OpenSSL cert verifier works

Makefile

@@ -73,6 +73,7 @@ endif
 ifeq ($(PLAT),linux)
 	LIBS    =  -lX11 -lXi -lpthread -lGL -ldl
 	BUILD_DIR = build/linux
+	BEARSSL = 1
 endif
 
 ifeq ($(PLAT),sunos)

readme.md

@@ -144,8 +144,8 @@ Compiling with TCC:
 1. Install X11, XInput2, and OpenGL development libraries if necessary. <br>
 For Ubuntu, these are the `libx11-dev`, `libxi-dev` and `libgl1-mesa-dev` packages
 2. Run either:
-    * `make linux` or
-    * `cc -fno-math-errno src/*.c -o ClassiCube -rdynamic -lpthread -lX11 -lXi -lGL -ldl`
+    * `make linux` - produces a simple non-optimised executable, easier to debug
+    * `make linux RELEASE=1` - produces an optimised executable, harder to debug
 
 ##### Cross compiling for Windows (32 bit):
 1. Install MinGW-w64 if necessary. (Ubuntu: `gcc-mingw-w64` package)
@@ -163,8 +163,8 @@ Although the regular linux compiliation flags will work fine, to take full advan
 ## Compiling - macOS
 1. Install a C compiler if necessary. The easiest way of obtaining one is by installing **Xcode**.
 2. Run either:
-    * `make darwin` or
-    * `cc -fno-math-errno src/*.c src/*.m -o ClassiCube -framework Cocoa -framework OpenGL -framework IOKit -lobjc`
+    * `make darwin` - produces a simple non-optimised executable, easier to debug
+    * `make darwin RELEASE=1` - produces an optimised executable, harder to debug
 
 ##### Using Xcode GUI
 
@@ -325,64 +325,64 @@ Run `make saturn`. You'll need [libyaul](https://github.com/yaul-org/libyaul)
 
 1. Install `libxi`, `libexecinfo`, `curl` and `openal-soft` packages if needed
 2. Run either:
-    * `make freebsd` or
-    * `cc src/*.c -o ClassiCube -I /usr/local/include -L /usr/local/lib -lm -lpthread -lX11 -lXi -lGL -lexecinfo`
+    * `make freebsd` - produces a simple non-optimised executable, easier to debug
+    * `make freebsd RELEASE=1` - produces an optimised executable, harder to debug
 
 #### OpenBSD
 
 1. Install `libexecinfo`, `curl` and `openal` packages if needed
 2. Run either:
-    * `make openbsd` or
-    * `cc src/*.c -o ClassiCube -I /usr/X11R6/include -I /usr/local/include -L /usr/X11R6/lib -L /usr/local/lib -lm -lpthread -lX11 -lXi -lGL -lexecinfo`
+    * `make openbsd` - produces a simple non-optimised executable, easier to debug
+    * `make openbsd RELEASE=1` - produces an optimised executable, harder to debug
 
 #### NetBSD
 
 1. Install `libexecinfo`, `curl` and `openal-soft` packages if needed
 2. Run either:
-    * `make netbsd` or
-    * `cc src/*.c -o ClassiCube -I /usr/X11R7/include -I /usr/pkg/include -L /usr/X11R7/lib -L /usr/pkg/lib -lpthread -lX11 -lXi -lGL -lexecinfo`
+    * `make netbsd` - produces a simple non-optimised executable, easier to debug
+    * `make netbsd RELEASE=1` - produces an optimised executable, harder to debug
 
 #### DragonflyBSD
 
 1. Install `libxi`, `libexecinfo`, `curl` and `openal-soft` packages if needed
 2. Run either:
-    * `make dragonfly` or
-    * `cc src/*.c -o ClassiCube -I /usr/local/include -L /usr/local/lib -lm -lpthread -lX11 -lXi -lGL -lexecinfo`
+    * `make dragonfly` - produces a simple non-optimised executable, easier to debug
+    * `make dragonfly RELEASE=1` - produces an optimised executable, harder to debug
 
 #### Solaris
 
 1. Install required packages if needed
 2. Run either:
-    * `make sunos` or
-    * `gcc -fno-math-errno src/*.c -o ClassiCube -lsocket -lX11 -lXi -lGL`
+    * `make sunos` - produces a simple non-optimised executable, easier to debug
+    * `make sunos RELEASE=1` - produces an optimised executable, harder to debug
 
 #### Haiku
 
 1. Install `gcc`, `haiku_devel`, `openal_devel` packages if needed
 2. Run either:
-    * `make haiku` or
-    * `cc -fno-math-errno src/*.c src/*.cpp -o ClassiCube -lGL -lnetwork -lstdc++ -lbe -lgame -ltracker`
+    * `make haiku` - produces a simple non-optimised executable, easier to debug
+    * `make haiku RELEASE=1` - produces an optimised executable, harder to debug
 
 #### BeOS
 
 1. Install a C compiler
 2. Run either:
-    * `make beos` or
-    * `cc -fno-math-errno src/*.c src/*.cpp -o ClassiCube -lGL -lbe -lgame -ltracker`
+    * `make beos` - produces a simple non-optimised executable, easier to debug
+    * `make beos RELEASE=1` - produces an optimised executable, harder to debug
 
 #### IRIX
 
 1. Install required packages if needed
 2. Run either:
-    * `make irix` or
-    * gcc -fno-math-errno src/*.c -o ClassiCube -lGL -lX11 -lXi -lpthread -ldl`
+    * `make irix` - produces a simple non-optimised executable, easier to debug
+    * `make irix RELEASE=1` - produces an optimised executable, harder to debug
 
 #### SerenityOS
 
 1. Install SDL2 port if needed
 2. Run either:
-    * `make serenityos` or
-    * `cc src/*.c -o ClassiCube -lgl -lSDL2`
+    * `make serenityos` - produces a simple non-optimised executable, easier to debug
+    * `make serenityos RELEASE=1` - produces an optimised executable, harder to debug
 
 #### Classic Mac OS
 

src/Certs.c

@@ -42,10 +42,6 @@ void Certs_AppendCert(struct X509CertContext* ctx, const void* data, int len) {
 }
 
 void Certs_FinishCert(struct X509CertContext* ctx) {
-	//char buffer[128];
-	//cc_string buf = String_FromArray(buffer);
-	//String_Format1(&buf, "cert_%i.der", &ctx->numCerts);
-	//Stream_WriteAllTo(&buf, ctx->cert->data, ctx->cert->offset);
 }
 
 void Certs_BeginChain(struct X509CertContext* ctx) {
@@ -62,22 +58,66 @@ void Certs_FreeChain( struct X509CertContext* ctx) {
 	ctx->numCerts = 0;
 }
 
-#if CC_CRT_BACKEND_OPENSSL
+#if CC_CRT_BACKEND == CC_CRT_BACKEND_OPENSSL
 #include <openssl/x509.h>
+#include "Errors.h"
 static X509_STORE* store;
 
 void CertsBackend_Init(void) {
-	Platform_LogConst("BKEND");
-
-	store = X509_STORE_new();
-	X509_STORE_set_default_paths(store);
 }
 
-int Certs_VerifyChain(struct X509CertContext* ctx) {
-	
+static X509* ToOpenSSLCert(struct X509Cert* cert) {
+	const unsigned char* data = cert->data;
+	return d2i_X509(NULL, &data, cert->offset);
+}
+
+int Certs_VerifyChain(struct X509CertContext* chain) {
+	STACK_OF(X509)* inter;
+	X509_STORE_CTX* ctx;
+	X509* cur;
+	X509* cert;
+	int i;
+
+	/* Delay creating X509 store until necessary */
+	if (!store) {
+		store = X509_STORE_new();
+		if (!store) return;
+
+		X509_STORE_set_default_paths(store);
+	}
+
+	Platform_Log1("VERIFY CHAIN: %i", &chain->numCerts);
+	if (!chain->numCerts) return ERR_NOT_SUPPORTED;
+
+	/* End/Leaf certificate */
+	cert = ToOpenSSLCert(&chain->certs[0]);
+	if (!cert) return ERR_OUT_OF_MEMORY;
+
+	inter = sk_X509_new_null();
+	if (!inter) return ERR_OUT_OF_MEMORY;
+
+	/* Intermediate certificates */
+	for (i = 1; i < chain->numCerts; i++)
+	{
+		cur = ToOpenSSLCert(&chain->certs[i]);
+		if (cur) sk_X509_push(inter, cur);
+	}
+
+	ctx = X509_STORE_CTX_new();
+	X509_STORE_CTX_init(ctx, store, cert, inter);
+
+    int status = X509_verify_cert(ctx);
+    if (status == 1) {
+        Platform_LogConst("Certificate verified");
+    } else {
+		int err = X509_STORE_CTX_get_error(ctx);
+        Platform_LogConst(X509_verify_cert_error_string(err));
+    }
+
+	X509_STORE_CTX_free(ctx);
+	sk_X509_pop_free(inter, X509_free);
+	X509_free(cert);
 
-	//const unsigned char* data = ctx->cert->data;
-	//X509* cert = d2i_X509(NULL, &data, ctx->cert->offset);
 	return 0;
 }
 #endif

src/Core.h

@@ -258,7 +258,7 @@ typedef cc_uint8  cc_bool;
 	#define CC_BUILD_LINUX
 	#define CC_BUILD_POSIX
 	#define CC_BUILD_XINPUT2
-	#define DEFAULT_NET_BACKEND CC_NET_BACKEND_LIBCURL
+	#define DEFAULT_NET_BACKEND CC_NET_BACKEND_BUILTIN
 	#define DEFAULT_AUD_BACKEND CC_AUD_BACKEND_OPENAL
 	#define DEFAULT_WIN_BACKEND CC_WIN_BACKEND_X11
 	#define DEFAULT_CRT_BACKEND CC_CRT_BACKEND_OPENSSL

src/SSL.c

@@ -475,7 +475,6 @@ static unsigned x509_end_chain(const br_x509_class** ctx) {
 
 	unsigned r = br_x509_minimal_vtable.end_chain(ctx);
 	r = x509_maybe_skip_verify(r);
-Certs_VerifyChain(&ssl->x509); // TODO remove later
 
 	/* Fallback to system specific certificate validation */
 	if (r == BR_ERR_X509_NOT_TRUSTED && Certs_VerifyChain(&ssl->x509) == 0) r = 0;

third_party/bearssl/src/rsa_i32_oaep_decrypt.c

@@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2018 Thomas Pornin <pornin@bolet.org>
- *
- * Permission is hereby granted, free of charge, to any person obtaining 
- * a copy of this software and associated documentation files (the
- * "Software"), to deal in the Software without restriction, including
- * without limitation the rights to use, copy, modify, merge, publish,
- * distribute, sublicense, and/or sell copies of the Software, and to
- * permit persons to whom the Software is furnished to do so, subject to
- * the following conditions:
- *
- * The above copyright notice and this permission notice shall be 
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
- * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
- * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-
-#include "inner.h"
-
-/* see bearssl_rsa.h */
-uint32_t
-br_rsa_i32_oaep_decrypt(const br_hash_class *dig,
-	const void *label, size_t label_len,
-	const br_rsa_private_key *sk, void *data, size_t *len)
-{
-	uint32_t r;
-
-	if (*len != ((sk->n_bitlen + 7) >> 3)) {
-		return 0;
-	}
-	r = br_rsa_i32_private(data, sk);
-	r &= br_rsa_oaep_unpad(dig, label, label_len, data, len);
-	return r;
-}

third_party/bearssl/src/rsa_i32_oaep_encrypt.c

@@ -1,44 +0,0 @@
-/*
- * Copyright (c) 2018 Thomas Pornin <pornin@bolet.org>
- *
- * Permission is hereby granted, free of charge, to any person obtaining 
- * a copy of this software and associated documentation files (the
- * "Software"), to deal in the Software without restriction, including
- * without limitation the rights to use, copy, modify, merge, publish,
- * distribute, sublicense, and/or sell copies of the Software, and to
- * permit persons to whom the Software is furnished to do so, subject to
- * the following conditions:
- *
- * The above copyright notice and this permission notice shall be 
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
- * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
- * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-
-#include "inner.h"
-
-/* see bearssl_rsa.h */
-size_t
-br_rsa_i32_oaep_encrypt(
-	const br_prng_class **rnd, const br_hash_class *dig,
-	const void *label, size_t label_len,
-	const br_rsa_public_key *pk,
-	void *dst, size_t dst_max_len,
-	const void *src, size_t src_len)
-{
-	size_t dlen;
-
-	dlen = br_rsa_oaep_pad(rnd, dig, label, label_len,
-		pk, dst, dst_max_len, src, src_len);
-	if (dlen == 0) {
-		return 0;
-	}
-	return dlen & -(size_t)br_rsa_i32_public(dst, dlen, pk);
-}

third_party/bearssl/src/rsa_i32_pkcs1_sign.c

@@ -1,37 +0,0 @@
-/*
- * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
- *
- * Permission is hereby granted, free of charge, to any person obtaining 
- * a copy of this software and associated documentation files (the
- * "Software"), to deal in the Software without restriction, including
- * without limitation the rights to use, copy, modify, merge, publish,
- * distribute, sublicense, and/or sell copies of the Software, and to
- * permit persons to whom the Software is furnished to do so, subject to
- * the following conditions:
- *
- * The above copyright notice and this permission notice shall be 
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
- * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
- * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-
-#include "inner.h"
-
-/* see bearssl_rsa.h */
-uint32_t
-br_rsa_i32_pkcs1_sign(const unsigned char *hash_oid,
-	const unsigned char *hash, size_t hash_len,
-	const br_rsa_private_key *sk, unsigned char *x)
-{
-	if (!br_rsa_pkcs1_sig_pad(hash_oid, hash, hash_len, sk->n_bitlen, x)) {
-		return 0;
-	}
-	return br_rsa_i32_private(x, sk);
-}

third_party/bearssl/src/rsa_i32_pkcs1_vrfy.c

@@ -1,43 +0,0 @@
-/*
- * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
- *
- * Permission is hereby granted, free of charge, to any person obtaining 
- * a copy of this software and associated documentation files (the
- * "Software"), to deal in the Software without restriction, including
- * without limitation the rights to use, copy, modify, merge, publish,
- * distribute, sublicense, and/or sell copies of the Software, and to
- * permit persons to whom the Software is furnished to do so, subject to
- * the following conditions:
- *
- * The above copyright notice and this permission notice shall be 
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
- * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
- * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-
-#include "inner.h"
-
-/* see bearssl_rsa.h */
-uint32_t
-br_rsa_i32_pkcs1_vrfy(const unsigned char *x, size_t xlen,
-	const unsigned char *hash_oid, size_t hash_len,
-	const br_rsa_public_key *pk, unsigned char *hash_out)
-{
-	unsigned char sig[BR_MAX_RSA_SIZE >> 3];
-
-	if (xlen > (sizeof sig)) {
-		return 0;
-	}
-	memcpy(sig, x, xlen);
-	if (!br_rsa_i32_public(sig, xlen, pk)) {
-		return 0;
-	}
-	return br_rsa_pkcs1_sig_unpad(sig, xlen, hash_oid, hash_len, hash_out);
-}

third_party/bearssl/src/rsa_i32_priv.c

@@ -1,160 +0,0 @@
-/*
- * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
- *
- * Permission is hereby granted, free of charge, to any person obtaining 
- * a copy of this software and associated documentation files (the
- * "Software"), to deal in the Software without restriction, including
- * without limitation the rights to use, copy, modify, merge, publish,
- * distribute, sublicense, and/or sell copies of the Software, and to
- * permit persons to whom the Software is furnished to do so, subject to
- * the following conditions:
- *
- * The above copyright notice and this permission notice shall be 
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
- * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
- * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-
-#include "inner.h"
-
-#define U   (1 + (BR_MAX_RSA_FACTOR >> 5))
-
-/* see bearssl_rsa.h */
-uint32_t
-br_rsa_i32_private(unsigned char *x, const br_rsa_private_key *sk)
-{
-	const unsigned char *p, *q;
-	size_t plen, qlen;
-	uint32_t tmp[6 * U];
-	uint32_t *mp, *mq, *s1, *s2, *t1, *t2, *t3;
-	uint32_t p0i, q0i;
-	size_t xlen, u;
-	uint32_t r;
-
-	/*
-	 * All our temporary buffers are from the tmp[] array.
-	 *
-	 * The mp, mq, s1, s2, t1 and t2 buffers are large enough to
-	 * contain a RSA factor. The t3 buffer can contain a complete
-	 * RSA modulus. t3 shares its storage space with s2, s1 and t1,
-	 * in that order (this is important, see below).
-	 */
-	mq = tmp;
-	mp = tmp + U;
-	t2 = tmp + 2 * U;
-	s2 = tmp + 3 * U;
-	s1 = tmp + 4 * U;
-	t1 = tmp + 5 * U;
-	t3 = s2;
-
-	/*
-	 * Compute the actual lengths (in bytes) of p and q, and check
-	 * that they fit within our stack buffers.
-	 */
-	p = sk->p;
-	plen = sk->plen;
-	while (plen > 0 && *p == 0) {
-		p ++;
-		plen --;
-	}
-	q = sk->q;
-	qlen = sk->qlen;
-	while (qlen > 0 && *q == 0) {
-		q ++;
-		qlen --;
-	}
-	if (plen > (BR_MAX_RSA_FACTOR >> 3)
-		|| qlen > (BR_MAX_RSA_FACTOR >> 3))
-	{
-		return 0;
-	}
-
-	/*
-	 * Decode p and q.
-	 */
-	br_i32_decode(mp, p, plen);
-	br_i32_decode(mq, q, qlen);
-
-	/*
-	 * Recompute modulus, to compare with the source value.
-	 */
-	br_i32_zero(t2, mp[0]);
-	br_i32_mulacc(t2, mp, mq);
-	xlen = (sk->n_bitlen + 7) >> 3;
-	br_i32_encode(t2 + 2 * U, xlen, t2);
-	u = xlen;
-	r = 0;
-	while (u > 0) {
-		uint32_t wn, wx;
-
-		u --;
-		wn = ((unsigned char *)(t2 + 2 * U))[u];
-		wx = x[u];
-		r = ((wx - (wn + r)) >> 8) & 1;
-	}
-
-	/*
-	 * Compute s1 = x^dp mod p.
-	 */
-	p0i = br_i32_ninv32(mp[1]);
-	br_i32_decode_reduce(s1, x, xlen, mp);
-	br_i32_modpow(s1, sk->dp, sk->dplen, mp, p0i, t1, t2);
-
-	/*
-	 * Compute s2 = x^dq mod q.
-	 */
-	q0i = br_i32_ninv32(mq[1]);
-	br_i32_decode_reduce(s2, x, xlen, mq);
-	br_i32_modpow(s2, sk->dq, sk->dqlen, mq, q0i, t1, t2);
-
-	/*
-	 * Compute:
-	 *   h = (s1 - s2)*(1/q) mod p
-	 * s1 is an integer modulo p, but s2 is modulo q. PKCS#1 is
-	 * unclear about whether p may be lower than q (some existing,
-	 * widely deployed implementations of RSA don't tolerate p < q),
-	 * but we want to support that occurrence, so we need to use the
-	 * reduction function.
-	 *
-	 * Since we use br_i32_decode_reduce() for iq (purportedly, the
-	 * inverse of q modulo p), we also tolerate improperly large
-	 * values for this parameter.
-	 */
-	br_i32_reduce(t2, s2, mp);
-	br_i32_add(s1, mp, br_i32_sub(s1, t2, 1));
-	br_i32_to_monty(s1, mp);
-	br_i32_decode_reduce(t1, sk->iq, sk->iqlen, mp);
-	br_i32_montymul(t2, s1, t1, mp, p0i);
-
-	/*
-	 * h is now in t2. We compute the final result:
-	 *   s = s2 + q*h
-	 * All these operations are non-modular.
-	 *
-	 * We need mq, s2 and t2. We use the t3 buffer as destination.
-	 * The buffers mp, s1 and t1 are no longer needed. Moreover,
-	 * the first step is to copy s2 into the destination buffer t3.
-	 * We thus arranged for t3 to actually share space with s2, and
-	 * to be followed by the space formerly used by s1 and t1.
-	 */
-	br_i32_mulacc(t3, mq, t2);
-
-	/*
-	 * Encode the result. Since we already checked the value of xlen,
-	 * we can just use it right away.
-	 */
-	br_i32_encode(x, xlen, t3);
-
-	/*
-	 * The only error conditions remaining at that point are invalid
-	 * values for p and q (even integers).
-	 */
-	return p0i & q0i & r;
-}

third_party/bearssl/src/rsa_i32_pss_sign.c

@@ -1,40 +0,0 @@
-/*
- * Copyright (c) 2018 Thomas Pornin <pornin@bolet.org>
- *
- * Permission is hereby granted, free of charge, to any person obtaining 
- * a copy of this software and associated documentation files (the
- * "Software"), to deal in the Software without restriction, including
- * without limitation the rights to use, copy, modify, merge, publish,
- * distribute, sublicense, and/or sell copies of the Software, and to
- * permit persons to whom the Software is furnished to do so, subject to
- * the following conditions:
- *
- * The above copyright notice and this permission notice shall be 
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
- * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
- * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-
-#include "inner.h"
-
-/* see bearssl_rsa.h */
-uint32_t
-br_rsa_i32_pss_sign(const br_prng_class **rng,
-	const br_hash_class *hf_data, const br_hash_class *hf_mgf1,
-	const unsigned char *hash, size_t salt_len,
-	const br_rsa_private_key *sk, unsigned char *x)
-{
-	if (!br_rsa_pss_sig_pad(rng, hf_data, hf_mgf1, hash,
-		salt_len, sk->n_bitlen, x))
-	{
-		return 0;
-	}
-	return br_rsa_i32_private(x, sk);
-}

third_party/bearssl/src/rsa_i32_pss_vrfy.c

@@ -1,44 +0,0 @@
-/*
- * Copyright (c) 2018 Thomas Pornin <pornin@bolet.org>
- *
- * Permission is hereby granted, free of charge, to any person obtaining 
- * a copy of this software and associated documentation files (the
- * "Software"), to deal in the Software without restriction, including
- * without limitation the rights to use, copy, modify, merge, publish,
- * distribute, sublicense, and/or sell copies of the Software, and to
- * permit persons to whom the Software is furnished to do so, subject to
- * the following conditions:
- *
- * The above copyright notice and this permission notice shall be 
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
- * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
- * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-
-#include "inner.h"
-
-/* see bearssl_rsa.h */
-uint32_t
-br_rsa_i32_pss_vrfy(const unsigned char *x, size_t xlen,
-	const br_hash_class *hf_data, const br_hash_class *hf_mgf1,
-	const void *hash, size_t salt_len, const br_rsa_public_key *pk)
-{
-	unsigned char sig[BR_MAX_RSA_SIZE >> 3];
-
-	if (xlen > (sizeof sig)) {
-		return 0;
-	}
-	memcpy(sig, x, xlen);
-	if (!br_rsa_i32_public(sig, xlen, pk)) {
-		return 0;
-	}
-	return br_rsa_pss_sig_unpad(hf_data, hf_mgf1,
-		hash, salt_len, pk, sig);
-}

third_party/bearssl/src/rsa_i32_pub.c

@@ -1,77 +0,0 @@
-/*
- * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
- *
- * Permission is hereby granted, free of charge, to any person obtaining 
- * a copy of this software and associated documentation files (the
- * "Software"), to deal in the Software without restriction, including
- * without limitation the rights to use, copy, modify, merge, publish,
- * distribute, sublicense, and/or sell copies of the Software, and to
- * permit persons to whom the Software is furnished to do so, subject to
- * the following conditions:
- *
- * The above copyright notice and this permission notice shall be 
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
- * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
- * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-
-#include "inner.h"
-
-/* see bearssl_rsa.h */
-uint32_t
-br_rsa_i32_public(unsigned char *x, size_t xlen,
-	const br_rsa_public_key *pk)
-{
-	const unsigned char *n;
-	size_t nlen;
-	uint32_t m[1 + (BR_MAX_RSA_SIZE >> 5)];
-	uint32_t a[1 + (BR_MAX_RSA_SIZE >> 5)];
-	uint32_t t1[1 + (BR_MAX_RSA_SIZE >> 5)];
-	uint32_t t2[1 + (BR_MAX_RSA_SIZE >> 5)];
-	uint32_t m0i, r;
-
-	/*
-	 * Get the actual length of the modulus, and see if it fits within
-	 * our stack buffer. We also check that the length of x[] is valid.
-	 */
-	n = pk->n;
-	nlen = pk->nlen;
-	while (nlen > 0 && *n == 0) {
-		n ++;
-		nlen --;
-	}
-	if (nlen == 0 || nlen > (BR_MAX_RSA_SIZE >> 3) || xlen != nlen) {
-		return 0;
-	}
-	br_i32_decode(m, n, nlen);
-	m0i = br_i32_ninv32(m[1]);
-
-	/*
-	 * Note: if m[] is even, then m0i == 0. Otherwise, m0i must be
-	 * an odd integer.
-	 */
-	r = m0i & 1;
-
-	/*
-	 * Decode x[] into a[]; we also check that its value is proper.
-	 */
-	r &= br_i32_decode_mod(a, x, xlen, m);
-
-	/*
-	 * Compute the modular exponentiation.
-	 */
-	br_i32_modpow(a, pk->e, pk->elen, m, m0i, t1, t2);
-
-	/*
-	 * Encode the result.
-	 */
-	br_i32_encode(x, xlen, a);
-	return r;
-}