47#if !defined(MBEDTLS_CONFIG_FILE)
50#include MBEDTLS_CONFIG_FILE
53#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
65#if defined(MBEDTLS_PLATFORM_C)
69#define mbedtls_calloc calloc
70#define mbedtls_free free
73#if defined(MBEDTLS_PEM_PARSE_C)
74void mbedtls_pem_init( mbedtls_pem_context *
ctx )
76 memset(
ctx, 0,
sizeof( mbedtls_pem_context ) );
79#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
80 ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
84static int pem_get_iv(
const unsigned char *
s,
unsigned char *iv,
91 for(
i = 0;
i < iv_len * 2;
i++,
s++ )
93 if( *
s >=
'0' && *
s <=
'9' )
j = *
s -
'0';
else
94 if( *
s >=
'A' && *
s <=
'F' )
j = *
s -
'7';
else
95 if( *
s >=
'a' && *
s <=
'f' )
j = *
s -
'W';
else
98 k = ( (
i & 1 ) != 0 ) ?
j :
j << 4;
100 iv[
i >> 1] = (
unsigned char)( iv[
i >> 1] |
k );
106static int pem_pbkdf1(
unsigned char *
key,
size_t keylen,
108 const unsigned char *
pwd,
size_t pwdlen )
111 unsigned char md5sum[16];
153 use_len = keylen - 16;
164#if defined(MBEDTLS_DES_C)
168static int pem_des_decrypt(
unsigned char des_iv[8],
169 unsigned char *
buf,
size_t buflen,
170 const unsigned char *
pwd,
size_t pwdlen )
178 if( (
ret = pem_pbkdf1(
des_key, 8, des_iv,
pwd, pwdlen ) ) != 0 )
196static int pem_des3_decrypt(
unsigned char des3_iv[8],
197 unsigned char *
buf,
size_t buflen,
198 const unsigned char *
pwd,
size_t pwdlen )
206 if( (
ret = pem_pbkdf1(
des3_key, 24, des3_iv,
pwd, pwdlen ) ) != 0 )
222#if defined(MBEDTLS_AES_C)
226static int pem_aes_decrypt(
unsigned char aes_iv[16],
unsigned int keylen,
227 unsigned char *
buf,
size_t buflen,
228 const unsigned char *
pwd,
size_t pwdlen )
236 if( (
ret = pem_pbkdf1(
aes_key, keylen, aes_iv,
pwd, pwdlen ) ) != 0 )
255int mbedtls_pem_read_buffer( mbedtls_pem_context *
ctx,
const char *
header,
const char *footer,
256 const unsigned char *
data,
const unsigned char *
pwd,
257 size_t pwdlen,
size_t *use_len )
262 const unsigned char *
s1, *
s2, *
end;
263#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
264 ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
265 unsigned char pem_iv[16];
281 s2 = (
unsigned char *)
strstr( (
const char *)
data, footer );
287 if( *
s1 ==
' ' )
s1++;
288 if( *
s1 ==
'\r' )
s1++;
289 if( *
s1 ==
'\n' )
s1++;
301 if(
s2 -
s1 >= 22 &&
memcmp(
s1,
"Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
303#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
304 ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
308 if( *
s1 ==
'\r' )
s1++;
309 if( *
s1 ==
'\n' )
s1++;
313#if defined(MBEDTLS_DES_C)
314 if(
s2 -
s1 >= 23 &&
memcmp(
s1,
"DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
319 if(
s2 -
s1 < 16 || pem_get_iv(
s1, pem_iv, 8 ) != 0 )
324 else if(
s2 -
s1 >= 18 &&
memcmp(
s1,
"DEK-Info: DES-CBC,", 18 ) == 0 )
329 if(
s2 -
s1 < 16 || pem_get_iv(
s1, pem_iv, 8) != 0 )
336#if defined(MBEDTLS_AES_C)
337 if(
s2 -
s1 >= 14 &&
memcmp(
s1,
"DEK-Info: AES-", 14 ) == 0 )
341 else if(
memcmp(
s1,
"DEK-Info: AES-128-CBC,", 22 ) == 0 )
343 else if(
memcmp(
s1,
"DEK-Info: AES-192-CBC,", 22 ) == 0 )
345 else if(
memcmp(
s1,
"DEK-Info: AES-256-CBC,", 22 ) == 0 )
351 if(
s2 -
s1 < 32 || pem_get_iv(
s1, pem_iv, 16 ) != 0 )
361 if( *
s1 ==
'\r' )
s1++;
362 if( *
s1 ==
'\n' )
s1++;
390#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
391 ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
401#if defined(MBEDTLS_DES_C)
403 ret = pem_des3_decrypt( pem_iv,
buf,
len,
pwd, pwdlen );
408#if defined(MBEDTLS_AES_C)
410 ret = pem_aes_decrypt( pem_iv, 16,
buf,
len,
pwd, pwdlen );
412 ret = pem_aes_decrypt( pem_iv, 24,
buf,
len,
pwd, pwdlen );
414 ret = pem_aes_decrypt( pem_iv, 32,
buf,
len,
pwd, pwdlen );
429 if(
len <= 2 ||
buf[0] != 0x30 ||
buf[1] > 0x83 )
449void mbedtls_pem_free( mbedtls_pem_context *
ctx )
462#if defined(MBEDTLS_PEM_WRITE_C)
463int mbedtls_pem_write_buffer(
const char *
header,
const char *footer,
464 const unsigned char *der_data,
size_t der_len,
465 unsigned char *
buf,
size_t buf_len,
size_t *olen )
468 unsigned char *encode_buf =
NULL, *
c, *
p =
buf;
469 size_t len = 0, use_len, add_len = 0;
474 if( use_len + add_len > buf_len )
476 *olen = use_len + add_len;
497 len = ( use_len > 64 ) ? 64 : use_len;
512 memset(
buf + *olen, 0, buf_len - *olen );
char * strstr(char *String1, char *String2)
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
ACPI_SIZE strlen(const char *String)
This file contains AES definitions and functions.
int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits)
This function sets the decryption key.
int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx, int mode, size_t length, unsigned char iv[16], const unsigned char *input, unsigned char *output)
This function performs an AES-CBC encryption or decryption operation on full blocks.
void mbedtls_aes_init(mbedtls_aes_context *ctx)
This function initializes the specified AES context.
#define MBEDTLS_AES_DECRYPT
void mbedtls_aes_free(mbedtls_aes_context *ctx)
This function releases and clears the specified AES context.
RFC 1521 base64 encoding/decoding.
int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen, const unsigned char *src, size_t slen)
Decode a base64-formatted buffer.
int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen, const unsigned char *src, size_t slen)
Encode a buffer into base64 format.
#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER
#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
void pwd(int argc, const char *argv[])
This file contains an abstraction interface for use with the cipher primitives provided by the librar...
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
@ MBEDTLS_CIPHER_DES_EDE3_CBC
@ MBEDTLS_CIPHER_AES_128_CBC
@ MBEDTLS_CIPHER_AES_192_CBC
@ MBEDTLS_CIPHER_AES_256_CBC
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
GLenum GLuint GLenum GLsizei const GLchar * buf
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
#define memcpy(s1, s2, n)
Privacy Enhanced Mail (PEM) decoding.
#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG
#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE
#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA
#define MBEDTLS_ERR_PEM_INVALID_ENC_IV
#define MBEDTLS_ERR_PEM_INVALID_DATA
#define MBEDTLS_ERR_PEM_ALLOC_FAILED
#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT
#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED
#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH
Configuration options (set of defines)
void mbedtls_des_init(mbedtls_des_context *ctx)
Initialize DES context.
int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE])
DES key schedule (56-bit, decryption)
void mbedtls_des3_free(mbedtls_des3_context *ctx)
Clear Triple-DES context.
int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx, int mode, size_t length, unsigned char iv[8], const unsigned char *input, unsigned char *output)
3DES-CBC buffer encryption/decryption
int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx, int mode, size_t length, unsigned char iv[8], const unsigned char *input, unsigned char *output)
DES-CBC buffer encryption/decryption.
void mbedtls_des3_init(mbedtls_des3_context *ctx)
Initialize Triple-DES context.
#define MBEDTLS_DES_DECRYPT
int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE *3])
Triple-DES key schedule (168-bit, decryption)
void mbedtls_des_free(mbedtls_des_context *ctx)
Clear DES context.
MD5 message digest algorithm (hash function)
void mbedtls_md5_free(mbedtls_md5_context *ctx)
Clear MD5 context.
int mbedtls_md5_starts_ret(mbedtls_md5_context *ctx)
MD5 context setup.
void mbedtls_md5_init(mbedtls_md5_context *ctx)
Initialize MD5 context.
int mbedtls_md5_update_ret(mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen)
MD5 process buffer.
int mbedtls_md5_finish_ret(mbedtls_md5_context *ctx, unsigned char output[16])
MD5 final digest.
The AES context-type definition.
Triple-DES context structure.