
819 + carry = (comp)(tmp >> COMP_BIT_SIZE);
820 + } while (++j < n);
821 +
822 + *r = carry;
823 + bi_free(ctx, bia);
824 + return trim(biR);
825 +}
826 +
827 +/**
828 + * @brief Does both division and modulo calculations.
829 + *
830 + * Used extensively when doing classical reduction.
831 + * @param ctx [in] The bigint session context.
832 + * @param u [in] A bigint which is the numerator.
833 + * @param v [in] Either the denominator or the modulus depending on the mode.
834 + * @param is_mod [n] Determines if this is a normal division (0) or a reduction
835 + * (1).
836 + * @return The result of the division/reduction.
837 + */
838 +bigint *bi_divide(BI_CTX *ctx, bigint *u, bigint *v, int is_mod)
839 +{
840 + int n = v->size, m = u->size-n;
841 + int j = 0, orig_u_size = u->size;
842 + uint8_t mod_offset = ctx->mod_offset;
843 + comp d;
844 + bigint *quotient, *tmp_u;
845 + comp q_dash;
846 +
847 + check(u);
848 + check(v);
849 +
850 + /* if doing reduction and we are < mod, then return mod */
851 + if (is_mod && bi_compare(v, u) > 0)
852 + {
853 + bi_free(ctx, v);
854 + return u;
855 + }
856 +
857 + quotient = alloc(ctx, m+1);
858 + tmp_u = alloc(ctx, n+1);
859 + v = trim(v); /* make sure we have no leading 0's */
860 + // d = (comp)((long_comp)COMP_RADIX/(V1+1));
861 + long_comp x = COMP_RADIX; do_div(x, V1+1); d = x;
862 +
863 + /* clear things to start with */
864 + memset(quotient->comps, 0, ((quotient->size)*COMP_BYTE_SIZE));
865 +
866 + /* normalise */
867 + if (d > 1)
868 + {
869 + u = bi_int_multiply(ctx, u, d);
870 +
871 + if (is_mod)
872 + {
873 + v = ctx->bi_normalised_mod[mod_offset];
874 + }
875 + else
876 + {
877 + v = bi_int_multiply(ctx, v, d);
878 + }
879 + }
880 +
881 + if (orig_u_size == u->size) /* new digit position u0 */
882 + {
883 + more_comps(u, orig_u_size + 1);
884 + }
885 +
886 + do
887 + {
888 + /* get a temporary short version of u */
889 + memcpy(tmp_u->comps, &u->comps[u->size-n-1-j], (n+1)*COMP_BYTE_SIZE);
890 +
891 + /* calculate q' */
892 + if (U(0) == V1)
893 + {
894 + q_dash = COMP_RADIX-1;
895 + }
896 + else
897 + {
898 + //q_dash = (comp)(((long_comp)U(0)*COMP_RADIX + U(1))/V1);
899 + long_comp x = U(0)*COMP_RADIX + U(1); do_div(x, V1); q_dash = x;
900 +
901 + }
902 +
903 + if (v->size > 1 && V2)
904 + {
905 + /* we are implementing the following
906 + if (V2*q_dash > (((U(0)*COMP_RADIX + U(1) -
907 + q_dash*V1)*COMP_RADIX) + U(2))) ... */
908 + comp inner = (comp)((long_comp)COMP_RADIX*U(0) + U(1) -
909 + (long_comp)q_dash*V1);
910 + if ((long_comp)V2*q_dash > (long_comp)inner*COMP_RADIX + U(2))
911 + {
912 + q_dash--;
913 + }
914 + }
915 +
916 + /* multiply and subtract */
917 + if (q_dash)
918 + {
919 + int is_negative;
920 + tmp_u = bi_subtract(ctx, tmp_u,
921 + bi_int_multiply(ctx, bi_copy(v), q_dash), &is_negative);
922 + more_comps(tmp_u, n+1);
923 +
924 + Q(j) = q_dash;
925 +
926 + /* add back */
927 + if (is_negative)
928 + {
929 + Q(j)--;
930 + tmp_u = bi_add(ctx, tmp_u, bi_copy(v));
931 + /* lop off the carry */
932 + tmp_u->size--;
933 + v->size--;
934 + }
935 + }
936 + else
937 + {
938 + Q(j) = 0;
939 + }
940 +
941 + /* copy back to u */
942 + memcpy(&u->comps[u->size-n-1-j], tmp_u->comps, (n+1)*COMP_BYTE_SIZE);
943 + } while (++j <= m);
944 +
945 + bi_free(ctx, tmp_u);
946 + bi_free(ctx, v);
947 +
948 + if (is_mod) /* get the remainder */
949 + {
950 + bi_free(ctx, quotient);
951 + return bi_int_divide(ctx, trim(u), d);
952 + }
953 + else /* get the quotient */
954 + {
955 + bi_free(ctx, u);
956 + return trim(quotient);
957 + }
958 +}
959 +
960 +/**
961 + * Perform an integer divide on a bigint.
962 + */
963 +static bigint *bi_int_divide(BI_CTX *ctx, bigint *biR, comp denom)
964 +{
965 + int i = biR->size - 1;
966 + long_comp r = 0;
967 +
968 + check(biR);
969 +
970 + do
971 + {
972 + r = (r<<COMP_BIT_SIZE) + biR->comps[i];
973 + //biR->comps[i] = (comp)(r / denom);
974 + long_comp x = r; do_div(x, denom); biR->comps[i] = x;
975 +/* while(r > denom)
976 + {
977 + r -= denom;
978 + }*/
979 + r%=denom;
980 + } while (--i != 0);
981 +
982 + return trim(biR);
983 +}
984 +
985 +/**
986 + * @brief Allow a binary sequence to be imported as a bigint.
987 + * @param ctx [in] The bigint session context.
988 + * @param data [in] The data to be converted.
989 + * @param size [in] The number of bytes of data.
990 + * @return A bigint representing this data.
991 + */
992 +bigint *bi_import(BI_CTX *ctx, const uint8_t *data, int size)
993 +{
994 + bigint *biR = alloc(ctx, (size+COMP_BYTE_SIZE-1)/COMP_BYTE_SIZE);
995 + int i, j = 0, offset = 0;
996 +
997 + memset(biR->comps, 0, biR->size*COMP_BYTE_SIZE);
998 +
999 + for (i = size-1; i >= 0; i--)
1000 + {
1001 + biR->comps[offset] += data[i] << (j*8);
1002 +
1003 + if (++j == COMP_BYTE_SIZE)
1004 + {
1005 + j = 0;
1006 + offset ++;
1007 + }
1008 + }
1009 +
1010 + return trim(biR);
1011 +}
1012 +
1013 +/**
1014 + * @brief Take a bigint and convert it into a byte sequence.
1015 + *
1016 + * This is useful after a decrypt operation.
1017 + * @param ctx [in] The bigint session context.
1018 + * @param x [in] The bigint to be converted.
1019 + * @param data [out] The converted data as a byte stream.
1020 + * @param size [in] The maximum size of the byte stream. Unused bytes will be
1021 + * zeroed.
1022 + */
1023 +void bi_export(BI_CTX *ctx, bigint *x, uint8_t *data, int size)
1024 +{
1025 + int i, j, k = size-1;
1026 +
1027 + check(x);
1028 + memset(data, 0, size); /* ensure all leading 0's are cleared */
1029 +
1030 + for (i = 0; i < x->size; i++)
1031 + {
1032 + for (j = 0; j < COMP_BYTE_SIZE; j++)
1033 + {
1034 + comp mask = 0xff << (j*8);
1035 + int num = (x->comps[i] & mask) >> (j*8);
1036 + data[k--] = num;
1037 +
1038 + if (k < 0)
1039 + {
1040 + break;
1041 + }
1042 + }
1043 + }
1044 +
1045 + bi_free(ctx, x);
1046 +}
1047 +
1048 +/**
1049 + * @brief Pre-calculate some of the expensive steps in reduction.
1050 + *
1051 + * This function should only be called once (normally when a session starts).
1052 + * When the session is over, bi_free_mod() should be called. bi_mod_power()
1053 + * relies on this function being called.
1054 + * @param ctx [in] The bigint session context.
1055 + * @param bim [in] The bigint modulus that will be used.
1056 + * @param mod_offset [in] There are three moduluii that can be stored - the
1057 + * standard modulus, and it's two primes p and q. This offset refers to which
1058 + * modulus we are referring to.
1059 + * @see bi_free_mod(), bi_mod_power().
1060 + */
1061 +void bi_set_mod(BI_CTX *ctx, bigint *bim, int mod_offset)
1062 +{
1063 + int k = bim->size;
1064 + comp d;
1065 +// comp d = (comp)((long_comp)COMP_RADIX/(bim->comps[k-1]+1));
1066 + long_comp x = COMP_RADIX; do_div(x, bim->comps[k-1]+1); d = x;
1067 +
1068 + ctx->bi_mod[mod_offset] = bim;
1069 + bi_permanent(ctx->bi_mod[mod_offset]);
1070 + ctx->bi_normalised_mod[mod_offset] = bi_int_multiply(ctx, bim, d);
1071 + bi_permanent(ctx->bi_normalised_mod[mod_offset]);
1072 +}
1073 +
1074 +/**
1075 + * @brief Used when cleaning various bigints at the end of a session.
1076 + * @param ctx [in] The bigint session context.
1077 + * @param mod_offset [in] The offset to use.
1078 + * @see bi_set_mod().
1079 + */
1080 +void bi_free_mod(BI_CTX *ctx, int mod_offset)
1081 +{
1082 + bi_depermanent(ctx->bi_mod[mod_offset]);
1083 + bi_free(ctx, ctx->bi_mod[mod_offset]);
1084 + bi_depermanent(ctx->bi_normalised_mod[mod_offset]);
1085 + bi_free(ctx, ctx->bi_normalised_mod[mod_offset]);
1086 +}
1087 +
1088 +/**
1089 + * Perform a standard multiplication between two bigints.
1090 + */
1091 +static bigint *regular_multiply(BI_CTX *ctx, bigint *bia, bigint *bib)
1092 +{
1093 + int i, j, i_plus_j, n = bia->size, t = bib->size;
1094 + bigint *biR = alloc(ctx, n + t);
1095 + comp *sr = biR->comps;
1096 + comp *sa = bia->comps;
1097 + comp *sb = bib->comps;
1098 +
1099 + check(bia);
1100 + check(bib);
1101 +
1102 + /* clear things to start with */
1103 + memset(biR->comps, 0, ((n+t)*COMP_BYTE_SIZE));
1104 + i = 0;
1105 +
1106 + do
1107 + {
1108 + comp carry = 0;
1109 + comp b = *sb++;
1110 + i_plus_j = i;
1111 + j = 0;
1112 +
1113 + do
1114 + {
1115 + long_comp tmp = sr[i_plus_j] + (long_comp)sa[j]*b + carry;
1116 + sr[i_plus_j++] = (comp)tmp; /* downsize */
1117 + carry = (comp)(tmp >> COMP_BIT_SIZE);
1118 + } while (++j < n);
1119 +
1120 + sr[i_plus_j] = carry;
1121 + } while (++i < t);
1122 +
1123 + bi_free(ctx, bia);
1124 + bi_free(ctx, bib);
1125 + return trim(biR);
1126 +}
1127 +
1128 +/**
1129 + * @brief Perform a multiplication operation between two bigints.
1130 + * @param ctx [in] The bigint session context.
1131 + * @param bia [in] A bigint.
1132 + * @param bib [in] Another bigint.
1133 + * @return The result of the multiplication.
1134 + */
1135 +bigint *bi_multiply(BI_CTX *ctx, bigint *bia, bigint *bib)
1136 +{
1137 + check(bia);
1138 + check(bib);
1139 +
1140 + return regular_multiply(ctx, bia, bib);
1141 +}
1142 +
1143 +
1144 +/**
1145 + * @brief Compare two bigints.
1146 + * @param bia [in] A bigint.
1147 + * @param bib [in] Another bigint.
1148 + * @return -1 if smaller, 1 if larger and 0 if equal.
1149 + */
1150 +int bi_compare(bigint *bia, bigint *bib)
1151 +{
1152 + int r, i;
1153 +
1154 + check(bia);
1155 + check(bib);
1156 +
1157 + if (bia->size > bib->size)
1158 + r = 1;
1159 + else if (bia->size < bib->size)
1160 + r = -1;
1161 + else
1162 + {
1163 + comp *a = bia->comps;
1164 + comp *b = bib->comps;
1165 +
1166 + /* Same number of components. Compare starting from the high end
1167 + * and working down. */
1168 + r = 0;
1169 + i = bia->size - 1;
1170 +
1171 + do
1172 + {
1173 + if (a[i] > b[i])
1174 + {
1175 + r = 1;
1176 + break;
1177 + }
1178 + else if (a[i] < b[i])
1179 + {
1180 + r = -1;
1181 + break;
1182 + }
1183 + } while (--i >= 0);
1184 + }
1185 +
1186 + return r;
1187 +}
1188 +
1189 +/**
1190 + * Allocate and zero more components. Does not consume bi.
1191 + */
1192 +static void more_comps(bigint *bi, int n)
1193 +{
1194 + if (n > bi->max_comps)
1195 + {
1196 + if ((bi->max_comps * 2) > n) {
1197 + bi->max_comps = bi->max_comps * 2;
1198 + } else {
1199 + bi->max_comps = n;
1200 + }
1201 + bi->comps = (comp*)realloc(bi->comps, bi->max_comps * COMP_BYTE_SIZE);
1202 + }
1203 +
1204 + if (n > bi->size)
1205 + {
1206 + memset(&bi->comps[bi->size], 0, (n-bi->size)*COMP_BYTE_SIZE);
1207 + }
1208 +
1209 + bi->size = n;
1210 +}
1211 +
1212 +/*
1213 + * Make a new empty bigint. It may just use an old one if one is available.
1214 + * Otherwise get one of the heap.
1215 + */
1216 +static bigint *alloc(BI_CTX *ctx, int size)
1217 +{
1218 + bigint *biR;
1219 +
1220 + /* Can we recycle an old bigint? */
1221 + if (ctx->free_list != NULL)
1222 + {
1223 + biR = ctx->free_list;
1224 + ctx->free_list = biR->next;
1225 + ctx->free_count--;
1226 + if (biR->refs != 0)
1227 + {
1228 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
1229 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
1230 + printf("%s:%s[%d]\n", __FILE__, __func__, __LINE__);
1231 + return 0;
1232 + }
1233 +
1234 + more_comps(biR, size);
1235 + }
1236 + else
1237 + {
1238 + /* No free bigints available - create a new one. */
1239 + biR = (bigint *)malloc(sizeof(bigint));
1240 + biR->comps = (comp*) malloc(size * COMP_BYTE_SIZE);
1241 + biR->max_comps = size; /* give some space to spare */
1242 + }
1243 +
1244 + biR->size = size;
1245 + biR->refs = 1;
1246 + biR->next = NULL;
1247 + ctx->active_count++;
1248 + return biR;
1249 +}
1250 +
1251 +/*
1252 + * Work out the highest '1' bit in an exponent. Used when doing sliding-window
1253 + * exponentiation.
1254 + */
1255 +static int find_max_exp_index(bigint *biexp)
1256 +{
1257 + int i = COMP_BIT_SIZE-1;
1258 + comp shift = COMP_RADIX/2;
1259 + comp test = biexp->comps[biexp->size-1]; /* assume no leading zeroes */
1260 +
1261 + check(biexp);
1262 +
1263 + do
1264 + {
1265 + if (test & shift)
1266 + {
1267 + return i+(biexp->size-1)*COMP_BIT_SIZE;
1268 + }
1269 +
1270 + shift >>= 1;
1271 + } while (--i != 0);
1272 +
1273 + return -1; /* error - must have been a leading 0 */
1274 +}
1275 +
1276 +/*
1277 + * Is a particular bit is an exponent 1 or 0? Used when doing sliding-window
1278 + * exponentiation.
1279 + */
1280 +static int exp_bit_is_one(bigint *biexp, int offset)
1281 +{
1282 + comp test = biexp->comps[offset / COMP_BIT_SIZE];
1283 + int num_shifts = offset % COMP_BIT_SIZE;
1284 + comp shift = 1;
1285 + int i;
1286 +
1287 + check(biexp);
1288 +
1289 + for (i = 0; i < num_shifts; i++)
1290 + {
1291 + shift <<= 1;
1292 + }
1293 +
1294 + return test & shift;
1295 +}
1296 +
1297 +/*
1298 + * Delete any leading 0's (and allow for 0).
1299 + */
1300 +static bigint *trim(bigint *bi)
1301 +{
1302 + check(bi);
1303 +
1304 + while (bi->comps[bi->size-1] == 0 && bi->size > 1)
1305 + {
1306 + bi->size--;
1307 + }
1308 +
1309 + return bi;
1310 +}
1311 +
1312 +/**
1313 + * @brief Perform a modular exponentiation.
1314 + *
1315 + * This function requires bi_set_mod() to have been called previously. This is
1316 + * one of the optimisations used for performance.
1317 + * @param ctx [in] The bigint session context.
1318 + * @param bi [in] The bigint on which to perform the mod power operation.
1319 + * @param biexp [in] The bigint exponent.
1320 + * @see bi_set_mod().
1321 + */
1322 +bigint *bi_mod_power(BI_CTX *ctx, bigint *bi, bigint *biexp)
1323 +{
1324 + int i = find_max_exp_index(biexp), j, window_size = 1;
1325 + bigint *biR = int_to_bi(ctx, 1);
1326 +
1327 + check(bi);
1328 + check(biexp);
1329 +
1330 + ctx->g = (bigint **)malloc(sizeof(bigint *));
1331 + ctx->g[0] = bi_clone(ctx, bi);
1332 + ctx->window = 1;
1333 + bi_permanent(ctx->g[0]);
1334 +
1335 + /* if sliding-window is off, then only one bit will be done at a time and
1336 + * will reduce to standard left-to-right exponentiation */
1337 + do
1338 + {
1339 + if (exp_bit_is_one(biexp, i))
1340 + {
1341 + int l = i-window_size+1;
1342 + int part_exp = 0;
1343 +
1344 + if (l < 0) /* LSB of exponent will always be 1 */
1345 + {
1346 + l = 0;
1347 + }
1348 + else
1349 + {
1350 + while (exp_bit_is_one(biexp, l) == 0)
1351 + {
1352 + l++; /* go back up */
1353 + }
1354 + }
1355 +
1356 + /* build up the section of the exponent */
1357 + for (j = i; j >= l; j--)
1358 + {
1359 + biR = bi_residue(ctx, bi_square(ctx, biR));
1360 + if (exp_bit_is_one(biexp, j))
1361 + part_exp++;
1362 +
1363 + if (j != l)
1364 + part_exp <<= 1;
1365 + }
1366 +
1367 + part_exp = (part_exp-1)/2; /* adjust for array */
1368 + biR = bi_residue(ctx,
1369 + bi_multiply(ctx, biR, ctx->g[part_exp]));
1370 + i = l-1;
1371 + }
1372 + else /* square it */
1373 + {
1374 + biR = bi_residue(ctx, bi_square(ctx, biR));
1375 + i--;
1376 + }
1377 + } while (i >= 0);
1378 +
1379 + /* cleanup */
1380 + for (i = 0; i < ctx->window; i++)
1381 + {
1382 + bi_depermanent(ctx->g[i]);
1383 + bi_free(ctx, ctx->g[i]);
1384 + }
1385 +
1386 + free(ctx->g);
1387 + bi_free(ctx, bi);
1388 + bi_free(ctx, biexp);
1389 + return biR;
1390 +}
1391 +
1392 +/** @} */
1393 --- /dev/null
1394 +++ b/net/rsa/bigint.h
1395 @@ -0,0 +1,73 @@
1396 +/*
1397 + * Copyright(C) 2006
1398 + *
1399 + * This library is free software; you can redistribute it and/or modify
1400 + * it under the terms of the GNU Lesser General Public License as published by
1401 + * the Free Software Foundation; either version 2 of the License, or
1402 + * (at your option) any later version.
1403 + *
1404 + * This library is distributed in the hope that it will be useful,
1405 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
1406 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1407 + * GNU Lesser General Public License for more details.
1408 + *
1409 + * You should have received a copy of the GNU Lesser General Public License
1410 + * along with this library; if not, write to the Free Software
1411 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
1412 + *
1413 + * Trimmed down from axTLS
1414 + *
1415 + * $Id: bigint.h 392 2007-06-25 16:24:51Z pablo.martin $
1416 + *
1417 + */
1418 +
1419 +#ifndef BIGINT_HEADER
1420 +#define BIGINT_HEADER
1421 +
1422 +#define CONFIG_BIGINT_CLASSICAL 1
1423 +
1424 +#define SOCKET_READ(A,B,C) read(A,B,C)
1425 +#define SOCKET_WRITE(A,B,C) write(A,B,C)
1426 +#define SOCKET_CLOSE(A) close(A)
1427 +#define TTY_FLUSH()
1428 +
1429 +#include "bigint_impl.h"
1430 +
1431 +#ifndef CONFIG_BIGINT_CHECK_ON
1432 +#define check(A) /**< disappears in normal production mode */
1433 +#endif
1434 +BI_CTX *bi_initialize(void);
1435 +void bi_terminate(BI_CTX *ctx);
1436 +void bi_permanent(bigint *bi);
1437 +void bi_depermanent(bigint *bi);
1438 +void bi_free(BI_CTX *ctx, bigint *bi);
1439 +bigint *bi_copy(bigint *bi);
1440 +bigint *bi_clone(BI_CTX *ctx, const bigint *bi);
1441 +void bi_export(BI_CTX *ctx, bigint *bi, uint8_t *data, int size);
1442 +bigint *bi_import(BI_CTX *ctx, const uint8_t *data, int len);
1443 +bigint *int_to_bi(BI_CTX *ctx, comp i);
1444 +
1445 +/* the functions that actually do something interesting */
1446 +bigint *bi_add(BI_CTX *ctx, bigint *bia, bigint *bib);
1447 +bigint *bi_subtract(BI_CTX *ctx, bigint *bia,
1448 + bigint *bib, int *is_negative);
1449 +bigint *bi_divide(BI_CTX *ctx, bigint *bia, bigint *bim, int is_mod);
1450 +bigint *bi_multiply(BI_CTX *ctx, bigint *bia, bigint *bib);
1451 +bigint *bi_mod_power(BI_CTX *ctx, bigint *bi, bigint *biexp);
1452 +bigint *bi_mod_power2(BI_CTX *ctx, bigint *bi, bigint *bim, bigint *biexp);
1453 +int bi_compare(bigint *bia, bigint *bib);
1454 +void bi_set_mod(BI_CTX *ctx, bigint *bim, int mod_offset);
1455 +void bi_free_mod(BI_CTX *ctx, int mod_offset);
1456 +
1457 +/**
1458 + * @def bi_mod
1459 + * Find the residue of B. bi_set_mod() must be called before hand.
1460 + */
1461 +#define bi_mod(A, B) bi_divide(A, B, ctx->bi_mod[ctx->mod_offset], 1)
1462 +
1463 +#define bi_residue(A, B) bi_mod(A, B)
1464 +
1465 +#define bi_square(A, B) bi_multiply(A, bi_copy(B), B)
1466 +
1467 +#endif
1468 +
1469 --- /dev/null
1470 +++ b/net/rsa/bigint_impl.h
1471 @@ -0,0 +1,109 @@
1472 +/*
1473 + * Copyright(C) 2006
1474 + *
1475 + * This library is free software; you can redistribute it and/or modify
1476 + * it under the terms of the GNU Lesser General Public License as published by
1477 + * the Free Software Foundation; either version 2.1 of the License, or
1478 + * (at your option) any later version.
1479 + *
1480 + * This library is distributed in the hope that it will be useful,
1481 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
1482 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1483 + * GNU Lesser General Public License for more details.
1484 + *
1485 + * You should have received a copy of the GNU Lesser General Public License
1486 + * along with this library; if not, write to the Free Software
1487 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
1488 + */
1489 +
1490 +#ifndef BIGINT_IMPL_HEADER
1491 +#define BIGINT_IMPL_HEADER
1492 +
1493 +#include <linux/types.h>
1494 +#include <common.h>
1495 +
1496 +/* Maintain a number of precomputed variables when doing reduction */
1497 +#define BIGINT_M_OFFSET 0 /**< Normal modulo offset. */
1498 +#ifdef CONFIG_BIGINT_CRT
1499 +#define BIGINT_P_OFFSET 1 /**< p modulo offset. */
1500 +#define BIGINT_Q_OFFSET 2 /**< q module offset. */
1501 +#define BIGINT_NUM_MODS 3 /**< The number of modulus constants used. */
1502 +#else
1503 +#define BIGINT_NUM_MODS 1
1504 +#endif
1505 +
1506 +/* Architecture specific functions for big ints */
1507 +// #ifdef WIN32
1508 +// #define COMP_RADIX 4294967296i64
1509 +// #define COMP_BIG_MSB 0x8000000000000000i64
1510 +// #else
1511 +#define COMP_RADIX 4294967296ULL /**< Max component + 1 */
1512 +#define COMP_BIG_MSB 0x8000000000000000ULL /**< (Max dbl comp + 1)/ 2 */
1513 +//#endif
1514 +#define COMP_BIT_SIZE 32 /**< Number of bits in a component. */
1515 +#define COMP_BYTE_SIZE 4 /**< Number of bytes in a component. */
1516 +#define COMP_NUM_NIBBLES 8 /**< Used For diagnostics only. */
1517 +
1518 +typedef uint32_t comp; /**< A single precision component. */
1519 +typedef uint64_t long_comp; /**< A double precision component. */
1520 +typedef int64_t slong_comp; /**< A signed double precision component. */
1521 +
1522 +/**
1523 + * @struct _bigint
1524 + * @brief A big integer basic object
1525 + */
1526 +struct _bigint
1527 +{
1528 + struct _bigint* next; /**< The next bigint in the cache. */
1529 + short size; /**< The number of components in this bigint. */
1530 + short max_comps; /**< The heapsize allocated for this bigint */
1531 + int refs; /**< An internal reference count. */
1532 + comp* comps; /**< A ptr to the actual component data */
1533 +};
1534 +
1535 +typedef struct _bigint bigint; /**< An alias for _bigint */
1536 +
1537 +/**
1538 + * Maintains the state of the cache, and a number of variables used in
1539 + * reduction.
1540 + */
1541 +typedef struct /**< A big integer "session" context. */
1542 +{
1543 + bigint *active_list; /**< Bigints currently used. */
1544 + bigint *free_list; /**< Bigints not used. */
1545 + bigint *bi_radix; /**< The radix used. */
1546 + bigint *bi_mod[BIGINT_NUM_MODS]; /**< modulus */
1547 +
1548 +#if defined(CONFIG_BIGINT_MONTGOMERY)
1549 + bigint *bi_RR_mod_m[BIGINT_NUM_MODS]; /**< R^2 mod m */
1550 + bigint *bi_R_mod_m[BIGINT_NUM_MODS]; /**< R mod m */
1551 + comp N0_dash[BIGINT_NUM_MODS];
1552 +#elif defined(CONFIG_BIGINT_BARRETT)
1553 + bigint *bi_mu[BIGINT_NUM_MODS]; /**< Storage for mu */
1554 +#endif
1555 + bigint *bi_normalised_mod[BIGINT_NUM_MODS]; /**< Normalised mod storage. */
1556 + bigint **g; /**< Used by sliding-window. */
1557 + int window; /**< The size of the sliding window */
1558 +
1559 + int active_count; /**< Number of active bigints. */
1560 + int free_count; /**< Number of free bigints. */
1561 +
1562 +#ifdef CONFIG_BIGINT_MONTGOMERY
1563 + uint8_t use_classical; /**< Use classical reduction. */
1564 +#endif
1565 + uint8_t mod_offset; /**< The mod offset we are using */
1566 +} BI_CTX;
1567 +
1568 +#if 0
1569 +#define max(a,b) ((a)>(b)?(a):(b)) /**< Find the maximum of 2 numbers. */
1570 +#define min(a,b) ((a)<(b)?(a):(b)) /**< Find the minimum of 2 numbers. */
1571 +#endif
1572 +
1573 +#define PERMANENT 0x7FFF55AA /**< A magic number for permanents. */
1574 +
1575 +#define V1 v->comps[v->size-1] /**< v1 for division */
1576 +#define V2 v->comps[v->size-2] /**< v2 for division */
1577 +#define U(j) tmp_u->comps[tmp_u->size-j-1] /**< uj for division */
1578 +#define Q(j) quotient->comps[quotient->size-j-1] /**< qj for division */
1579 +
1580 +#endif
1581 --- /dev/null
1582 +++ b/net/rsa/div64.h
1583 @@ -0,0 +1,113 @@
1584 +/*
1585 + * Copyright (C) 2000, 2004 Maciej W. Rozycki
1586 + * Copyright (C) 2003 Ralf Baechle
1587 + *
1588 + * This file is subject to the terms and conditions of the GNU General Public
1589 + * License. See the file "COPYING" in the main directory of this archive
1590 + * for more details.
1591 + */
1592 +#ifndef _ASM_DIV64_H
1593 +#define _ASM_DIV64_H
1594 +
1595 +#if (_MIPS_SZLONG == 32)
1596 +
1597 +#if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4)
1598 +#define GCC_REG_ACCUM "$0"
1599 +#else
1600 +#define GCC_REG_ACCUM "accum"
1601 +#endif
1602 +
1603 +
1604 +//#include <asm/compiler.h>
1605 +
1606 +/*
1607 + * No traps on overflows for any of these...
1608 + */
1609 +
1610 +#define do_div64_32(res, high, low, base) ({ \
1611 + unsigned long __quot, __mod; \
1612 + unsigned long __cf, __tmp, __tmp2, __i; \
1613 + \
1614 + __asm__(".set push\n\t" \
1615 + ".set noat\n\t" \
1616 + ".set noreorder\n\t" \
1617 + "move %2, $0\n\t" \
1618 + "move %3, $0\n\t" \
1619 + "b 1f\n\t" \
1620 + " li %4, 0x21\n" \
1621 + "0:\n\t" \
1622 + "sll $1, %0, 0x1\n\t" \
1623 + "srl %3, %0, 0x1f\n\t" \
1624 + "or %0, $1, %5\n\t" \
1625 + "sll %1, %1, 0x1\n\t" \
1626 + "sll %2, %2, 0x1\n" \
1627 + "1:\n\t" \
1628 + "bnez %3, 2f\n\t" \
1629 + " sltu %5, %0, %z6\n\t" \
1630 + "bnez %5, 3f\n" \
1631 + "2:\n\t" \
1632 + " addiu %4, %4, -1\n\t" \
1633 + "subu %0, %0, %z6\n\t" \
1634 + "addiu %2, %2, 1\n" \
1635 + "3:\n\t" \
1636 + "bnez %4, 0b\n\t" \
1637 + " srl %5, %1, 0x1f\n\t" \
1638 + ".set pop" \
1639 + : "=&r" (__mod), "=&r" (__tmp), "=&r" (__quot), "=&r" (__cf), \
1640 + "=&r" (__i), "=&r" (__tmp2) \
1641 + : "Jr" (base), "0" (high), "1" (low)); \
1642 + \
1643 + (res) = __quot; \
1644 + __mod; })
1645 +
1646 +#define do_div(n, base) ({ \
1647 + unsigned long long __quot; \
1648 + unsigned long __mod; \
1649 + unsigned long long __div; \
1650 + unsigned long __upper, __low, __high, __base; \
1651 + \
1652 + __div = (n); \
1653 + __base = (base); \
1654 + \
1655 + __high = __div >> 32; \
1656 + __low = __div; \
1657 + __upper = __high; \
1658 + \
1659 + if (__high) \
1660 + __asm__("divu $0, %z2, %z3" \
1661 + : "=h" (__upper), "=l" (__high) \
1662 + : "Jr" (__high), "Jr" (__base) \
1663 + : GCC_REG_ACCUM); \
1664 + \
1665 + __mod = do_div64_32(__low, __upper, __low, __base); \
1666 + \
1667 + __quot = __high; \
1668 + __quot = __quot << 32 | __low; \
1669 + (n) = __quot; \
1670 + __mod; })
1671 +#endif /* (_MIPS_SZLONG == 32) */
1672 +
1673 +#if (_MIPS_SZLONG == 64)
1674 +
1675 +/*
1676 + * Hey, we're already 64-bit, no
1677 + * need to play games..
1678 + */
1679 +#define do_div(n, base) ({ \
1680 + unsigned long __quot; \
1681 + unsigned int __mod; \
1682 + unsigned long __div; \
1683 + unsigned int __base; \
1684 + \
1685 + __div = (n); \
1686 + __base = (base); \
1687 + \
1688 + __mod = __div % __base; \
1689 + __quot = __div / __base; \
1690 + \
1691 + (n) = __quot; \
1692 + __mod; })
1693 +
1694 +#endif /* (_MIPS_SZLONG == 64) */
1695 +
1696 +#endif /* _ASM_DIV64_H */
1697 --- /dev/null
1698 +++ b/net/rsa/dump_key.c
1699 @@ -0,0 +1,29 @@
1700 +#include <stdio.h>
1701 +#include <stdlib.h>
1702 +#include <sys/types.h>
1703 +#include <sys/stat.h>
1704 +#include <unistd.h>
1705 +
1706 +int main(int argc, char **argv)
1707 +{
1708 + FILE *fp = fopen("public_fon_rsa_key_6.pem", "r");
1709 + struct stat s;
1710 + unsigned char *b;
1711 + int i;
1712 + if(!fp)
1713 + return 1;
1714 + stat("public_fon_rsa_key_6.pem", &s);
1715 + b = malloc(s.st_size);
1716 + fread(b, s.st_size, 1, fp);
1717 + fclose(fp);
1718 + printf("unsigned char public_key[] = {\n\t");
1719 + for(i = 0;i < s.st_size; i++)
1720 + {
1721 + printf("0x%02X,", b[i]);
1722 + if(i%16 == 15)
1723 + printf("\n\t");
1724 + }
1725 + printf("};\n");
1726 +// printf("\n%d %d\n", i, s.st_size);
1727 + return 0;
1728 +}
1729 --- /dev/null
1730 +++ b/net/rsa/foncheckrsa.c
1731 @@ -0,0 +1,79 @@
1732 +/*
1733 + * RSA + RIPEMD160 signature verification command
1734 + *
1735 + * Copyright (C) 2007 FON Wireless Ltd.
1736 + *
1737 + * This program is free software; you can redistribute it and/or
1738 + * modify it under the terms of the GNU General Public License
1739 + * as published by the Free Software Foundation; either version 2
1740 + * of the License, or (at your option) any later version.
1741 + *
1742 + * This program is distributed in the hope that it will be useful,
1743 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
1744 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1745 + * GNU General Public License for more details.
1746 + *
1747 + * You should have received a copy of the GNU General Public License
1748 + * along with this program; if not, write to the Free Software
1749 + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
1750 + *
1751 + * Created: 20060728 Pablo Martín Medrano <pablo@fon.com>
1752 + *
1753 + * $Id: foncheckrsa.c 332 2007-05-02 09:45:54Z pablo.martin $
1754 + */
1755 +#include <stdio.h>
1756 +#include <stdlib.h>
1757 +#include <sys/types.h>
1758 +#include <sys/stat.h>
1759 +#include <fcntl.h>
1760 +#include <string.h>
1761 +#include <errno.h>
1762 +#include <unistd.h>
1763 +#include "fonrsa.h"
1764 +
1765 +int main(int argc, char **argv)
1766 +{
1767 + int fd, i;
1768 + FONRSA_ERROR fonrsa_error;
1769 + void *handle;
1770 +
1771 + if (argc != 4) {
1772 + fprintf(stderr, " Usage: foncheckrsa [public_key.der] [signature] [file]\n");
1773 + fprintf(stderr, " Pablo Martín Medrano <pablo@fon.com>\n");
1774 + fprintf(stderr, " RIPEMD-160 software written by Antoon Bosselaers,\n");
1775 + fprintf(stderr, " available at http://www.esat.kuleuven.be/~cosicart/ps/AB-9601/.\n");
1776 + fprintf(stderr, " Uses the axTLS library bigint implementation (libfonrsa)\n");
1777 + fprintf(stderr, " http://www.leroc.com.au/axTLS/\n");
1778 + return -1;
1779 + }
1780 + /* Check the existence of input files */
1781 + for (i = 1; i < 4; i++) {
1782 + if ((fd = open(argv[i], O_RDONLY)) == -1) {
1783 + fprintf(stderr, "Error: opening \"%s\": %s\n", argv[i],
1784 + strerror(errno));
1785 + fprintf(stderr, "Bailing out...");
1786 + exit(-2);
1787 + }
1788 + close(fd);
1789 + }
1790 + handle = FR_init(argv[1]);
1791 + if (handle == NULL) {
1792 + printf("Error loading keys in %s\n", argv[1]);
1793 + return 1;
1794 + }
1795 + fonrsa_error = FR_verify_file(handle, argv[3], argv[2]);
1796 + FR_end(handle);
1797 + switch (fonrsa_error) {
1798 + case FONRSA_OK:
1799 + printf("Verified OK\n");
1800 + return 0;
1801 + case FONRSA_VERIFICATION_FAILURE:
1802 + printf("Verification failure\n");
1803 + return 1;
1804 + default:
1805 + printf("Verification error\n");
1806 + return -1;
1807 + }
1808 + return -1;
1809 +}
1810 +
1811 --- /dev/null
1812 +++ b/net/rsa/fonrsa.c
1813 @@ -0,0 +1,584 @@
1814 +/*
1815 + * FONSM RSA handling library
1816 + *
1817 + * This file is part of FONUCS. Copyright (C) 2007 FON Wireless Ltd.
1818 + *
1819 + * This library is free software; you can redistribute it and/or modify
1820 + * it under the terms of the GNU Lesser General Public License as published by
1821 + * the Free Software Foundation; either version 2 of the License, or
1822 + * (at your option) any later version.
1823 + *
1824 + * This library is distributed in the hope that it will be useful,
1825 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
1826 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1827 + * GNU Lesser General Public License for more details.
1828 + *
1829 + * You should have received a copy of the GNU Lesser General Public License
1830 + * along with this library; if not, write to the Free Software
1831 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
1832 + *
1833 + * Created: 20070306 Pablo Martin Medrano <pablo@fon.com>
1834 + *
1835 + * Based on axTLS
1836 + *
1837 + * $Id: fonrsa.c 405 2007-09-19 15:26:17Z jesus.pico $
1838 + */
1839 +#include <sys/types.h>
1840 +#include <stdlib.h>
1841 +#include <stdio.h>
1842 +#include <string.h>
1843 +#include <sys/types.h>
1844 +#include <sys/stat.h>
1845 +#include <fcntl.h>
1846 +#include <unistd.h>
1847 +#include <errno.h>
1848 +#include "rmd160.h"
1849 +#include "bigint.h"
1850 +#include "fonrsa.h"
1851 +#include "base64.h"
1852 +
1853 +typedef struct {
1854 + uint8_t *buffer;
1855 + size_t size;
1856 +} DER_key;
1857 +
1858 +typedef struct {
1859 + bigint *m; /* modulus */
1860 + bigint *e; /* public exponent */
1861 + int num_octets;
1862 + BI_CTX *bi_ctx; /* big integer handle */
1863 +} RSA_parameters;
1864 +
1865 +typedef struct {
1866 + DER_key *derkey;
1867 + RSA_parameters *rsaparms;
1868 +} RSA;
1869 +
1870 +static uint8_t *CH_load_raw_file(char *filename, size_t *size);
1871 +static DER_key *CH_load_der_key(char *filename);
1872 +static void CH_free_der_key(DER_key *key);
1873 +static int asn1_get_public_key(const uint8_t *buf, int len, RSA_parameters **rsa_parameters);
1874 +void CH_pub_key_new(RSA_parameters **rsa_parameters, const uint8_t *modulus, int mod_len, const uint8_t *pub_exp, int pub_len);
1875 +int CH_decrypt(RSA_parameters *rsa, uint8_t *buffer_in, uint8_t *buffer_out);
1876 +byte *RMDbinary(char *fname);
1877 +int CH_get_rmd160_hash_from_signature(byte *hash, char *signature_file, char *public_key_file);
1878 +static unsigned char *load_file_in_buffer(char *path, int *size);
1879 +static int save_file_from_buffer(char *path, unsigned char *buffer, int size);
1880 +int ExtractPadding(uint8_t* OutputBuffer, uint8_t* InputBuffer, int LengthOfInputBuffer);
1881 +
1882 +#define RMDsize 160 /* A RIPEMD-160 hash has 160 bits */
1883 +
1884 +/*
1885 + * returns RMD(message in file fname) fname is read as binary data.
1886 + * non-reentrant
1887 + */
1888 +byte *RMDbinary(char *fname)
1889 +{
1890 + FILE *mf; /* pointer to file <fname> */
1891 + byte data[1024]; /* contains current mess. block */
1892 + dword nbytes; /* length of this block */
1893 + dword MDbuf[RMDsize / 32]; /* contains (A, B, C, D(, E)) */
1894 + static byte hashcode[RMDsize / 8]; /* for final hash-value */
1895 + dword X[16]; /* current 16-word chunk */
1896 + unsigned int i, j; /* counters */
1897 + dword length[2]; /* length in bytes of message */
1898 + dword offset; /* # of unprocessed bytes at */
1899 + /* call of MDfinish */
1900 +
1901 + /* initialize */
1902 + if ((mf = fopen(fname, "rb")) == NULL) {
1903 + fprintf(stderr, "\nRMDbinary: cannot open file \"%s\".\n",
1904 + fname);
1905 + exit(1);
1906 + }
1907 + MDinit(MDbuf);
1908 + length[0] = 0;
1909 + length[1] = 0;
1910 + while ((nbytes = fread(data, 1, 1024, mf)) != 0) {
1911 + /* process all complete blocks */
1912 + for (i = 0; i < (nbytes >> 6); i++) {
1913 + for (j = 0; j < 16; j++)
1914 + X[j] = BYTES_TO_DWORD(data + 64 * i + 4 * j);
1915 + compress(MDbuf, X);
1916 + }
1917 + /* update length[] */
1918 + if (length[0] + nbytes < length[0])
1919 + length[1]++; /* overflow to msb of length */
1920 + length[0] += nbytes;
1921 + }
1922 + /* finish: */
1923 + offset = length[0] & 0x3C0; /* extract bytes 6 to 10 inclusive */
1924 + MDfinish(MDbuf, data + offset, length[0], length[1]);
1925 +
1926 + for (i = 0; i < RMDsize / 8; i += 4) {
1927 + hashcode[i] = MDbuf[i >> 2];
1928 + hashcode[i + 1] = (MDbuf[i >> 2] >> 8);
1929 + hashcode[i + 2] = (MDbuf[i >> 2] >> 16);
1930 + hashcode[i + 3] = (MDbuf[i >> 2] >> 24);
1931 + }
1932 + fclose(mf);
1933 +
1934 + return (byte *) hashcode;
1935 +}
1936 +byte *RMDbinary_buffer(char *buffer, int size_buffer)
1937 +{
1938 + return NULL;
1939 +}
1940 +
1941 +/*
1942 + * Extracts the RMD 160 hash from the signature file
1943 + */
1944 +int CH_get_rmd160_hash_from_signature(byte *hash, char *signature_file, char *public_key_file)
1945 +{
1946 + RSA_parameters *rsa_parameters;
1947 + DER_key *derkey;
1948 + uint8_t *signature;
1949 + size_t signature_size;
1950 + uint8_t *decrypted;
1951 +
1952 + signature = CH_load_raw_file(signature_file, &signature_size);
1953 + if ((signature == NULL)||(signature_size != 512)) {
1954 + fprintf(stderr, "Error: Loading signature key '%s'\n", signature_file);
1955 + exit(-1);
1956 + }
1957 + derkey = CH_load_der_key(public_key_file);
1958 + if (derkey == NULL) {
1959 + fprintf(stderr, "Error: opening DER key file '%s'\n", public_key_file);
1960 + exit(-1);
1961 + }
1962 + if ((asn1_get_public_key(derkey->buffer, derkey->size, &rsa_parameters)) != 0) {
1963 + fprintf(stderr, "Error: Extracting public key from DER file\n");
1964 + exit(-1);
1965 + }
1966 + CH_free_der_key(derkey);
1967 + if (rsa_parameters->num_octets != 512)
1968 + fprintf(stderr, "Error: The RSA public key size is not 4096 bits %d\n", rsa_parameters->num_octets);
1969 + decrypted = (uint8_t *)malloc(rsa_parameters->num_octets);
1970 + if (CH_decrypt(rsa_parameters, signature, decrypted)) {
1971 + fprintf(stderr, "Error: Decrypting signature\n");
1972 + exit(-1);
1973 + }
1974 + memcpy(hash, decrypted + 492, 20);
1975 + free(decrypted);
1976 + free(signature);
1977 + return 0;
1978 +}
1979 +
1980 +/*
1981 + * Decrypts the signature buffer using the rsa public key loaded
1982 + */
1983 +int CH_decrypt(RSA_parameters *rsa, uint8_t *buffer_in, uint8_t *buffer_out)
1984 +{
1985 + bigint *dat_bi;
1986 + bigint *decrypted_bi;
1987 + int byte_size;
1988 +
1989 + byte_size = rsa->num_octets;
1990 + dat_bi = bi_import(rsa->bi_ctx, buffer_in, byte_size);
1991 + rsa->bi_ctx->mod_offset = BIGINT_M_OFFSET;
1992 + bi_copy(rsa->m);
1993 + decrypted_bi = bi_mod_power(rsa->bi_ctx, dat_bi, rsa->e);
1994 + bi_export(rsa->bi_ctx, decrypted_bi, buffer_out, byte_size);
1995 + return 0;
1996 +}
1997 +/*
1998 + * Loads a file in a uint8_t buffer
1999 + */
2000 +static uint8_t *CH_load_raw_file(char *filename, size_t *size)
2001 +{
2002 + struct stat st;
2003 + int fd;
2004 + ssize_t br;
2005 + uint8_t *ret;
2006 +
2007 + if ((stat(filename, &st)) == -1)
2008 + return NULL;
2009 + if ((ret = (uint8_t *)malloc(st.st_size)) == NULL)
2010 + return NULL;
2011 + fd = open(filename, O_RDONLY);
2012 + if (fd == -1) {
2013 + free(ret);
2014 + return NULL;
2015 + }
2016 + br = read(fd, ret, st.st_size);
2017 + close(fd);
2018 + if (br != st.st_size) {
2019 + free(ret);
2020 + return NULL;
2021 + }
2022 + *size = st.st_size;
2023 + return ret;
2024 +}
2025 +/*
2026 + * Loads a .der file in a buffer
2027 + */
2028 +static DER_key *CH_load_der_key(char *filename)
2029 +{
2030 + DER_key *ret;
2031 +
2032 + if ((ret = (DER_key *)malloc(sizeof(DER_key))) == NULL)
2033 + return NULL;
2034 + if ((ret->buffer = CH_load_raw_file(filename, &(ret->size))) == NULL) {
2035 + free(ret);
2036 + return NULL;
2037 + }
2038 + return ret;
2039 +}
2040 +/*
2041 + * CH_load_pem_key
2042 + */
2043 +static DER_key *CH_load_pem_key(char *filename)
2044 +{
2045 + DER_key *ret;
2046 + uint8_t *buffer;
2047 + char *b64,*p,*t;
2048 + char key[1024];
2049 + size_t filesize;
2050 + int size;
2051 +
2052 + if ((ret = (DER_key *)malloc(sizeof(DER_key))) == NULL)
2053 + return NULL;
2054 + if ((buffer = CH_load_raw_file(filename, &filesize)) == NULL) {
2055 + free(ret);
2056 + return NULL;
2057 + }
2058 + p = (char *)buffer;
2059 + while ((*p != '\n') && (*p != '\0'))
2060 + p++;
2061 + if (*p == '\0') {
2062 + free(ret);
2063 + return NULL;
2064 + }
2065 + p++;
2066 + b64 = t = p;
2067 + while((p - b64) <= filesize) {
2068 + if ((*p == '-')) {
2069 + break;
2070 + } else if ((*p != '\n') && (*p != ' ') && (*p != '\t')) {
2071 + *t = *p;
2072 + t++;
2073 + }
2074 + p++;
2075 + }
2076 + *t = '\0';
2077 + size = B64_decode(b64, key, strlen(b64), 1024);
2078 + if (size < 0) {
2079 + free(buffer);
2080 + free(ret);
2081 + return NULL;
2082 + }
2083 + free(buffer);
2084 + ret->buffer = (char *)malloc(size);
2085 + ret->size = size;
2086 + memcpy((void *)ret->buffer, (void *)key, size);
2087 + return ret;
2088 +}
2089 +
2090 +/*
2091 + * CH_free_der_key
2092 + */
2093 +static void CH_free_der_key(DER_key *key)
2094 +{
2095 + free(key->buffer);
2096 + free(key);
2097 +}
2098 +
2099 +/*
2100 + * Get the public key specifics from an ASN.1 encoded file
2101 + * A function lacking in the exported axTLS API
2102 + *
2103 + * This is a really weird hack that only works with RSA public key
2104 + * files
2105 + */
2106 +static int asn1_get_public_key(const uint8_t *buf, int len, RSA_parameters **rsa_parameters)
2107 +{
2108 + uint8_t *modulus, *pub_exp;
2109 + int mod_len, pub_len;
2110 +
2111 + pub_len = 3;
2112 + mod_len = len - 37;
2113 + if (buf[0] != 0x30) {
2114 + return -1;
2115 + }
2116 +
2117 + pub_exp = (uint8_t *)malloc(3);
2118 + modulus = (uint8_t *)malloc(mod_len);
2119 + memcpy(modulus, buf + 32 , mod_len);
2120 + memcpy(pub_exp, buf + 34 + mod_len, 3);
2121 + if (mod_len <= 0 || pub_len <= 0 )
2122 + return -1;
2123 + CH_pub_key_new(rsa_parameters, modulus, mod_len, pub_exp, pub_len);
2124 +
2125 + free(modulus);
2126 + free(pub_exp);
2127 + return 0;
2128 +}
2129 +
2130 +/*
2131 + * Similar to RSA_pub_key_new, rewritten to make this program depend only on bi module
2132 + */
2133 +void CH_pub_key_new(RSA_parameters **rsa, const uint8_t *modulus, int mod_len, const uint8_t *pub_exp, int pub_len)
2134 +{
2135 + RSA_parameters *rsa_parameters;
2136 +
2137 + BI_CTX *bi_ctx = bi_initialize();
2138 + *rsa = (RSA_parameters *)calloc(1, sizeof(RSA_parameters));
2139 + rsa_parameters = *rsa;
2140 + rsa_parameters->bi_ctx = bi_ctx;
2141 + rsa_parameters->num_octets = (mod_len & 0xFFF0);
2142 + rsa_parameters->m = bi_import(bi_ctx, modulus, mod_len);
2143 + bi_set_mod(bi_ctx, rsa_parameters->m, BIGINT_M_OFFSET);
2144 + rsa_parameters->e = bi_import(bi_ctx, pub_exp, pub_len);
2145 + bi_permanent(rsa_parameters->e);
2146 +}
2147 +
2148 +static unsigned char *load_file_in_buffer(char *path, int *size)
2149 +{
2150 + unsigned char *buffer;
2151 + struct stat st;
2152 + int fd;
2153 +
2154 + if (stat(path, &st))
2155 + return NULL;
2156 + buffer = (unsigned char *)malloc(st.st_size);
2157 + if (buffer == NULL)
2158 + return NULL;
2159 + if ((fd = open(path, O_RDONLY)) == -1) {
2160 + free(buffer);
2161 + return NULL;
2162 + }
2163 + if (read(fd, (void *)buffer,st.st_size) != (ssize_t)st.st_size) {
2164 + free(buffer);
2165 + close(fd);
2166 + return NULL;
2167 + }
2168 + *size = (int)st.st_size;
2169 + close(fd);
2170 + return buffer;
2171 +}
2172 +
2173 +static int save_file_from_buffer(char *path, unsigned char *buffer, int size)
2174 +{
2175 + int fd;
2176 +
2177 + if ((fd = open(path, O_WRONLY | O_CREAT, 0644)) == -1)
2178 + return -1;
2179 + if (write(fd, buffer, (size_t)size) != ((ssize_t)size)) {
2180 + close(fd);
2181 + return -1;
2182 + }
2183 + close(fd);
2184 + return 0;
2185 +}
2186 +
2187 +/* FR_init */
2188 +void *FR_init(char *public_key_path)
2189 +{
2190 + DER_key *derkey;
2191 + RSA_parameters *rsa_parameters;
2192 + char *ending;
2193 +
2194 + ending = public_key_path + strlen(public_key_path) - 3;
2195 + if (!strcmp(ending, "der"))
2196 + derkey = CH_load_der_key(public_key_path);
2197 + else if (!strcmp(ending, "pem"))
2198 + derkey = CH_load_pem_key(public_key_path);
2199 + else {
2200 + fprintf(stderr, "Error: unknown key format\n");
2201 + exit(-1);
2202 + }
2203 + if (derkey == NULL) {
2204 + fprintf(stderr, "Error: opening key file '%s'\n", public_key_path);
2205 + exit(-1);
2206 + }
2207 + if ((asn1_get_public_key(derkey->buffer, derkey->size, &rsa_parameters)) != 0) {
2208 + fprintf(stderr, "Error: Extracting public key from file\n");
2209 + exit(-1);
2210 + }
2211 + CH_free_der_key(derkey);
2212 + return (void *)rsa_parameters;
2213 +}
2214 +
2215 +/* FR_end */
2216 +FONRSA_ERROR FR_end(void *handle)
2217 +{
2218 + RSA_parameters *rsa_parameters = (RSA_parameters *)handle;
2219 +
2220 + free(rsa_parameters);
2221 + return FONRSA_OK;
2222 +}
2223 +
2224 +/* FR_decrypt_buffer */
2225 +FONRSA_ERROR FR_decrypt_buffer(void *handler, unsigned char *cryptext, int cryptext_size,
2226 + unsigned char *plaintext, int plaintext_buffer_size, int *plaintext_size)
2227 +{
2228 + RSA_parameters *rsaparms = (RSA_parameters *)handler;
2229 +
2230 + if (cryptext_size != rsaparms->num_octets) {
2231 + return FONRSA_SIZE;
2232 + }
2233 + if (plaintext_buffer_size < cryptext_size) {
2234 + return FONRSA_SIZE;
2235 + }
2236 + if (CH_decrypt(rsaparms, (uint8_t *)cryptext, (uint8_t *)plaintext)) {
2237 + return FONRSA_DECRYPT;
2238 + }
2239 + *plaintext_size = cryptext_size;
2240 + return FONRSA_OK;
2241 +}
2242 +
2243 +FONRSA_ERROR FR_decrypt_buffer_v2(void *handler, unsigned char *cryptext, int cryptext_size,
2244 + unsigned char *plaintext, int plaintext_buffer_size, int *plaintext_size)
2245 +{
2246 + unsigned char* AuxBuffer;
2247 + int AuxSize;
2248 +
2249 + AuxBuffer = (unsigned char*)malloc(cryptext_size);
2250 +
2251 + RSA_parameters *rsaparms = (RSA_parameters *)handler;
2252 +
2253 + if (cryptext_size != rsaparms->num_octets) {
2254 + return FONRSA_SIZE;
2255 + }
2256 + if (plaintext_buffer_size < cryptext_size) {
2257 + return FONRSA_SIZE;
2258 + }
2259 + if (CH_decrypt(rsaparms, (uint8_t *)cryptext, (uint8_t *)AuxBuffer)) {
2260 + return FONRSA_DECRYPT;
2261 + }
2262 + if ((AuxSize = ExtractPadding((uint8_t*)plaintext, (uint8_t*)AuxBuffer, cryptext_size)) < 0)
2263 + {
2264 + printf("Incorrect Padding decrypting buffer");
2265 + return FONRSA_DECRYPT;
2266 + }
2267 + *plaintext_size = AuxSize;
2268 + return FONRSA_OK;
2269 +}
2270 +
2271 +/*
2272 + *
2273 + * Implementation of PKCS 1.5 padding, borrowed from
2274 + * Tom's code (public domain)
2275 + */
2276 +
2277 +/* Standalone FR_verify_file */
2278 +FONRSA_ERROR FR_verify_file(void *handler, char *file_path, char *signature_file_path)
2279 +{
2280 + int j;
2281 + byte *hashcode;
2282 + byte hash[20];
2283 + uint8_t *decrypted;
2284 + RSA_parameters *rsa_parameters = (RSA_parameters *)handler;
2285 + char *signature_buffer;
2286 + int signature_size;
2287 +
2288 + /* Calculates the RIPEMD-160 hash of the file */
2289 + hashcode = RMDbinary (file_path);
2290 + /* Decrypts the signature file using the RSA public key */
2291 + signature_buffer = load_file_in_buffer(signature_file_path, &signature_size);
2292 + if (signature_buffer == NULL)
2293 + return FONRSA_OPENKEY;
2294 +
2295 + if (rsa_parameters->num_octets != signature_size)
2296 + return FONRSA_SIZE;
2297 + decrypted = (uint8_t *)malloc(rsa_parameters->num_octets);
2298 + if (CH_decrypt(rsa_parameters, signature_buffer, decrypted)) {
2299 + fprintf(stderr, "Error: Decrypting signature\n");
2300 + exit(-1);
2301 + }
2302 + memcpy(hash, decrypted + 492, 20);
2303 + free(decrypted);
2304 + free(signature_buffer);
2305 + for (j = 0; j < RMDsize/8; j++) {
2306 + if (hash[j] != hashcode[j])
2307 + return FONRSA_VERIFICATION_FAILURE;
2308 + }
2309 + return FONRSA_OK;
2310 +}
2311 +
2312 +/* FR_decrypt_file */
2313 +FONRSA_ERROR FR_decrypt_file(void *handle, char *crypted_file_path, char *plaintext_file_path)
2314 +{
2315 + int size;
2316 + FONRSA_ERROR ret;
2317 + char *filebuffer;
2318 + char crypted[1024];
2319 + int crypted_size;
2320 +
2321 + if ((filebuffer = load_file_in_buffer(crypted_file_path, &size)) == NULL) {
2322 + return FONRSA_LOADFILE;
2323 + }
2324 +
2325 + ret = FR_decrypt_buffer(handle, filebuffer, size, crypted, 1024, &crypted_size);
2326 + if (ret != FONRSA_OK) {
2327 + free(filebuffer);
2328 + return ret;
2329 + }
2330 + free(filebuffer);
2331 +
2332 + if (save_file_from_buffer(plaintext_file_path, crypted, crypted_size)) {
2333 + printf("Error writing %lu bytes into %s", crypted_size, plaintext_file_path);
2334 + return FONRSA_SAVEFILE;
2335 + }
2336 + return FONRSA_OK;
2337 +}
2338 +
2339 +int ExtractPadding(uint8_t* OutputBuffer, uint8_t* InputBuffer, int LengthOfInputBuffer)
2340 +{
2341 + int i;
2342 +
2343 + //First typical checks...
2344 + if (LengthOfInputBuffer < MINIMUM_PADING_BYTES_PKCS_1_5)
2345 + {
2346 + fprintf(stderr, "Error:ExtractPadding: Error, Length of input buffer is too short.\n");
2347 + return -1;
2348 + }
2349 + else if((InputBuffer[0] != 0) || (InputBuffer[1] > 2)) //Necessary header of Padding...
2350 + {
2351 + fprintf(stderr, "Error:ExtractPadding: Error, Padding header is incorrect.\n");
2352 + return -1;
2353 + }
2354 + for (i=2; i < LengthOfInputBuffer; i++) //Variable size of non-zero padding....
2355 + {
2356 + if (InputBuffer[i] == 0) break; //This is the end of Padding.
2357 + }
2358 + //We need to evaluate if there is an existing message...
2359 + if (i < LengthOfInputBuffer - 2)
2360 + {//Ok, Padding is extracted... copying the message and finishing...
2361 + memcpy(OutputBuffer, &(InputBuffer[i + 1]), LengthOfInputBuffer - (i + 1));
2362 + return LengthOfInputBuffer - (i + 1);
2363 + }
2364 + //If we have reached to this point, then an error has occurred...
2365 + return -1;
2366 +}
2367 +
2368 +#ifdef __MAINTEST__
2369 +int main(int argc, char **argv)
2370 +{
2371 + void *handle = NULL;
2372 + FONRSA_ERROR ret;
2373 + char *filebuffer = NULL;
2374 + char crypted[1024];
2375 + int size, crypted_size;
2376 +
2377 + if (argc != 4) {
2378 + printf("Usage: %s <key_file> <crypted_file> <output_file>\n", argv[0]);
2379 + return 1;
2380 + }
2381 +
2382 + handle = FR_init(argv[1]);
2383 + if (handle == NULL) {
2384 + printf("Error loading keys\n");
2385 + return 1;
2386 + }
2387 + ret = FR_decrypt_file(handle, argv[2], argv[3]);
2388 + if (ret != FONRSA_OK) {
2389 + printf("FR_decrypt_file returns %d\n", ret);
2390 + }
2391 + FR_end(handle);
2392 + return (int)ret;
2393 +}
2394 +
2395 +#endif
2396 +
2397 +
2398 --- /dev/null
2399 +++ b/net/rsa/fonrsa.h
2400 @@ -0,0 +1,53 @@
2401 +/*
2402 + * FONSM RSA handling library, used by fonsmcd and foncheckrsa
2403 + *
2404 + * This file is part of FONUCS. Copyright (C) 2007 FON Wireless Ltd.
2405 + *
2406 + * This library is free software; you can redistribute it and/or modify
2407 + * it under the terms of the GNU Lesser General Public License as published by
2408 + * the Free Software Foundation; either version 2 of the License, or
2409 + * (at your option) any later version.
2410 + *
2411 + * This library is distributed in the hope that it will be useful,
2412 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
2413 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2414 + * GNU Lesser General Public License for more details.
2415 + *
2416 + * You should have received a copy of the GNU Lesser General Public License
2417 + * along with this library; if not, write to the Free Software
2418 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
2419 + *
2420 + * Created: 20070306 Pablo Martin Medrano <pablo@fon.com>
2421 + *
2422 + * $Id: fonrsa.h 404 2007-09-17 10:41:31Z jesus.pico $
2423 + */
2424 +#ifndef _FONRSA_H
2425 +#define _FONRSA_H
2426 +
2427 +#define MINIMUM_PADING_BYTES_PKCS_1_5 3
2428 +
2429 +typedef enum {
2430 + FONRSA_OK = 0,
2431 + FONRSA_VERIFICATION_FAILURE = 1,
2432 + FONRSA_OPENKEY = 2,
2433 + FONRSA_SIZE = 3,
2434 + FONRSA_LOADFILE = 4,
2435 + FONRSA_CRYPT = 5,
2436 + FONRSA_DECRYPT = 6,
2437 + FONRSA_SAVEFILE = 7,
2438 + FONRSA_NOSYS = 8,
2439 + FONRSA_VERIFY = 9
2440 +} FONRSA_ERROR;
2441 +
2442 +void *FR_init(char *public_key_path);
2443 +FONRSA_ERROR FR_end(void *handle);
2444 +FONRSA_ERROR FR_decrypt_buffer(void *handler, unsigned char *cryptext, int cryptext_size,
2445 + unsigned char *plaintext, int plaintext_buffer_size, int *plaintext_size);
2446 +FONRSA_ERROR FR_decrypt_buffer_v2(void *handler, unsigned char *cryptext, int cryptext_size,
2447 + unsigned char *plaintext, int plaintext_buffer_size, int *plaintext_size);
2448 +FONRSA_ERROR FR_verify_file(void *handler, char *file_path, char *signature_file_path);
2449 +FONRSA_ERROR FR_decrypt_file(void *handler, char *crypted_file_path, char *plaintext_file_path);
2450 +
2451 +#endif
2452 +
2453 +
2454 --- /dev/null
2455 +++ b/net/rsa/log.c
2456 @@ -0,0 +1,138 @@
2457 +/*
2458 + * Fonsm log module. Used inside the fonsm backend module and on the client.
2459 + *
2460 + * This file is part of FONUCS. Copyright (C) 2007 FON Wireless Ltd.
2461 + *
2462 + * Created: 20070202 Pablo Martin Medrano <pablo@fon.com>
2463 + *
2464 + * $Id: log.c 392 2007-06-25 16:24:51Z pablo.martin $
2465 + */
2466 +#include <stdio.h>
2467 +#include <string.h>
2468 +#include <stdlib.h>
2469 +#include <stdarg.h>
2470 +#include <unistd.h>
2471 +#ifndef WIN32
2472 +#include <syslog.h>
2473 +#endif
2474 +#include "log.h"
2475 +
2476 +#define MAX_SESSION_PREFIX 256
2477 +
2478 +typedef struct {
2479 + char domain[256];
2480 + LG_LEVEL watermark;
2481 + int mode;
2482 + LG_log_function_pointer function;
2483 +} ST_fslog;
2484 +
2485 +static ST_fslog fslog;
2486 +static void LG_log_string(LG_LEVEL level, const char *message);
2487 +
2488 +/*!
2489 + \brief Starts the log subsystem, redirecting glog() to stderr/syslog depending
2490 + on mode
2491 + \retval FSLOG_ERROR : FSLOG_OK if everything goes well
2492 + \param lg : handle that will be returned
2493 + \param ident : program identifier, any string
2494 + \param low_watermark : if the log level is less than this value, it will not be logged
2495 + \param mode : FSLOG_MODE_SYSLOG (log to syslog) or FSLOG_MODE_STDERR (log to stderr)
2496 +*/
2497 +FSLOG_ERROR LG_start(const char *domain, LG_LEVEL watermark, int mode,
2498 + LG_log_function_pointer log_function, int facility)
2499 +{
2500 +#ifndef WIN32
2501 + strncpy(fslog.domain, domain, MAX_LG_DOMAIN);
2502 + fslog.domain[MAX_LG_DOMAIN - 1] = '\0';
2503 + fslog.watermark = watermark;
2504 + fslog.mode = mode;
2505 + fslog.function = log_function?log_function:LG_log_string;
2506 + if (fslog.mode & LG_SYSLOG)
2507 + openlog(domain, LOG_NDELAY, facility);
2508 + return FSLOG_OK;
2509 +#else
2510 + return FSLOG_OK;
2511 +#endif
2512 +}
2513 +
2514 +/*!
2515 + \brief Set the low watermark
2516 + \retval FSLOG_ERROR : FSLOG_OK
2517 + \param lg : log handle
2518 + \param low_watermark : new watermark
2519 +*/
2520 +FSLOG_ERROR LG_set_loglevel(LG_LEVEL watermark)
2521 +{
2522 + fslog.watermark = watermark;
2523 + return FSLOG_OK;
2524 +}
2525 +
2526 +/*!
2527 + \brief Ends the log subsystem, unregisteing glog handle
2528 + \retval FSLOG_ERROR : FSLOG_OK if everything goes well
2529 + \param handle : log handle to free
2530 +*/
2531 +FSLOG_ERROR LG_end(void)
2532 +{
2533 +#ifndef WIN32
2534 + if (fslog.mode & LG_SYSLOG)
2535 + closelog();
2536 +#endif
2537 + return FSLOG_OK;
2538 +}
2539 +
2540 +
2541 +void LG_log(LG_LEVEL loglevel, const char *message, ...)
2542 +{
2543 +#ifndef WIN32
2544 + va_list ap;
2545 + char buffer[4096];
2546 + int n;
2547 +
2548 + va_start(ap, message);
2549 + n = vsnprintf(buffer, MAX_LOG_STRING, message, ap);
2550 + va_end(ap);
2551 + if (n > -1 && n < MAX_LOG_STRING)
2552 + fslog.function(loglevel, buffer);
2553 + else
2554 + fon_critical("%s: Message too big to be logged", __FUNCTION__);
2555 +#else
2556 + return;
2557 +#endif
2558 +}
2559 +
2560 +/* Default log function (when mode is LG_SYSLOG or LG_STDERR) */
2561 +static void LG_log_string(LG_LEVEL level, const char *message)
2562 +{
2563 +#ifndef WIN32
2564 + static struct {
2565 + int syslog_level;
2566 + char *log_string;
2567 + } fonlog_to_syslog[] = {
2568 + [LG_DEBUG] = {LOG_ERR, "DEBUG"},
2569 + [LG_MESSAGE] = {LOG_ERR, "MESSAGE"},
2570 + [LG_WARNING] = {LOG_ERR, "WARNING"},
2571 + [LG_CRITICAL] = {LOG_ERR, "CRITICAL"},
2572 + [LG_ERROR] = {LOG_ERR, "ERROR"}
2573 + };
2574 +
2575 + if (level < fslog.watermark)
2576 + return;
2577 + if (fslog.mode & LG_SYSLOG) {
2578 + if (level == LG_MESSAGE) {
2579 + syslog(LOG_INFO, "%s", message);
2580 + } else {
2581 + syslog(fonlog_to_syslog[level].syslog_level, "%s: %s", fonlog_to_syslog[level].log_string, message);
2582 + }
2583 + }
2584 + if (fslog.mode & LG_STDERR) {
2585 + fprintf(stderr, "%s[%d]: %8.8s: %s\n", fslog.domain,
2586 + getpid(), fonlog_to_syslog[level].log_string,
2587 + message);
2588 + }
2589 +#else
2590 + /* FIXE: todo */
2591 + return;
2592 +#endif
2593 +}
2594 +
2595 --- /dev/null
2596 +++ b/net/rsa/log.h
2597 @@ -0,0 +1,77 @@
2598 +/*
2599 + * Fonsm log module. Used inside the fonsm backend module and on the client.
2600 + *
2601 + * This file is part of FONUCS. Copyright (C) 2007 FON Wireless Ltd.
2602 + *
2603 + * Created: 20070202 Pablo Martin Medrano <pablo@fon.com>
2604 + *
2605 + * $Id: log.h 379 2007-05-28 09:17:48Z pablo.martin $
2606 + */
2607 +#ifndef _LOG_H
2608 +#define _LOG_H
2609 +
2610 +#ifdef __cplusplus
2611 +extern "C" {
2612 +#endif
2613 +
2614 +#include <stdarg.h>
2615 +
2616 +typedef enum {
2617 + FSLOG_OK = 0,
2618 + FSLOG_UNKNOWN = -1
2619 +} FSLOG_ERROR;
2620 +
2621 +
2622 +typedef void * LG_HANDLE;
2623 +
2624 +typedef enum {
2625 + LG_DEBUG = 0,
2626 + LG_MESSAGE = 1,
2627 + LG_INFO = 2,
2628 + LG_WARNING = 3,
2629 + LG_CRITICAL = 4,
2630 + LG_ERROR = 5
2631 +} LG_LEVEL;
2632 +
2633 +#define LG_SYSLOG 0x01
2634 +#define LG_STDERR 0x02
2635 +#define LG_CUSTOM 0x04
2636 +
2637 +#define MAX_LG_DOMAIN 256
2638 +#define MAX_LOG_STRING 4096
2639 +
2640 +#ifndef NDEBUG
2641 +#ifndef LOGPRINTF
2642 +#define fon_debug(...) LG_log (LG_DEBUG, __VA_ARGS__)
2643 +#else
2644 +#define fon_debug(...) { printf("DEBUG: "); printf(__VA_ARGS__); printf("\n"); }
2645 +#endif
2646 +#else
2647 +/* fon_debug evaluates to nothing when NDEBUG is defined */
2648 +#define fon_debug(...)
2649 +#endif
2650 +#ifndef LOGPRINTF
2651 +#define fon_message(...) LG_log (LG_MESSAGE, __VA_ARGS__)
2652 +#define fon_warning(...) LG_log (LG_WARNING, __VA_ARGS__)
2653 +#define fon_critical(...) LG_log (LG_CRITICAL, __VA_ARGS__)
2654 +#define fon_error(...) LG_log (LG_ERROR, __VA_ARGS__)
2655 +#else
2656 +#define fon_message(...) { printf("MESSAGE: "); printf(__VA_ARGS__); printf("\n"); }
2657 +#define fon_warning(...) { printf("WARNING: "); printf(__VA_ARGS__); printf("\n"); }
2658 +#define fon_critical(...) { printf("CRITICAL: "); printf(__VA_ARGS__); printf("\n"); }
2659 +#define fon_error(...) { printf("ERROR: "); printf(__VA_ARGS__); printf("\n"); }
2660 +#endif
2661 +
2662 +typedef void (*LG_log_function_pointer)(LG_LEVEL level, const char *message);
2663 +
2664 +FSLOG_ERROR LG_start(const char *domain, LG_LEVEL watermark, int mode, LG_log_function_pointer log_function, int facility);
2665 +FSLOG_ERROR LG_set_loglevel(LG_LEVEL watermark);
2666 +FSLOG_ERROR LG_end(void);
2667 +void LG_log(LG_LEVEL loglevel, const char *message, ...);
2668 +
2669 +#ifdef __cplusplus
2670 +}
2671 +#endif
2672 +
2673 +#endif
2674 +
2675 --- /dev/null
2676 +++ b/net/rsa/Makefile
2677 @@ -0,0 +1,31 @@
2678 +#
2679 +# FONRSA & FONSIGN libraries unit testing
2680 +#
2681 +# This file is part of FONUCS. Copyright (C) 2007 FON Wireless Ltd.
2682 +#
2683 +# Execute in this directory
2684 +#
2685 +# Created: 20070422 Pablo Martin Medrano <pablo@fon.com>
2686 +#
2687 +# $Id: Makefile 389 2007-06-11 08:29:56Z pablo.martin $
2688 +#
2689 +# FIXME: Put this in the main Makefile.am
2690 +#
2691 +all: fonsign dump_key
2692 +
2693 +fonsign:
2694 + gcc -g sign_openssl.c -D__MAINTEST__ -o fonsign -lssl
2695 +
2696 +dump_key:
2697 + gcc -o dump_key dump_key.c
2698 + ./dump_key > public_key.h
2699 +
2700 +foncheckrsa:
2701 + gcc -g bigint.c fonrsa.c rmd160.c foncheckrsa.c base64.c log.c -o foncheckrsa
2702 +
2703 +#private_fon_rsa_key.pem:
2704 +# openssl genrsa -out private_fon_rsa_key.pem 4096
2705 +# openssl rsa -in private_fon_rsa_key.pem -pubout -out public_fon_rsa_key.pem
2706 +
2707 +clean:
2708 + rm fonsign dump_key
2709 --- /dev/null
2710 +++ b/net/rsa/public_key.h
2711 @@ -0,0 +1,52 @@
2712 +unsigned char public_key[] = {
2713 + 0x2D,0x2D,0x2D,0x2D,0x2D,0x42,0x45,0x47,0x49,0x4E,0x20,0x50,0x55,0x42,0x4C,0x49,
2714 + 0x43,0x20,0x4B,0x45,0x59,0x2D,0x2D,0x2D,0x2D,0x2D,0x0A,0x4D,0x49,0x49,0x43,0x49,
2715 + 0x6A,0x41,0x4E,0x42,0x67,0x6B,0x71,0x68,0x6B,0x69,0x47,0x39,0x77,0x30,0x42,0x41,
2716 + 0x51,0x45,0x46,0x41,0x41,0x4F,0x43,0x41,0x67,0x38,0x41,0x4D,0x49,0x49,0x43,0x43,
2717 + 0x67,0x4B,0x43,0x41,0x67,0x45,0x41,0x34,0x4C,0x42,0x76,0x59,0x43,0x4B,0x38,0x38,
2718 + 0x6D,0x75,0x57,0x61,0x73,0x31,0x4F,0x53,0x73,0x71,0x30,0x0A,0x38,0x39,0x38,0x79,
2719 + 0x76,0x54,0x4B,0x71,0x41,0x6E,0x4F,0x37,0x78,0x2F,0x44,0x53,0x57,0x72,0x46,0x53,
2720 + 0x30,0x42,0x72,0x47,0x53,0x51,0x31,0x52,0x69,0x44,0x39,0x55,0x62,0x78,0x77,0x6F,
2721 + 0x64,0x76,0x36,0x65,0x51,0x4B,0x55,0x30,0x67,0x36,0x52,0x6B,0x2F,0x39,0x54,0x70,
2722 + 0x4C,0x6E,0x4F,0x2F,0x76,0x51,0x4B,0x70,0x69,0x41,0x30,0x30,0x0A,0x2B,0x32,0x59,
2723 + 0x30,0x74,0x6B,0x4C,0x39,0x73,0x6A,0x37,0x64,0x33,0x57,0x4B,0x47,0x39,0x62,0x6A,
2724 + 0x64,0x51,0x58,0x2F,0x43,0x49,0x35,0x57,0x46,0x42,0x42,0x64,0x77,0x57,0x73,0x74,
2725 + 0x4D,0x43,0x38,0x77,0x74,0x4C,0x6A,0x6A,0x45,0x59,0x79,0x43,0x58,0x46,0x32,0x31,
2726 + 0x30,0x39,0x7A,0x31,0x47,0x54,0x4C,0x73,0x53,0x44,0x34,0x57,0x4F,0x0A,0x45,0x50,
2727 + 0x6D,0x45,0x37,0x34,0x63,0x6E,0x6F,0x35,0x78,0x53,0x43,0x71,0x71,0x33,0x74,0x54,
2728 + 0x49,0x6D,0x38,0x50,0x78,0x49,0x77,0x54,0x46,0x6D,0x46,0x6F,0x6D,0x6A,0x76,0x31,
2729 + 0x4F,0x56,0x50,0x32,0x73,0x42,0x49,0x70,0x35,0x4E,0x2B,0x59,0x6F,0x56,0x61,0x53,
2730 + 0x58,0x6A,0x47,0x66,0x4E,0x63,0x54,0x36,0x4E,0x6B,0x39,0x76,0x6B,0x56,0x0A,0x57,
2731 + 0x69,0x67,0x39,0x30,0x71,0x50,0x4E,0x4C,0x58,0x6E,0x39,0x39,0x50,0x78,0x48,0x61,
2732 + 0x49,0x31,0x36,0x52,0x7A,0x78,0x48,0x4C,0x39,0x54,0x42,0x2B,0x50,0x43,0x33,0x68,
2733 + 0x33,0x61,0x58,0x33,0x71,0x57,0x30,0x4B,0x4C,0x4A,0x41,0x66,0x6F,0x35,0x70,0x48,
2734 + 0x6C,0x39,0x79,0x75,0x55,0x70,0x37,0x66,0x46,0x65,0x6A,0x4A,0x2B,0x41,0x58,0x0A,
2735 + 0x51,0x4F,0x4A,0x62,0x53,0x45,0x67,0x56,0x74,0x76,0x72,0x68,0x44,0x39,0x73,0x55,
2736 + 0x6D,0x4B,0x30,0x74,0x36,0x63,0x51,0x44,0x65,0x32,0x32,0x4E,0x4E,0x6E,0x77,0x37,
2737 + 0x43,0x4F,0x4F,0x61,0x59,0x49,0x57,0x55,0x55,0x6A,0x79,0x6A,0x68,0x35,0x50,0x4B,
2738 + 0x64,0x64,0x45,0x4B,0x5A,0x38,0x68,0x62,0x62,0x47,0x65,0x61,0x5A,0x4A,0x6F,0x76,
2739 + 0x0A,0x63,0x6F,0x51,0x64,0x55,0x56,0x51,0x6D,0x71,0x44,0x53,0x2B,0x6B,0x63,0x2F,
2740 + 0x41,0x51,0x6C,0x65,0x55,0x36,0x68,0x51,0x6A,0x63,0x55,0x4C,0x57,0x44,0x6B,0x4E,
2741 + 0x2F,0x6F,0x4F,0x6C,0x33,0x43,0x53,0x65,0x70,0x67,0x54,0x37,0x6B,0x67,0x73,0x52,
2742 + 0x63,0x63,0x47,0x74,0x66,0x4B,0x65,0x37,0x77,0x4D,0x70,0x35,0x66,0x59,0x4A,0x2B,
2743 + 0x41,0x0A,0x43,0x46,0x44,0x41,0x6F,0x4C,0x6E,0x58,0x4E,0x6A,0x4E,0x56,0x6C,0x65,
2744 + 0x73,0x43,0x6B,0x78,0x74,0x6A,0x62,0x4C,0x62,0x49,0x72,0x66,0x32,0x6E,0x43,0x62,
2745 + 0x32,0x61,0x4D,0x65,0x64,0x31,0x5A,0x48,0x4E,0x4A,0x51,0x75,0x6F,0x4E,0x58,0x67,
2746 + 0x72,0x43,0x41,0x44,0x31,0x71,0x2B,0x58,0x6E,0x66,0x77,0x63,0x69,0x6D,0x57,0x50,
2747 + 0x64,0x51,0x0A,0x44,0x59,0x6A,0x6D,0x65,0x44,0x70,0x35,0x77,0x36,0x41,0x4A,0x33,
2748 + 0x2F,0x35,0x59,0x39,0x55,0x74,0x78,0x47,0x34,0x72,0x51,0x72,0x61,0x68,0x78,0x53,
2749 + 0x42,0x77,0x43,0x4B,0x57,0x39,0x4B,0x79,0x53,0x31,0x71,0x53,0x76,0x73,0x37,0x7A,
2750 + 0x59,0x2F,0x52,0x59,0x37,0x4A,0x66,0x36,0x63,0x56,0x6B,0x54,0x43,0x78,0x69,0x33,
2751 + 0x7A,0x32,0x53,0x0A,0x50,0x46,0x33,0x51,0x64,0x6B,0x30,0x50,0x44,0x2F,0x73,0x2B,
2752 + 0x6B,0x77,0x39,0x71,0x4F,0x4E,0x79,0x69,0x33,0x67,0x6E,0x61,0x42,0x46,0x6E,0x54,
2753 + 0x77,0x48,0x7A,0x59,0x69,0x77,0x34,0x2F,0x77,0x6A,0x46,0x33,0x64,0x47,0x68,0x47,
2754 + 0x4E,0x6B,0x78,0x36,0x70,0x63,0x4E,0x4F,0x52,0x55,0x46,0x4E,0x65,0x4F,0x7A,0x59,
2755 + 0x76,0x39,0x6F,0x6A,0x0A,0x51,0x59,0x70,0x73,0x55,0x31,0x33,0x6A,0x6D,0x30,0x33,
2756 + 0x42,0x6F,0x45,0x2B,0x42,0x31,0x64,0x38,0x50,0x47,0x75,0x57,0x2B,0x49,0x7A,0x2F,
2757 + 0x41,0x4F,0x44,0x7A,0x6B,0x6F,0x56,0x6B,0x39,0x2B,0x57,0x79,0x49,0x33,0x37,0x50,
2758 + 0x30,0x53,0x7A,0x47,0x4B,0x72,0x2B,0x53,0x33,0x72,0x72,0x74,0x61,0x50,0x6C,0x41,
2759 + 0x70,0x71,0x4B,0x48,0x55,0x0A,0x6E,0x64,0x35,0x6C,0x30,0x63,0x76,0x75,0x59,0x66,
2760 + 0x31,0x4C,0x37,0x45,0x52,0x75,0x49,0x58,0x64,0x47,0x4C,0x6A,0x30,0x43,0x41,0x77,
2761 + 0x45,0x41,0x41,0x51,0x3D,0x3D,0x0A,0x2D,0x2D,0x2D,0x2D,0x2D,0x45,0x4E,0x44,0x20,
2762 + 0x50,0x55,0x42,0x4C,0x49,0x43,0x20,0x4B,0x45,0x59,0x2D,0x2D,0x2D,0x2D,0x2D,0x0A,
2763 + };
2764 --- /dev/null
2765 +++ b/net/rsa/rmd160.c
2766 @@ -0,0 +1,292 @@
2767 +/********************************************************************\
2768 + *
2769 + * FILE: rmd160.c
2770 + *
2771 + * CONTENTS: A sample C-implementation of the RIPEMD-160
2772 + * hash-function.
2773 + * TARGET: any computer with an ANSI C compiler
2774 + *
2775 + * AUTHOR: Antoon Bosselaers, ESAT-COSIC
2776 + * DATE: 1 March 1996
2777 + * VERSION: 1.0
2778 + *
2779 + * Copyright (c) Katholieke Universiteit Leuven
2780 + * 1996, All Rights Reserved
2781 + *
2782 + * Conditions for use of the RIPEMD-160 Software
2783 + *
2784 + * The RIPEMD-160 software is freely available for use under the terms and
2785 + * conditions described hereunder, which shall be deemed to be accepted by
2786 + * any user of the software and applicable on any use of the software:
2787 + *
2788 + * 1. K.U.Leuven Department of Electrical Engineering-ESAT/COSIC shall for
2789 + * all purposes be considered the owner of the RIPEMD-160 software and of
2790 + * all copyright, trade secret, patent or other intellectual property
2791 + * rights therein.
2792 + * 2. The RIPEMD-160 software is provided on an "as is" basis without
2793 + * warranty of any sort, express or implied. K.U.Leuven makes no
2794 + * representation that the use of the software will not infringe any
2795 + * patent or proprietary right of third parties. User will indemnify
2796 + * K.U.Leuven and hold K.U.Leuven harmless from any claims or liabilities
2797 + * which may arise as a result of its use of the software. In no
2798 + * circumstances K.U.Leuven R&D will be held liable for any deficiency,
2799 + * fault or other mishappening with regard to the use or performance of
2800 + * the software.
2801 + * 3. User agrees to give due credit to K.U.Leuven in scientific publications
2802 + * or communications in relation with the use of the RIPEMD-160 software
2803 + * as follows: RIPEMD-160 software written by Antoon Bosselaers,
2804 + * available at http://www.esat.kuleuven.be/~cosicart/ps/AB-9601/.
2805 + *
2806 +\********************************************************************/
2807 +
2808 +/* header files */
2809 +#include <common.h>
2810 +#include "rmd160.h"
2811 +
2812 +/********************************************************************/
2813 +
2814 +void MDinit(dword *MDbuf)
2815 +{
2816 + MDbuf[0] = 0x67452301UL;
2817 + MDbuf[1] = 0xefcdab89UL;
2818 + MDbuf[2] = 0x98badcfeUL;
2819 + MDbuf[3] = 0x10325476UL;
2820 + MDbuf[4] = 0xc3d2e1f0UL;
2821 +
2822 + return;
2823 +}
2824 +
2825 +/********************************************************************/
2826 +
2827 +void compress(dword *MDbuf, dword *X)
2828 +{
2829 + dword aa = MDbuf[0], bb = MDbuf[1], cc = MDbuf[2],
2830 + dd = MDbuf[3], ee = MDbuf[4];
2831 + dword aaa = MDbuf[0], bbb = MDbuf[1], ccc = MDbuf[2],
2832 + ddd = MDbuf[3], eee = MDbuf[4];
2833 +
2834 + /* round 1 */
2835 + FF(aa, bb, cc, dd, ee, X[ 0], 11);
2836 + FF(ee, aa, bb, cc, dd, X[ 1], 14);
2837 + FF(dd, ee, aa, bb, cc, X[ 2], 15);
2838 + FF(cc, dd, ee, aa, bb, X[ 3], 12);
2839 + FF(bb, cc, dd, ee, aa, X[ 4], 5);
2840 + FF(aa, bb, cc, dd, ee, X[ 5], 8);
2841 + FF(ee, aa, bb, cc, dd, X[ 6], 7);
2842 + FF(dd, ee, aa, bb, cc, X[ 7], 9);
2843 + FF(cc, dd, ee, aa, bb, X[ 8], 11);
2844 + FF(bb, cc, dd, ee, aa, X[ 9], 13);
2845 + FF(aa, bb, cc, dd, ee, X[10], 14);
2846 + FF(ee, aa, bb, cc, dd, X[11], 15);
2847 + FF(dd, ee, aa, bb, cc, X[12], 6);
2848 + FF(cc, dd, ee, aa, bb, X[13], 7);
2849 + FF(bb, cc, dd, ee, aa, X[14], 9);
2850 + FF(aa, bb, cc, dd, ee, X[15], 8);
2851 +
2852 + /* round 2 */
2853 + GG(ee, aa, bb, cc, dd, X[ 7], 7);
2854 + GG(dd, ee, aa, bb, cc, X[ 4], 6);
2855 + GG(cc, dd, ee, aa, bb, X[13], 8);
2856 + GG(bb, cc, dd, ee, aa, X[ 1], 13);
2857 + GG(aa, bb, cc, dd, ee, X[10], 11);
2858 + GG(ee, aa, bb, cc, dd, X[ 6], 9);
2859 + GG(dd, ee, aa, bb, cc, X[15], 7);
2860 + GG(cc, dd, ee, aa, bb, X[ 3], 15);
2861 + GG(bb, cc, dd, ee, aa, X[12], 7);
2862 + GG(aa, bb, cc, dd, ee, X[ 0], 12);
2863 + GG(ee, aa, bb, cc, dd, X[ 9], 15);
2864 + GG(dd, ee, aa, bb, cc, X[ 5], 9);
2865 + GG(cc, dd, ee, aa, bb, X[ 2], 11);
2866 + GG(bb, cc, dd, ee, aa, X[14], 7);
2867 + GG(aa, bb, cc, dd, ee, X[11], 13);
2868 + GG(ee, aa, bb, cc, dd, X[ 8], 12);
2869 +
2870 + /* round 3 */
2871 + HH(dd, ee, aa, bb, cc, X[ 3], 11);
2872 + HH(cc, dd, ee, aa, bb, X[10], 13);
2873 + HH(bb, cc, dd, ee, aa, X[14], 6);
2874 + HH(aa, bb, cc, dd, ee, X[ 4], 7);
2875 + HH(ee, aa, bb, cc, dd, X[ 9], 14);
2876 + HH(dd, ee, aa, bb, cc, X[15], 9);
2877 + HH(cc, dd, ee, aa, bb, X[ 8], 13);
2878 + HH(bb, cc, dd, ee, aa, X[ 1], 15);
2879 + HH(aa, bb, cc, dd, ee, X[ 2], 14);
2880 + HH(ee, aa, bb, cc, dd, X[ 7], 8);
2881 + HH(dd, ee, aa, bb, cc, X[ 0], 13);
2882 + HH(cc, dd, ee, aa, bb, X[ 6], 6);
2883 + HH(bb, cc, dd, ee, aa, X[13], 5);
2884 + HH(aa, bb, cc, dd, ee, X[11], 12);
2885 + HH(ee, aa, bb, cc, dd, X[ 5], 7);
2886 + HH(dd, ee, aa, bb, cc, X[12], 5);
2887 +
2888 + /* round 4 */
2889 + II(cc, dd, ee, aa, bb, X[ 1], 11);
2890 + II(bb, cc, dd, ee, aa, X[ 9], 12);
2891 + II(aa, bb, cc, dd, ee, X[11], 14);
2892 + II(ee, aa, bb, cc, dd, X[10], 15);
2893 + II(dd, ee, aa, bb, cc, X[ 0], 14);
2894 + II(cc, dd, ee, aa, bb, X[ 8], 15);
2895 + II(bb, cc, dd, ee, aa, X[12], 9);
2896 + II(aa, bb, cc, dd, ee, X[ 4], 8);
2897 + II(ee, aa, bb, cc, dd, X[13], 9);
2898 + II(dd, ee, aa, bb, cc, X[ 3], 14);
2899 + II(cc, dd, ee, aa, bb, X[ 7], 5);
2900 + II(bb, cc, dd, ee, aa, X[15], 6);
2901 + II(aa, bb, cc, dd, ee, X[14], 8);
2902 + II(ee, aa, bb, cc, dd, X[ 5], 6);
2903 + II(dd, ee, aa, bb, cc, X[ 6], 5);
2904 + II(cc, dd, ee, aa, bb, X[ 2], 12);
2905 +
2906 + /* round 5 */
2907 + JJ(bb, cc, dd, ee, aa, X[ 4], 9);
2908 + JJ(aa, bb, cc, dd, ee, X[ 0], 15);
2909 + JJ(ee, aa, bb, cc, dd, X[ 5], 5);
2910 + JJ(dd, ee, aa, bb, cc, X[ 9], 11);
2911 + JJ(cc, dd, ee, aa, bb, X[ 7], 6);
2912 + JJ(bb, cc, dd, ee, aa, X[12], 8);
2913 + JJ(aa, bb, cc, dd, ee, X[ 2], 13);
2914 + JJ(ee, aa, bb, cc, dd, X[10], 12);
2915 + JJ(dd, ee, aa, bb, cc, X[14], 5);
2916 + JJ(cc, dd, ee, aa, bb, X[ 1], 12);
2917 + JJ(bb, cc, dd, ee, aa, X[ 3], 13);
2918 + JJ(aa, bb, cc, dd, ee, X[ 8], 14);
2919 + JJ(ee, aa, bb, cc, dd, X[11], 11);
2920 + JJ(dd, ee, aa, bb, cc, X[ 6], 8);
2921 + JJ(cc, dd, ee, aa, bb, X[15], 5);
2922 + JJ(bb, cc, dd, ee, aa, X[13], 6);
2923 +
2924 + /* parallel round 1 */
2925 + JJJ(aaa, bbb, ccc, ddd, eee, X[ 5], 8);
2926 + JJJ(eee, aaa, bbb, ccc, ddd, X[14], 9);
2927 + JJJ(ddd, eee, aaa, bbb, ccc, X[ 7], 9);
2928 + JJJ(ccc, ddd, eee, aaa, bbb, X[ 0], 11);
2929 + JJJ(bbb, ccc, ddd, eee, aaa, X[ 9], 13);
2930 + JJJ(aaa, bbb, ccc, ddd, eee, X[ 2], 15);
2931 + JJJ(eee, aaa, bbb, ccc, ddd, X[11], 15);
2932 + JJJ(ddd, eee, aaa, bbb, ccc, X[ 4], 5);
2933 + JJJ(ccc, ddd, eee, aaa, bbb, X[13], 7);
2934 + JJJ(bbb, ccc, ddd, eee, aaa, X[ 6], 7);
2935 + JJJ(aaa, bbb, ccc, ddd, eee, X[15], 8);
2936 + JJJ(eee, aaa, bbb, ccc, ddd, X[ 8], 11);
2937 + JJJ(ddd, eee, aaa, bbb, ccc, X[ 1], 14);
2938 + JJJ(ccc, ddd, eee, aaa, bbb, X[10], 14);
2939 + JJJ(bbb, ccc, ddd, eee, aaa, X[ 3], 12);
2940 + JJJ(aaa, bbb, ccc, ddd, eee, X[12], 6);
2941 +
2942 + /* parallel round 2 */
2943 + III(eee, aaa, bbb, ccc, ddd, X[ 6], 9);
2944 + III(ddd, eee, aaa, bbb, ccc, X[11], 13);
2945 + III(ccc, ddd, eee, aaa, bbb, X[ 3], 15);
2946 + III(bbb, ccc, ddd, eee, aaa, X[ 7], 7);
2947 + III(aaa, bbb, ccc, ddd, eee, X[ 0], 12);
2948 + III(eee, aaa, bbb, ccc, ddd, X[13], 8);
2949 + III(ddd, eee, aaa, bbb, ccc, X[ 5], 9);
2950 + III(ccc, ddd, eee, aaa, bbb, X[10], 11);
2951 + III(bbb, ccc, ddd, eee, aaa, X[14], 7);
2952 + III(aaa, bbb, ccc, ddd, eee, X[15], 7);
2953 + III(eee, aaa, bbb, ccc, ddd, X[ 8], 12);
2954 + III(ddd, eee, aaa, bbb, ccc, X[12], 7);
2955 + III(ccc, ddd, eee, aaa, bbb, X[ 4], 6);
2956 + III(bbb, ccc, ddd, eee, aaa, X[ 9], 15);
2957 + III(aaa, bbb, ccc, ddd, eee, X[ 1], 13);
2958 + III(eee, aaa, bbb, ccc, ddd, X[ 2], 11);
2959 +
2960 + /* parallel round 3 */
2961 + HHH(ddd, eee, aaa, bbb, ccc, X[15], 9);
2962 + HHH(ccc, ddd, eee, aaa, bbb, X[ 5], 7);
2963 + HHH(bbb, ccc, ddd, eee, aaa, X[ 1], 15);
2964 + HHH(aaa, bbb, ccc, ddd, eee, X[ 3], 11);
2965 + HHH(eee, aaa, bbb, ccc, ddd, X[ 7], 8);
2966 + HHH(ddd, eee, aaa, bbb, ccc, X[14], 6);
2967 + HHH(ccc, ddd, eee, aaa, bbb, X[ 6], 6);
2968 + HHH(bbb, ccc, ddd, eee, aaa, X[ 9], 14);
2969 + HHH(aaa, bbb, ccc, ddd, eee, X[11], 12);
2970 + HHH(eee, aaa, bbb, ccc, ddd, X[ 8], 13);
2971 + HHH(ddd, eee, aaa, bbb, ccc, X[12], 5);
2972 + HHH(ccc, ddd, eee, aaa, bbb, X[ 2], 14);
2973 + HHH(bbb, ccc, ddd, eee, aaa, X[10], 13);
2974 + HHH(aaa, bbb, ccc, ddd, eee, X[ 0], 13);
2975 + HHH(eee, aaa, bbb, ccc, ddd, X[ 4], 7);
2976 + HHH(ddd, eee, aaa, bbb, ccc, X[13], 5);
2977 +
2978 + /* parallel round 4 */
2979 + GGG(ccc, ddd, eee, aaa, bbb, X[ 8], 15);
2980 + GGG(bbb, ccc, ddd, eee, aaa, X[ 6], 5);
2981 + GGG(aaa, bbb, ccc, ddd, eee, X[ 4], 8);
2982 + GGG(eee, aaa, bbb, ccc, ddd, X[ 1], 11);
2983 + GGG(ddd, eee, aaa, bbb, ccc, X[ 3], 14);
2984 + GGG(ccc, ddd, eee, aaa, bbb, X[11], 14);
2985 + GGG(bbb, ccc, ddd, eee, aaa, X[15], 6);
2986 + GGG(aaa, bbb, ccc, ddd, eee, X[ 0], 14);
2987 + GGG(eee, aaa, bbb, ccc, ddd, X[ 5], 6);
2988 + GGG(ddd, eee, aaa, bbb, ccc, X[12], 9);
2989 + GGG(ccc, ddd, eee, aaa, bbb, X[ 2], 12);
2990 + GGG(bbb, ccc, ddd, eee, aaa, X[13], 9);
2991 + GGG(aaa, bbb, ccc, ddd, eee, X[ 9], 12);
2992 + GGG(eee, aaa, bbb, ccc, ddd, X[ 7], 5);
2993 + GGG(ddd, eee, aaa, bbb, ccc, X[10], 15);
2994 + GGG(ccc, ddd, eee, aaa, bbb, X[14], 8);
2995 +
2996 + /* parallel round 5 */
2997 + FFF(bbb, ccc, ddd, eee, aaa, X[12] , 8);
2998 + FFF(aaa, bbb, ccc, ddd, eee, X[15] , 5);
2999 + FFF(eee, aaa, bbb, ccc, ddd, X[10] , 12);
3000 + FFF(ddd, eee, aaa, bbb, ccc, X[ 4] , 9);
3001 + FFF(ccc, ddd, eee, aaa, bbb, X[ 1] , 12);
3002 + FFF(bbb, ccc, ddd, eee, aaa, X[ 5] , 5);
3003 + FFF(aaa, bbb, ccc, ddd, eee, X[ 8] , 14);
3004 + FFF(eee, aaa, bbb, ccc, ddd, X[ 7] , 6);
3005 + FFF(ddd, eee, aaa, bbb, ccc, X[ 6] , 8);
3006 + FFF(ccc, ddd, eee, aaa, bbb, X[ 2] , 13);
3007 + FFF(bbb, ccc, ddd, eee, aaa, X[13] , 6);
3008 + FFF(aaa, bbb, ccc, ddd, eee, X[14] , 5);
3009 + FFF(eee, aaa, bbb, ccc, ddd, X[ 0] , 15);
3010 + FFF(ddd, eee, aaa, bbb, ccc, X[ 3] , 13);
3011 + FFF(ccc, ddd, eee, aaa, bbb, X[ 9] , 11);
3012 + FFF(bbb, ccc, ddd, eee, aaa, X[11] , 11);
3013 +
3014 + /* combine results */
3015 + ddd += cc + MDbuf[1]; /* final result for MDbuf[0] */
3016 + MDbuf[1] = MDbuf[2] + dd + eee;
3017 + MDbuf[2] = MDbuf[3] + ee + aaa;
3018 + MDbuf[3] = MDbuf[4] + aa + bbb;
3019 + MDbuf[4] = MDbuf[0] + bb + ccc;
3020 + MDbuf[0] = ddd;
3021 +
3022 + return;
3023 +}
3024 +
3025 +/********************************************************************/
3026 +
3027 +void MDfinish(dword *MDbuf, byte *strptr, dword lswlen, dword mswlen)
3028 +{
3029 + unsigned int i; /* counter */
3030 + dword X[16]; /* message words */
3031 +
3032 + memset(X, 0, 16*sizeof(dword));
3033 +
3034 + /* put bytes from strptr into X */
3035 + for (i=0; i<(lswlen&63); i++) {
3036 + /* byte i goes into word X[i div 4] at pos. 8*(i mod 4) */
3037 + X[i>>2] ^= (dword) *strptr++ << (8 * (i&3));
3038 + }
3039 +
3040 + /* append the bit m_n == 1 */
3041 + X[(lswlen>>2)&15] ^= (dword)1 << (8*(lswlen&3) + 7);
3042 +
3043 + if ((lswlen & 63) > 55) {
3044 + /* length goes to next block */
3045 + compress(MDbuf, X);
3046 + memset(X, 0, 16*sizeof(dword));
3047 + }
3048 +
3049 + /* append length in bits*/
3050 + X[14] = lswlen << 3;
3051 + X[15] = (lswlen >> 29) | (mswlen << 3);
3052 + compress(MDbuf, X);
3053 +
3054 + return;
3055 +}
3056 +
3057 +/************************ end of file rmd160.c **********************/
3058 +
3059 --- /dev/null
3060 +++ b/net/rsa/rmd160.h
3061 @@ -0,0 +1,154 @@
3062 +/********************************************************************\
3063 + *
3064 + * FILE: rmd160.h
3065 + *
3066 + * CONTENTS: Header file for a sample C-implementation of the
3067 + * RIPEMD-160 hash-function.
3068 + * TARGET: any computer with an ANSI C compiler
3069 + *
3070 + * AUTHOR: Antoon Bosselaers, ESAT-COSIC
3071 + * DATE: 1 March 1996
3072 + * VERSION: 1.0
3073 + *
3074 + * Copyright (c) Katholieke Universiteit Leuven
3075 + * 1996, All Rights Reserved
3076 + *
3077 + * Conditions for use of the RIPEMD-160 Software
3078 + *
3079 + * The RIPEMD-160 software is freely available for use under the terms and
3080 + * conditions described hereunder, which shall be deemed to be accepted by
3081 + * any user of the software and applicable on any use of the software:
3082 + *
3083 + * 1. K.U.Leuven Department of Electrical Engineering-ESAT/COSIC shall for
3084 + * all purposes be considered the owner of the RIPEMD-160 software and of
3085 + * all copyright, trade secret, patent or other intellectual property
3086 + * rights therein.
3087 + * 2. The RIPEMD-160 software is provided on an "as is" basis without
3088 + * warranty of any sort, express or implied. K.U.Leuven makes no
3089 + * representation that the use of the software will not infringe any
3090 + * patent or proprietary right of third parties. User will indemnify
3091 + * K.U.Leuven and hold K.U.Leuven harmless from any claims or liabilities
3092 + * which may arise as a result of its use of the software. In no
3093 + * circumstances K.U.Leuven R&D will be held liable for any deficiency,
3094 + * fault or other mishappening with regard to the use or performance of
3095 + * the software.
3096 + * 3. User agrees to give due credit to K.U.Leuven in scientific publications
3097 + * or communications in relation with the use of the RIPEMD-160 software
3098 + * as follows: RIPEMD-160 software written by Antoon Bosselaers,
3099 + * available at http://www.esat.kuleuven.be/~cosicart/ps/AB-9601/.
3100 + *
3101 +\********************************************************************/
3102 +
3103 +#ifndef RMD160H /* make sure this file is read only once */
3104 +#define RMD160H
3105 +
3106 +/********************************************************************/
3107 +
3108 +/* typedef 8 and 32 bit types, resp. */
3109 +/* adapt these, if necessary,
3110 + for your operating system and compiler */
3111 +typedef unsigned char byte;
3112 +typedef unsigned long dword;
3113 +
3114 +
3115 +/********************************************************************/
3116 +
3117 +/* macro definitions */
3118 +
3119 +/* collect four bytes into one word: */
3120 +#define BYTES_TO_DWORD(strptr) \
3121 + (((dword) *((strptr)+3) << 24) | \
3122 + ((dword) *((strptr)+2) << 16) | \
3123 + ((dword) *((strptr)+1) << 8) | \
3124 + ((dword) *(strptr)))
3125 +
3126 +/* ROL(x, n) cyclically rotates x over n bits to the left */
3127 +/* x must be of an unsigned 32 bits type and 0 <= n < 32. */
3128 +#define ROL(x, n) (((x) << (n)) | ((x) >> (32-(n))))
3129 +
3130 +/* the five basic functions F(), G() and H() */
3131 +#define F(x, y, z) ((x) ^ (y) ^ (z))
3132 +#define G(x, y, z) (((x) & (y)) | (~(x) & (z)))
3133 +#define H(x, y, z) (((x) | ~(y)) ^ (z))
3134 +#define I(x, y, z) (((x) & (z)) | ((y) & ~(z)))
3135 +#define J(x, y, z) ((x) ^ ((y) | ~(z)))
3136 +
3137 +/* the ten basic operations FF() through III() */
3138 +#define FF(a, b, c, d, e, x, s) {\
3139 + (a) += F((b), (c), (d)) + (x);\
3140 + (a) = ROL((a), (s)) + (e);\
3141 + (c) = ROL((c), 10);\
3142 + }
3143 +#define GG(a, b, c, d, e, x, s) {\
3144 + (a) += G((b), (c), (d)) + (x) + 0x5a827999UL;\
3145 + (a) = ROL((a), (s)) + (e);\
3146 + (c) = ROL((c), 10);\
3147 + }
3148 +#define HH(a, b, c, d, e, x, s) {\
3149 + (a) += H((b), (c), (d)) + (x) + 0x6ed9eba1UL;\
3150 + (a) = ROL((a), (s)) + (e);\
3151 + (c) = ROL((c), 10);\
3152 + }
3153 +#define II(a, b, c, d, e, x, s) {\
3154 + (a) += I((b), (c), (d)) + (x) + 0x8f1bbcdcUL;\
3155 + (a) = ROL((a), (s)) + (e);\
3156 + (c) = ROL((c), 10);\
3157 + }
3158 +#define JJ(a, b, c, d, e, x, s) {\
3159 + (a) += J((b), (c), (d)) + (x) + 0xa953fd4eUL;\
3160 + (a) = ROL((a), (s)) + (e);\
3161 + (c) = ROL((c), 10);\
3162 + }
3163 +#define FFF(a, b, c, d, e, x, s) {\
3164 + (a) += F((b), (c), (d)) + (x);\
3165 + (a) = ROL((a), (s)) + (e);\
3166 + (c) = ROL((c), 10);\
3167 + }
3168 +#define GGG(a, b, c, d, e, x, s) {\
3169 + (a) += G((b), (c), (d)) + (x) + 0x7a6d76e9UL;\
3170 + (a) = ROL((a), (s)) + (e);\
3171 + (c) = ROL((c), 10);\
3172 + }
3173 +#define HHH(a, b, c, d, e, x, s) {\
3174 + (a) += H((b), (c), (d)) + (x) + 0x6d703ef3UL;\
3175 + (a) = ROL((a), (s)) + (e);\
3176 + (c) = ROL((c), 10);\
3177 + }
3178 +#define III(a, b, c, d, e, x, s) {\
3179 + (a) += I((b), (c), (d)) + (x) + 0x5c4dd124UL;\
3180 + (a) = ROL((a), (s)) + (e);\
3181 + (c) = ROL((c), 10);\
3182 + }
3183 +#define JJJ(a, b, c, d, e, x, s) {\
3184 + (a) += J((b), (c), (d)) + (x) + 0x50a28be6UL;\
3185 + (a) = ROL((a), (s)) + (e);\
3186 + (c) = ROL((c), 10);\
3187 + }
3188 +
3189 +/********************************************************************/
3190 +
3191 +/* function prototypes */
3192 +
3193 +void MDinit(dword *MDbuf);
3194 +/*
3195 + * initializes MDbuffer to "magic constants"
3196 + */
3197 +
3198 +void compress(dword *MDbuf, dword *X);
3199 +/*
3200 + * the compression function.
3201 + * transforms MDbuf using message bytes X[0] through X[15]
3202 + */
3203 +
3204 +void MDfinish(dword *MDbuf, byte *strptr, dword lswlen, dword mswlen);
3205 +/*
3206 + * puts bytes from strptr into X and pad out; appends length
3207 + * and finally, compresses the last block(s)
3208 + * note: length in bits == 8 * (lswlen + 2^32 mswlen).
3209 + * note: there are (lswlen mod 64) bytes left in strptr.
3210 + */
3211 +
3212 +#endif /* RMD160H */
3213 +
3214 +/*********************** end of file rmd160.h ***********************/
3215 +
3216 --- /dev/null
3217 +++ b/net/rsa/rsa.c
3218 @@ -0,0 +1,303 @@
3219 +/*
3220 + * FONSM RSA handling library
3221 + *
3222 + * This file is part of FONUCS. Copyright (C) 2007 FON Wireless Ltd.
3223 + *
3224 + * This library is free software; you can redistribute it and/or modify
3225 + * it under the terms of the GNU Lesser General Public License as published by
3226 + * the Free Software Foundation; either version 2 of the License, or
3227 + * (at your option) any later version.
3228 + *
3229 + * This library is distributed in the hope that it will be useful,
3230 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
3231 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3232 + * GNU Lesser General Public License for more details.
3233 + *
3234 + * You should have received a copy of the GNU Lesser General Public License
3235 + * along with this library; if not, write to the Free Software
3236 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
3237 + *
3238 + * Created: 20070306 Pablo Martin Medrano <pablo@fon.com>
3239 + *
3240 + * Based on axTLS
3241 + *
3242 + * $Id: fonrsa.c 405 2007-09-19 15:26:17Z jesus.pico $
3243 + */
3244 +#include <malloc.h>
3245 +#include <common.h>
3246 +#include "rsa.h"
3247 +#include "rmd160.h"
3248 +#include "bigint.h"
3249 +#include "base64.h"
3250 +
3251 +#include "public_key.h"
3252 +
3253 +#define RMDsize 160 /* A RIPEMD-160 hash has 160 bits */
3254 +
3255 +typedef struct {
3256 + uint8_t *buffer;
3257 + size_t size;
3258 +} DER_key;
3259 +
3260 +typedef struct {
3261 + bigint *m; /* modulus */
3262 + bigint *e; /* public exponent */
3263 + int num_octets;
3264 + BI_CTX *bi_ctx; /* big integer handle */
3265 +} RSA_parameters;
3266 +
3267 +typedef struct {
3268 + DER_key *derkey;
3269 + RSA_parameters *rsaparms;
3270 +} RSA;
3271 +
3272 +static void CH_free_der_key(DER_key *key)
3273 +{
3274 + free(key->buffer);
3275 + free(key);
3276 +}
3277 +
3278 +int CH_decrypt(RSA_parameters *rsa, uint8_t *buffer_in, uint8_t *buffer_out)
3279 +{
3280 + bigint *dat_bi;
3281 + bigint *decrypted_bi;
3282 + int byte_size;
3283 +
3284 + byte_size = rsa->num_octets;
3285 + dat_bi = bi_import(rsa->bi_ctx, buffer_in, byte_size);
3286 + rsa->bi_ctx->mod_offset = BIGINT_M_OFFSET;
3287 + bi_copy(rsa->m);
3288 + decrypted_bi = bi_mod_power(rsa->bi_ctx, dat_bi, rsa->e);
3289 + bi_export(rsa->bi_ctx, decrypted_bi, buffer_out, byte_size);
3290 + return 0;
3291 +}
3292 +
3293 +byte *RMDbinary(char *buffer, int len)
3294 +{
3295 + byte data[1024]; /* contains current mess. block */
3296 + dword nbytes; /* length of this block */
3297 + dword MDbuf[RMDsize / 32]; /* contains (A, B, C, D(, E)) */
3298 + static byte hashcode[RMDsize / 8]; /* for final hash-value */
3299 + dword X[16]; /* current 16-word chunk */
3300 + unsigned int i, j; /* counters */
3301 + dword length[2]; /* length in bytes of message */
3302 + dword offset; /* # of unprocessed bytes at */
3303 + /* call of MDfinish */
3304 + int total = len;
3305 + char *tmp = buffer;
3306 + MDinit(MDbuf);
3307 + length[0] = 0;
3308 + length[1] = 0;
3309 + while ( len) {
3310 + memcpy(data, tmp, 1024);
3311 + if(len > 1024)
3312 + {
3313 + nbytes = 1024;
3314 + len -= 1024;
3315 + tmp += 1024;
3316 + } else {
3317 + nbytes = len;
3318 + len = 0;
3319 + }
3320 + /* process all complete blocks */
3321 + for (i = 0; i < (nbytes >> 6); i++) {
3322 + for (j = 0; j < 16; j++)
3323 + X[j] = BYTES_TO_DWORD(data + 64 * i + 4 * j);
3324 + compress(MDbuf, X);
3325 + }
3326 + /* update length[] */
3327 + if (length[0] + nbytes < length[0])
3328 + length[1]++; /* overflow to msb of length */
3329 + length[0] += nbytes;
3330 + }
3331 + /* finish: */
3332 + offset = length[0] & 0x3C0; /* extract bytes 6 to 10 inclusive */
3333 + MDfinish(MDbuf, data + offset, length[0], length[1]);
3334 +
3335 + for (i = 0; i < RMDsize / 8; i += 4) {
3336 + hashcode[i] = MDbuf[i >> 2];
3337 + hashcode[i + 1] = (MDbuf[i >> 2] >> 8);
3338 + hashcode[i + 2] = (MDbuf[i >> 2] >> 16);
3339 + hashcode[i + 3] = (MDbuf[i >> 2] >> 24);
3340 + }
3341 +
3342 + return (byte *) hashcode;
3343 +}
3344 +
3345 +static DER_key *CH_load_pem_key(void)
3346 +{
3347 + DER_key *ret;
3348 + uint8_t *buffer;
3349 + char *b64,*p,*t;
3350 + char key[1024];
3351 + size_t filesize;
3352 + int size;
3353 +
3354 + if ((ret = (DER_key *)malloc(sizeof(DER_key))) == NULL)
3355 + return NULL;
3356 + buffer = public_key;
3357 + p = (char *)buffer;
3358 + while ((*p != '\n') && (*p != '\0'))
3359 + p++;
3360 + if (*p == '\0') {
3361 + free(ret);
3362 + return NULL;
3363 + }
3364 + p++;
3365 + b64 = t = p;
3366 + while((p - b64) <= filesize) {
3367 + if ((*p == '-')) {
3368 + break;
3369 + } else if ((*p != '\n') && (*p != ' ') && (*p != '\t')) {
3370 + *t = *p;
3371 + t++;
3372 + }
3373 + p++;
3374 + }
3375 + *t = '\0';
3376 + size = B64_decode(b64, key, strlen(b64), 1024);
3377 + if (size < 0) {
3378 + free(buffer);
3379 + free(ret);
3380 + return NULL;
3381 + }
3382 + //free(buffer);
3383 + ret->buffer = (char *)malloc(size);
3384 + ret->size = size;
3385 + memcpy((void *)ret->buffer, (void *)key, size);
3386 + return ret;
3387 +}
3388 +
3389 +/*
3390 + * Similar to RSA_pub_key_new, rewritten to make this program depend only on bi module
3391 + */
3392 +void CH_pub_key_new(RSA_parameters **rsa, const uint8_t *modulus, int mod_len, const uint8_t *pub_exp, int pub_len)
3393 +{
3394 + RSA_parameters *rsa_parameters;
3395 +
3396 + BI_CTX *bi_ctx = bi_initialize();
3397 + *rsa = (RSA_parameters *)calloc(1, sizeof(RSA_parameters));
3398 + rsa_parameters = *rsa;
3399 + rsa_parameters->bi_ctx = bi_ctx;
3400 + rsa_parameters->num_octets = (mod_len & 0xFFF0);
3401 + rsa_parameters->m = bi_import(bi_ctx, modulus, mod_len);
3402 + bi_set_mod(bi_ctx, rsa_parameters->m, BIGINT_M_OFFSET);
3403 + rsa_parameters->e = bi_import(bi_ctx, pub_exp, pub_len);
3404 + bi_permanent(rsa_parameters->e);
3405 +}
3406 +
3407 +/*
3408 + * Get the public key specifics from an ASN.1 encoded file
3409 + * A function lacking in the exported axTLS API
3410 + *
3411 + * This is a really weird hack that only works with RSA public key
3412 + * files
3413 + */
3414 +static int asn1_get_public_key(const uint8_t *buf, int len, RSA_parameters **rsa_parameters)
3415 +{
3416 + uint8_t *modulus, *pub_exp;
3417 + int mod_len, pub_len;
3418 +
3419 + pub_len = 3;
3420 + mod_len = len - 37;
3421 + if (buf[0] != 0x30) {
3422 + return -1;
3423 + }
3424 +
3425 + pub_exp = (uint8_t *)malloc(3);
3426 + modulus = (uint8_t *)malloc(mod_len);
3427 + memcpy(modulus, buf + 32 , mod_len);
3428 + memcpy(pub_exp, buf + 34 + mod_len, 3);
3429 + if (mod_len <= 0 || pub_len <= 0 )
3430 + return -1;
3431 + CH_pub_key_new(rsa_parameters, modulus, mod_len, pub_exp, pub_len);
3432 +
3433 + free(modulus);
3434 + free(pub_exp);
3435 + return 0;
3436 +}
3437 +
3438 +
3439 +/* FR_init */
3440 +void *FR_init(void)
3441 +{
3442 + DER_key *derkey;
3443 + RSA_parameters *rsa_parameters;
3444 +
3445 + derkey = CH_load_pem_key();
3446 + if ((asn1_get_public_key(derkey->buffer, derkey->size, &rsa_parameters)) != 0) {
3447 + fprintf(stderr, "Error: Extracting public key from file\n");
3448 + return 0;
3449 + }
3450 + CH_free_der_key(derkey);
3451 + return (void *)rsa_parameters;
3452 +}
3453 +
3454 +FONRSA_ERROR FR_end(void *handle)
3455 +{
3456 + RSA_parameters *rsa_parameters = (RSA_parameters *)handle;
3457 +
3458 + free(rsa_parameters);
3459 + return FONRSA_OK;
3460 +}
3461 +
3462 +/*
3463 + *
3464 + * Implementation of PKCS 1.5 padding, borrowed from
3465 + * Tom's code (public domain)
3466 + */
3467 +
3468 +/* Standalone FR_verify_file */
3469 +FONRSA_ERROR FR_verify_file(void *handler, char *file_data, int file_len,
3470 + char *signature_buffer, int signature_size)
3471 +{
3472 + int j;
3473 + byte *hashcode;
3474 + byte hash[20];
3475 + uint8_t *decrypted;
3476 + RSA_parameters *rsa_parameters = (RSA_parameters *)handler;
3477 +
3478 + /* Calculates the RIPEMD-160 hash of the file */
3479 + hashcode = RMDbinary (file_data, file_len);
3480 +
3481 + if (rsa_parameters->num_octets != signature_size)
3482 + return FONRSA_SIZE;
3483 + decrypted = (uint8_t *)malloc(rsa_parameters->num_octets);
3484 + if (CH_decrypt(rsa_parameters, signature_buffer, decrypted)) {
3485 + printf("Error: Decrypting signature\n");
3486 + return FONRSA_VERIFICATION_FAILURE;
3487 + }
3488 + memcpy(hash, decrypted + 492, 20);
3489 + //free(decrypted);
3490 + //free(signature_buffer);
3491 + for (j = 0; j < RMDsize/8; j++) {
3492 + if (hash[j] != hashcode[j])
3493 + return FONRSA_VERIFICATION_FAILURE;
3494 + }
3495 + return FONRSA_OK;
3496 +}
3497 +
3498 +int rsa_check_signature(char *signature, int signature_len, char *buffer, int buffer_len)
3499 +{
3500 + FONRSA_ERROR fonrsa_error;
3501 + void *handle;
3502 + handle = FR_init();
3503 + if (handle == NULL) {
3504 + printf("Error loading keys\n");
3505 + return 1;
3506 + }
3507 + fonrsa_error = FR_verify_file(handle, buffer, buffer_len, signature, signature_len);
3508 + FR_end(handle);
3509 + switch (fonrsa_error) {
3510 + case FONRSA_OK:
3511 + printf("Verified OK\n");
3512 + return 0;
3513 + case FONRSA_VERIFICATION_FAILURE:
3514 + printf("Verification failure\n");
3515 + return 1;
3516 + default:
3517 + printf("Verification error\n");
3518 + return -1;
3519 + }
3520 +
3521 +}
3522 --- /dev/null
3523 +++ b/net/rsa/rsa.h
3524 @@ -0,0 +1,46 @@
3525 +/*
3526 + * FONSM RSA handling library, used by fonsmcd and foncheckrsa
3527 + *
3528 + * This file is part of FONUCS. Copyright (C) 2007 FON Wireless Ltd.
3529 + *
3530 + * This library is free software; you can redistribute it and/or modify
3531 + * it under the terms of the GNU Lesser General Public License as published by
3532 + * the Free Software Foundation; either version 2 of the License, or
3533 + * (at your option) any later version.
3534 + *
3535 + * This library is distributed in the hope that it will be useful,
3536 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
3537 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3538 + * GNU Lesser General Public License for more details.
3539 + *
3540 + * You should have received a copy of the GNU Lesser General Public License
3541 + * along with this library; if not, write to the Free Software
3542 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
3543 + *
3544 + * Created: 20070306 Pablo Martin Medrano <pablo@fon.com>
3545 + *
3546 + * $Id: fonrsa.h 404 2007-09-17 10:41:31Z jesus.pico $
3547 + */
3548 +#ifndef _FONRSA_H
3549 +#define _FONRSA_H
3550 +
3551 +#define MINIMUM_PADING_BYTES_PKCS_1_5 3
3552 +
3553 +typedef enum {
3554 + FONRSA_OK = 0,
3555 + FONRSA_VERIFICATION_FAILURE = 1,
3556 + FONRSA_OPENKEY = 2,
3557 + FONRSA_SIZE = 3,
3558 + FONRSA_LOADFILE = 4,
3559 + FONRSA_CRYPT = 5,
3560 + FONRSA_DECRYPT = 6,
3561 + FONRSA_SAVEFILE = 7,
3562 + FONRSA_NOSYS = 8,
3563 + FONRSA_VERIFY = 9
3564 +} FONRSA_ERROR;
3565 +
3566 +int rsa_check_signature(char *signature, int signature_len, char *buffer, int buffer_len);
3567 +
3568 +#endif
3569 +
3570 +
3571 --- /dev/null
3572 +++ b/net/rsa/sign.h
3573 @@ -0,0 +1,27 @@
3574 +/*
3575 + * Signature interface
3576 + *
3577 + * This file is part of FONUCS. Copyright (C) 2007 FON Wireless Ltd.
3578 + *
3579 + * Created: 20070417 Pablo Martín Medrano <pablo@fon.com>
3580 + *
3581 + * $Id: sign.h 389 2007-06-11 08:29:56Z pablo.martin $
3582 + */
3583 +#ifndef __SIGN_H__
3584 +#define __SIGN_H__
3585 +#ifdef __cplusplus
3586 + extern "C" {
3587 +#endif
3588 +
3589 +void SG_init(void);
3590 +void *SG_start(char *private_key_path, char *public_key_path);
3591 +void SG_stop(void *handle);
3592 +int SG_crypt(void *data, unsigned char *text, int size_text, unsigned char *crypted_text,
3593 + unsigned int crypted_text_buffer_size, int *crypted_size);
3594 +int SG_crypt_v2(void *data, unsigned char *text, int size_text, unsigned char *crypted_text,
3595 + unsigned int crypted_text_buffer_size, int *crypted_size);
3596 +#ifdef __cplusplus
3597 +}
3598 +#endif
3599 +#endif /* #ifdef __SIGN_H__ */
3600 +
3601 --- /dev/null
3602 +++ b/net/rsa/sign_openssl.c
3603 @@ -0,0 +1,437 @@
3604 +/*
3605 + * Signature using OpenSSL
3606 + *
3607 + * This file is part of FONUCS. Copyright (C) 2007 FON Wireless Ltd.
3608 + *
3609 + * Created: 20070417 Pablo Martín Medrano <pablo@fon.com>
3610 + *
3611 + * $Id: sign_openssl.c 346 2007-05-10 19:51:38Z pablo.martin $
3612 + */
3613 +/*
3614 + *
3615 + * How the RSA public and private key was generated
3616 + * To check .FON files
3617 + * openssl genrsa -out private_fon_rsa_key.pem 4096
3618 + * openssl rsa -in private_fon_rsa_key.pem -pubout -out public_fon_rsa_key.pem
3619 + *
3620 + * How the Status Manager public and private key was generated
3621 + * openssl genrsa -out private_sm_rsa_key.pem 2048
3622 + * openssl rsa -in private_sm_rsa_key.pem -pubout -out public_sm_rsa_key.pem
3623 + *
3624 + * How to sign using the RSA private key (This is what fonsign does)
3625 + * openssl dgst -rmd160 -sign private_fon_rsa_key.pem FILE > SIGNATURE
3626 + * How to verify using the RSA public key (This is what fonverify + foncheckrsa does)
3627 + * openssl dgst -rmd160 -verify public_fon_rsa_key.pem -signature SIGNATURE FILE
3628 + * Convert to DER file (to use it in La Fonera)
3629 + * openssl rsa -inform PEM -outform DER -pubin -in public_fon_rsa_key.pem -pubout -out public_fon_rsa_key.der
3630 + */
3631 +#include <openssl/rsa.h>
3632 +#include <openssl/ssl.h>
3633 +#include <openssl/bn.h>
3634 +#include <openssl/pem.h>
3635 +#include <openssl/evp.h>
3636 +#include <sys/stat.h>
3637 +#include <fcntl.h>
3638 +#ifndef __MAINTEST__
3639 +#include "log.h"
3640 +#else
3641 +#define fon_warning printf
3642 +#define fon_debug printf
3643 +#define fon_critical printf
3644 +#endif
3645 +#include "sign.h"
3646 +
3647 +typedef struct {
3648 + RSA *rsa;
3649 + int rsa_size;
3650 + EVP_PKEY *pkey;
3651 + int pkey_size;
3652 + RSA *public_rsa;
3653 + int public_rsa_size;
3654 + EVP_PKEY *public_pkey;
3655 + int public_pkey_size;
3656 +} Sign;
3657 +
3658 +typedef enum {
3659 + KEY_PUBLIC = 0,
3660 + KEY_PRIVATE
3661 +} KEY_TYPE;
3662 +
3663 +static EVP_PKEY *SG_load_key(char *key_path, KEY_TYPE type);
3664 +static unsigned char *load_file_in_buffer(char *path, int *size);
3665 +static int save_file_from_buffer(char *path, char *buffer, int size);
3666 +
3667 +void SG_init(void)
3668 +{
3669 + SSL_load_error_strings();
3670 + SSL_library_init();
3671 + OpenSSL_add_all_algorithms();
3672 + OpenSSL_add_all_ciphers();
3673 + OpenSSL_add_all_digests();
3674 +}
3675 +
3676 +static unsigned char *load_file_in_buffer(char *path, int *size)
3677 +{
3678 + char *buffer;
3679 + struct stat st;
3680 + int fd;
3681 +
3682 + if (stat(path, &st))
3683 + return NULL;
3684 + buffer = (char *)malloc(st.st_size);
3685 + if (buffer == NULL)
3686 + return NULL;
3687 + if ((fd = open(path, O_RDONLY)) == -1) {
3688 + free(buffer);
3689 + return NULL;
3690 + }
3691 + if (read(fd,buffer,st.st_size) != (ssize_t)st.st_size) {
3692 + free(buffer);