diff options
Diffstat (limited to 'thirdparty/openssl/crypto/jpake')
-rw-r--r-- | thirdparty/openssl/crypto/jpake/jpake.c | 516 | ||||
-rw-r--r-- | thirdparty/openssl/crypto/jpake/jpake.h | 128 | ||||
-rw-r--r-- | thirdparty/openssl/crypto/jpake/jpake_err.c | 108 |
3 files changed, 0 insertions, 752 deletions
diff --git a/thirdparty/openssl/crypto/jpake/jpake.c b/thirdparty/openssl/crypto/jpake/jpake.c deleted file mode 100644 index 2ba75f0172..0000000000 --- a/thirdparty/openssl/crypto/jpake/jpake.c +++ /dev/null @@ -1,516 +0,0 @@ -#include "jpake.h" - -#include <openssl/crypto.h> -#include <openssl/sha.h> -#include <openssl/err.h> -#include <memory.h> -#include <string.h> - -/* - * In the definition, (xa, xb, xc, xd) are Alice's (x1, x2, x3, x4) or - * Bob's (x3, x4, x1, x2). If you see what I mean. - */ - -typedef struct { - char *name; /* Must be unique */ - char *peer_name; - BIGNUM *p; - BIGNUM *g; - BIGNUM *q; - BIGNUM *gxc; /* Alice's g^{x3} or Bob's g^{x1} */ - BIGNUM *gxd; /* Alice's g^{x4} or Bob's g^{x2} */ -} JPAKE_CTX_PUBLIC; - -struct JPAKE_CTX { - JPAKE_CTX_PUBLIC p; - BIGNUM *secret; /* The shared secret */ - BN_CTX *ctx; - BIGNUM *xa; /* Alice's x1 or Bob's x3 */ - BIGNUM *xb; /* Alice's x2 or Bob's x4 */ - BIGNUM *key; /* The calculated (shared) key */ -}; - -static void JPAKE_ZKP_init(JPAKE_ZKP *zkp) -{ - zkp->gr = BN_new(); - zkp->b = BN_new(); -} - -static void JPAKE_ZKP_release(JPAKE_ZKP *zkp) -{ - BN_free(zkp->b); - BN_free(zkp->gr); -} - -/* Two birds with one stone - make the global name as expected */ -#define JPAKE_STEP_PART_init JPAKE_STEP2_init -#define JPAKE_STEP_PART_release JPAKE_STEP2_release - -void JPAKE_STEP_PART_init(JPAKE_STEP_PART *p) -{ - p->gx = BN_new(); - JPAKE_ZKP_init(&p->zkpx); -} - -void JPAKE_STEP_PART_release(JPAKE_STEP_PART *p) -{ - JPAKE_ZKP_release(&p->zkpx); - BN_free(p->gx); -} - -void JPAKE_STEP1_init(JPAKE_STEP1 *s1) -{ - JPAKE_STEP_PART_init(&s1->p1); - JPAKE_STEP_PART_init(&s1->p2); -} - -void JPAKE_STEP1_release(JPAKE_STEP1 *s1) -{ - JPAKE_STEP_PART_release(&s1->p2); - JPAKE_STEP_PART_release(&s1->p1); -} - -static void JPAKE_CTX_init(JPAKE_CTX *ctx, const char *name, - const char *peer_name, const BIGNUM *p, - const BIGNUM *g, const BIGNUM *q, - const BIGNUM *secret) -{ - ctx->p.name = OPENSSL_strdup(name); - ctx->p.peer_name = OPENSSL_strdup(peer_name); - ctx->p.p = BN_dup(p); - ctx->p.g = BN_dup(g); - ctx->p.q = BN_dup(q); - ctx->secret = BN_dup(secret); - - ctx->p.gxc = BN_new(); - ctx->p.gxd = BN_new(); - - ctx->xa = BN_new(); - ctx->xb = BN_new(); - ctx->key = BN_new(); - ctx->ctx = BN_CTX_new(); -} - -static void JPAKE_CTX_release(JPAKE_CTX *ctx) -{ - BN_CTX_free(ctx->ctx); - BN_clear_free(ctx->key); - BN_clear_free(ctx->xb); - BN_clear_free(ctx->xa); - - BN_free(ctx->p.gxd); - BN_free(ctx->p.gxc); - - BN_clear_free(ctx->secret); - BN_free(ctx->p.q); - BN_free(ctx->p.g); - BN_free(ctx->p.p); - OPENSSL_free(ctx->p.peer_name); - OPENSSL_free(ctx->p.name); - - memset(ctx, '\0', sizeof *ctx); -} - -JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name, - const BIGNUM *p, const BIGNUM *g, const BIGNUM *q, - const BIGNUM *secret) -{ - JPAKE_CTX *ctx = OPENSSL_malloc(sizeof *ctx); - if (ctx == NULL) - return NULL; - - JPAKE_CTX_init(ctx, name, peer_name, p, g, q, secret); - - return ctx; -} - -void JPAKE_CTX_free(JPAKE_CTX *ctx) -{ - JPAKE_CTX_release(ctx); - OPENSSL_free(ctx); -} - -static void hashlength(SHA_CTX *sha, size_t l) -{ - unsigned char b[2]; - - OPENSSL_assert(l <= 0xffff); - b[0] = l >> 8; - b[1] = l & 0xff; - SHA1_Update(sha, b, 2); -} - -static void hashstring(SHA_CTX *sha, const char *string) -{ - size_t l = strlen(string); - - hashlength(sha, l); - SHA1_Update(sha, string, l); -} - -static void hashbn(SHA_CTX *sha, const BIGNUM *bn) -{ - size_t l = BN_num_bytes(bn); - unsigned char *bin = OPENSSL_malloc(l); - - if (bin == NULL) - return; - hashlength(sha, l); - BN_bn2bin(bn, bin); - SHA1_Update(sha, bin, l); - OPENSSL_free(bin); -} - -/* h=hash(g, g^r, g^x, name) */ -static void zkp_hash(BIGNUM *h, const BIGNUM *zkpg, const JPAKE_STEP_PART *p, - const char *proof_name) -{ - unsigned char md[SHA_DIGEST_LENGTH]; - SHA_CTX sha; - - /* - * XXX: hash should not allow moving of the boundaries - Java code - * is flawed in this respect. Length encoding seems simplest. - */ - SHA1_Init(&sha); - hashbn(&sha, zkpg); - OPENSSL_assert(!BN_is_zero(p->zkpx.gr)); - hashbn(&sha, p->zkpx.gr); - hashbn(&sha, p->gx); - hashstring(&sha, proof_name); - SHA1_Final(md, &sha); - BN_bin2bn(md, SHA_DIGEST_LENGTH, h); -} - -/* - * Prove knowledge of x - * Note that p->gx has already been calculated - */ -static void generate_zkp(JPAKE_STEP_PART *p, const BIGNUM *x, - const BIGNUM *zkpg, JPAKE_CTX *ctx) -{ - BIGNUM *r = BN_new(); - BIGNUM *h = BN_new(); - BIGNUM *t = BN_new(); - - /*- - * r in [0,q) - * XXX: Java chooses r in [0, 2^160) - i.e. distribution not uniform - */ - BN_rand_range(r, ctx->p.q); - /* g^r */ - BN_mod_exp(p->zkpx.gr, zkpg, r, ctx->p.p, ctx->ctx); - - /* h=hash... */ - zkp_hash(h, zkpg, p, ctx->p.name); - - /* b = r - x*h */ - BN_mod_mul(t, x, h, ctx->p.q, ctx->ctx); - BN_mod_sub(p->zkpx.b, r, t, ctx->p.q, ctx->ctx); - - /* cleanup */ - BN_free(t); - BN_free(h); - BN_free(r); -} - -static int verify_zkp(const JPAKE_STEP_PART *p, const BIGNUM *zkpg, - JPAKE_CTX *ctx) -{ - BIGNUM *h = BN_new(); - BIGNUM *t1 = BN_new(); - BIGNUM *t2 = BN_new(); - BIGNUM *t3 = BN_new(); - int ret = 0; - - if (h == NULL || t1 == NULL || t2 == NULL || t3 == NULL) - goto end; - - zkp_hash(h, zkpg, p, ctx->p.peer_name); - - /* t1 = g^b */ - BN_mod_exp(t1, zkpg, p->zkpx.b, ctx->p.p, ctx->ctx); - /* t2 = (g^x)^h = g^{hx} */ - BN_mod_exp(t2, p->gx, h, ctx->p.p, ctx->ctx); - /* t3 = t1 * t2 = g^{hx} * g^b = g^{hx+b} = g^r (allegedly) */ - BN_mod_mul(t3, t1, t2, ctx->p.p, ctx->ctx); - - /* verify t3 == g^r */ - if (BN_cmp(t3, p->zkpx.gr) == 0) - ret = 1; - else - JPAKEerr(JPAKE_F_VERIFY_ZKP, JPAKE_R_ZKP_VERIFY_FAILED); - -end: - /* cleanup */ - BN_free(t3); - BN_free(t2); - BN_free(t1); - BN_free(h); - - return ret; -} - -static void generate_step_part(JPAKE_STEP_PART *p, const BIGNUM *x, - const BIGNUM *g, JPAKE_CTX *ctx) -{ - BN_mod_exp(p->gx, g, x, ctx->p.p, ctx->ctx); - generate_zkp(p, x, g, ctx); -} - -/* Generate each party's random numbers. xa is in [0, q), xb is in [1, q). */ -static void genrand(JPAKE_CTX *ctx) -{ - BIGNUM *qm1; - - /* xa in [0, q) */ - BN_rand_range(ctx->xa, ctx->p.q); - - /* q-1 */ - qm1 = BN_new(); - BN_copy(qm1, ctx->p.q); - BN_sub_word(qm1, 1); - - /* ... and xb in [0, q-1) */ - BN_rand_range(ctx->xb, qm1); - /* [1, q) */ - BN_add_word(ctx->xb, 1); - - /* cleanup */ - BN_free(qm1); -} - -int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx) -{ - genrand(ctx); - generate_step_part(&send->p1, ctx->xa, ctx->p.g, ctx); - generate_step_part(&send->p2, ctx->xb, ctx->p.g, ctx); - - return 1; -} - -/* g^x is a legal value */ -static int is_legal(const BIGNUM *gx, const JPAKE_CTX *ctx) -{ - BIGNUM *t; - int res; - - if (BN_is_negative(gx) || BN_is_zero(gx) || BN_cmp(gx, ctx->p.p) >= 0) - return 0; - - t = BN_new(); - BN_mod_exp(t, gx, ctx->p.q, ctx->p.p, ctx->ctx); - res = BN_is_one(t); - BN_free(t); - - return res; -} - -int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received) -{ - if (!is_legal(received->p1.gx, ctx)) { - JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, - JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL); - return 0; - } - - if (!is_legal(received->p2.gx, ctx)) { - JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, - JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL); - return 0; - } - - /* verify their ZKP(xc) */ - if (!verify_zkp(&received->p1, ctx->p.g, ctx)) { - JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_VERIFY_X3_FAILED); - return 0; - } - - /* verify their ZKP(xd) */ - if (!verify_zkp(&received->p2, ctx->p.g, ctx)) { - JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_VERIFY_X4_FAILED); - return 0; - } - - /* g^xd != 1 */ - if (BN_is_one(received->p2.gx)) { - JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X4_IS_ONE); - return 0; - } - - /* Save the bits we need for later */ - BN_copy(ctx->p.gxc, received->p1.gx); - BN_copy(ctx->p.gxd, received->p2.gx); - - return 1; -} - -int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx) -{ - BIGNUM *t1 = BN_new(); - BIGNUM *t2 = BN_new(); - - /*- - * X = g^{(xa + xc + xd) * xb * s} - * t1 = g^xa - */ - BN_mod_exp(t1, ctx->p.g, ctx->xa, ctx->p.p, ctx->ctx); - /* t2 = t1 * g^{xc} = g^{xa} * g^{xc} = g^{xa + xc} */ - BN_mod_mul(t2, t1, ctx->p.gxc, ctx->p.p, ctx->ctx); - /* t1 = t2 * g^{xd} = g^{xa + xc + xd} */ - BN_mod_mul(t1, t2, ctx->p.gxd, ctx->p.p, ctx->ctx); - /* t2 = xb * s */ - BN_mod_mul(t2, ctx->xb, ctx->secret, ctx->p.q, ctx->ctx); - - /*- - * ZKP(xb * s) - * XXX: this is kinda funky, because we're using - * - * g' = g^{xa + xc + xd} - * - * as the generator, which means X is g'^{xb * s} - * X = t1^{t2} = t1^{xb * s} = g^{(xa + xc + xd) * xb * s} - */ - generate_step_part(send, t2, t1, ctx); - - /* cleanup */ - BN_free(t1); - BN_free(t2); - - return 1; -} - -/* gx = g^{xc + xa + xb} * xd * s */ -static int compute_key(JPAKE_CTX *ctx, const BIGNUM *gx) -{ - BIGNUM *t1 = BN_new(); - BIGNUM *t2 = BN_new(); - BIGNUM *t3 = BN_new(); - - /*- - * K = (gx/g^{xb * xd * s})^{xb} - * = (g^{(xc + xa + xb) * xd * s - xb * xd *s})^{xb} - * = (g^{(xa + xc) * xd * s})^{xb} - * = g^{(xa + xc) * xb * xd * s} - * [which is the same regardless of who calculates it] - */ - - /* t1 = (g^{xd})^{xb} = g^{xb * xd} */ - BN_mod_exp(t1, ctx->p.gxd, ctx->xb, ctx->p.p, ctx->ctx); - /* t2 = -s = q-s */ - BN_sub(t2, ctx->p.q, ctx->secret); - /* t3 = t1^t2 = g^{-xb * xd * s} */ - BN_mod_exp(t3, t1, t2, ctx->p.p, ctx->ctx); - /* t1 = gx * t3 = X/g^{xb * xd * s} */ - BN_mod_mul(t1, gx, t3, ctx->p.p, ctx->ctx); - /* K = t1^{xb} */ - BN_mod_exp(ctx->key, t1, ctx->xb, ctx->p.p, ctx->ctx); - - /* cleanup */ - BN_free(t3); - BN_free(t2); - BN_free(t1); - - return 1; -} - -int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received) -{ - BIGNUM *t1 = BN_new(); - BIGNUM *t2 = BN_new(); - int ret = 0; - - /*- - * g' = g^{xc + xa + xb} [from our POV] - * t1 = xa + xb - */ - BN_mod_add(t1, ctx->xa, ctx->xb, ctx->p.q, ctx->ctx); - /* t2 = g^{t1} = g^{xa+xb} */ - BN_mod_exp(t2, ctx->p.g, t1, ctx->p.p, ctx->ctx); - /* t1 = g^{xc} * t2 = g^{xc + xa + xb} */ - BN_mod_mul(t1, ctx->p.gxc, t2, ctx->p.p, ctx->ctx); - - if (verify_zkp(received, t1, ctx)) - ret = 1; - else - JPAKEerr(JPAKE_F_JPAKE_STEP2_PROCESS, JPAKE_R_VERIFY_B_FAILED); - - compute_key(ctx, received->gx); - - /* cleanup */ - BN_free(t2); - BN_free(t1); - - return ret; -} - -static void quickhashbn(unsigned char *md, const BIGNUM *bn) -{ - SHA_CTX sha; - - SHA1_Init(&sha); - hashbn(&sha, bn); - SHA1_Final(md, &sha); -} - -void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a) -{ -} - -int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx) -{ - quickhashbn(send->hhk, ctx->key); - SHA1(send->hhk, sizeof send->hhk, send->hhk); - - return 1; -} - -int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received) -{ - unsigned char hhk[SHA_DIGEST_LENGTH]; - - quickhashbn(hhk, ctx->key); - SHA1(hhk, sizeof hhk, hhk); - if (memcmp(hhk, received->hhk, sizeof hhk)) { - JPAKEerr(JPAKE_F_JPAKE_STEP3A_PROCESS, - JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH); - return 0; - } - return 1; -} - -void JPAKE_STEP3A_release(JPAKE_STEP3A *s3a) -{ -} - -void JPAKE_STEP3B_init(JPAKE_STEP3B *s3b) -{ -} - -int JPAKE_STEP3B_generate(JPAKE_STEP3B *send, JPAKE_CTX *ctx) -{ - quickhashbn(send->hk, ctx->key); - - return 1; -} - -int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received) -{ - unsigned char hk[SHA_DIGEST_LENGTH]; - - quickhashbn(hk, ctx->key); - if (memcmp(hk, received->hk, sizeof hk)) { - JPAKEerr(JPAKE_F_JPAKE_STEP3B_PROCESS, JPAKE_R_HASH_OF_KEY_MISMATCH); - return 0; - } - return 1; -} - -void JPAKE_STEP3B_release(JPAKE_STEP3B *s3b) -{ -} - -const BIGNUM *JPAKE_get_shared_key(JPAKE_CTX *ctx) -{ - return ctx->key; -} diff --git a/thirdparty/openssl/crypto/jpake/jpake.h b/thirdparty/openssl/crypto/jpake/jpake.h deleted file mode 100644 index 371eed679c..0000000000 --- a/thirdparty/openssl/crypto/jpake/jpake.h +++ /dev/null @@ -1,128 +0,0 @@ -/* - * Implement J-PAKE, as described in - * http://grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf - * - * With hints from http://www.cl.cam.ac.uk/~fh240/software/JPAKE2.java. - */ - -#ifndef HEADER_JPAKE_H -# define HEADER_JPAKE_H - -# include <openssl/opensslconf.h> - -# ifdef OPENSSL_NO_JPAKE -# error JPAKE is disabled. -# endif - -#ifdef __cplusplus -extern "C" { -#endif - -# include <openssl/bn.h> -# include <openssl/sha.h> - -typedef struct JPAKE_CTX JPAKE_CTX; - -/* Note that "g" in the ZKPs is not necessarily the J-PAKE g. */ -typedef struct { - BIGNUM *gr; /* g^r (r random) */ - BIGNUM *b; /* b = r - x*h, h=hash(g, g^r, g^x, name) */ -} JPAKE_ZKP; - -typedef struct { - BIGNUM *gx; /* g^x in step 1, g^(xa + xc + xd) * xb * s - * in step 2 */ - JPAKE_ZKP zkpx; /* ZKP(x) or ZKP(xb * s) */ -} JPAKE_STEP_PART; - -typedef struct { - JPAKE_STEP_PART p1; /* g^x3, ZKP(x3) or g^x1, ZKP(x1) */ - JPAKE_STEP_PART p2; /* g^x4, ZKP(x4) or g^x2, ZKP(x2) */ -} JPAKE_STEP1; - -typedef JPAKE_STEP_PART JPAKE_STEP2; - -typedef struct { - unsigned char hhk[SHA_DIGEST_LENGTH]; -} JPAKE_STEP3A; - -typedef struct { - unsigned char hk[SHA_DIGEST_LENGTH]; -} JPAKE_STEP3B; - -/* Parameters are copied */ -JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name, - const BIGNUM *p, const BIGNUM *g, const BIGNUM *q, - const BIGNUM *secret); -void JPAKE_CTX_free(JPAKE_CTX *ctx); - -/* - * Note that JPAKE_STEP1 can be used multiple times before release - * without another init. - */ -void JPAKE_STEP1_init(JPAKE_STEP1 *s1); -int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx); -int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received); -void JPAKE_STEP1_release(JPAKE_STEP1 *s1); - -/* - * Note that JPAKE_STEP2 can be used multiple times before release - * without another init. - */ -void JPAKE_STEP2_init(JPAKE_STEP2 *s2); -int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx); -int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received); -void JPAKE_STEP2_release(JPAKE_STEP2 *s2); - -/* - * Optionally verify the shared key. If the shared secrets do not - * match, the two ends will disagree about the shared key, but - * otherwise the protocol will succeed. - */ -void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a); -int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx); -int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received); -void JPAKE_STEP3A_release(JPAKE_STEP3A *s3a); - -void JPAKE_STEP3B_init(JPAKE_STEP3B *s3b); -int JPAKE_STEP3B_generate(JPAKE_STEP3B *send, JPAKE_CTX *ctx); -int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received); -void JPAKE_STEP3B_release(JPAKE_STEP3B *s3b); - -/* - * the return value belongs to the library and will be released when - * ctx is released, and will change when a new handshake is performed. - */ -const BIGNUM *JPAKE_get_shared_key(JPAKE_CTX *ctx); - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_JPAKE_strings(void); - -/* Error codes for the JPAKE functions. */ - -/* Function codes. */ -# define JPAKE_F_JPAKE_STEP1_PROCESS 101 -# define JPAKE_F_JPAKE_STEP2_PROCESS 102 -# define JPAKE_F_JPAKE_STEP3A_PROCESS 103 -# define JPAKE_F_JPAKE_STEP3B_PROCESS 104 -# define JPAKE_F_VERIFY_ZKP 100 - -/* Reason codes. */ -# define JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL 108 -# define JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL 109 -# define JPAKE_R_G_TO_THE_X4_IS_ONE 105 -# define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH 106 -# define JPAKE_R_HASH_OF_KEY_MISMATCH 107 -# define JPAKE_R_VERIFY_B_FAILED 102 -# define JPAKE_R_VERIFY_X3_FAILED 103 -# define JPAKE_R_VERIFY_X4_FAILED 104 -# define JPAKE_R_ZKP_VERIFY_FAILED 100 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/thirdparty/openssl/crypto/jpake/jpake_err.c b/thirdparty/openssl/crypto/jpake/jpake_err.c deleted file mode 100644 index be236d9ea8..0000000000 --- a/thirdparty/openssl/crypto/jpake/jpake_err.c +++ /dev/null @@ -1,108 +0,0 @@ -/* crypto/jpake/jpake_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include <stdio.h> -#include <openssl/err.h> -#include <openssl/jpake.h> - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(ERR_LIB_JPAKE,func,0) -# define ERR_REASON(reason) ERR_PACK(ERR_LIB_JPAKE,0,reason) - -static ERR_STRING_DATA JPAKE_str_functs[] = { - {ERR_FUNC(JPAKE_F_JPAKE_STEP1_PROCESS), "JPAKE_STEP1_process"}, - {ERR_FUNC(JPAKE_F_JPAKE_STEP2_PROCESS), "JPAKE_STEP2_process"}, - {ERR_FUNC(JPAKE_F_JPAKE_STEP3A_PROCESS), "JPAKE_STEP3A_process"}, - {ERR_FUNC(JPAKE_F_JPAKE_STEP3B_PROCESS), "JPAKE_STEP3B_process"}, - {ERR_FUNC(JPAKE_F_VERIFY_ZKP), "VERIFY_ZKP"}, - {0, NULL} -}; - -static ERR_STRING_DATA JPAKE_str_reasons[] = { - {ERR_REASON(JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL), - "g to the x3 is not legal"}, - {ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL), - "g to the x4 is not legal"}, - {ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE), "g to the x4 is one"}, - {ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH), - "hash of hash of key mismatch"}, - {ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH), "hash of key mismatch"}, - {ERR_REASON(JPAKE_R_VERIFY_B_FAILED), "verify b failed"}, - {ERR_REASON(JPAKE_R_VERIFY_X3_FAILED), "verify x3 failed"}, - {ERR_REASON(JPAKE_R_VERIFY_X4_FAILED), "verify x4 failed"}, - {ERR_REASON(JPAKE_R_ZKP_VERIFY_FAILED), "zkp verify failed"}, - {0, NULL} -}; - -#endif - -void ERR_load_JPAKE_strings(void) -{ -#ifndef OPENSSL_NO_ERR - - if (ERR_func_error_string(JPAKE_str_functs[0].error) == NULL) { - ERR_load_strings(0, JPAKE_str_functs); - ERR_load_strings(0, JPAKE_str_reasons); - } -#endif -} |