AstralTransRocketries/ClassiCube
1
0
Fork 0
mirror of https://github.com/ClassiCube/ClassiCube.git synced 2025-09-08 23:10:52 -04:00
Code Issues Packages Projects Releases Wiki Activity

Remove more unused code

Browse Source
This commit is contained in:
UnknownShadow200 2025-06-28 21:07:46 +10:00
parent 4f282b4f8b
commit 08dabad8ca
8 changed files with 1 additions and 996 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
misc/symbian/ClassiCube_common.mmh
View File

@ -47,7 +47,7 @@ SOURCEPATH ../../src
SOURCE Animations.c Audio.c Audio_Null.c AxisLinesRenderer.c Bitmap.c Block.c BlockPhysics.c Builder.c Camera.c Chat.c Commands.c Deflate.c Drawer.c Drawer2D.c Entity.c EntityComponents.c EntityRenderers.c EnvRenderer.c Event.c ExtMath.c FancyLighting.c Formats.c Game.c GameVersion.c Generator.c Graphics_GL1.c Graphics_SoftGPU.c Gui.c HeldBlockRenderer.c Http_Web.c Http_Worker.c Input.c InputHandler.c Inventory.c IsometricDrawer.c LBackend.c LScreens.c LWeb.c LWidgets.c Launcher.c Lighting.c Logger.c MapRenderer.c MenuOptions.c Menus.c Model.c Options.c PackedCol.c Particle.c Physics.c Picking.c Platform_Posix.c Protocol.c Queue.c Resources.c SSL.c Screens.c SelOutlineRenderer.c SelectionBox.c Server.c Stream.c String.c SystemFonts.c TexturePack.c TouchUI.c Utils.c Vectors.c Widgets.c World.c _autofit.c _cff.c _ftbase.c _ftbitmap.c _ftglyph.c _ftinit.c _ftsynth.c _psaux.c _pshinter.c _psmodule.c _sfnt.c _smooth.c _truetype.c _type1.c Vorbis.c Platform_Symbian.cpp Graphics_GL2.c Window_Symbian.cpp Audio_Symbian.cpp
SOURCEPATH ../../third_party/bearssl/src
SOURCE aes_big_cbcdec.c aes_big_cbcenc.c aes_big_ctr.c aes_big_ctrcbc.c aes_big_dec.c aes_big_enc.c aes_common.c aes_ct.c aes_ct64.c aes_ct64_cbcdec.c aes_ct64_cbcenc.c aes_ct64_ctr.c aes_ct64_ctrcbc.c aes_ct64_dec.c aes_ct64_enc.c aes_ct_cbcdec.c aes_ct_cbcenc.c aes_ct_ctr.c aes_ct_ctrcbc.c aes_ct_dec.c aes_ct_enc.c aes_small_cbcdec.c aes_small_cbcenc.c aes_small_ctr.c aes_small_ctrcbc.c aes_small_dec.c aes_small_enc.c aes_x86ni.c aes_x86ni_cbcdec.c aes_x86ni_cbcenc.c aes_x86ni_ctr.c aes_x86ni_ctrcbc.c aesctr_drbg.c asn1enc.c ccm.c ccopy.c chacha20_ct.c chacha20_sse2.c dec16be.c dec16le.c dec32be.c dec32le.c dec64be.c dec64le.c des_ct.c des_ct_cbcdec.c des_ct_cbcenc.c des_support.c des_tab.c des_tab_cbcdec.c des_tab_cbcenc.c dig_oid.c dig_size.c eax.c ec_all_m15.c ec_all_m31.c ec_c25519_i15.c ec_c25519_i31.c ec_c25519_m15.c ec_c25519_m31.c ec_c25519_m62.c ec_c25519_m64.c ec_curve25519.c ec_default.c ec_keygen.c ec_p256_m15.c ec_p256_m31.c ec_p256_m62.c ec_p256_m64.c ec_prime_i15.c ec_prime_i31.c ec_pubkey.c ec_secp256r1.c ec_secp384r1.c ec_secp521r1.c ecdsa_atr.c ecdsa_default_sign_asn1.c ecdsa_default_sign_raw.c ecdsa_default_vrfy_asn1.c ecdsa_default_vrfy_raw.c ecdsa_i15_bits.c ecdsa_i15_sign_asn1.c ecdsa_i15_sign_raw.c ecdsa_i15_vrfy_asn1.c ecdsa_i15_vrfy_raw.c ecdsa_i31_bits.c ecdsa_i31_sign_asn1.c ecdsa_i31_sign_raw.c ecdsa_i31_vrfy_asn1.c ecdsa_i31_vrfy_raw.c ecdsa_rta.c enc16be.c enc16le.c enc32be.c enc32le.c enc64be.c enc64le.c encode_ec_pk8der.c encode_ec_rawder.c encode_rsa_pk8der.c encode_rsa_rawder.c gcm.c ghash_ctmul.c ghash_ctmul32.c ghash_ctmul64.c ghash_pclmul.c hkdf.c hmac.c hmac_ct.c hmac_drbg.c i15_add.c i15_bitlen.c i15_decmod.c i15_decode.c i15_decred.c i15_encode.c i15_fmont.c i15_iszero.c i15_moddiv.c i15_modpow.c i15_modpow2.c i15_montmul.c i15_mulacc.c i15_muladd.c i15_ninv15.c i15_reduce.c i15_rshift.c i15_sub.c i15_tmont.c i31_add.c i31_bitlen.c i31_decmod.c i31_decode.c i31_decred.c i31_encode.c i31_fmont.c i31_iszero.c i31_moddiv.c i31_modpow.c i31_modpow2.c i31_montmul.c i31_mulacc.c i31_muladd.c i31_ninv31.c i31_reduce.c i31_rshift.c i31_sub.c i31_tmont.c i32_add.c i32_bitlen.c i32_decmod.c i32_decode.c i32_decred.c i32_div32.c i32_encode.c i32_fmont.c i32_iszero.c i32_modpow.c i32_montmul.c i32_mulacc.c i32_muladd.c i32_ninv32.c i32_reduce.c i32_sub.c i32_tmont.c i62_modpow2.c md5.c md5sha1.c mgf1.c multihash.c poly1305_ctmul.c poly1305_ctmul32.c poly1305_ctmulq.c poly1305_i15.c prf.c prf_md5sha1.c prf_sha256.c prf_sha384.c rsa_default_keygen.c rsa_default_modulus.c rsa_default_oaep_decrypt.c rsa_default_oaep_encrypt.c rsa_default_pkcs1_sign.c rsa_default_pkcs1_vrfy.c rsa_default_priv.c rsa_default_privexp.c rsa_default_pss_sign.c rsa_default_pss_vrfy.c rsa_default_pub.c rsa_default_pubexp.c rsa_i15_keygen.c rsa_i15_modulus.c rsa_i15_oaep_decrypt.c rsa_i15_oaep_encrypt.c rsa_i15_pkcs1_sign.c rsa_i15_pkcs1_vrfy.c rsa_i15_priv.c rsa_i15_privexp.c rsa_i15_pss_sign.c rsa_i15_pss_vrfy.c rsa_i15_pub.c rsa_i15_pubexp.c rsa_i31_keygen.c rsa_i31_keygen_inner.c rsa_i31_modulus.c rsa_i31_oaep_decrypt.c rsa_i31_oaep_encrypt.c rsa_i31_pkcs1_sign.c rsa_i31_pkcs1_vrfy.c rsa_i31_priv.c rsa_i31_privexp.c rsa_i31_pss_sign.c rsa_i31_pss_vrfy.c rsa_i31_pub.c rsa_i31_pubexp.c rsa_i32_oaep_decrypt.c rsa_i32_oaep_encrypt.c rsa_i32_pkcs1_sign.c rsa_i32_pkcs1_vrfy.c rsa_i32_priv.c rsa_i32_pss_sign.c rsa_i32_pss_vrfy.c rsa_i32_pub.c rsa_i62_keygen.c rsa_i62_oaep_decrypt.c rsa_i62_oaep_encrypt.c rsa_i62_pkcs1_sign.c rsa_i62_pkcs1_vrfy.c rsa_i62_priv.c rsa_i62_pss_sign.c rsa_i62_pss_vrfy.c rsa_i62_pub.c rsa_oaep_pad.c rsa_oaep_unpad.c rsa_pkcs1_sig_pad.c rsa_pkcs1_sig_unpad.c rsa_pss_sig_pad.c rsa_pss_sig_unpad.c rsa_ssl_decrypt.c settings.c sha1.c sha2big.c sha2small.c shake.c skey_decoder.c ssl_ccert_single_ec.c ssl_ccert_single_rsa.c ssl_client.c ssl_client_default_rsapub.c ssl_client_full.c ssl_engine.c ssl_engine_default_aescbc.c ssl_engine_default_aesccm.c ssl_engine_default_aesgcm.c ssl_engine_default_chapol.c ssl_engine_default_descbc.c ssl_engine_default_ec.c ssl_engine_default_ecdsa.c ssl_engine_default_rsavrfy.c ssl_hashes.c ssl_hs_client.c ssl_io.c ssl_keyexport.c ssl_lru.c ssl_rec_cbc.c ssl_rec_ccm.c ssl_rec_chapol.c ssl_rec_gcm.c ssl_scert_single_ec.c ssl_scert_single_rsa.c sysrng.c x509_decoder.c x509_knownkey.c x509_minimal.c x509_minimal_full.c
SOURCE aes_big_cbcdec.c aes_big_cbcenc.c aes_big_ctr.c aes_big_ctrcbc.c aes_big_dec.c aes_big_enc.c aes_common.c aes_ct64.c aes_ct64_cbcdec.c aes_ct64_cbcenc.c aes_ct64_ctr.c aes_ct64_ctrcbc.c aes_ct64_dec.c aes_ct64_enc.c aes_ct.c aes_ct_cbcdec.c aes_ct_cbcenc.c aes_ct_ctr.c aes_ct_ctrcbc.c aes_ct_dec.c aes_ct_enc.c aesctr_drbg.c aes_small_cbcdec.c aes_small_cbcenc.c aes_small_ctr.c aes_small_ctrcbc.c aes_small_dec.c aes_small_enc.c aes_x86ni.c aes_x86ni_cbcdec.c aes_x86ni_cbcenc.c aes_x86ni_ctr.c aes_x86ni_ctrcbc.c asn1enc.c a.txt ccm.c ccopy.c chacha20_ct.c chacha20_sse2.c config.h dec32be.c dec32le.c dec64be.c dec64le.c dig_oid.c dig_size.c ec_all_m31.c ec_c25519_i31.c ec_c25519_m31.c ec_c25519_m62.c ec_c25519_m64.c ec_curve25519.c ec_default.c ecdsa_atr.c ecdsa_default_vrfy_asn1.c ecdsa_default_vrfy_raw.c ecdsa_i31_bits.c ecdsa_i31_vrfy_asn1.c ecdsa_i31_vrfy_raw.c ec_p256_m31.c ec_p256_m62.c ec_p256_m64.c ec_prime_i31.c ec_secp256r1.c ec_secp384r1.c ec_secp521r1.c enc32be.c enc32le.c enc64be.c enc64le.c gcm.c ghash_ctmul64.c ghash_ctmul.c ghash_pclmul.c hmac.c hmac_ct.c hmac_drbg.c i31_add.c i31_bitlen.c i31_decmod.c i31_decode.c i31_decred.c i31_encode.c i31_fmont.c i31_iszero.c i31_moddiv.c i31_modpow2.c i31_modpow.c i31_montmul.c i31_mulacc.c i31_muladd.c i31_ninv31.c i31_reduce.c i31_rshift.c i31_sub.c i31_tmont.c i32_div32.c i62_modpow2.c inner.h md5.c md5sha1.c mgf1.c multihash.c poly1305_ctmul.c poly1305_ctmulq.c prf.c prf_md5sha1.c prf_sha256.c prf_sha384.c rsa_default_pkcs1_vrfy.c rsa_default_priv.c rsa_default_pub.c rsa_i31_pkcs1_vrfy.c rsa_i31_priv.c rsa_i31_pub.c rsa_i62_pkcs1_vrfy.c rsa_i62_priv.c rsa_i62_pub.c rsa_pkcs1_sig_pad.c rsa_pkcs1_sig_unpad.c sha1.c sha2big.c sha2small.c ssl_client.c ssl_client_default_rsapub.c ssl_client_full.c ssl_engine.c ssl_engine_default_aescbc.c ssl_engine_default_aesccm.c ssl_engine_default_aesgcm.c ssl_engine_default_chapol.c ssl_engine_default_ec.c ssl_engine_default_ecdsa.c ssl_engine_default_rsavrfy.c ssl_hashes.c ssl_hs_client.c ssl_io.c ssl_rec_cbc.c ssl_rec_ccm.c ssl_rec_chapol.c ssl_rec_gcm.c x509_minimal.c x509_minimal_full.c
CAPABILITY NetworkServices ReadUserData UserEnvironment WriteUserData

313
third_party/bearssl/inc/bearssl_aead.h vendored
View File

@ -547,319 +547,6 @@ uint32_t br_gcm_check_tag_trunc(br_gcm_context *ctx,
*/
extern const br_aead_class br_gcm_vtable;
/**
* \brief Context structure for EAX.
*
* EAX is an AEAD mode that combines a block cipher in CTR mode with
* CBC-MAC using the same block cipher and the same key, to provide
* authenticated encryption:
*
* - Any block cipher with 16-byte blocks can be used with EAX
* (technically, other block sizes are defined as well, but this
* is not implemented by these functions; shorter blocks also
* imply numerous security issues).
*
* - The nonce can have any length, as long as nonce values are
* not reused (thus, if nonces are randomly selected, the nonce
* size should be such that reuse probability is negligible).
*
* - Additional authenticated data length is unlimited.
*
* - Message length is unlimited.
*
* - The authentication tag has length 16 bytes.
*
* The EAX initialisation function receives as parameter an
* _initialised_ block cipher implementation context, with the secret
* key already set. A pointer to that context will be kept within the
* EAX context structure. It is up to the caller to allocate and
* initialise that block cipher context.
*/
typedef struct {
/** \brief Pointer to vtable for this context. */
const br_aead_class *vtable;
#ifndef BR_DOXYGEN_IGNORE
const br_block_ctrcbc_class **bctx;
unsigned char L2[16];
unsigned char L4[16];
unsigned char nonce[16];
unsigned char head[16];
unsigned char ctr[16];
unsigned char cbcmac[16];
unsigned char buf[16];
size_t ptr;
#endif
} br_eax_context;
/**
* \brief EAX captured state.
*
* Some internal values computed by EAX may be captured at various
* points, and reused for another EAX run with the same secret key,
* for lower per-message overhead. Captured values do not depend on
* the nonce.
*/
typedef struct {
#ifndef BR_DOXYGEN_IGNORE
unsigned char st[3][16];
#endif
} br_eax_state;
/**
* \brief Initialize an EAX context.
*
* A block cipher implementation, with its initialised context
* structure, is provided. The block cipher MUST use 16-byte blocks in
* CTR + CBC-MAC mode, and its secret key MUST have been already set in
* the provided context. The parameters are linked in the EAX context.
*
* After this function has been called, the `br_eax_reset()` function must
* be called, to provide the nonce for EAX computation.
*
* \param ctx EAX context structure.
* \param bctx block cipher context (already initialised with secret key).
*/
void br_eax_init(br_eax_context *ctx, const br_block_ctrcbc_class **bctx);
/**
* \brief Capture pre-AAD state.
*
* This function precomputes key-dependent data, and stores it in the
* provided `st` structure. This structure should then be used with
* `br_eax_reset_pre_aad()`, or updated with `br_eax_get_aad_mac()`
* and then used with `br_eax_reset_post_aad()`.
*
* The EAX context structure is unmodified by this call.
*
* \param ctx EAX context structure.
* \param st recipient for captured state.
*/
void br_eax_capture(const br_eax_context *ctx, br_eax_state *st);
/**
* \brief Reset an EAX context.
*
* This function resets an already initialised EAX context for a new
* computation run. Implementations and keys are conserved. This function
* can be called at any time; it cancels any ongoing EAX computation that
* uses the provided context structure.
*
* It is critical to EAX security that nonce values are not repeated for
* the same encryption key. Nonces can have arbitrary length. If nonces
* are randomly generated, then a nonce length of at least 128 bits (16
* bytes) is recommended, to make nonce reuse probability sufficiently
* low.
*
* \param ctx EAX context structure.
* \param nonce EAX nonce to use.
* \param len EAX nonce length (in bytes).
*/
void br_eax_reset(br_eax_context *ctx, const void *nonce, size_t len);
/**
* \brief Reset an EAX context with a pre-AAD captured state.
*
* This function is an alternative to `br_eax_reset()`, that reuses a
* previously captured state structure for lower per-message overhead.
* The state should have been populated with `br_eax_capture_state()`
* but not updated with `br_eax_get_aad_mac()`.
*
* After this function is called, additional authenticated data MUST
* be injected. At least one byte of additional authenticated data
* MUST be provided with `br_eax_aad_inject()`; computation result will
* be incorrect if `br_eax_flip()` is called right away.
*
* After injection of the AAD and call to `br_eax_flip()`, at least
* one message byte must be provided. Empty messages are not supported
* with this reset mode.
*
* \param ctx EAX context structure.
* \param st pre-AAD captured state.
* \param nonce EAX nonce to use.
* \param len EAX nonce length (in bytes).
*/
void br_eax_reset_pre_aad(br_eax_context *ctx, const br_eax_state *st,
const void *nonce, size_t len);
/**
* \brief Reset an EAX context with a post-AAD captured state.
*
* This function is an alternative to `br_eax_reset()`, that reuses a
* previously captured state structure for lower per-message overhead.
* The state should have been populated with `br_eax_capture_state()`
* and then updated with `br_eax_get_aad_mac()`.
*
* After this function is called, message data MUST be injected. The
* `br_eax_flip()` function MUST NOT be called. At least one byte of
* message data MUST be provided with `br_eax_run()`; empty messages
* are not supported with this reset mode.
*
* \param ctx EAX context structure.
* \param st post-AAD captured state.
* \param nonce EAX nonce to use.
* \param len EAX nonce length (in bytes).
*/
void br_eax_reset_post_aad(br_eax_context *ctx, const br_eax_state *st,
const void *nonce, size_t len);
/**
* \brief Inject additional authenticated data into EAX.
*
* The provided data is injected into a running EAX computation. Additional
* data must be injected _before_ the call to `br_eax_flip()`.
* Additional data can be injected in several chunks of arbitrary length;
* the total amount of additional authenticated data is unlimited.
*
* \param ctx EAX context structure.
* \param data pointer to additional authenticated data.
* \param len length of additional authenticated data (in bytes).
*/
void br_eax_aad_inject(br_eax_context *ctx, const void *data, size_t len);
/**
* \brief Finish injection of additional authenticated data into EAX.
*
* This function MUST be called before beginning the actual encryption
* or decryption (with `br_eax_run()`), even if no additional authenticated
* data was injected. No additional authenticated data may be injected
* after this function call.
*
* \param ctx EAX context structure.
*/
void br_eax_flip(br_eax_context *ctx);
/**
* \brief Obtain a copy of the MAC on additional authenticated data.
*
* This function may be called only after `br_eax_flip()`; it copies the
* AAD-specific MAC value into the provided state. The MAC value depends
* on the secret key and the additional data itself, but not on the
* nonce. The updated state `st` is meant to be used as parameter for a
* further `br_eax_reset_post_aad()` call.
*
* \param ctx EAX context structure.
* \param st captured state to update.
*/
static inline void
br_eax_get_aad_mac(const br_eax_context *ctx, br_eax_state *st)
{
memcpy(st->st[1], ctx->head, sizeof ctx->head);
}
/**
* \brief Encrypt or decrypt some data with EAX.
*
* Data encryption or decryption can be done after `br_eax_flip()`
* has been called on the context. If `encrypt` is non-zero, then the
* provided data shall be plaintext, and it is encrypted in place.
* Otherwise, the data shall be ciphertext, and it is decrypted in place.
*
* Data may be provided in several chunks of arbitrary length.
*
* \param ctx EAX context structure.
* \param encrypt non-zero for encryption, zero for decryption.
* \param data data to encrypt or decrypt.
* \param len data length (in bytes).
*/
void br_eax_run(br_eax_context *ctx, int encrypt, void *data, size_t len);
/**
* \brief Compute EAX authentication tag.
*
* Compute the EAX authentication tag. The tag is a 16-byte value which
* is written in the provided `tag` buffer. This call terminates the
* EAX run: no data may be processed with that EAX context afterwards,
* until `br_eax_reset()` is called to initiate a new EAX run.
*
* The tag value must normally be sent along with the encrypted data.
* When decrypting, the tag value must be recomputed and compared with
* the received tag: if the two tag values differ, then either the tag
* or the encrypted data was altered in transit. As an alternative to
* this function, the `br_eax_check_tag()` function can be used to
* compute and check the tag value.
*
* \param ctx EAX context structure.
* \param tag destination buffer for the tag (16 bytes).
*/
void br_eax_get_tag(br_eax_context *ctx, void *tag);
/**
* \brief Compute and check EAX authentication tag.
*
* This function is an alternative to `br_eax_get_tag()`, normally used
* on the receiving end (i.e. when decrypting value). The tag value is
* recomputed and compared with the provided tag value. If they match, 1
* is returned; on mismatch, 0 is returned. A returned value of 0 means
* that the data or the tag was altered in transit, normally leading to
* wholesale rejection of the complete message.
*
* \param ctx EAX context structure.
* \param tag tag value to compare with (16 bytes).
* \return 1 on success (exact match of tag value), 0 otherwise.
*/
uint32_t br_eax_check_tag(br_eax_context *ctx, const void *tag);
/**
* \brief Compute EAX authentication tag (with truncation).
*
* This function is similar to `br_eax_get_tag()`, except that it allows
* the tag to be truncated to a smaller length. The intended tag length
* is provided as `len` (in bytes); it MUST be no more than 16, but
* it may be smaller. Note that decreasing tag length mechanically makes
* forgeries easier; NIST SP 800-38D specifies that the tag length shall
* lie between 12 and 16 bytes (inclusive), but may be truncated down to
* 4 or 8 bytes, for specific applications that can tolerate it. It must
* also be noted that successful forgeries leak information on the
* authentication key, making subsequent forgeries easier. Therefore,
* tag truncation, and in particular truncation to sizes lower than 12
* bytes, shall be envisioned only with great care.
*
* The tag is written in the provided `tag` buffer. This call terminates
* the EAX run: no data may be processed with that EAX context
* afterwards, until `br_eax_reset()` is called to initiate a new EAX
* run.
*
* The tag value must normally be sent along with the encrypted data.
* When decrypting, the tag value must be recomputed and compared with
* the received tag: if the two tag values differ, then either the tag
* or the encrypted data was altered in transit. As an alternative to
* this function, the `br_eax_check_tag_trunc()` function can be used to
* compute and check the tag value.
*
* \param ctx EAX context structure.
* \param tag destination buffer for the tag.
* \param len tag length (16 bytes or less).
*/
void br_eax_get_tag_trunc(br_eax_context *ctx, void *tag, size_t len);
/**
* \brief Compute and check EAX authentication tag (with truncation).
*
* This function is an alternative to `br_eax_get_tag_trunc()`, normally used
* on the receiving end (i.e. when decrypting value). The tag value is
* recomputed and compared with the provided tag value. If they match, 1
* is returned; on mismatch, 0 is returned. A returned value of 0 means
* that the data or the tag was altered in transit, normally leading to
* wholesale rejection of the complete message.
*
* Tag length MUST be 16 bytes or less. The normal EAX tag length is 16
* bytes. See `br_check_tag_trunc()` for some discussion on the potential
* perils of truncating authentication tags.
*
* \param ctx EAX context structure.
* \param tag tag value to compare with.
* \param len tag length (in bytes).
* \return 1 on success (exact match of tag value), 0 otherwise.
*/
uint32_t br_eax_check_tag_trunc(br_eax_context *ctx,
const void *tag, size_t len);
/**
* \brief Class instance for EAX.
*/
extern const br_aead_class br_eax_vtable;
/**
* \brief Context structure for CCM.
*

38
third_party/bearssl/src/dec16be.c vendored
View File

@ -1,38 +0,0 @@
/*
* Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
*
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the
* "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to
* the following conditions:
*
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
#include "inner.h"
/* see inner.h */
void
br_range_dec16be(uint16_t *v, size_t num, const void *src)
{
const unsigned char *buf;
buf = src;
while (num -- > 0) {
*v ++ = br_dec16be(buf);
buf += 2;
}
}

38
third_party/bearssl/src/dec16le.c vendored
View File

@ -1,38 +0,0 @@
/*
* Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
*
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the
* "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to
* the following conditions:
*
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
#include "inner.h"
/* see inner.h */
void
br_range_dec16le(uint16_t *v, size_t num, const void *src)
{
const unsigned char *buf;
buf = src;
while (num -- > 0) {
*v ++ = br_dec16le(buf);
buf += 2;
}
}

525
third_party/bearssl/src/eax.c vendored
View File

@ -1,525 +0,0 @@
/*
* Copyright (c) 2017 Thomas Pornin <pornin@bolet.org>
*
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the
* "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to
* the following conditions:
*
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
#include "inner.h"
/*
* Implementation Notes
* ====================
*
* The combined CTR + CBC-MAC functions can only handle full blocks,
* so some buffering is necessary. Moreover, EAX has a special padding
* rule for CBC-MAC, which implies that we cannot compute the MAC over
* the last received full block until we know whether we are at the
* end of the data or not.
*
* - 'ptr' contains a value from 1 to 16, which is the number of bytes
* accumulated in buf[] that still needs to be processed with the
* current OMAC computation. Beware that this can go to 16: a
* complete block cannot be processed until it is known whether it
* is the last block or not. However, it can never be 0, because
* OMAC^t works on an input that is at least one-block long.
*
* - When processing the message itself, CTR encryption/decryption is
* also done at the same time. The first 'ptr' bytes of buf[] then
* contains the encrypted bytes, while the last '16 - ptr' bytes of
* buf[] are the remnants of the stream block, to be used against
* the next input bytes, when available.
*
* - The current counter and running CBC-MAC values are kept in 'ctr'
* and 'cbcmac', respectively.
*
* - The derived keys for padding are kept in L2 and L4 (double and
* quadruple of Enc_K(0^n), in GF(2^128), respectively).
*/
/*
* Start an OMAC computation; the first block is the big-endian
* representation of the provided value ('val' must fit on one byte).
* We make it a delayed block because it may also be the last one,
*/
static void
omac_start(br_eax_context *ctx, unsigned val)
{
memset(ctx->cbcmac, 0, sizeof ctx->cbcmac);
memset(ctx->buf, 0, sizeof ctx->buf);
ctx->buf[15] = val;
ctx->ptr = 16;
}
/*
* Double a value in finite field GF(2^128), defined with modulus
* X^128+X^7+X^2+X+1.
*/
static void
double_gf128(unsigned char *dst, const unsigned char *src)
{
unsigned cc;
int i;
cc = 0x87 & -((unsigned)src[0] >> 7);
for (i = 15; i >= 0; i --) {
unsigned z;
z = (src[i] << 1) ^ cc;
cc = z >> 8;
dst[i] = (unsigned char)z;
}
}
/*
* Apply padding to the last block, currently in ctx->buf (with
* ctx->ptr bytes), and finalize OMAC computation.
*/
static void
do_pad(br_eax_context *ctx)
{
unsigned char *pad;
size_t ptr, u;
ptr = ctx->ptr;
if (ptr == 16) {
pad = ctx->L2;
} else {
ctx->buf[ptr ++] = 0x80;
memset(ctx->buf + ptr, 0x00, 16 - ptr);
pad = ctx->L4;
}
for (u = 0; u < sizeof ctx->buf; u ++) {
ctx->buf[u] ^= pad[u];
}
(*ctx->bctx)->mac(ctx->bctx, ctx->cbcmac, ctx->buf, sizeof ctx->buf);
}
/*
* Apply CBC-MAC on the provided data, with buffering management.
*
* Upon entry, two situations are acceptable:
*
* ctx->ptr == 0: there is no data to process in ctx->buf
* ctx->ptr == 16: there is a full block of unprocessed data in ctx->buf
*
* Upon exit, ctx->ptr may be zero only if it was already zero on entry,
* and len == 0. In all other situations, ctx->ptr will be non-zero on
* exit (and may have value 16).
*/
static void
do_cbcmac_chunk(br_eax_context *ctx, const void *data, size_t len)
{
size_t ptr;
if (len == 0) {
return;
}
ptr = len & (size_t)15;
if (ptr == 0) {
len -= 16;
ptr = 16;
} else {
len -= ptr;
}
if (ctx->ptr == 16) {
(*ctx->bctx)->mac(ctx->bctx, ctx->cbcmac,
ctx->buf, sizeof ctx->buf);
}
(*ctx->bctx)->mac(ctx->bctx, ctx->cbcmac, data, len);
memcpy(ctx->buf, (const unsigned char *)data + len, ptr);
ctx->ptr = ptr;
}
/* see bearssl_aead.h */
void
br_eax_init(br_eax_context *ctx, const br_block_ctrcbc_class **bctx)
{
unsigned char tmp[16], iv[16];
ctx->vtable = &br_eax_vtable;
ctx->bctx = bctx;
/*
* Encrypt a whole-zero block to compute L2 and L4.
*/
memset(tmp, 0, sizeof tmp);
memset(iv, 0, sizeof iv);
(*bctx)->ctr(bctx, iv, tmp, sizeof tmp);
double_gf128(ctx->L2, tmp);
double_gf128(ctx->L4, ctx->L2);
}
/* see bearssl_aead.h */
void
br_eax_capture(const br_eax_context *ctx, br_eax_state *st)
{
/*
* We capture the three OMAC* states _after_ processing the
* initial block (assuming that nonce, message and AAD are
* all non-empty).
*/
int i;
memset(st->st, 0, sizeof st->st);
for (i = 0; i < 3; i ++) {
unsigned char tmp[16];
memset(tmp, 0, sizeof tmp);
tmp[15] = (unsigned char)i;
(*ctx->bctx)->mac(ctx->bctx, st->st[i], tmp, sizeof tmp);
}
}
/* see bearssl_aead.h */
void
br_eax_reset(br_eax_context *ctx, const void *nonce, size_t len)
{
/*
* Process nonce with OMAC^0.
*/
omac_start(ctx, 0);
do_cbcmac_chunk(ctx, nonce, len);
do_pad(ctx);
memcpy(ctx->nonce, ctx->cbcmac, sizeof ctx->cbcmac);
/*
* Start OMAC^1 for the AAD ("header" in the EAX specification).
*/
omac_start(ctx, 1);
/*
* We use ctx->head[0] as temporary flag to mark that we are
* using a "normal" reset().
*/
ctx->head[0] = 0;
}
/* see bearssl_aead.h */
void
br_eax_reset_pre_aad(br_eax_context *ctx, const br_eax_state *st,
const void *nonce, size_t len)
{
if (len == 0) {
omac_start(ctx, 0);
} else {
memcpy(ctx->cbcmac, st->st[0], sizeof ctx->cbcmac);
ctx->ptr = 0;
do_cbcmac_chunk(ctx, nonce, len);
}
do_pad(ctx);
memcpy(ctx->nonce, ctx->cbcmac, sizeof ctx->cbcmac);
memcpy(ctx->cbcmac, st->st[1], sizeof ctx->cbcmac);
ctx->ptr = 0;
memcpy(ctx->ctr, st->st[2], sizeof ctx->ctr);
/*
* We use ctx->head[0] as a flag to indicate that we use a
* a recorded state, with ctx->ctr containing the preprocessed
* first block for OMAC^2.
*/
ctx->head[0] = 1;
}
/* see bearssl_aead.h */
void
br_eax_reset_post_aad(br_eax_context *ctx, const br_eax_state *st,
const void *nonce, size_t len)
{
if (len == 0) {
omac_start(ctx, 0);
} else {
memcpy(ctx->cbcmac, st->st[0], sizeof ctx->cbcmac);
ctx->ptr = 0;
do_cbcmac_chunk(ctx, nonce, len);
}
do_pad(ctx);
memcpy(ctx->nonce, ctx->cbcmac, sizeof ctx->cbcmac);
memcpy(ctx->ctr, ctx->nonce, sizeof ctx->nonce);
memcpy(ctx->head, st->st[1], sizeof ctx->head);
memcpy(ctx->cbcmac, st->st[2], sizeof ctx->cbcmac);
ctx->ptr = 0;
}
/* see bearssl_aead.h */
void
br_eax_aad_inject(br_eax_context *ctx, const void *data, size_t len)
{
size_t ptr;
ptr = ctx->ptr;
/*
* If there is a partial block, first complete it.
*/
if (ptr < 16) {
size_t clen;
clen = 16 - ptr;
if (len <= clen) {
memcpy(ctx->buf + ptr, data, len);
ctx->ptr = ptr + len;
return;
}
memcpy(ctx->buf + ptr, data, clen);
data = (const unsigned char *)data + clen;
len -= clen;
}
/*
* We now have a full block in buf[], and this is not the last
* block.
*/
do_cbcmac_chunk(ctx, data, len);
}
/* see bearssl_aead.h */
void
br_eax_flip(br_eax_context *ctx)
{
int from_capture;
/*
* ctx->head[0] may be non-zero if the context was reset with
* a pre-AAD captured state. In that case, ctx->ctr[] contains
* the state for OMAC^2 _after_ processing the first block.
*/
from_capture = ctx->head[0];
/*
* Complete the OMAC computation on the AAD.
*/
do_pad(ctx);
memcpy(ctx->head, ctx->cbcmac, sizeof ctx->cbcmac);
/*
* Start OMAC^2 for the encrypted data.
* If the context was initialized from a captured state, then
* the OMAC^2 value is in the ctr[] array.
*/
if (from_capture) {
memcpy(ctx->cbcmac, ctx->ctr, sizeof ctx->cbcmac);
ctx->ptr = 0;
} else {
omac_start(ctx, 2);
}
/*
* Initial counter value for CTR is the processed nonce.
*/
memcpy(ctx->ctr, ctx->nonce, sizeof ctx->nonce);
}
/* see bearssl_aead.h */
void
br_eax_run(br_eax_context *ctx, int encrypt, void *data, size_t len)
{
unsigned char *dbuf;
size_t ptr;
/*
* Ensure that there is actual data to process.
*/
if (len == 0) {
return;
}
dbuf = data;
ptr = ctx->ptr;
/*
* We may have ptr == 0 here if we initialized from a captured
* state. In that case, there is no partially consumed block
* or unprocessed data.
*/
if (ptr != 0 && ptr != 16) {
/*
* We have a partially consumed block.
*/
size_t u, clen;
clen = 16 - ptr;
if (len <= clen) {
clen = len;
}
if (encrypt) {
for (u = 0; u < clen; u ++) {
ctx->buf[ptr + u] ^= dbuf[u];
}
memcpy(dbuf, ctx->buf + ptr, clen);
} else {
for (u = 0; u < clen; u ++) {
unsigned dx, sx;
sx = ctx->buf[ptr + u];
dx = dbuf[u];
ctx->buf[ptr + u] = dx;
dbuf[u] = sx ^ dx;
}
}
if (len <= clen) {
ctx->ptr = ptr + clen;
return;
}
dbuf += clen;
len -= clen;
}
/*
* We now have a complete encrypted block in buf[] that must still
* be processed with OMAC, and this is not the final buf.
* Exception: when ptr == 0, no block has been produced yet.
*/
if (ptr != 0) {
(*ctx->bctx)->mac(ctx->bctx, ctx->cbcmac,
ctx->buf, sizeof ctx->buf);
}
/*
* Do CTR encryption or decryption and CBC-MAC for all full blocks
* except the last.
*/
ptr = len & (size_t)15;
if (ptr == 0) {
len -= 16;
ptr = 16;
} else {
len -= ptr;
}
if (encrypt) {
(*ctx->bctx)->encrypt(ctx->bctx, ctx->ctr, ctx->cbcmac,
dbuf, len);
} else {
(*ctx->bctx)->decrypt(ctx->bctx, ctx->ctr, ctx->cbcmac,
dbuf, len);
}
dbuf += len;
/*
* Compute next block of CTR stream, and use it to finish
* encrypting or decrypting the data.
*/
memset(ctx->buf, 0, sizeof ctx->buf);
(*ctx->bctx)->ctr(ctx->bctx, ctx->ctr, ctx->buf, sizeof ctx->buf);
if (encrypt) {
size_t u;
for (u = 0; u < ptr; u ++) {
ctx->buf[u] ^= dbuf[u];
}
memcpy(dbuf, ctx->buf, ptr);
} else {
size_t u;
for (u = 0; u < ptr; u ++) {
unsigned dx, sx;
sx = ctx->buf[u];
dx = dbuf[u];
ctx->buf[u] = dx;
dbuf[u] = sx ^ dx;
}
}
ctx->ptr = ptr;
}
/*
* Complete tag computation. The final tag is written in ctx->cbcmac.
*/
static void
do_final(br_eax_context *ctx)
{
size_t u;
do_pad(ctx);
/*
* Authentication tag is the XOR of the three OMAC outputs for
* the nonce, AAD and encrypted data.
*/
for (u = 0; u < 16; u ++) {
ctx->cbcmac[u] ^= ctx->nonce[u] ^ ctx->head[u];
}
}
/* see bearssl_aead.h */
void
br_eax_get_tag(br_eax_context *ctx, void *tag)
{
do_final(ctx);
memcpy(tag, ctx->cbcmac, sizeof ctx->cbcmac);
}
/* see bearssl_aead.h */
void
br_eax_get_tag_trunc(br_eax_context *ctx, void *tag, size_t len)
{
do_final(ctx);
memcpy(tag, ctx->cbcmac, len);
}
/* see bearssl_aead.h */
uint32_t
br_eax_check_tag_trunc(br_eax_context *ctx, const void *tag, size_t len)
{
unsigned char tmp[16];
size_t u;
int x;
br_eax_get_tag(ctx, tmp);
x = 0;
for (u = 0; u < len; u ++) {
x |= tmp[u] ^ ((const unsigned char *)tag)[u];
}
return EQ0(x);
}
/* see bearssl_aead.h */
uint32_t
br_eax_check_tag(br_eax_context *ctx, const void *tag)
{
return br_eax_check_tag_trunc(ctx, tag, 16);
}
/* see bearssl_aead.h */
const br_aead_class br_eax_vtable = {
16,
(void (*)(const br_aead_class **, const void *, size_t))
&br_eax_reset,
(void (*)(const br_aead_class **, const void *, size_t))
&br_eax_aad_inject,
(void (*)(const br_aead_class **))
&br_eax_flip,
(void (*)(const br_aead_class **, int, void *, size_t))
&br_eax_run,
(void (*)(const br_aead_class **, void *))
&br_eax_get_tag,
(uint32_t (*)(const br_aead_class **, const void *))
&br_eax_check_tag,
(void (*)(const br_aead_class **, void *, size_t))
&br_eax_get_tag_trunc,
(uint32_t (*)(const br_aead_class **, const void *, size_t))
&br_eax_check_tag_trunc
};

38
third_party/bearssl/src/enc16be.c vendored
View File

@ -1,38 +0,0 @@
/*
* Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
*
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the
* "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to
* the following conditions:
*
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
#include "inner.h"
/* see inner.h */
void
br_range_enc16be(void *dst, const uint16_t *v, size_t num)
{
unsigned char *buf;
buf = dst;
while (num -- > 0) {
br_enc16be(buf, *v ++);
buf += 2;
}
}

38
third_party/bearssl/src/enc16le.c vendored
View File

@ -1,38 +0,0 @@
/*
* Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
*
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the
* "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to
* the following conditions:
*
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
#include "inner.h"
/* see inner.h */
void
br_range_enc16le(void *dst, const uint16_t *v, size_t num)
{
unsigned char *buf;
buf = dst;
while (num -- > 0) {
br_enc16le(buf, *v ++);
buf += 2;
}
}

5
third_party/bearssl/src/inner.h vendored
View File

@ -638,11 +638,6 @@ br_dec64be(const void *src)
/*
* Range decoding and encoding (for several successive values).
*/
void br_range_dec16le(uint16_t *v, size_t num, const void *src);
void br_range_dec16be(uint16_t *v, size_t num, const void *src);
void br_range_enc16le(void *dst, const uint16_t *v, size_t num);
void br_range_enc16be(void *dst, const uint16_t *v, size_t num);
void br_range_dec32le(uint32_t *v, size_t num, const void *src);
void br_range_dec32be(uint32_t *v, size_t num, const void *src);
void br_range_enc32le(void *dst, const uint32_t *v, size_t num);