diff --git a/configure.ac b/configure.ac index 7b36adfed..842b83e0d 100644 --- a/configure.ac +++ b/configure.ac @@ -341,6 +341,26 @@ fi AM_CONDITIONAL([BUILD_AESNI], [test "x$ENABLED_AESNI" = "xyes"]) +# MD2 +AC_ARG_ENABLE(md2, + [ --enable-md2 Enable CyaSSL MD2 support (default: disabled)], + [ ENABLED_MD2=$enableval ], + [ ENABLED_MD2=no ] + ) + +if test "$ENABLED_BUMP" = "yes" +then + ENABLED_MD2="yes" +fi + +if test "$ENABLED_MD2" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DCYASSL_MD2" +fi + +AM_CONDITIONAL([BUILD_MD2], [test "x$ENABLED_MD2" = "xyes"]) + + # RIPEMD AC_ARG_ENABLE(ripemd, [ --enable-ripemd Enable CyaSSL RIPEMD-160 support (default: disabled)], diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index bcfd5bfc3..fc0b60ca1 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -32,6 +32,7 @@ #include #include #include +#include #include #include #include @@ -1950,6 +1951,16 @@ static int ConfirmSignature(const byte* buf, word32 bufSz, typeH = MD5h; digestSz = MD5_DIGEST_SIZE; } +#ifdef CYASSL_MD2 + else if (sigOID == CTC_MD2wRSA) { + Md2 md2; + InitMd2(&md2); + Md2Update(&md2, buf, bufSz); + Md2Final(&md2, digest); + typeH = MD2h; + digestSz = MD2_DIGEST_SIZE; + } +#endif else if (sigOID == CTC_SHAwRSA || sigOID == CTC_SHAwDSA || sigOID == CTC_SHAwECDSA) { diff --git a/ctaocrypt/src/md2.c b/ctaocrypt/src/md2.c new file mode 100644 index 000000000..0c1bb9c38 --- /dev/null +++ b/ctaocrypt/src/md2.c @@ -0,0 +1,129 @@ +/* md2.c + * + * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +#ifdef HAVE_CONFIG_H + #include +#endif + +#ifdef CYASSL_MD2 + +#include +#ifdef NO_INLINE + #include +#else + #include +#endif + + +void InitMd2(Md2* md2) +{ + XMEMSET(md2->X, 0, MD2_X_SIZE); + XMEMSET(md2->C, 0, MD2_BLOCK_SIZE); + XMEMSET(md2->buffer, 0, MD2_BLOCK_SIZE); + md2->count = 0; +} + + +void Md2Update(Md2* md2, const byte* data, word32 len) +{ + static const byte S[256] = + { + 41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6, + 19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188, + 76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24, + 138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251, + 245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63, + 148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50, + 39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165, + 181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210, + 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157, + 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27, + 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15, + 85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197, + 234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65, + 129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123, + 8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233, + 203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228, + 166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237, + 31, 26, 219, 153, 141, 51, 159, 17, 131, 20 + }; + + while (len) { + word32 L = (MD2_PAD_SIZE - md2->count) < len ? + (MD2_PAD_SIZE - md2->count) : len; + XMEMCPY(md2->buffer + md2->count, data, L); + md2->count += L; + data += L; + len -= L; + + if (md2->count == MD2_PAD_SIZE) { + int i; + byte t; + + md2->count = 0; + XMEMCPY(md2->X + MD2_PAD_SIZE, md2->buffer, MD2_PAD_SIZE); + t = md2->C[15]; + + for(i = 0; i < MD2_PAD_SIZE; i++) { + md2->X[32 + i] = md2->X[MD2_PAD_SIZE + i] ^ md2->X[i]; + t = md2->C[i] ^= S[md2->buffer[i] ^ t]; + } + + t=0; + for(i = 0; i < 18; i++) { + int j; + for(j = 0; j < MD2_X_SIZE; j += 8) { + t = md2->X[j+0] ^= S[t]; + t = md2->X[j+1] ^= S[t]; + t = md2->X[j+2] ^= S[t]; + t = md2->X[j+3] ^= S[t]; + t = md2->X[j+4] ^= S[t]; + t = md2->X[j+5] ^= S[t]; + t = md2->X[j+6] ^= S[t]; + t = md2->X[j+7] ^= S[t]; + } + t = (t + i) & 0xFF; + } + } + } +} + + +void Md2Final(Md2* md2, byte* hash) +{ + byte padding[MD2_BLOCK_SIZE]; + word32 padLen = MD2_PAD_SIZE - md2->count; + word32 i; + + for (i = 0; i < padLen; i++) + padding[i] = (byte)padLen; + + Md2Update(md2, padding, padLen); + Md2Update(md2, md2->C, MD2_BLOCK_SIZE); + + XMEMCPY(hash, md2->X, MD2_DIGEST_SIZE); + + InitMd2(md2); +} + + +#endif /* CYASSL_MD2 */ diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 8dcb5cd4b..7dfd46e91 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -32,6 +32,7 @@ #else #include #endif +#include #include #include #include @@ -86,6 +87,7 @@ typedef struct testVector { size_t outLen; } testVector; +int md2_test(); int md5_test(); int md4_test(); int sha_test(); @@ -149,6 +151,13 @@ void ctaocrypt_test(void* args) else printf( "MD5 test passed!\n"); +#ifdef CYASSL_MD2 + if ( (ret = md2_test()) ) + err_sys("MD2 test failed!\n", ret); + else + printf( "MD2 test passed!\n"); +#endif + #ifndef NO_MD4 if ( (ret = md4_test()) ) err_sys("MD4 test failed!\n", ret); @@ -309,6 +318,83 @@ void ctaocrypt_test(void* args) #endif /* NO_MAIN_DRIVER */ +#ifdef CYASSL_MD2 +int md2_test() +{ + Md2 md2; + byte hash[MD2_DIGEST_SIZE]; + + testVector a, b, c, d, e, f, g; + testVector test_md2[7]; + int times = sizeof(test_md2) / sizeof(testVector), i; + + a.input = ""; + a.output = "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69" + "\x27\x73"; + a.inLen = strlen(a.input); + a.outLen = strlen(a.output); + + b.input = "a"; + b.output = "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0" + "\xb5\xd1"; + b.inLen = strlen(b.input); + b.outLen = strlen(b.output); + + c.input = "abc"; + c.output = "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde" + "\xd6\xbb"; + c.inLen = strlen(c.input); + c.outLen = strlen(c.output); + + d.input = "message digest"; + d.output = "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe" + "\x06\xb0"; + d.inLen = strlen(d.input); + d.outLen = strlen(d.output); + + e.input = "abcdefghijklmnopqrstuvwxyz"; + e.output = "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47" + "\x94\x0b"; + e.inLen = strlen(e.input); + e.outLen = strlen(e.output); + + f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" + "6789"; + f.output = "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03" + "\x38\xcd"; + f.inLen = strlen(f.input); + f.outLen = strlen(f.output); + + g.input = "1234567890123456789012345678901234567890123456789012345678" + "9012345678901234567890"; + g.output = "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3" + "\xef\xd8"; + g.inLen = strlen(g.input); + g.outLen = strlen(g.output); + + test_md2[0] = a; + test_md2[1] = b; + test_md2[2] = c; + test_md2[3] = d; + test_md2[4] = e; + test_md2[5] = f; + test_md2[6] = g; + + InitMd2(&md2); + + for (i = 0; i < times; ++i) { + Md2Update(&md2, (byte*)test_md2[i].input, (word32)test_md2[i].inLen); + Md2Final(&md2, hash); + + if (memcmp(hash, test_md2[i].output, MD2_DIGEST_SIZE) != 0) + return -155 - i; + } + + return 0; +} +#endif + + int md5_test() { Md5 md5; diff --git a/cyassl/ctaocrypt/include.am b/cyassl/ctaocrypt/include.am index a268bb95f..6b27ff13b 100644 --- a/cyassl/ctaocrypt/include.am +++ b/cyassl/ctaocrypt/include.am @@ -15,6 +15,7 @@ nobase_include_HEADERS+= \ cyassl/ctaocrypt/hc128.h \ cyassl/ctaocrypt/hmac.h \ cyassl/ctaocrypt/integer.h \ + cyassl/ctaocrypt/md2.h \ cyassl/ctaocrypt/md4.h \ cyassl/ctaocrypt/md5.h \ cyassl/ctaocrypt/misc.h \ diff --git a/cyassl/ctaocrypt/md2.h b/cyassl/ctaocrypt/md2.h new file mode 100644 index 000000000..a57a92fb0 --- /dev/null +++ b/cyassl/ctaocrypt/md2.h @@ -0,0 +1,64 @@ +/* md2.h + * + * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +#ifdef CYASSL_MD2 + +#ifndef CTAO_CRYPT_MD2_H +#define CTAO_CRYPT_MD2_H + +#include + +#ifdef __cplusplus + extern "C" { +#endif + + +/* in bytes */ +enum { + MD2 = 6, /* hash type unique */ + MD2_BLOCK_SIZE = 16, + MD2_DIGEST_SIZE = 16, + MD2_PAD_SIZE = 16, + MD2_X_SIZE = 48 +}; + + +/* Md2 digest */ +typedef struct Md2 { + word32 count; /* bytes % PAD_SIZE */ + byte X[MD2_X_SIZE]; + byte C[MD2_BLOCK_SIZE]; + byte buffer[MD2_BLOCK_SIZE]; +} Md2; + + +CYASSL_API void InitMd2(Md2*); +CYASSL_API void Md2Update(Md2*, const byte*, word32); +CYASSL_API void Md2Final(Md2*, byte*); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* CTAO_CRYPT_MD2_H */ +#endif /* CYASSL_MD2 */ diff --git a/src/include.am b/src/include.am index 60037f766..c6ce57491 100644 --- a/src/include.am +++ b/src/include.am @@ -36,6 +36,10 @@ if BUILD_AESNI src_libcyassl_la_SOURCES += ctaocrypt/src/aes_asm.s endif +if BUILD_MD2 +src_libcyassl_la_SOURCES += ctaocrypt/src/md2.c +endif + if BUILD_RIPEMD src_libcyassl_la_SOURCES += ctaocrypt/src/ripemd.c endif