Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/SoftEtherVPN/SoftEtherVPN_Stable.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/src/Mayaqua/Encrypt.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/Mayaqua/Encrypt.h')
-rw-r--r--src/Mayaqua/Encrypt.h486
1 files changed, 486 insertions, 0 deletions
diff --git a/src/Mayaqua/Encrypt.h b/src/Mayaqua/Encrypt.h
new file mode 100644
index 00000000..24cb11e6
--- /dev/null
+++ b/src/Mayaqua/Encrypt.h
@@ -0,0 +1,486 @@
+// SoftEther VPN Source Code
+// Mayaqua Kernel
+//
+// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
+//
+// Copyright (c) 2012-2014 Daiyuu Nobori.
+// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
+// Copyright (c) 2012-2014 SoftEther Corporation.
+//
+// All Rights Reserved.
+//
+// http://www.softether.org/
+//
+// Author: Daiyuu Nobori
+// Comments: Tetsuo Sugiyama, Ph.D.
+//
+//
+// This program is free software; you can redistribute it and/or
+// modify it under the terms of the GNU General Public License
+// version 2 as published by the Free Software Foundation.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License version 2
+// along with this program; if not, write to the Free Software
+// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
+// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
+//
+//
+// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
+// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
+// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
+// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
+// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
+// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
+// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
+// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
+// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
+// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
+// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
+// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
+// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
+// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
+//
+// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
+// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
+// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
+// COUNTRIES MIGHT BE RESTRICTED.
+//
+//
+// DEAR SECURITY EXPERTS
+// ---------------------
+//
+// If you find a bug or a security vulnerability please kindly inform us
+// about the problem immediately so that we can fix the security problem
+// to protect a lot of users around the world as soon as possible.
+//
+// Our e-mail address for security reports is:
+// softether-vpn-security [at] softether.org
+//
+// Please note that the above e-mail address is not a technical support
+// inquiry address. If you need technical assistance, please visit
+// http://www.softether.org/ and ask your question on the users forum.
+//
+// Thank you for your cooperation.
+
+
+// Encrypt.h
+// Header of Encrypt.c
+
+#ifndef ENCRYPT_H
+#define ENCRYPT_H
+
+// Function of OpenSSL
+void RAND_Init_For_SoftEther();
+void RAND_Free_For_SoftEther();
+
+
+
+// Constant
+#define MIN_SIGN_HASH_SIZE (15 + SHA1_SIZE)
+#define SIGN_HASH_SIZE (MIN_SIGN_HASH_SIZE)
+
+#define DES_KEY_SIZE 8 // DES key size
+#define DES_IV_SIZE 8 // DES IV size
+#define DES_BLOCK_SIZE 8 // DES block size
+#define DES3_KEY_SIZE (8 * 3) // 3DES key size
+#define RSA_KEY_SIZE 128 // RSA key size
+#define DH_KEY_SIZE 128 // DH key size
+#define RSA_MIN_SIGN_HASH_SIZE (15 + SHA1_HASH_SIZE) // Minimum RSA hash size
+#define RSA_SIGN_HASH_SIZE (RSA_MIN_SIGN_HASH_SIZE) // RSA hash size
+#define MD5_HASH_SIZE 16 // MD5 hash size
+#define SHA1_HASH_SIZE 20 // SHA-1 hash size
+#define SHA1_BLOCK_SIZE 64 // SHA-1 block size
+#define HMAC_SHA1_96_KEY_SIZE 20 // HMAC-SHA-1-96 key size
+#define HMAC_SHA1_96_HASH_SIZE 12 // HMAC-SHA-1-96 hash size
+#define HMAC_SHA1_SIZE (SHA1_HASH_SIZE) // HMAC-SHA-1 hash size
+#define AES_IV_SIZE 16 // AES IV size
+#define AES_MAX_KEY_SIZE 32 // Maximum AES key size
+
+// HMAC block size
+#define HMAC_BLOCK_SIZE 64
+
+#define DH_GROUP1_PRIME_768 \
+ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
+ "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
+ "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
+ "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF"
+
+#define DH_GROUP2_PRIME_1024 \
+ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
+ "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
+ "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
+ "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
+ "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" \
+ "FFFFFFFFFFFFFFFF"
+
+#define DH_GROUP5_PRIME_1536 \
+ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
+ "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
+ "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
+ "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
+ "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \
+ "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \
+ "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \
+ "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF"
+
+#define DH_SIMPLE_160 "AEE7561459353C95DDA966AE1FD25D95CD46E935"
+
+// Macro
+#define HASHED_DATA(p) (((UCHAR *)p) + 15)
+
+
+
+// Crypt context
+struct CRYPT
+{
+ struct rc4_key_st *Rc4Key;
+};
+
+// Name in the certificate
+struct NAME
+{
+ wchar_t *CommonName; // CN
+ wchar_t *Organization; // O
+ wchar_t *Unit; // OU
+ wchar_t *Country; // C
+ wchar_t *State; // ST
+ wchar_t *Local; // L
+};
+
+// Serial number
+struct X_SERIAL
+{
+ UINT size;
+ UCHAR *data;
+};
+
+// Certificate
+struct X
+{
+ X509 *x509;
+ NAME *issuer_name;
+ NAME *subject_name;
+ bool root_cert;
+ UINT64 notBefore;
+ UINT64 notAfter;
+ X_SERIAL *serial;
+ bool do_not_free;
+ bool is_compatible_bit;
+ UINT bits;
+};
+
+// Key
+struct K
+{
+ EVP_PKEY *pkey;
+ bool private_key;
+};
+
+// PKCS#12
+struct P12
+{
+ PKCS12 *pkcs12;
+};
+
+// CEL
+struct X_CRL
+{
+ X509_CRL *Crl;
+};
+
+// Constant
+#define MD5_SIZE 16
+#define SHA1_SIZE 20
+#define SHA256_SIZE 32
+
+// Key element of DES
+struct DES_KEY_VALUE
+{
+ struct DES_ks *KeySchedule;
+ UCHAR KeyValue[DES_KEY_SIZE];
+};
+
+// DES key
+struct DES_KEY
+{
+ DES_KEY_VALUE *k1, *k2, *k3;
+};
+
+// AES key
+struct AES_KEY_VALUE
+{
+ struct aes_key_st *EncryptKey;
+ struct aes_key_st *DecryptKey;
+ UCHAR KeyValue[AES_MAX_KEY_SIZE];
+ UINT KeySize;
+};
+
+// DH
+struct DH_CTX
+{
+ struct dh_st *dh;
+ BUF *MyPublicKey;
+ BUF *MyPrivateKey;
+ UINT Size;
+};
+
+// Cipher object
+struct CIPHER
+{
+ char Name[MAX_PATH];
+ bool IsNullCipher;
+ const struct evp_cipher_st *Cipher;
+ struct evp_cipher_ctx_st *Ctx;
+ bool Encrypt;
+ UINT BlockSize, IvSize, KeySize;
+};
+
+// Message digest object
+struct MD
+{
+ char Name[MAX_PATH];
+ const struct env_md_st *Md;
+ struct hmac_ctx_st *Ctx;
+ UINT Size;
+};
+
+
+// Lock of the OpenSSL
+extern LOCK **ssl_lock_obj;
+
+// Function prototype
+CRYPT *NewCrypt(void *key, UINT size);
+void FreeCrypt(CRYPT *c);
+void Encrypt(CRYPT *c, void *dst, void *src, UINT size);
+void Hash(void *dst, void *src, UINT size, bool sha);
+void HashSha1(void *dst, void *src, UINT size);
+void HashSha256(void *dst, void *src, UINT size);
+void HashMd4(void *dst, void *src, UINT size);
+void HashMd4(void *dst, void *src, UINT size);
+void InitCryptLibrary();
+void Rand(void *buf, UINT size);
+void Rand128(void *buf);
+UINT HashToUINT(void *data, UINT size);
+UINT64 Rand64();
+UINT Rand32();
+USHORT Rand16();
+UCHAR Rand8();
+bool Rand1();
+UINT HashPtrToUINT(void *p);
+
+void CertTest();
+BIO *BufToBio(BUF *b);
+BUF *BioToBuf(BIO *bio);
+BIO *NewBio();
+void FreeBio(BIO *bio);
+X *BioToX(BIO *bio, bool text);
+X *BufToX(BUF *b, bool text);
+BUF *SkipBufBeforeString(BUF *b, char *str);
+void FreeX509(X509 *x509);
+void FreeX(X *x);
+BIO *XToBio(X *x, bool text);
+BUF *XToBuf(X *x, bool text);
+K *BioToK(BIO *bio, bool private_key, bool text, char *password);
+int PKeyPasswordCallbackFunction(char *buf, int bufsize, int verify, void *param);
+void FreePKey(EVP_PKEY *pkey);
+void FreeK(K *k);
+K *BufToK(BUF *b, bool private_key, bool text, char *password);
+bool IsEncryptedK(BUF *b, bool private_key);
+bool IsBase64(BUF *b);
+BIO *KToBio(K *k, bool text, char *password);
+BUF *KToBuf(K *k, bool text, char *password);
+X *FileToX(char *filename);
+X *FileToXW(wchar_t *filename);
+bool XToFile(X *x, char *filename, bool text);
+bool XToFileW(X *x, wchar_t *filename, bool text);
+K *FileToK(char *filename, bool private_key, char *password);
+K *FileToKW(wchar_t *filename, bool private_key, char *password);
+bool KToFile(K *k, char *filename, bool text, char *password);
+bool KToFileW(K *k, wchar_t *filename, bool text, char *password);
+bool CheckXandK(X *x, K *k);
+bool CompareX(X *x1, X *x2);
+NAME *X509NameToName(void *xn);
+wchar_t *GetUniStrFromX509Name(void *xn, int nid);
+void LoadXNames(X *x);
+void FreeXNames(X *x);
+void FreeName(NAME *n);
+bool CompareName(NAME *n1, NAME *n2);
+K *GetKFromX(X *x);
+bool CheckSignature(X *x, K *k);
+X *X509ToX(X509 *x509);
+bool CheckX(X *x, X *x_issuer);
+bool Asn1TimeToSystem(SYSTEMTIME *s, void *asn1_time);
+bool StrToSystem(SYSTEMTIME *s, char *str);
+UINT64 Asn1TimeToUINT64(void *asn1_time);
+bool SystemToAsn1Time(void *asn1_time, SYSTEMTIME *s);
+bool UINT64ToAsn1Time(void *asn1_time, UINT64 t);
+bool SystemToStr(char *str, UINT size, SYSTEMTIME *s);
+void LoadXDates(X *x);
+bool CheckXDate(X *x, UINT64 current_system_time);
+bool CheckXDateNow(X *x);
+NAME *NewName(wchar_t *common_name, wchar_t *organization, wchar_t *unit,
+ wchar_t *country, wchar_t *state, wchar_t *local);
+void *NameToX509Name(NAME *nm);
+void FreeX509Name(void *xn);
+bool AddX509Name(void *xn, int nid, wchar_t *str);
+X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial);
+X *NewRootX(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial);
+X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial);
+X *NewX(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial);
+UINT GetDaysUntil2038();
+X_SERIAL *NewXSerial(void *data, UINT size);
+void FreeXSerial(X_SERIAL *serial);
+char *ByteToStr(BYTE *src, UINT src_size);
+P12 *BioToP12(BIO *bio);
+P12 *PKCS12ToP12(PKCS12 *pkcs12);
+P12 *BufToP12(BUF *b);
+BIO *P12ToBio(P12 *p12);
+BUF *P12ToBuf(P12 *p12);
+void FreePKCS12(PKCS12 *pkcs12);
+void FreeP12(P12 *p12);
+P12 *FileToP12(char *filename);
+P12 *FileToP12W(wchar_t *filename);
+bool P12ToFile(P12 *p12, char *filename);
+bool P12ToFileW(P12 *p12, wchar_t *filename);
+bool ParseP12(P12 *p12, X **x, K **k, char *password);
+bool IsEncryptedP12(P12 *p12);
+P12 *NewP12(X *x, K *k, char *password);
+X *CloneX(X *x);
+K *CloneK(K *k);
+void FreeCryptLibrary();
+void GetPrintNameFromX(wchar_t *str, UINT size, X *x);
+void GetPrintNameFromXA(char *str, UINT size, X *x);
+void GetPrintNameFromName(wchar_t *str, UINT size, NAME *name);
+void GetAllNameFromX(wchar_t *str, UINT size, X *x);
+void GetAllNameFromA(char *str, UINT size, X *x);
+void GetAllNameFromName(wchar_t *str, UINT size, NAME *name);
+void GetAllNameFromNameEx(wchar_t *str, UINT size, NAME *name);
+void GetAllNameFromXEx(wchar_t *str, UINT size, X *x);
+void GetAllNameFromXExA(char *str, UINT size, X *x);
+BUF *BigNumToBuf(BIGNUM *bn);
+BIGNUM *BinToBigNum(void *data, UINT size);
+BIGNUM *BufToBigNum(BUF *b);
+char *BigNumToStr(BIGNUM *bn);
+X_SERIAL *CloneXSerial(X_SERIAL *src);
+bool CompareXSerial(X_SERIAL *s1, X_SERIAL *s2);
+void GetXDigest(X *x, UCHAR *buf, bool sha1);
+NAME *CopyName(NAME *n);
+
+
+bool RsaGen(K **priv, K **pub, UINT bit);
+bool RsaCheck();
+bool RsaCheckEx();
+bool RsaPublicEncrypt(void *dst, void *src, UINT size, K *k);
+bool RsaPrivateDecrypt(void *dst, void *src, UINT size, K *k);
+bool RsaPrivateEncrypt(void *dst, void *src, UINT size, K *k);
+bool RsaPublicDecrypt(void *dst, void *src, UINT size, K *k);
+bool RsaSign(void *dst, void *src, UINT size, K *k);
+bool RsaSignEx(void *dst, void *src, UINT size, K *k, UINT bits);
+bool HashForSign(void *dst, UINT dst_size, void *src, UINT src_size);
+bool RsaVerify(void *data, UINT data_size, void *sign, K *k);
+bool RsaVerifyEx(void *data, UINT data_size, void *sign, K *k, UINT bits);
+UINT RsaPublicSize(K *k);
+void RsaPublicToBin(K *k, void *data);
+BUF *RsaPublicToBuf(K *k);
+K *RsaBinToPublic(void *data, UINT size);
+
+X_CRL *FileToXCrl(char *filename);
+X_CRL *FileToXCrlW(wchar_t *filename);
+X_CRL *BufToXCrl(BUF *b);
+void FreeXCrl(X_CRL *r);
+bool IsXRevokedByXCrl(X *x, X_CRL *r);
+bool IsXRevoked(X *x);
+
+DES_KEY_VALUE *DesNewKeyValue(void *value);
+DES_KEY_VALUE *DesRandKeyValue();
+void DesFreeKeyValue(DES_KEY_VALUE *v);
+DES_KEY *Des3NewKey(void *k1, void *k2, void *k3);
+void Des3FreeKey(DES_KEY *k);
+DES_KEY *DesNewKey(void *k1);
+void DesFreeKey(DES_KEY *k);
+DES_KEY *Des3RandKey();
+DES_KEY *DesRandKey();
+void Des3Encrypt(void *dest, void *src, UINT size, DES_KEY *key, void *ivec);
+void Des3Encrypt2(void *dest, void *src, UINT size, DES_KEY_VALUE *k1, DES_KEY_VALUE *k2, DES_KEY_VALUE *k3, void *ivec);
+void Des3Decrypt(void *dest, void *src, UINT size, DES_KEY *key, void *ivec);
+void Des3Decrypt2(void *dest, void *src, UINT size, DES_KEY_VALUE *k1, DES_KEY_VALUE *k2, DES_KEY_VALUE *k3, void *ivec);
+void Sha1(void *dst, void *src, UINT size);
+void Md5(void *dst, void *src, UINT size);
+void MacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size);
+void MacSha196(void *dst, void *key, void *data, UINT data_size);
+void DesEncrypt(void *dest, void *src, UINT size, DES_KEY_VALUE *k, void *ivec);
+void DesDecrypt(void *dest, void *src, UINT size, DES_KEY_VALUE *k, void *ivec);
+void DesEcbEncrypt(void *dst, void *src, void *key_7bytes);
+
+bool DhCompute(DH_CTX *dh, void *dst_priv_key, void *src_pub_key, UINT key_size);
+DH_CTX *DhNewGroup1();
+DH_CTX *DhNewGroup2();
+DH_CTX *DhNewGroup5();
+DH_CTX *DhNewSimple160();
+DH_CTX *DhNew(char *prime, UINT g);
+void DhFree(DH_CTX *dh);
+BUF *DhToBuf(DH_CTX *dh);
+
+AES_KEY_VALUE *AesNewKey(void *data, UINT size);
+void AesFreeKey(AES_KEY_VALUE *k);
+void AesEncrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec);
+void AesDecrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec);
+
+bool IsIntelAesNiSupported();
+void CheckIfIntelAesNiSupportedInit();
+
+#ifdef USE_INTEL_AESNI_LIBRARY
+void AesEncryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec);
+void AesDecryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec);
+#endif // USE_INTEL_AESNI_LIBRARY
+
+void OpenSSL_InitLock();
+void OpenSSL_FreeLock();
+void OpenSSL_Lock(int mode, int n, const char *file, int line);
+unsigned long OpenSSL_Id(void);
+void FreeOpenSSLThreadState();
+
+CIPHER *NewCipher(char *name);
+void FreeCipher(CIPHER *c);
+void SetCipherKey(CIPHER *c, void *key, bool enc);
+UINT CipherProcess(CIPHER *c, void *iv, void *dest, void *src, UINT size);
+
+MD *NewMd(char *name);
+void FreeMd(MD *md);
+void SetMdKey(MD *md, void *key, UINT key_size);
+void MdProcess(MD *md, void *dest, void *src, UINT size);
+void Enc_tls1_PRF(unsigned char *label, int label_len, const unsigned char *sec,
+ int slen, unsigned char *out1, int olen);
+
+void HMacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size);
+void HMacMd5(void *dst, void *key, UINT key_size, void *data, UINT data_size);
+
+void DisableIntelAesAccel();
+
+#ifdef ENCRYPT_C
+// Inner function
+
+
+#endif // ENCRYPT_C
+
+#endif // ENCRYPT_H
+
+
+// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
+// Department of Computer Science has dozens of overly-enthusiastic geeks.
+// Join us: http://www.tsukuba.ac.jp/english/admission/
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-25 12:41:21 +0300