1 // SoftEther VPN Source Code - Stable Edition Repository 2 // Mayaqua Kernel 3 // 4 // SoftEther VPN Server, Client and Bridge are free software under the Apache License, Version 2.0. 5 // 6 // Copyright (c) Daiyuu Nobori. 7 // Copyright (c) SoftEther VPN Project, University of Tsukuba, Japan. 8 // Copyright (c) SoftEther Corporation. 9 // Copyright (c) all contributors on SoftEther VPN project in GitHub. 10 // 11 // All Rights Reserved. 12 // 13 // http://www.softether.org/ 14 // 15 // This stable branch is officially managed by Daiyuu Nobori, the owner of SoftEther VPN Project. 16 // Pull requests should be sent to the Developer Edition Master Repository on https://github.com/SoftEtherVPN/SoftEtherVPN 17 // 18 // License: The Apache License, Version 2.0 19 // https://www.apache.org/licenses/LICENSE-2.0 20 // 21 // DISCLAIMER 22 // ========== 23 // 24 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 25 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 26 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 27 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 28 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 29 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 30 // SOFTWARE. 31 // 32 // THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN, UNDER 33 // JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY, MERGE, PUBLISH, 34 // DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS SOFTWARE, THAT ANY 35 // JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS SOFTWARE OR ITS CONTENTS, 36 // AGAINST US (SOFTETHER PROJECT, SOFTETHER CORPORATION, DAIYUU NOBORI OR OTHER 37 // SUPPLIERS), OR ANY JURIDICAL DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND 38 // OF USING, COPYING, MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, 39 // AND/OR SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND 40 // CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO EXCLUSIVE 41 // JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO, JAPAN. YOU MUST WAIVE 42 // ALL DEFENSES OF LACK OF PERSONAL JURISDICTION AND FORUM NON CONVENIENS. 43 // PROCESS MAY BE SERVED ON EITHER PARTY IN THE MANNER AUTHORIZED BY APPLICABLE 44 // LAW OR COURT RULE. 45 // 46 // USE ONLY IN JAPAN. DO NOT USE THIS SOFTWARE IN ANOTHER COUNTRY UNLESS YOU HAVE 47 // A CONFIRMATION THAT THIS SOFTWARE DOES NOT VIOLATE ANY CRIMINAL LAWS OR CIVIL 48 // RIGHTS IN THAT PARTICULAR COUNTRY. USING THIS SOFTWARE IN OTHER COUNTRIES IS 49 // COMPLETELY AT YOUR OWN RISK. THE SOFTETHER VPN PROJECT HAS DEVELOPED AND 50 // DISTRIBUTED THIS SOFTWARE TO COMPLY ONLY WITH THE JAPANESE LAWS AND EXISTING 51 // CIVIL RIGHTS INCLUDING PATENTS WHICH ARE SUBJECTS APPLY IN JAPAN. OTHER 52 // COUNTRIES' LAWS OR CIVIL RIGHTS ARE NONE OF OUR CONCERNS NOR RESPONSIBILITIES. 53 // WE HAVE NEVER INVESTIGATED ANY CRIMINAL REGULATIONS, CIVIL LAWS OR 54 // INTELLECTUAL PROPERTY RIGHTS INCLUDING PATENTS IN ANY OF OTHER 200+ COUNTRIES 55 // AND TERRITORIES. BY NATURE, THERE ARE 200+ REGIONS IN THE WORLD, WITH 56 // DIFFERENT LAWS. IT IS IMPOSSIBLE TO VERIFY EVERY COUNTRIES' LAWS, REGULATIONS 57 // AND CIVIL RIGHTS TO MAKE THE SOFTWARE COMPLY WITH ALL COUNTRIES' LAWS BY THE 58 // PROJECT. EVEN IF YOU WILL BE SUED BY A PRIVATE ENTITY OR BE DAMAGED BY A 59 // PUBLIC SERVANT IN YOUR COUNTRY, THE DEVELOPERS OF THIS SOFTWARE WILL NEVER BE 60 // LIABLE TO RECOVER OR COMPENSATE SUCH DAMAGES, CRIMINAL OR CIVIL 61 // RESPONSIBILITIES. NOTE THAT THIS LINE IS NOT LICENSE RESTRICTION BUT JUST A 62 // STATEMENT FOR WARNING AND DISCLAIMER. 63 // 64 // READ AND UNDERSTAND THE 'WARNING.TXT' FILE BEFORE USING THIS SOFTWARE. 65 // SOME SOFTWARE PROGRAMS FROM THIRD PARTIES ARE INCLUDED ON THIS SOFTWARE WITH 66 // LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE 'THIRD_PARTY.TXT' FILE. 67 // 68 // 69 // SOURCE CODE CONTRIBUTION 70 // ------------------------ 71 // 72 // Your contribution to SoftEther VPN Project is much appreciated. 73 // Please send patches to us through GitHub. 74 // Read the SoftEther VPN Patch Acceptance Policy in advance: 75 // http://www.softether.org/5-download/src/9.patch 76 // 77 // 78 // DEAR SECURITY EXPERTS 79 // --------------------- 80 // 81 // If you find a bug or a security vulnerability please kindly inform us 82 // about the problem immediately so that we can fix the security problem 83 // to protect a lot of users around the world as soon as possible. 84 // 85 // Our e-mail address for security reports is: 86 // softether-vpn-security [at] softether.org 87 // 88 // Please note that the above e-mail address is not a technical support 89 // inquiry address. If you need technical assistance, please visit 90 // http://www.softether.org/ and ask your question on the users forum. 91 // 92 // Thank you for your cooperation. 93 // 94 // 95 // NO MEMORY OR RESOURCE LEAKS 96 // --------------------------- 97 // 98 // The memory-leaks and resource-leaks verification under the stress 99 // test has been passed before release this source code. 100 101 102 // Encrypt.h 103 // Header of Encrypt.c 104 105 #ifndef ENCRYPT_H 106 #define ENCRYPT_H 107 108 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) 109 #define USE_OPENSSL_AEAD_CHACHA20POLY1305 110 #endif 111 112 // Function of OpenSSL 113 void RAND_Init_For_SoftEther(); 114 void RAND_Free_For_SoftEther(); 115 116 117 118 // Constant 119 #define MIN_SIGN_HASH_SIZE (15 + SHA1_SIZE) 120 #define SIGN_HASH_SIZE (MIN_SIGN_HASH_SIZE) 121 122 #define DES_KEY_SIZE 8 // DES key size 123 #define DES_IV_SIZE 8 // DES IV size 124 #define DES_BLOCK_SIZE 8 // DES block size 125 #define DES3_KEY_SIZE (8 * 3) // 3DES key size 126 #define RSA_KEY_SIZE 128 // RSA key size 127 #define DH_KEY_SIZE 128 // DH key size 128 #define RSA_MIN_SIGN_HASH_SIZE (15 + SHA1_HASH_SIZE) // Minimum RSA hash size 129 #define RSA_SIGN_HASH_SIZE (RSA_MIN_SIGN_HASH_SIZE) // RSA hash size 130 #define MD5_HASH_SIZE 16 // MD5 hash size 131 #define SHA1_HASH_SIZE 20 // SHA-1 hash size 132 #define SHA1_BLOCK_SIZE 64 // SHA-1 block size 133 #define HMAC_SHA1_96_KEY_SIZE 20 // HMAC-SHA-1-96 key size 134 #define HMAC_SHA1_96_HASH_SIZE 12 // HMAC-SHA-1-96 hash size 135 #define HMAC_SHA1_SIZE (SHA1_HASH_SIZE) // HMAC-SHA-1 hash size 136 #define AES_IV_SIZE 16 // AES IV size 137 #define AES_MAX_KEY_SIZE 32 // Maximum AES key size 138 139 // RFC 8439: ChaCha20 and Poly1305 for IETF Protocols 140 #define AEAD_CHACHA20_POLY1305_MAC_SIZE 16 // MAC size 141 #define AEAD_CHACHA20_POLY1305_NONCE_SIZE 12 // Nonce size 142 #define AEAD_CHACHA20_POLY1305_KEY_SIZE 32 // Key size 143 144 // OpenSSL default cipher algorithms 145 #define OPENSSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2" 146 147 // IANA definitions taken from IKEv1 Phase 1 148 #define SHA1_160 2 149 #define SHA2_256 4 150 #define SHA2_384 5 151 #define SHA2_512 6 152 153 // HMAC block size 154 #define HMAC_BLOCK_SIZE 64 155 // The block size for sha-384 and sha-512 as defined by rfc4868 156 #define HMAC_BLOCK_SIZE_1024 128 157 #define HMAC_BLOCK_SIZE_MAX 512 158 159 #define DH_GROUP1_PRIME_768 \ 160 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ 161 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ 162 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ 163 "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF" 164 165 #define DH_GROUP2_PRIME_1024 \ 166 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ 167 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ 168 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ 169 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ 170 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" \ 171 "FFFFFFFFFFFFFFFF" 172 173 #define DH_GROUP5_PRIME_1536 \ 174 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ 175 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ 176 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ 177 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ 178 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ 179 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ 180 "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ 181 "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF" 182 183 #define DH_SIMPLE_160 "AEE7561459353C95DDA966AE1FD25D95CD46E935" 184 185 #define DH_SET_2048 \ 186 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ 187 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ 188 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ 189 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ 190 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ 191 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ 192 "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ 193 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ 194 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ 195 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ 196 "15728E5A8AACAA68FFFFFFFFFFFFFFFF" 197 198 #define DH_SET_3072 \ 199 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"\ 200 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"\ 201 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"\ 202 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"\ 203 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"\ 204 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"\ 205 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"\ 206 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"\ 207 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"\ 208 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"\ 209 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"\ 210 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"\ 211 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"\ 212 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"\ 213 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"\ 214 "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" 215 216 #define DH_SET_4096 \ 217 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ 218 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ 219 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ 220 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ 221 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ 222 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ 223 "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ 224 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ 225 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ 226 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ 227 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \ 228 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \ 229 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ 230 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ 231 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ 232 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" \ 233 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" \ 234 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" \ 235 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" \ 236 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" \ 237 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" \ 238 "FFFFFFFFFFFFFFFF" 239 240 // Macro 241 #define HASHED_DATA(p) (((UCHAR *)p) + 15) 242 243 // OpenSSL <1.1 Shims 244 #if OPENSSL_VERSION_NUMBER < 0x10100000L 245 # define EVP_PKEY_get0_RSA(obj) ((obj)->pkey.rsa) 246 # define EVP_PKEY_base_id(pkey) ((pkey)->type) 247 # define X509_get0_notBefore(x509) ((x509)->cert_info->validity->notBefore) 248 # define X509_get0_notAfter(x509) ((x509)->cert_info->validity->notAfter) 249 # define X509_get_serialNumber(x509) ((x509)->cert_info->serialNumber) 250 #endif 251 252 // Crypt context 253 struct CRYPT 254 { 255 struct rc4_key_st *Rc4Key; 256 }; 257 258 // Name in the certificate 259 struct NAME 260 { 261 wchar_t *CommonName; // CN 262 wchar_t *Organization; // O 263 wchar_t *Unit; // OU 264 wchar_t *Country; // C 265 wchar_t *State; // ST 266 wchar_t *Local; // L 267 }; 268 269 // Serial number 270 struct X_SERIAL 271 { 272 UINT size; 273 UCHAR *data; 274 }; 275 276 // Certificate 277 struct X 278 { 279 X509 *x509; 280 NAME *issuer_name; 281 NAME *subject_name; 282 bool root_cert; 283 UINT64 notBefore; 284 UINT64 notAfter; 285 X_SERIAL *serial; 286 bool do_not_free; 287 bool is_compatible_bit; 288 UINT bits; 289 bool has_basic_constraints; 290 char issuer_url[256]; 291 }; 292 293 // Key 294 struct K 295 { 296 EVP_PKEY *pkey; 297 bool private_key; 298 }; 299 300 // PKCS#12 301 struct P12 302 { 303 PKCS12 *pkcs12; 304 }; 305 306 // CEL 307 struct X_CRL 308 { 309 X509_CRL *Crl; 310 }; 311 312 // Constant 313 #define MD5_SIZE 16 314 #define SHA1_SIZE 20 315 #define SHA256_SIZE 32 316 #define SHA384_SIZE 48 317 #define SHA512_SIZE 64 318 319 // Key element of DES 320 struct DES_KEY_VALUE 321 { 322 struct DES_ks *KeySchedule; 323 UCHAR KeyValue[DES_KEY_SIZE]; 324 }; 325 326 // DES key 327 struct DES_KEY 328 { 329 DES_KEY_VALUE *k1, *k2, *k3; 330 }; 331 332 // AES key 333 struct AES_KEY_VALUE 334 { 335 struct aes_key_st *EncryptKey; 336 struct aes_key_st *DecryptKey; 337 UCHAR KeyValue[AES_MAX_KEY_SIZE]; 338 UINT KeySize; 339 }; 340 341 // DH 342 struct DH_CTX 343 { 344 struct dh_st *dh; 345 BUF *MyPublicKey; 346 BUF *MyPrivateKey; 347 UINT Size; 348 }; 349 350 // Cipher object 351 struct CIPHER 352 { 353 char Name[MAX_PATH]; 354 bool IsNullCipher; 355 const struct evp_cipher_st *Cipher; 356 struct evp_cipher_ctx_st *Ctx; 357 bool Encrypt; 358 UINT BlockSize, IvSize, KeySize; 359 }; 360 361 // Message digest object 362 struct MD 363 { 364 char Name[MAX_PATH]; 365 const struct evp_md_st *Md; 366 struct hmac_ctx_st *Ctx; 367 UINT Size; 368 }; 369 370 371 // Lock of the OpenSSL 372 extern LOCK **ssl_lock_obj; 373 374 // Function prototype 375 CRYPT *NewCrypt(void *key, UINT size); 376 void FreeCrypt(CRYPT *c); 377 void Encrypt(CRYPT *c, void *dst, void *src, UINT size); 378 void Hash(void *dst, void *src, UINT size, bool sha); 379 void HashSha1(void *dst, void *src, UINT size); 380 void HashSha256(void *dst, void *src, UINT size); 381 void HashMd4(void *dst, void *src, UINT size); 382 void HashMd4(void *dst, void *src, UINT size); 383 void InitCryptLibrary(); 384 void Rand(void *buf, UINT size); 385 void Rand128(void *buf); 386 UINT HashToUINT(void *data, UINT size); 387 UINT64 Rand64(); 388 UINT Rand32(); 389 USHORT Rand16(); 390 UCHAR Rand8(); 391 bool Rand1(); 392 UINT HashPtrToUINT(void *p); 393 394 void CertTest(); 395 BIO *BufToBio(BUF *b); 396 BUF *BioToBuf(BIO *bio); 397 BIO *NewBio(); 398 void FreeBio(BIO *bio); 399 X *BioToX(BIO *bio, bool text); 400 X *BufToX(BUF *b, bool text); 401 BUF *SkipBufBeforeString(BUF *b, char *str); 402 void FreeX509(X509 *x509); 403 void FreeX(X *x); 404 BIO *XToBio(X *x, bool text); 405 BUF *XToBuf(X *x, bool text); 406 K *BioToK(BIO *bio, bool private_key, bool text, char *password); 407 int PKeyPasswordCallbackFunction(char *buf, int bufsize, int verify, void *param); 408 void FreePKey(EVP_PKEY *pkey); 409 void FreeK(K *k); 410 K *BufToK(BUF *b, bool private_key, bool text, char *password); 411 bool IsEncryptedK(BUF *b, bool private_key); 412 bool IsBase64(BUF *b); 413 BIO *KToBio(K *k, bool text, char *password); 414 BUF *KToBuf(K *k, bool text, char *password); 415 X *FileToX(char *filename); 416 X *FileToXW(wchar_t *filename); 417 bool XToFile(X *x, char *filename, bool text); 418 bool XToFileW(X *x, wchar_t *filename, bool text); 419 K *FileToK(char *filename, bool private_key, char *password); 420 K *FileToKW(wchar_t *filename, bool private_key, char *password); 421 bool KToFile(K *k, char *filename, bool text, char *password); 422 bool KToFileW(K *k, wchar_t *filename, bool text, char *password); 423 bool CheckXandK(X *x, K *k); 424 bool CompareX(X *x1, X *x2); 425 NAME *X509NameToName(void *xn); 426 wchar_t *GetUniStrFromX509Name(void *xn, int nid); 427 void LoadXNames(X *x); 428 void FreeXNames(X *x); 429 void FreeName(NAME *n); 430 bool CompareName(NAME *n1, NAME *n2); 431 K *GetKFromX(X *x); 432 bool CheckSignature(X *x, K *k); 433 X *X509ToX(X509 *x509); 434 bool CheckX(X *x, X *x_issuer); 435 bool CheckXEx(X *x, X *x_issuer, bool check_name, bool check_date); 436 bool Asn1TimeToSystem(SYSTEMTIME *s, void *asn1_time); 437 bool StrToSystem(SYSTEMTIME *s, char *str); 438 UINT64 Asn1TimeToUINT64(void *asn1_time); 439 bool SystemToAsn1Time(void *asn1_time, SYSTEMTIME *s); 440 bool UINT64ToAsn1Time(void *asn1_time, UINT64 t); 441 bool SystemToStr(char *str, UINT size, SYSTEMTIME *s); 442 void LoadXDates(X *x); 443 bool CheckXDate(X *x, UINT64 current_system_time); 444 bool CheckXDateNow(X *x); 445 NAME *NewName(wchar_t *common_name, wchar_t *organization, wchar_t *unit, 446 wchar_t *country, wchar_t *state, wchar_t *local); 447 void *NameToX509Name(NAME *nm); 448 void FreeX509Name(void *xn); 449 bool AddX509Name(void *xn, int nid, wchar_t *str); 450 X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial); 451 X *NewRootX(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial); 452 X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial); 453 X *NewX(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial); 454 UINT GetDaysUntil2038(); 455 UINT GetDaysUntil2038Ex(); 456 X_SERIAL *NewXSerial(void *data, UINT size); 457 void FreeXSerial(X_SERIAL *serial); 458 char *ByteToStr(BYTE *src, UINT src_size); 459 P12 *BioToP12(BIO *bio); 460 P12 *PKCS12ToP12(PKCS12 *pkcs12); 461 P12 *BufToP12(BUF *b); 462 BIO *P12ToBio(P12 *p12); 463 BUF *P12ToBuf(P12 *p12); 464 void FreePKCS12(PKCS12 *pkcs12); 465 void FreeP12(P12 *p12); 466 P12 *FileToP12(char *filename); 467 P12 *FileToP12W(wchar_t *filename); 468 bool P12ToFile(P12 *p12, char *filename); 469 bool P12ToFileW(P12 *p12, wchar_t *filename); 470 bool ParseP12(P12 *p12, X **x, K **k, char *password); 471 bool IsEncryptedP12(P12 *p12); 472 P12 *NewP12(X *x, K *k, char *password); 473 X *CloneX(X *x); 474 K *CloneK(K *k); 475 void FreeCryptLibrary(); 476 void GetPrintNameFromX(wchar_t *str, UINT size, X *x); 477 void GetPrintNameFromXA(char *str, UINT size, X *x); 478 void GetPrintNameFromName(wchar_t *str, UINT size, NAME *name); 479 void GetAllNameFromX(wchar_t *str, UINT size, X *x); 480 void GetAllNameFromA(char *str, UINT size, X *x); 481 void GetAllNameFromName(wchar_t *str, UINT size, NAME *name); 482 void GetAllNameFromNameEx(wchar_t *str, UINT size, NAME *name); 483 void GetAllNameFromXEx(wchar_t *str, UINT size, X *x); 484 void GetAllNameFromXExA(char *str, UINT size, X *x); 485 BUF *BigNumToBuf(const BIGNUM *bn); 486 BIGNUM *BinToBigNum(void *data, UINT size); 487 BIGNUM *BufToBigNum(BUF *b); 488 char *BigNumToStr(BIGNUM *bn); 489 X_SERIAL *CloneXSerial(X_SERIAL *src); 490 bool CompareXSerial(X_SERIAL *s1, X_SERIAL *s2); 491 void GetXDigest(X *x, UCHAR *buf, bool sha1); 492 NAME *CopyName(NAME *n); 493 494 495 bool RsaGen(K **priv, K **pub, UINT bit); 496 bool RsaCheck(); 497 bool RsaCheckEx(); 498 bool RsaPublicEncrypt(void *dst, void *src, UINT size, K *k); 499 bool RsaPrivateDecrypt(void *dst, void *src, UINT size, K *k); 500 bool RsaPrivateEncrypt(void *dst, void *src, UINT size, K *k); 501 bool RsaPublicDecrypt(void *dst, void *src, UINT size, K *k); 502 bool RsaSign(void *dst, void *src, UINT size, K *k); 503 bool RsaSignEx(void *dst, void *src, UINT size, K *k, UINT bits); 504 bool HashForSign(void *dst, UINT dst_size, void *src, UINT src_size); 505 bool RsaVerify(void *data, UINT data_size, void *sign, K *k); 506 bool RsaVerifyEx(void *data, UINT data_size, void *sign, K *k, UINT bits); 507 UINT RsaPublicSize(K *k); 508 void RsaPublicToBin(K *k, void *data); 509 BUF *RsaPublicToBuf(K *k); 510 K *RsaBinToPublic(void *data, UINT size); 511 512 DES_KEY_VALUE *DesNewKeyValue(void *value); 513 DES_KEY_VALUE *DesRandKeyValue(); 514 void DesFreeKeyValue(DES_KEY_VALUE *v); 515 DES_KEY *Des3NewKey(void *k1, void *k2, void *k3); 516 void Des3FreeKey(DES_KEY *k); 517 DES_KEY *DesNewKey(void *k1); 518 void DesFreeKey(DES_KEY *k); 519 DES_KEY *Des3RandKey(); 520 DES_KEY *DesRandKey(); 521 void Des3Encrypt(void *dest, void *src, UINT size, DES_KEY *key, void *ivec); 522 void Des3Encrypt2(void *dest, void *src, UINT size, DES_KEY_VALUE *k1, DES_KEY_VALUE *k2, DES_KEY_VALUE *k3, void *ivec); 523 void Des3Decrypt(void *dest, void *src, UINT size, DES_KEY *key, void *ivec); 524 void Des3Decrypt2(void *dest, void *src, UINT size, DES_KEY_VALUE *k1, DES_KEY_VALUE *k2, DES_KEY_VALUE *k3, void *ivec); 525 void Sha(UINT sha_type, void *dst, void *src, UINT size); 526 void Sha1(void *dst, void *src, UINT size); 527 void Sha2_256(void *dst, void *src, UINT size); 528 void Sha2_384(void *dst, void *src, UINT size); 529 void Sha2_512(void *dst, void *src, UINT size); 530 531 void Md5(void *dst, void *src, UINT size); 532 void MacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size); 533 void MacSha196(void *dst, void *key, void *data, UINT data_size); 534 void DesEncrypt(void *dest, void *src, UINT size, DES_KEY_VALUE *k, void *ivec); 535 void DesDecrypt(void *dest, void *src, UINT size, DES_KEY_VALUE *k, void *ivec); 536 void DesEcbEncrypt(void *dst, void *src, void *key_7bytes); 537 538 bool DhCompute(DH_CTX *dh, void *dst_priv_key, void *src_pub_key, UINT key_size); 539 DH_CTX *DhNewGroup1(); 540 DH_CTX *DhNewGroup2(); 541 DH_CTX *DhNewGroup5(); 542 DH_CTX *DhNewSimple160(); 543 DH_CTX *DhNew2048(); 544 DH_CTX *DhNew3072(); 545 DH_CTX *DhNew4096(); 546 DH_CTX *DhNew(char *prime, UINT g); 547 void DhFree(DH_CTX *dh); 548 BUF *DhToBuf(DH_CTX *dh); 549 550 AES_KEY_VALUE *AesNewKey(void *data, UINT size); 551 void AesFreeKey(AES_KEY_VALUE *k); 552 void AesEncrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec); 553 void AesDecrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec); 554 555 bool IsIntelAesNiSupported(); 556 void CheckIfIntelAesNiSupportedInit(); 557 558 #ifdef USE_INTEL_AESNI_LIBRARY 559 void AesEncryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec); 560 void AesDecryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec); 561 #endif // USE_INTEL_AESNI_LIBRARY 562 563 void OpenSSL_InitLock(); 564 void OpenSSL_FreeLock(); 565 void OpenSSL_Lock(int mode, int n, const char *file, int line); 566 unsigned long OpenSSL_Id(void); 567 void FreeOpenSSLThreadState(); 568 569 CIPHER *NewCipher(char *name); 570 void FreeCipher(CIPHER *c); 571 void SetCipherKey(CIPHER *c, void *key, bool enc); 572 UINT CipherProcess(CIPHER *c, void *iv, void *dest, void *src, UINT size); 573 574 MD *NewMd(char *name); 575 void FreeMd(MD *md); 576 void SetMdKey(MD *md, void *key, UINT key_size); 577 void MdProcess(MD *md, void *dest, void *src, UINT size); 578 void Enc_tls1_PRF(unsigned char *label, int label_len, const unsigned char *sec, 579 int slen, unsigned char *out1, int olen); 580 581 void HMacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size); 582 void HMacMd5(void *dst, void *key, UINT key_size, void *data, UINT data_size); 583 584 BUF *EasyEncrypt(BUF *src_buf); 585 BUF *EasyDecrypt(BUF *src_buf); 586 587 void DisableIntelAesAccel(); 588 589 int GetSslClientCertIndex(); 590 591 void Aead_ChaCha20Poly1305_Ietf_Encrypt_Embedded(void *dst, void *src, UINT src_size, void *key, void *nonce, void *aad, UINT aad_size); 592 bool Aead_ChaCha20Poly1305_Ietf_Decrypt_Embedded(void *dst, void *src, UINT src_size, void *key, void *nonce, void *aad, UINT aad_size); 593 594 void Aead_ChaCha20Poly1305_Ietf_Encrypt_OpenSSL(void *dst, void *src, UINT src_size, void *key, void *nonce, void *aad, UINT aad_size); 595 bool Aead_ChaCha20Poly1305_Ietf_Decrypt_OpenSSL(void *dst, void *src, UINT src_size, void *key, void *nonce, void *aad, UINT aad_size); 596 597 void Aead_ChaCha20Poly1305_Ietf_Encrypt(void *dst, void *src, UINT src_size, void *key, void *nonce, void *aad, UINT aad_size); 598 bool Aead_ChaCha20Poly1305_Ietf_Decrypt(void *dst, void *src, UINT src_size, void *key, void *nonce, void *aad, UINT aad_size); 599 600 bool Aead_ChaCha20Poly1305_Ietf_IsOpenSSL(); 601 602 void Aead_ChaCha20Poly1305_Ietf_Test(); 603 604 605 #ifdef ENCRYPT_C 606 // Inner function 607 608 609 #endif // ENCRYPT_C 610 611 #endif // ENCRYPT_H 612 613