Merge "Remove obsolete srtp library"
diff --git a/Android.mk b/Android.mk
deleted file mode 100644
index 4e54347..0000000
--- a/Android.mk
+++ /dev/null
@@ -1,59 +0,0 @@
-# This is the Android makefile for google3/third_party/libsrtp so that we can
-# build it with the Android NDK.
-
-LOCAL_PATH:= $(call my-dir)
-
-common_SRC_FILES := \
- srtp/srtp.c \
- srtp/ekt.c \
- crypto/cipher/cipher.c \
- crypto/cipher/null_cipher.c \
- crypto/cipher/aes.c \
- crypto/cipher/aes_icm.c \
- crypto/cipher/aes_cbc.c \
- crypto/hash/null_auth.c \
- crypto/hash/sha1.c \
- crypto/hash/hmac.c \
- crypto/hash/auth.c \
- crypto/math/datatypes.c \
- crypto/math/stat.c \
- crypto/rng/rand_source.c \
- crypto/rng/prng.c \
- crypto/rng/ctr_prng.c \
- crypto/kernel/err.c \
- crypto/kernel/crypto_kernel.c \
- crypto/kernel/alloc.c \
- crypto/kernel/key.c \
- crypto/ae_xfm/xfm.c \
- crypto/replay/rdb.c \
- crypto/replay/rdbx.c
-
-common_CFLAGS := \
- -DPOSIX -iquote$(LOCAL_PATH)/crypto/include \
- -Werror \
- -Wno-ignored-qualifiers \
- -Wno-sign-compare \
- -Wno-missing-field-initializers \
- -Wno-unused-parameter \
- -Wno-unused-but-set-variable
-
-common_C_INCLUDES = $(LOCAL_PATH)/include
-
-# For the device
-# =====================================================
-# Device static library
-
-include $(CLEAR_VARS)
-
-ifeq ($(TARGET_ARCH),arm)
- LOCAL_SDK_VERSION := 9
-endif
-
-LOCAL_SRC_FILES := $(common_SRC_FILES)
-LOCAL_CFLAGS += $(common_CFLAGS)
-LOCAL_C_INCLUDES += $(common_C_INCLUDES)
-
-LOCAL_MODULE:= libsrtp_static
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_STATIC_LIBRARY)
diff --git a/Changes b/Changes
deleted file mode 100644
index 949c389..0000000
--- a/Changes
+++ /dev/null
@@ -1,223 +0,0 @@
-Changelog
-
-1.3.20
-
- Lots of changes. Thanks to Jeff Chan for catching a memory leak and
- helping track down the endian issues with the SSRCs.
-
-1.3.8
-
- This is an interim release. Several little-endian bugs were identified
- and fixed; this means that we can use intel/linux for development again.
-
- Cleaned up sha1 and hmac code significantly, got rid of some excess
- functions and properly documented the fuctions in the .h files.
-
- Eliminated some vestigial files.
-
- There is a SIGBUS error in the AES encrypt function on sparc
- (observed on both solaris and openbsd) with gcc 2.95. Was unable to
- find bad pointer anywhere, so I'm wondering if it isn't a compiler
- problem (there's a known problem whose profile it fits). It doesn't
- appear on any other platform, even in the cipher_driver stress
- tests.
-
- Planned changes
-
- Change interface to nonces (xtd_seq_num_t) so that it uses
- network byte ordering, and is consistent with other arguments.
-
-
-1.3.6
-
- Changed /dev/random (in configure.in and crypto/rng/rand_source.c) to
- /dev/urandom; the latter is non-blocking on all known platforms (which
- corrects some programs that seem to hang) and is actually present on
- Open BSD (unlike /dev/random, which only works in the presence of
- hardware supported random number generation).
-
- Added machine/types.h case in include/integers.h.
-
-1.3.5
-
- Removing srtp_t::template and stream_clone().
-
- Adding a new policy structure, which will reflect a complete SRTP
- policy (including SRTCP).
-
- This version is *incomplete* and will undergo more changes. It is
- provided only as a basis for discussion.
-
-1.3.4
-
- Removed tmmh.c and tmmh.h, which implemented version one of TMMH.
-
- Changed srtp_get_trailer_length() to act on streams rather than
- sessions, and documented the macro SRTP_MAX_TRAILER_LEN, which should
- usually be used rather than that function.
-
- Removed 'salt' from cipher input.
-
- Changed rdbx to use err.h error codes.
-
- Changed malloc() and free() to xalloc() and xfree; these functions
- are defined in crypto/kernel/alloc.c and declared in
- include/alloc.h.
-
- Added 'output' functions to cipher, in addition to 'encrypt'
- functions. It is no longer necessary to zeroize a buffer before
- encrypting in order to get keystream.
-
- Changed octet_string_hex_string() so that "times two" isn't needed
- in its input.
-
- Added crypto_kernel_init() prior to command-line parsing, so that
- kernel can be passed command-line arguments, such as "-d
- debug_module". This was done to for the applications
- test/srtp-driver, test/kernel-driver, and test/ust-driver.
-
- Improved srtp_init_aes_128_prf - wrote key derivation function
- (srtp_kdf_t).
-
- Add the tag_len as an argument to the auth_compute() function, but
- not the corresponding macro. This change allows the tag length for
- a given auth func to be set to different values at initialization
- time. Previously, the structure auth_t contained the
- output_length, but that value was inaccessible from hmac_compute()
- and other functions.
-
- Re-named files from a-b.c to a_b.c. in order to help portability.
-
- Re-named rijndael to aes (or aes_128 as appropriate).
-
-
-1.2.1
-
- Changes so that 1.2.0 compiles on cygwin-win2k.
-
- Added better error reporting system. If syslog is present on the
- OS, then it is used.
-
-
-1.2.0 Many improvements and additions, and a fex fixes
-
- Fixed endian issues in RTP header construction in the function
- rtp_sendto() in srtp/rtp.c.
-
- Implemented RIJNDAEL decryption operation, adding the functions
- rijndael_decrypt() and rijndael_expand_decryption_key(). Also
- re-named rijndael_expand_key() to rijndael_expand_encryption_key()
- for consistency.
-
- Implemented random number source using /dev/random, in the files
- crypto/rng/rand_source.c and include/rand_source.h.
-
- Added index check to SEAL cipher (only values less than 2^32 are
- allowed)
-
- Added test case for null_auth authentication function.
-
- Added a timing test which tests the effect of CPU cache thrash on
- cipher throughput. The test is done by the function
- cipher_test_throughput_array(); the function
- cipher_array_alloc_init() creates an array of ciphers for use in
- this test. This test can be accessed by using the -a flag to
- the application cipher-driver in the test subdirectory.
-
- Added argument processing to ust-driver.c, and added that app to
- the 'runtest' target in Makefile.in.
-
- A minor auth_t API change: last argument of auth_init() eliminated.
-
-
-1.0.6 A small but important fix
-
- Fixed srtp_init_aes_128_prf() by adding octet_string_set_to_zero()
- after buffer allocation.
-
- Eliminated references to no-longer-existing variables in debugging
- code in srtp/srtp.c. This fixes the compilation failure that
- occured when using PRINT_DEBUG in that file.
-
- Corrected spelling of Richard Priestley's name in credits. Sorry
- Richard!
-
-
-1.0.5 Many little fixes
-
- Fixed octet_string_set_to_zero(), which was writing one
- more zero octet than it should. This bug caused srtp_protect()
- and srtp_unprotect() to overwrite the byte that followed the
- srtp packet.
-
- Changed sizeof(uint32_t) to srtp_get_trailer_length() in
- srtp-driver.c. This is just defensive coding.
-
- Added NULL check to malloc in srtp_alloc().
-
-
-1.0.4 Many minor fixes and two big ones (thanks for the bug reports!)
-
- Removed 'ssrc' from the srtp_init_aes_128_prf() function argument
- list. This is so that applications which do not a priori know the
- ssrc which they will be receiving can still use libsrtp. Now the
- SSRC value is gleaned from the rtp header and exored into the
- counter mode offset in the srtp_protect() and srtp_unprotect()
- functions, if that cipher is used. This change cascaed through
- many other functions, including srtp_init_from_hex(),
- srtp_sender_init() and srtp_receiver_init() in rtp.c, and also
- changing the CLI to test/rtpw. In the future, another function
- call will be added to the library that enables multiple ssrc/key
- pairs to be installed into the same srtp session, so that libsrtp
- works with multiple srtp senders. For now, this functionality is
- lacking.
-
- Removed the GDOI interface to the rtpw demo program. This will be
- added again at a later date, after the SRTP and GDOI distributions
- stabilize. For now, I've left in the GDOI #defines and autoconf
- definitions so that they'll be in place when needed.
-
- Updated tmmhv2_compute() so that it didn't assume any particular
- alginment of the output tag.
-
- Changed bit field variables in srtp.h to unsigned char from
- unsigned int in order to avoid a potential endianness issue.
-
- Fixed rdbx_estimate_index() to handle all input cases. This solves
- the now notorious "abaft" bug in the rtpw demo app on linux/intel,
- in which spurious replay protection failures happen after that word
- is received.
-
- Added ntohs(hdr->seq) to srtp_protect and srtp_unprotect, removed
- from rijndael_icm_set_segment().
-
- Added error checking and handling to srtp_sender_init() and
- srtp_receiver_init().
-
- Changed srtp_alloc() so that it does what you'd expect: allocate an
- srtp_ctx_t structure. This hides the library internals.
-
-
-1.0.1 Many minor fixes
-
- Added cipher_driver_buffer_test(...) to test/cipher-driver.c. This
- function checks that the byte-buffering functions used by a cipher
- are correct.
-
- Fixed SunOS/Solaris build problems: added HAVE_SYS_INT_TYPES_H and
- changed index_t to xtd_seq_num_t (see include/rdbx.h).
-
- Fixed SEAL3.0 output byte buffering, added byte-buffering test to
- cipher/cipher-driver.c.
-
- Fixed roc-driver so that the non-sequential insertion test
- automatically recovers from bad estimates. This was required to
- prevent spurious failures.
-
- Made rdbx_estimate_index(...) function smarter, so that initial RTP
- sequence numbers greater than 32,768 don't cause it to estimate the
- rollover counter of 0xffffffff.
-
-
-1.0.0 Initial release
-
diff --git a/CleanSpec.mk b/CleanSpec.mk
deleted file mode 100644
index b84e1b6..0000000
--- a/CleanSpec.mk
+++ /dev/null
@@ -1,49 +0,0 @@
-# Copyright (C) 2007 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-# If you don't need to do a full clean build but would like to touch
-# a file or delete some intermediate files, add a clean step to the end
-# of the list. These steps will only be run once, if they haven't been
-# run before.
-#
-# E.g.:
-# $(call add-clean-step, touch -c external/sqlite/sqlite3.h)
-# $(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/STATIC_LIBRARIES/libz_intermediates)
-#
-# Always use "touch -c" and "rm -f" or "rm -rf" to gracefully deal with
-# files that are missing or have been moved.
-#
-# Use $(PRODUCT_OUT) to get to the "out/target/product/blah/" directory.
-# Use $(OUT_DIR) to refer to the "out" directory.
-#
-# If you need to re-do something that's already mentioned, just copy
-# the command and add it to the bottom of the list. E.g., if a change
-# that you made last week required touching a file and a change you
-# made today requires touching the same file, just copy the old
-# touch step and add it to the end of the list.
-#
-# ************************************************
-# NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST
-# ************************************************
-
-# For example:
-#$(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/APPS/AndroidTests_intermediates)
-#$(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/JAVA_LIBRARIES/core_intermediates)
-#$(call add-clean-step, find $(OUT_DIR) -type f -name "IGTalkSession*" -print0 | xargs -0 rm -f)
-#$(call add-clean-step, rm -rf $(PRODUCT_OUT)/data/*)
-
-# ************************************************
-# NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST
-# ************************************************
diff --git a/LICENSE b/LICENSE
deleted file mode 100644
index dd43240..0000000
--- a/LICENSE
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
diff --git a/MODULE_LICENSE_BSD b/MODULE_LICENSE_BSD
deleted file mode 100644
index e69de29..0000000
--- a/MODULE_LICENSE_BSD
+++ /dev/null
diff --git a/Makefile b/Makefile
deleted file mode 100644
index 938a6ad..0000000
--- a/Makefile
+++ /dev/null
@@ -1,220 +0,0 @@
-# Makefile for secure rtp
-#
-# David A. McGrew
-# Cisco Systems, Inc.
-
-# targets:
-#
-# runtest runs test applications
-# test builds test applications
-# libcrypt.a static library implementing crypto engine
-# libsrtp.a static library implementing srtp
-# clean removes objects, libs, and executables
-# distribution cleans and builds a .tgz
-# tags builds etags file from all .c and .h files
-
-.PHONY: all test build_table_apps
-
-all: test
-
-runtest: build_table_apps test
- @echo "running libsrtp test applications..."
- crypto/test/cipher_driver$(EXE) -v >/dev/null
- crypto/test/kernel_driver$(EXE) -v >/dev/null
- test/rdbx_driver$(EXE) -v >/dev/null
- test/srtp_driver$(EXE) -v >/dev/null
- test/roc_driver$(EXE) -v >/dev/null
- test/replay_driver$(EXE) -v >/dev/null
- @echo "libsrtp test applications passed."
- $(MAKE) -C crypto runtest
-
-# makefile variables
-
-CC = gcc
-INCDIR = -Icrypto/include -I$(srcdir)/include -I$(srcdir)/crypto/include
-DEFS = -DHAVE_CONFIG_H
-CPPFLAGS=
-CFLAGS = -Wall -O4 -fexpensive-optimizations -funroll-loops
-LIBS =
-LDFLAGS = -L.
-COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS)
-SRTPLIB = -lsrtp
-
-RANLIB = ranlib
-INSTALL = /usr/bin/install -c
-
-# EXE defines the suffix on executables - it's .exe for Windows, and
-# null on linux, bsd, and OS X and other OSes.
-EXE =
-# gdoi is the group domain of interpretation for isakmp, a group key
-# management system which can provide keys for srtp
-gdoi =
-# Random source.
-RNG_OBJS = rand_source.o
-
-srcdir = .
-top_srcdir = .
-top_builddir =
-
-prefix = /home/astor/localastor/google3/third_party/libsrtp/v1_4_2
-exec_prefix = ${prefix}
-includedir = ${prefix}/include
-libdir = ${exec_prefix}/lib
-
-
-# implicit rules for object files and test apps
-
-%.o: %.c
- $(COMPILE) -c $< -o $@
-
-%$(EXE): %.c
- $(COMPILE) $(LDFLAGS) $< -o $@ $(SRTPLIB) $(LIBS)
-
-
-# libcrypt.a (the crypto engine)
-ciphers = crypto/cipher/cipher.o crypto/cipher/null_cipher.o \
- crypto/cipher/aes.o crypto/cipher/aes_icm.o \
- crypto/cipher/aes_cbc.o
-
-hashes = crypto/hash/null_auth.o crypto/hash/sha1.o \
- crypto/hash/hmac.o crypto/hash/auth.o # crypto/hash/tmmhv2.o
-
-replay = crypto/replay/rdb.o crypto/replay/rdbx.o \
- crypto/replay/ut_sim.o
-
-math = crypto/math/datatypes.o crypto/math/stat.o
-
-ust = crypto/ust/ust.o
-
-rng = crypto/rng/$(RNG_OBJS) crypto/rng/prng.o crypto/rng/ctr_prng.o
-
-err = crypto/kernel/err.o
-
-kernel = crypto/kernel/crypto_kernel.o crypto/kernel/alloc.o \
- crypto/kernel/key.o $(rng) $(err) # $(ust)
-
-cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(replay)
-
-# libsrtp.a (implements srtp processing)
-
-srtpobj = srtp/srtp.o
-
-libsrtp.a: $(srtpobj) $(cryptobj) $(gdoi)
- ar cr libsrtp.a $^
- $(RANLIB) libsrtp.a
-
-# libcryptomath.a contains general-purpose routines that are used to
-# generate tables and verify cryptoalgorithm implementations - this
-# library is not meant to be included in production code
-
-cryptomath = crypto/math/math.o crypto/math/gf2_8.o
-
-libcryptomath.a: $(cryptomath)
- ar cr libcryptomath.a $(cryptomath)
- $(RANLIB) libcryptomath.a
-
-
-# test applications
-
-crypto_testapp = crypto/test/aes_calc$(EXE) crypto/test/cipher_driver$(EXE) \
- crypto/test/datatypes_driver$(EXE) crypto/test/kernel_driver$(EXE) \
- crypto/test/rand_gen$(EXE) crypto/test/sha1_driver$(EXE) \
- crypto/test/stat_driver$(EXE)
-
-testapp = $(crypto_testapp) test/srtp_driver$(EXE) test/replay_driver$(EXE) \
- test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE)
-
-$(testapp): libsrtp.a
-
-test/rtpw$(EXE): test/rtpw.c test/rtp.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
-
-test: $(testapp)
- @echo "Build done. Please run '$(MAKE) runtest' to run self tests."
-
-memtest: test/srtp_driver
- @test/srtp_driver -v -d "alloc" > tmp
- @grep freed tmp | wc -l > freed
- @grep allocated tmp | wc -l > allocated
- @echo "checking for memory leaks (only works with --enable-stdout)"
- cmp -s allocated freed
- @echo "passed (same number of alloc() and dealloc() calls found)"
- @rm freed allocated tmp
-
-# tables_apps are used to generate the tables used in the crypto
-# implementations; these need only be generated during porting, not
-# for building libsrtp or the test applications
-
-table_apps = tables/aes_tables
-
-build_table_apps: $(table_apps)
-
-# in the tables/ subdirectory, we use libcryptomath instead of libsrtp
-
-tables/%: tables/%.c libcryptomath.a
- $(COMPILE) $(LDFLAGS) $< -o $@ $(LIBS) libcryptomath.a
-
-# the target 'plot' runs the timing test (test/srtp_driver -t) then
-# uses gnuplot to produce plots of the results - see the script file
-# 'timing'
-
-plot: test/srtp_driver
- test/srtp_driver -t > timing.dat
-
-
-# bookkeeping: tags, clean, and distribution
-
-tags:
- etags */*.[ch] */*/*.[ch]
-
-
-# documentation - the target libsrtpdoc builds a PDF file documenting
-# libsrtp
-
-libsrtpdoc:
- $(MAKE) -C doc
-
-.PHONY: clean superclean install
-
-install:
- @if [ -d $(DESTDIR)$(includedir)/srtp ]; then \
- echo "you should run 'make uninstall' first"; exit 1; \
- fi
- $(INSTALL) -d $(DESTDIR)$(includedir)/srtp
- $(INSTALL) -d $(DESTDIR)$(libdir)
- cp include/*.h $(DESTDIR)$(includedir)/srtp
- cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp
- if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi
-
-uninstall:
- rm -rf $(DESTDIR)$(includedir)/srtp
- rm -rf $(DESTDIR)$(libdir)/libsrtp.a
-
-clean:
- rm -rf $(cryptobj) $(srtpobj) $(cryptomath) $(table_apps) TAGS \
- libcryptomath.a libsrtp.a core *.core test/core
- for a in * */* */*/*; do \
- if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
- done;
- for a in $(testapp) $(table_apps); do rm -rf $$a$(EXE); done
- rm -rf *.pict *.jpg *.dat
- rm -rf freed allocated tmp
- $(MAKE) -C doc clean
- $(MAKE) -C crypto clean
-
-
-superclean: clean
- rm -rf crypto/include/config.h config.log config.cache config.status \
- Makefile .gdb_history test/.gdb_history .DS_Store
- rm -rf autom4te.cache
-
-distname = srtp-$(shell cat VERSION)
-
-distribution: runtest superclean
- if ! [ -f VERSION ]; then exit 1; fi
- if [ -f ../$(distname).tgz ]; then \
- mv ../$(distname).tgz ../$(distname).tgz.bak; \
- fi
- cd ..; tar cvzf $(distname).tgz srtp
-
-# EOF
diff --git a/Makefile.in b/Makefile.in
deleted file mode 100644
index de890d1..0000000
--- a/Makefile.in
+++ /dev/null
@@ -1,234 +0,0 @@
-# Makefile for secure rtp
-#
-# David A. McGrew
-# Cisco Systems, Inc.
-
-# targets:
-#
-# runtest runs test applications
-# test builds test applications
-# libcrypt.a static library implementing crypto engine
-# libsrtp.a static library implementing srtp
-# clean removes objects, libs, and executables
-# distribution cleans and builds a .tgz
-# tags builds etags file from all .c and .h files
-
-.PHONY: all test build_table_apps
-
-all: test
-
-runtest: build_table_apps test
- @echo "running libsrtp test applications..."
- crypto/test/cipher_driver$(EXE) -v >/dev/null
- crypto/test/kernel_driver$(EXE) -v >/dev/null
- test/rdbx_driver$(EXE) -v >/dev/null
- test/srtp_driver$(EXE) -v >/dev/null
- test/roc_driver$(EXE) -v >/dev/null
- test/replay_driver$(EXE) -v >/dev/null
- test/dtls_srtp_driver$(EXE) >/dev/null
- cd test; $(abspath $(srcdir))/test/rtpw_test.sh >/dev/null
- @echo "libsrtp test applications passed."
- $(MAKE) -C crypto runtest
-
-# makefile variables
-
-CC = @CC@
-INCDIR = -Icrypto/include -I$(srcdir)/include -I$(srcdir)/crypto/include
-DEFS = @DEFS@
-CPPFLAGS= @CPPFLAGS@
-CFLAGS = @CFLAGS@
-LIBS = @LIBS@
-LDFLAGS = @LDFLAGS@ -L.
-COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS)
-SRTPLIB = -lsrtp
-
-RANLIB = @RANLIB@
-INSTALL = @INSTALL@
-
-# EXE defines the suffix on executables - it's .exe for Windows, and
-# null on linux, bsd, and OS X and other OSes.
-EXE = @EXE@
-# gdoi is the group domain of interpretation for isakmp, a group key
-# management system which can provide keys for srtp
-gdoi = @GDOI_OBJS@
-# Random source.
-RNG_OBJS = @RNG_OBJS@
-
-srcdir = @srcdir@
-top_srcdir = @top_srcdir@
-top_builddir = @top_builddir@
-VPATH = @srcdir@
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-includedir = @includedir@
-libdir = @libdir@
-
-
-# implicit rules for object files and test apps
-
-%.o: %.c
- $(COMPILE) -c $< -o $@
-
-%$(EXE): %.c
- $(COMPILE) $(LDFLAGS) $< -o $@ $(SRTPLIB) $(LIBS)
-
-
-# libcrypt.a (the crypto engine)
-ciphers = crypto/cipher/cipher.o crypto/cipher/null_cipher.o \
- crypto/cipher/aes.o crypto/cipher/aes_icm.o \
- crypto/cipher/aes_cbc.o
-
-hashes = crypto/hash/null_auth.o crypto/hash/sha1.o \
- crypto/hash/hmac.o crypto/hash/auth.o # crypto/hash/tmmhv2.o
-
-replay = crypto/replay/rdb.o crypto/replay/rdbx.o \
- crypto/replay/ut_sim.o
-
-math = crypto/math/datatypes.o crypto/math/stat.o
-
-ust = crypto/ust/ust.o
-
-rng = crypto/rng/$(RNG_OBJS) crypto/rng/prng.o crypto/rng/ctr_prng.o
-
-err = crypto/kernel/err.o
-
-kernel = crypto/kernel/crypto_kernel.o crypto/kernel/alloc.o \
- crypto/kernel/key.o $(rng) $(err) # $(ust)
-
-cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(replay)
-
-# libsrtp.a (implements srtp processing)
-
-srtpobj = srtp/srtp.o srtp/ekt.o
-
-libsrtp.a: $(srtpobj) $(cryptobj) $(gdoi)
- ar cr libsrtp.a $^
- $(RANLIB) libsrtp.a
-
-# libcryptomath.a contains general-purpose routines that are used to
-# generate tables and verify cryptoalgorithm implementations - this
-# library is not meant to be included in production code
-
-cryptomath = crypto/math/math.o crypto/math/gf2_8.o
-
-libcryptomath.a: $(cryptomath)
- ar cr libcryptomath.a $(cryptomath)
- $(RANLIB) libcryptomath.a
-
-
-# test applications
-
-crypto_testapp = crypto/test/aes_calc$(EXE) crypto/test/cipher_driver$(EXE) \
- crypto/test/datatypes_driver$(EXE) crypto/test/kernel_driver$(EXE) \
- crypto/test/rand_gen$(EXE) crypto/test/sha1_driver$(EXE) \
- crypto/test/stat_driver$(EXE)
-
-testapp = $(crypto_testapp) test/srtp_driver$(EXE) test/replay_driver$(EXE) \
- test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE) \
- test/dtls_srtp_driver$(EXE)
-
-$(testapp): libsrtp.a
-
-test/rtpw$(EXE): test/rtpw.c test/rtp.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
-
-test/srtp_driver$(EXE): test/srtp_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
-
-test/rdbx_driver$(EXE): test/rdbx_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
-
-test/dtls_srtp_driver$(EXE): test/dtls_srtp_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
-
-test: $(testapp)
- @echo "Build done. Please run '$(MAKE) runtest' to run self tests."
-
-memtest: test/srtp_driver
- @test/srtp_driver -v -d "alloc" > tmp
- @grep freed tmp | wc -l > freed
- @grep allocated tmp | wc -l > allocated
- @echo "checking for memory leaks (only works with --enable-stdout)"
- cmp -s allocated freed
- @echo "passed (same number of alloc() and dealloc() calls found)"
- @rm freed allocated tmp
-
-# tables_apps are used to generate the tables used in the crypto
-# implementations; these need only be generated during porting, not
-# for building libsrtp or the test applications
-
-table_apps = tables/aes_tables
-
-build_table_apps: $(table_apps)
-
-# in the tables/ subdirectory, we use libcryptomath instead of libsrtp
-
-tables/%: tables/%.c libcryptomath.a
- $(COMPILE) $(LDFLAGS) $< -o $@ $(LIBS) libcryptomath.a
-
-# the target 'plot' runs the timing test (test/srtp_driver -t) then
-# uses gnuplot to produce plots of the results - see the script file
-# 'timing'
-
-plot: test/srtp_driver
- test/srtp_driver -t > timing.dat
-
-
-# bookkeeping: tags, clean, and distribution
-
-tags:
- etags */*.[ch] */*/*.[ch]
-
-
-# documentation - the target libsrtpdoc builds a PDF file documenting
-# libsrtp
-
-libsrtpdoc:
- $(MAKE) -C doc
-
-.PHONY: clean superclean install
-
-install:
- @if [ -r $(DESTDIR)$(includedir)/srtp/srtp.h ]; then \
- echo "you should run 'make uninstall' first"; exit 1; \
- fi
- $(INSTALL) -d $(DESTDIR)$(includedir)/srtp
- $(INSTALL) -d $(DESTDIR)$(libdir)
- cp $(srcdir)/include/*.h $(DESTDIR)$(includedir)/srtp
- cp $(srcdir)/crypto/include/*.h $(DESTDIR)$(includedir)/srtp
- if [ "$(srcdir)" != "." ]; then cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp; fi
- if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi
-
-uninstall:
- rm -f $(DESTDIR)$(includedir)/srtp/*.h
- rm -f $(DESTDIR)$(libdir)/libsrtp.a
- -rmdir $(DESTDIR)$(includedir)/srtp
-
-clean:
- rm -rf $(cryptobj) $(srtpobj) $(cryptomath) TAGS \
- libcryptomath.a libsrtp.a core *.core test/core
- for a in * */* */*/*; do \
- if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
- done;
- for a in $(testapp) $(table_apps); do rm -rf $$a$(EXE); done
- rm -rf *.pict *.jpg *.dat
- rm -rf freed allocated tmp
- $(MAKE) -C doc clean
- $(MAKE) -C crypto clean
-
-
-superclean: clean
- rm -rf crypto/include/config.h config.log config.cache config.status \
- Makefile .gdb_history test/.gdb_history .DS_Store
- rm -rf autom4te.cache
-
-distname = srtp-$(shell cat VERSION)
-
-distribution: runtest superclean
- if ! [ -f VERSION ]; then exit 1; fi
- if [ -f ../$(distname).tgz ]; then \
- mv ../$(distname).tgz ../$(distname).tgz.bak; \
- fi
- cd ..; tar cvzf $(distname).tgz srtp
-
-# EOF
diff --git a/NOTICE b/NOTICE
deleted file mode 100644
index 494947d..0000000
--- a/NOTICE
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
diff --git a/OWNERS b/OWNERS
deleted file mode 100644
index a6db2d9..0000000
--- a/OWNERS
+++ /dev/null
@@ -1,6 +0,0 @@
-# TODO: find AOSP user email addresses for the following or new owners.
-# astor
-# hta
-# juberti
-# mikaelp
-# tschmelcher
diff --git a/README b/README
deleted file mode 100644
index 08fafae..0000000
--- a/README
+++ /dev/null
@@ -1,174 +0,0 @@
-Secure RTP (SRTP) Reference Implementation
-David A. McGrew
-Cisco Systems, Inc.
-mcgrew@cisco.com
-
-
-This package provides an implementation of the Secure Real-time
-Transport Protocol (SRTP), the Universal Security Transform (UST), and
-a supporting cryptographic kernel. These mechanisms are documented in
-the Internet Drafts in the doc/ subdirectory. The SRTP API is
-documented in include/srtp.h, and the library is in libsrtp.a (after
-compilation). An overview and reference manual is available in
-doc/libsrtp.pdf. The PDF documentation is more up to date than this
-file.
-
-
-Installation:
-
-./configure [ options ] # GNU autoconf script
-make # or gmake if needed; use GNU make
-
-The configure script accepts the following options:
-
- --help provides a usage summary
- --disable-debug compile without the runtime debugging system
- --enable-syslog use syslog for error reporting
- --disable-stdout use stdout for error reporting
- --enable-console use /dev/console for error reporting
- --gdoi use GDOI key management (disabled at present)
-
-By default, debbuging is enabled and stdout is used for debugging.
-You can use the above configure options to have the debugging output
-sent to syslog or the system console. Alternatively, you can define
-ERR_REPORTING_FILE in include/conf.h to be any other file that can be
-opened by libSRTP, and debug messages will be sent to it.
-
-This package has been tested on Mac OS X (powerpc-apple-darwin1.4),
-Cygwin (i686-pc-cygwin), and Sparc (sparc-sun-solaris2.6). Previous
-versions have been tested on Linux and OpenBSD on both x86 and sparc
-platforms.
-
-A quick tour of this package:
-
-Makefile targets: all, clean, ...
-README this file
-CHANGES change log
-VERSION version number of this package
-LICENSE legal details (it's a BSD-like license)
-crypto/ciphers/ ciphers (null, aes_icm, ...)
-crypto/math/ crypto math routines
-crypto/hash/ crypto hashing (hmac, tmmhv2, ...)
-crypto/replay/ replay protection
-doc/ documentation: rfcs, apis, and suchlike
-include/ include files for all code in distribution
-srtp/ secure real-time transport protocol implementation
-tables/ apps for generating tables (useful in porting)
-test/ test drivers
-
-
-Applications
-
- Several test drivers and a simple and portable srtp application
- are included in the test/ subdirectory.
-
- test driver function tested
- -------------------------------------------------------------
- kernel_driver crypto kernel (ciphers, auth funcs, rng)
- srtp_driver srtp in-memory tests (does not use the network)
- rdbx_driver rdbx (extended replay database)
- roc_driver extended sequence number functions
- replay_driver replay database (n.b. not used in libsrtp)
- cipher_driver ciphers
- auth_driver hash functions
-
- The app rtpw is a simple rtp application which reads words from
- /usr/dict/words and then sends them out one at a time using [s]rtp.
- Manual srtp keying uses the -k option; automated key management
- using gdoi will be added later.
-
-usage: rtpw [-d <debug>]* [-k <key> [-a][-e]] [-s | -r] dest_ip dest_port
-or rtpw -l
-
- Either the -s (sender) or -r (receiver) option must be chosen.
-
- The values dest_ip, dest_port are the ip address and udp port to
- which the dictionary will be sent, respectively.
-
- options:
-
- -s (s)rtp sender - causes app to send words
-
- -r (s)rtp receive - causes app to receve words
-
- -k <key> use srtp master key <key>, where the
- key is a hexadecimal value (without the
- leading "0x")
-
- -e encrypt/decrypt (for data confidentiality)
- (requires use of -k option as well)
-
- -a message authentication
- (requires use of -k option as well)
-
- -l list debug modules
-
- -d <debug> turn on debugging for module <debug>
-
-
-In order to get random 30-byte values for use as key/salt pairs , you
-can use the following bash function to format the output of
-/dev/random (where that device is available).
-
-function randhex() {
- cat /dev/random | od --read-bytes=32 --width=32 -x | awk '{ print $2 $3 $4 $5 $6 $7 $8 $9 $10 $11 $12 $13 $14 $15 $16 }'
-}
-
-
-An example of an SRTP session using two rtpw programs follows:
-
-set k=c1eec3717da76195bb878578790af71c4ee9f859e197a414a78d5abc7451
-
-[sh1]$ test/rtpw -s -k $k -ea 0.0.0.0 9999
-Security services: confidentiality message authentication
-set master key/salt to C1EEC3717DA76195BB878578790AF71C/4EE9F859E197A414A78D5ABC7451
-setting SSRC to 2078917053
-sending word: A
-sending word: a
-sending word: aa
-sending word: aal
-...
-
-[sh2]$ test/rtpw -r -k $k -ea 0.0.0.0 9999
-security services: confidentiality message authentication
-set master key/salt to C1EEC3717DA76195BB878578790AF71C/4EE9F859E197A414A78D5ABC7451
-19 octets received from SSRC 2078917053 word: A
-19 octets received from SSRC 2078917053 word: a
-20 octets received from SSRC 2078917053 word: aa
-21 octets received from SSRC 2078917053 word: aal
-...
-
-Implementation Notes
-
- * The srtp_protect() function assumes that the buffer holding the
- rtp packet has enough storage allocated that the authentication
- tag can be written to the end of that packet. If this assumption
- is not valid, memory corruption will ensue.
-
- * Automated tests for the crypto functions are provided through
- the cipher_type_self_test() and auth_type_self_test() functions.
- These functions should be used to test each port of this code
- to a new platform.
-
- * Replay protection is contained in the crypto engine, and
- tests for it are provided.
-
- * This implementation provides calls to initialize, protect, and
- unprotect RTP packets, and makes as few as possible assumptions
- about how these functions will be called. For example, the
- caller is not expected to provide packets in order (though if
- they're called more than 65k out of sequence, synchronization
- will be lost).
-
- * The sequence number in the rtp packet is used as the low 16 bits
- of the sender's local packet index. Note that RTP will start its
- sequence number in a random place, and the SRTP layer just jumps
- forward to that number at its first invocation. An earlier
- version of this library used initial sequence numbers that are
- less than 32,768; this trick is no longer required as the
- rdbx_estimate_index(...) function has been made smarter.
-
- * The replay window is 128 bits in length, and is hard-coded to this
- value for now.
-
-
diff --git a/README.version b/README.version
deleted file mode 100644
index e11179f..0000000
--- a/README.version
+++ /dev/null
@@ -1,3 +0,0 @@
-URL: http://sourceforge.net/projects/srtp/files/srtp/1.4.4/srtp-1.4.4.tgz/download
-Version: 1.4.4
-BugComponent: 1351
diff --git a/TODO b/TODO
deleted file mode 100644
index 18846e8..0000000
--- a/TODO
+++ /dev/null
@@ -1,66 +0,0 @@
-TODO List
-
-1.4.1
-
- - document which fields are in NBO/HBO, and check for consistency.
-
- - move HAVE_U_LONG_LONG inside of datatypes.c, or some other
- separate file
-
- - re-write configure.in to make cross-compilation easier
-
- - eliminate GENERIC_AESICM by generalizing the code a bit
-
-Older comments
-
- - add tests for key_limit_t datatype
-
- - move octet_get_weight() from datatypes.c to math.c (any other
- funcs?)
-
-Changes and additions planned
-
- Make cipher and auth dealloc() functions zeroize the key-storage
- areas before calling free().
-
- Eliminate key_len from auth_init()
-
- Doucument internal APIs (cipher, auth, srtp_protect, ...)
-
-
-SRTP options not (yet) included in this libaray:
-
- - the aes-f8-mode cipher
- - the Master Key Index
- - re-keying using the key derivation function (only the initial
- use of the PRF has been implemented, as it's sufficient
- for most uses)
-
-
-(OLD) PLANNED CHANGES
-
- strip out test/lfsr.c
-
- Write new documentation!!!
-
- Fix the x86 assembly code in aes.c.
-
- Eliminate /* DAM */ - there's one in srtp.c
-
- Change debugging so that it can print more than one line. Or perhaps
- just change it so that a single check of the debug-enabled flag is
- needed.
-
- Improve interface between cipher and rdbx - perhaps generalize rdbx
- into 'nonce' datatype.
-
- Make rijndael_icm accept variable sized keys.
-
- Add rdbx functions that allow different-sized explicit sequence
- numbers to be used.
-
- Write uniform byte-buffering code for PRFs, preferably as macros.
-
- Consider eliminating low-level alloc functions in favor of len()
- functions, so that there need not be multiple allocations within a
- particular alloc() function.
diff --git a/VERSION b/VERSION
deleted file mode 100644
index 1c99cf0..0000000
--- a/VERSION
+++ /dev/null
@@ -1 +0,0 @@
-1.4.4
diff --git a/config.guess b/config.guess
deleted file mode 100755
index 7d0185e..0000000
--- a/config.guess
+++ /dev/null
@@ -1,1447 +0,0 @@
-#! /bin/sh
-# Attempt to guess a canonical system name.
-# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
-# 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
-
-timestamp='2004-09-07'
-
-# This file is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-#
-# As a special exception to the GNU General Public License, if you
-# distribute this file as part of a program that contains a
-# configuration script generated by Autoconf, you may include it under
-# the same distribution terms that you use for the rest of that program.
-
-# Originally written by Per Bothner <per@bothner.com>.
-# Please send patches to <config-patches@gnu.org>. Submit a context
-# diff and a properly formatted ChangeLog entry.
-#
-# This script attempts to guess a canonical system name similar to
-# config.sub. If it succeeds, it prints the system name on stdout, and
-# exits with 0. Otherwise, it exits with 1.
-#
-# The plan is that this can be called by configure scripts if you
-# don't specify an explicit build system type.
-
-me=`echo "$0" | sed -e 's,.*/,,'`
-
-usage="\
-Usage: $0 [OPTION]
-
-Output the configuration name of the system \`$me' is run on.
-
-Operation modes:
- -h, --help print this help, then exit
- -t, --time-stamp print date of last modification, then exit
- -v, --version print version number, then exit
-
-Report bugs and patches to <config-patches@gnu.org>."
-
-version="\
-GNU config.guess ($timestamp)
-
-Originally written by Per Bothner.
-Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004
-Free Software Foundation, Inc.
-
-This is free software; see the source for copying conditions. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
-
-help="
-Try \`$me --help' for more information."
-
-# Parse command line
-while test $# -gt 0 ; do
- case $1 in
- --time-stamp | --time* | -t )
- echo "$timestamp" ; exit 0 ;;
- --version | -v )
- echo "$version" ; exit 0 ;;
- --help | --h* | -h )
- echo "$usage"; exit 0 ;;
- -- ) # Stop option processing
- shift; break ;;
- - ) # Use stdin as input.
- break ;;
- -* )
- echo "$me: invalid option $1$help" >&2
- exit 1 ;;
- * )
- break ;;
- esac
-done
-
-if test $# != 0; then
- echo "$me: too many arguments$help" >&2
- exit 1
-fi
-
-trap 'exit 1' 1 2 15
-
-# CC_FOR_BUILD -- compiler used by this script. Note that the use of a
-# compiler to aid in system detection is discouraged as it requires
-# temporary files to be created and, as you can see below, it is a
-# headache to deal with in a portable fashion.
-
-# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still
-# use `HOST_CC' if defined, but it is deprecated.
-
-# Portable tmp directory creation inspired by the Autoconf team.
-
-set_cc_for_build='
-trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ;
-trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ;
-: ${TMPDIR=/tmp} ;
- { tmp=`(umask 077 && mktemp -d -q "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } ||
- { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } ||
- { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } ||
- { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ;
-dummy=$tmp/dummy ;
-tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ;
-case $CC_FOR_BUILD,$HOST_CC,$CC in
- ,,) echo "int x;" > $dummy.c ;
- for c in cc gcc c89 c99 ; do
- if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then
- CC_FOR_BUILD="$c"; break ;
- fi ;
- done ;
- if test x"$CC_FOR_BUILD" = x ; then
- CC_FOR_BUILD=no_compiler_found ;
- fi
- ;;
- ,,*) CC_FOR_BUILD=$CC ;;
- ,*,*) CC_FOR_BUILD=$HOST_CC ;;
-esac ;'
-
-# This is needed to find uname on a Pyramid OSx when run in the BSD universe.
-# (ghazi@noc.rutgers.edu 1994-08-24)
-if (test -f /.attbin/uname) >/dev/null 2>&1 ; then
- PATH=$PATH:/.attbin ; export PATH
-fi
-
-UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown
-UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown
-UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown
-UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
-
-# Note: order is significant - the case branches are not exclusive.
-
-case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
- *:NetBSD:*:*)
- # NetBSD (nbsd) targets should (where applicable) match one or
- # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*,
- # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently
- # switched to ELF, *-*-netbsd* would select the old
- # object file format. This provides both forward
- # compatibility and a consistent mechanism for selecting the
- # object file format.
- #
- # Note: NetBSD doesn't particularly care about the vendor
- # portion of the name. We always set it to "unknown".
- sysctl="sysctl -n hw.machine_arch"
- UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \
- /usr/sbin/$sysctl 2>/dev/null || echo unknown)`
- case "${UNAME_MACHINE_ARCH}" in
- armeb) machine=armeb-unknown ;;
- arm*) machine=arm-unknown ;;
- sh3el) machine=shl-unknown ;;
- sh3eb) machine=sh-unknown ;;
- *) machine=${UNAME_MACHINE_ARCH}-unknown ;;
- esac
- # The Operating System including object format, if it has switched
- # to ELF recently, or will in the future.
- case "${UNAME_MACHINE_ARCH}" in
- arm*|i386|m68k|ns32k|sh3*|sparc|vax)
- eval $set_cc_for_build
- if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
- | grep __ELF__ >/dev/null
- then
- # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
- # Return netbsd for either. FIX?
- os=netbsd
- else
- os=netbsdelf
- fi
- ;;
- *)
- os=netbsd
- ;;
- esac
- # The OS release
- # Debian GNU/NetBSD machines have a different userland, and
- # thus, need a distinct triplet. However, they do not need
- # kernel version information, so it can be replaced with a
- # suitable tag, in the style of linux-gnu.
- case "${UNAME_VERSION}" in
- Debian*)
- release='-gnu'
- ;;
- *)
- release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
- ;;
- esac
- # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM:
- # contains redundant information, the shorter form:
- # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used.
- echo "${machine}-${os}${release}"
- exit 0 ;;
- amd64:OpenBSD:*:*)
- echo x86_64-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- amiga:OpenBSD:*:*)
- echo m68k-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- cats:OpenBSD:*:*)
- echo arm-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- hp300:OpenBSD:*:*)
- echo m68k-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- luna88k:OpenBSD:*:*)
- echo m88k-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- mac68k:OpenBSD:*:*)
- echo m68k-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- macppc:OpenBSD:*:*)
- echo powerpc-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- mvme68k:OpenBSD:*:*)
- echo m68k-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- mvme88k:OpenBSD:*:*)
- echo m88k-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- mvmeppc:OpenBSD:*:*)
- echo powerpc-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- sgi:OpenBSD:*:*)
- echo mips64-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- sun3:OpenBSD:*:*)
- echo m68k-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- *:OpenBSD:*:*)
- echo ${UNAME_MACHINE}-unknown-openbsd${UNAME_RELEASE}
- exit 0 ;;
- *:ekkoBSD:*:*)
- echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE}
- exit 0 ;;
- macppc:MirBSD:*:*)
- echo powerppc-unknown-mirbsd${UNAME_RELEASE}
- exit 0 ;;
- *:MirBSD:*:*)
- echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE}
- exit 0 ;;
- alpha:OSF1:*:*)
- case $UNAME_RELEASE in
- *4.0)
- UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'`
- ;;
- *5.*)
- UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'`
- ;;
- esac
- # According to Compaq, /usr/sbin/psrinfo has been available on
- # OSF/1 and Tru64 systems produced since 1995. I hope that
- # covers most systems running today. This code pipes the CPU
- # types through head -n 1, so we only detect the type of CPU 0.
- ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1`
- case "$ALPHA_CPU_TYPE" in
- "EV4 (21064)")
- UNAME_MACHINE="alpha" ;;
- "EV4.5 (21064)")
- UNAME_MACHINE="alpha" ;;
- "LCA4 (21066/21068)")
- UNAME_MACHINE="alpha" ;;
- "EV5 (21164)")
- UNAME_MACHINE="alphaev5" ;;
- "EV5.6 (21164A)")
- UNAME_MACHINE="alphaev56" ;;
- "EV5.6 (21164PC)")
- UNAME_MACHINE="alphapca56" ;;
- "EV5.7 (21164PC)")
- UNAME_MACHINE="alphapca57" ;;
- "EV6 (21264)")
- UNAME_MACHINE="alphaev6" ;;
- "EV6.7 (21264A)")
- UNAME_MACHINE="alphaev67" ;;
- "EV6.8CB (21264C)")
- UNAME_MACHINE="alphaev68" ;;
- "EV6.8AL (21264B)")
- UNAME_MACHINE="alphaev68" ;;
- "EV6.8CX (21264D)")
- UNAME_MACHINE="alphaev68" ;;
- "EV6.9A (21264/EV69A)")
- UNAME_MACHINE="alphaev69" ;;
- "EV7 (21364)")
- UNAME_MACHINE="alphaev7" ;;
- "EV7.9 (21364A)")
- UNAME_MACHINE="alphaev79" ;;
- esac
- # A Pn.n version is a patched version.
- # A Vn.n version is a released version.
- # A Tn.n version is a released field test version.
- # A Xn.n version is an unreleased experimental baselevel.
- # 1.2 uses "1.2" for uname -r.
- echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
- exit 0 ;;
- Alpha\ *:Windows_NT*:*)
- # How do we know it's Interix rather than the generic POSIX subsystem?
- # Should we change UNAME_MACHINE based on the output of uname instead
- # of the specific Alpha model?
- echo alpha-pc-interix
- exit 0 ;;
- 21064:Windows_NT:50:3)
- echo alpha-dec-winnt3.5
- exit 0 ;;
- Amiga*:UNIX_System_V:4.0:*)
- echo m68k-unknown-sysv4
- exit 0;;
- *:[Aa]miga[Oo][Ss]:*:*)
- echo ${UNAME_MACHINE}-unknown-amigaos
- exit 0 ;;
- *:[Mm]orph[Oo][Ss]:*:*)
- echo ${UNAME_MACHINE}-unknown-morphos
- exit 0 ;;
- *:OS/390:*:*)
- echo i370-ibm-openedition
- exit 0 ;;
- *:OS400:*:*)
- echo powerpc-ibm-os400
- exit 0 ;;
- arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
- echo arm-acorn-riscix${UNAME_RELEASE}
- exit 0;;
- SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*)
- echo hppa1.1-hitachi-hiuxmpp
- exit 0;;
- Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*)
- # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE.
- if test "`(/bin/universe) 2>/dev/null`" = att ; then
- echo pyramid-pyramid-sysv3
- else
- echo pyramid-pyramid-bsd
- fi
- exit 0 ;;
- NILE*:*:*:dcosx)
- echo pyramid-pyramid-svr4
- exit 0 ;;
- DRS?6000:unix:4.0:6*)
- echo sparc-icl-nx6
- exit 0 ;;
- DRS?6000:UNIX_SV:4.2*:7*)
- case `/usr/bin/uname -p` in
- sparc) echo sparc-icl-nx7 && exit 0 ;;
- esac ;;
- sun4H:SunOS:5.*:*)
- echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
- exit 0 ;;
- sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
- echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
- exit 0 ;;
- i86pc:SunOS:5.*:*)
- echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
- exit 0 ;;
- sun4*:SunOS:6*:*)
- # According to config.sub, this is the proper way to canonicalize
- # SunOS6. Hard to guess exactly what SunOS6 will be like, but
- # it's likely to be more like Solaris than SunOS4.
- echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
- exit 0 ;;
- sun4*:SunOS:*:*)
- case "`/usr/bin/arch -k`" in
- Series*|S4*)
- UNAME_RELEASE=`uname -v`
- ;;
- esac
- # Japanese Language versions have a version number like `4.1.3-JL'.
- echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'`
- exit 0 ;;
- sun3*:SunOS:*:*)
- echo m68k-sun-sunos${UNAME_RELEASE}
- exit 0 ;;
- sun*:*:4.2BSD:*)
- UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null`
- test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3
- case "`/bin/arch`" in
- sun3)
- echo m68k-sun-sunos${UNAME_RELEASE}
- ;;
- sun4)
- echo sparc-sun-sunos${UNAME_RELEASE}
- ;;
- esac
- exit 0 ;;
- aushp:SunOS:*:*)
- echo sparc-auspex-sunos${UNAME_RELEASE}
- exit 0 ;;
- # The situation for MiNT is a little confusing. The machine name
- # can be virtually everything (everything which is not
- # "atarist" or "atariste" at least should have a processor
- # > m68000). The system name ranges from "MiNT" over "FreeMiNT"
- # to the lowercase version "mint" (or "freemint"). Finally
- # the system name "TOS" denotes a system which is actually not
- # MiNT. But MiNT is downward compatible to TOS, so this should
- # be no problem.
- atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*)
- echo m68k-atari-mint${UNAME_RELEASE}
- exit 0 ;;
- atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*)
- echo m68k-atari-mint${UNAME_RELEASE}
- exit 0 ;;
- *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*)
- echo m68k-atari-mint${UNAME_RELEASE}
- exit 0 ;;
- milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*)
- echo m68k-milan-mint${UNAME_RELEASE}
- exit 0 ;;
- hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*)
- echo m68k-hades-mint${UNAME_RELEASE}
- exit 0 ;;
- *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
- echo m68k-unknown-mint${UNAME_RELEASE}
- exit 0 ;;
- m68k:machten:*:*)
- echo m68k-apple-machten${UNAME_RELEASE}
- exit 0 ;;
- powerpc:machten:*:*)
- echo powerpc-apple-machten${UNAME_RELEASE}
- exit 0 ;;
- RISC*:Mach:*:*)
- echo mips-dec-mach_bsd4.3
- exit 0 ;;
- RISC*:ULTRIX:*:*)
- echo mips-dec-ultrix${UNAME_RELEASE}
- exit 0 ;;
- VAX*:ULTRIX*:*:*)
- echo vax-dec-ultrix${UNAME_RELEASE}
- exit 0 ;;
- 2020:CLIX:*:* | 2430:CLIX:*:*)
- echo clipper-intergraph-clix${UNAME_RELEASE}
- exit 0 ;;
- mips:*:*:UMIPS | mips:*:*:RISCos)
- eval $set_cc_for_build
- sed 's/^ //' << EOF >$dummy.c
-#ifdef __cplusplus
-#include <stdio.h> /* for printf() prototype */
- int main (int argc, char *argv[]) {
-#else
- int main (argc, argv) int argc; char *argv[]; {
-#endif
- #if defined (host_mips) && defined (MIPSEB)
- #if defined (SYSTYPE_SYSV)
- printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0);
- #endif
- #if defined (SYSTYPE_SVR4)
- printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0);
- #endif
- #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD)
- printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0);
- #endif
- #endif
- exit (-1);
- }
-EOF
- $CC_FOR_BUILD -o $dummy $dummy.c \
- && $dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \
- && exit 0
- echo mips-mips-riscos${UNAME_RELEASE}
- exit 0 ;;
- Motorola:PowerMAX_OS:*:*)
- echo powerpc-motorola-powermax
- exit 0 ;;
- Motorola:*:4.3:PL8-*)
- echo powerpc-harris-powermax
- exit 0 ;;
- Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*)
- echo powerpc-harris-powermax
- exit 0 ;;
- Night_Hawk:Power_UNIX:*:*)
- echo powerpc-harris-powerunix
- exit 0 ;;
- m88k:CX/UX:7*:*)
- echo m88k-harris-cxux7
- exit 0 ;;
- m88k:*:4*:R4*)
- echo m88k-motorola-sysv4
- exit 0 ;;
- m88k:*:3*:R3*)
- echo m88k-motorola-sysv3
- exit 0 ;;
- AViiON:dgux:*:*)
- # DG/UX returns AViiON for all architectures
- UNAME_PROCESSOR=`/usr/bin/uname -p`
- if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ]
- then
- if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \
- [ ${TARGET_BINARY_INTERFACE}x = x ]
- then
- echo m88k-dg-dgux${UNAME_RELEASE}
- else
- echo m88k-dg-dguxbcs${UNAME_RELEASE}
- fi
- else
- echo i586-dg-dgux${UNAME_RELEASE}
- fi
- exit 0 ;;
- M88*:DolphinOS:*:*) # DolphinOS (SVR3)
- echo m88k-dolphin-sysv3
- exit 0 ;;
- M88*:*:R3*:*)
- # Delta 88k system running SVR3
- echo m88k-motorola-sysv3
- exit 0 ;;
- XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3)
- echo m88k-tektronix-sysv3
- exit 0 ;;
- Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD)
- echo m68k-tektronix-bsd
- exit 0 ;;
- *:IRIX*:*:*)
- echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'`
- exit 0 ;;
- ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX.
- echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id
- exit 0 ;; # Note that: echo "'`uname -s`'" gives 'AIX '
- i*86:AIX:*:*)
- echo i386-ibm-aix
- exit 0 ;;
- ia64:AIX:*:*)
- if [ -x /usr/bin/oslevel ] ; then
- IBM_REV=`/usr/bin/oslevel`
- else
- IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
- fi
- echo ${UNAME_MACHINE}-ibm-aix${IBM_REV}
- exit 0 ;;
- *:AIX:2:3)
- if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then
- eval $set_cc_for_build
- sed 's/^ //' << EOF >$dummy.c
- #include <sys/systemcfg.h>
-
- main()
- {
- if (!__power_pc())
- exit(1);
- puts("powerpc-ibm-aix3.2.5");
- exit(0);
- }
-EOF
- $CC_FOR_BUILD -o $dummy $dummy.c && $dummy && exit 0
- echo rs6000-ibm-aix3.2.5
- elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
- echo rs6000-ibm-aix3.2.4
- else
- echo rs6000-ibm-aix3.2
- fi
- exit 0 ;;
- *:AIX:*:[45])
- IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
- if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
- IBM_ARCH=rs6000
- else
- IBM_ARCH=powerpc
- fi
- if [ -x /usr/bin/oslevel ] ; then
- IBM_REV=`/usr/bin/oslevel`
- else
- IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
- fi
- echo ${IBM_ARCH}-ibm-aix${IBM_REV}
- exit 0 ;;
- *:AIX:*:*)
- echo rs6000-ibm-aix
- exit 0 ;;
- ibmrt:4.4BSD:*|romp-ibm:BSD:*)
- echo romp-ibm-bsd4.4
- exit 0 ;;
- ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and
- echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to
- exit 0 ;; # report: romp-ibm BSD 4.3
- *:BOSX:*:*)
- echo rs6000-bull-bosx
- exit 0 ;;
- DPX/2?00:B.O.S.:*:*)
- echo m68k-bull-sysv3
- exit 0 ;;
- 9000/[34]??:4.3bsd:1.*:*)
- echo m68k-hp-bsd
- exit 0 ;;
- hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*)
- echo m68k-hp-bsd4.4
- exit 0 ;;
- 9000/[34678]??:HP-UX:*:*)
- HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
- case "${UNAME_MACHINE}" in
- 9000/31? ) HP_ARCH=m68000 ;;
- 9000/[34]?? ) HP_ARCH=m68k ;;
- 9000/[678][0-9][0-9])
- if [ -x /usr/bin/getconf ]; then
- sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null`
- sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
- case "${sc_cpu_version}" in
- 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0
- 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1
- 532) # CPU_PA_RISC2_0
- case "${sc_kernel_bits}" in
- 32) HP_ARCH="hppa2.0n" ;;
- 64) HP_ARCH="hppa2.0w" ;;
- '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20
- esac ;;
- esac
- fi
- if [ "${HP_ARCH}" = "" ]; then
- eval $set_cc_for_build
- sed 's/^ //' << EOF >$dummy.c
-
- #define _HPUX_SOURCE
- #include <stdlib.h>
- #include <unistd.h>
-
- int main ()
- {
- #if defined(_SC_KERNEL_BITS)
- long bits = sysconf(_SC_KERNEL_BITS);
- #endif
- long cpu = sysconf (_SC_CPU_VERSION);
-
- switch (cpu)
- {
- case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
- case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
- case CPU_PA_RISC2_0:
- #if defined(_SC_KERNEL_BITS)
- switch (bits)
- {
- case 64: puts ("hppa2.0w"); break;
- case 32: puts ("hppa2.0n"); break;
- default: puts ("hppa2.0"); break;
- } break;
- #else /* !defined(_SC_KERNEL_BITS) */
- puts ("hppa2.0"); break;
- #endif
- default: puts ("hppa1.0"); break;
- }
- exit (0);
- }
-EOF
- (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy`
- test -z "$HP_ARCH" && HP_ARCH=hppa
- fi ;;
- esac
- if [ ${HP_ARCH} = "hppa2.0w" ]
- then
- # avoid double evaluation of $set_cc_for_build
- test -n "$CC_FOR_BUILD" || eval $set_cc_for_build
- if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E -) | grep __LP64__ >/dev/null
- then
- HP_ARCH="hppa2.0w"
- else
- HP_ARCH="hppa64"
- fi
- fi
- echo ${HP_ARCH}-hp-hpux${HPUX_REV}
- exit 0 ;;
- ia64:HP-UX:*:*)
- HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
- echo ia64-hp-hpux${HPUX_REV}
- exit 0 ;;
- 3050*:HI-UX:*:*)
- eval $set_cc_for_build
- sed 's/^ //' << EOF >$dummy.c
- #include <unistd.h>
- int
- main ()
- {
- long cpu = sysconf (_SC_CPU_VERSION);
- /* The order matters, because CPU_IS_HP_MC68K erroneously returns
- true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct
- results, however. */
- if (CPU_IS_PA_RISC (cpu))
- {
- switch (cpu)
- {
- case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break;
- case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break;
- case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break;
- default: puts ("hppa-hitachi-hiuxwe2"); break;
- }
- }
- else if (CPU_IS_HP_MC68K (cpu))
- puts ("m68k-hitachi-hiuxwe2");
- else puts ("unknown-hitachi-hiuxwe2");
- exit (0);
- }
-EOF
- $CC_FOR_BUILD -o $dummy $dummy.c && $dummy && exit 0
- echo unknown-hitachi-hiuxwe2
- exit 0 ;;
- 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* )
- echo hppa1.1-hp-bsd
- exit 0 ;;
- 9000/8??:4.3bsd:*:*)
- echo hppa1.0-hp-bsd
- exit 0 ;;
- *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*)
- echo hppa1.0-hp-mpeix
- exit 0 ;;
- hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* )
- echo hppa1.1-hp-osf
- exit 0 ;;
- hp8??:OSF1:*:*)
- echo hppa1.0-hp-osf
- exit 0 ;;
- i*86:OSF1:*:*)
- if [ -x /usr/sbin/sysversion ] ; then
- echo ${UNAME_MACHINE}-unknown-osf1mk
- else
- echo ${UNAME_MACHINE}-unknown-osf1
- fi
- exit 0 ;;
- parisc*:Lites*:*:*)
- echo hppa1.1-hp-lites
- exit 0 ;;
- C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
- echo c1-convex-bsd
- exit 0 ;;
- C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
- if getsysinfo -f scalar_acc
- then echo c32-convex-bsd
- else echo c2-convex-bsd
- fi
- exit 0 ;;
- C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
- echo c34-convex-bsd
- exit 0 ;;
- C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
- echo c38-convex-bsd
- exit 0 ;;
- C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
- echo c4-convex-bsd
- exit 0 ;;
- CRAY*Y-MP:*:*:*)
- echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
- exit 0 ;;
- CRAY*[A-Z]90:*:*:*)
- echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \
- | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \
- -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \
- -e 's/\.[^.]*$/.X/'
- exit 0 ;;
- CRAY*TS:*:*:*)
- echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
- exit 0 ;;
- CRAY*T3E:*:*:*)
- echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
- exit 0 ;;
- CRAY*SV1:*:*:*)
- echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
- exit 0 ;;
- *:UNICOS/mp:*:*)
- echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
- exit 0 ;;
- F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
- FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
- FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
- FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
- echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
- exit 0 ;;
- 5000:UNIX_System_V:4.*:*)
- FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
- FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'`
- echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
- exit 0 ;;
- i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*)
- echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
- exit 0 ;;
- sparc*:BSD/OS:*:*)
- echo sparc-unknown-bsdi${UNAME_RELEASE}
- exit 0 ;;
- *:BSD/OS:*:*)
- echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
- exit 0 ;;
- *:FreeBSD:*:*)
- echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
- exit 0 ;;
- i*:CYGWIN*:*)
- echo ${UNAME_MACHINE}-pc-cygwin
- exit 0 ;;
- i*:MINGW*:*)
- echo ${UNAME_MACHINE}-pc-mingw32
- exit 0 ;;
- i*:PW*:*)
- echo ${UNAME_MACHINE}-pc-pw32
- exit 0 ;;
- x86:Interix*:[34]*)
- echo i586-pc-interix${UNAME_RELEASE}|sed -e 's/\..*//'
- exit 0 ;;
- [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
- echo i${UNAME_MACHINE}-pc-mks
- exit 0 ;;
- i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
- # How do we know it's Interix rather than the generic POSIX subsystem?
- # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
- # UNAME_MACHINE based on the output of uname instead of i386?
- echo i586-pc-interix
- exit 0 ;;
- i*:UWIN*:*)
- echo ${UNAME_MACHINE}-pc-uwin
- exit 0 ;;
- p*:CYGWIN*:*)
- echo powerpcle-unknown-cygwin
- exit 0 ;;
- prep*:SunOS:5.*:*)
- echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
- exit 0 ;;
- *:GNU:*:*)
- # the GNU system
- echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'`
- exit 0 ;;
- *:GNU/*:*:*)
- # other systems with GNU libc and userland
- echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu
- exit 0 ;;
- i*86:Minix:*:*)
- echo ${UNAME_MACHINE}-pc-minix
- exit 0 ;;
- arm*:Linux:*:*)
- echo ${UNAME_MACHINE}-unknown-linux-gnu
- exit 0 ;;
- cris:Linux:*:*)
- echo cris-axis-linux-gnu
- exit 0 ;;
- crisv32:Linux:*:*)
- echo crisv32-axis-linux-gnu
- exit 0 ;;
- frv:Linux:*:*)
- echo frv-unknown-linux-gnu
- exit 0 ;;
- ia64:Linux:*:*)
- echo ${UNAME_MACHINE}-unknown-linux-gnu
- exit 0 ;;
- m32r*:Linux:*:*)
- echo ${UNAME_MACHINE}-unknown-linux-gnu
- exit 0 ;;
- m68*:Linux:*:*)
- echo ${UNAME_MACHINE}-unknown-linux-gnu
- exit 0 ;;
- mips:Linux:*:*)
- eval $set_cc_for_build
- sed 's/^ //' << EOF >$dummy.c
- #undef CPU
- #undef mips
- #undef mipsel
- #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
- CPU=mipsel
- #else
- #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
- CPU=mips
- #else
- CPU=
- #endif
- #endif
-EOF
- eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=`
- test x"${CPU}" != x && echo "${CPU}-unknown-linux-gnu" && exit 0
- ;;
- mips64:Linux:*:*)
- eval $set_cc_for_build
- sed 's/^ //' << EOF >$dummy.c
- #undef CPU
- #undef mips64
- #undef mips64el
- #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
- CPU=mips64el
- #else
- #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
- CPU=mips64
- #else
- CPU=
- #endif
- #endif
-EOF
- eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=`
- test x"${CPU}" != x && echo "${CPU}-unknown-linux-gnu" && exit 0
- ;;
- ppc:Linux:*:*)
- echo powerpc-unknown-linux-gnu
- exit 0 ;;
- ppc64:Linux:*:*)
- echo powerpc64-unknown-linux-gnu
- exit 0 ;;
- alpha:Linux:*:*)
- case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
- EV5) UNAME_MACHINE=alphaev5 ;;
- EV56) UNAME_MACHINE=alphaev56 ;;
- PCA56) UNAME_MACHINE=alphapca56 ;;
- PCA57) UNAME_MACHINE=alphapca56 ;;
- EV6) UNAME_MACHINE=alphaev6 ;;
- EV67) UNAME_MACHINE=alphaev67 ;;
- EV68*) UNAME_MACHINE=alphaev68 ;;
- esac
- objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null
- if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
- echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
- exit 0 ;;
- parisc:Linux:*:* | hppa:Linux:*:*)
- # Look for CPU level
- case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in
- PA7*) echo hppa1.1-unknown-linux-gnu ;;
- PA8*) echo hppa2.0-unknown-linux-gnu ;;
- *) echo hppa-unknown-linux-gnu ;;
- esac
- exit 0 ;;
- parisc64:Linux:*:* | hppa64:Linux:*:*)
- echo hppa64-unknown-linux-gnu
- exit 0 ;;
- s390:Linux:*:* | s390x:Linux:*:*)
- echo ${UNAME_MACHINE}-ibm-linux
- exit 0 ;;
- sh64*:Linux:*:*)
- echo ${UNAME_MACHINE}-unknown-linux-gnu
- exit 0 ;;
- sh*:Linux:*:*)
- echo ${UNAME_MACHINE}-unknown-linux-gnu
- exit 0 ;;
- sparc:Linux:*:* | sparc64:Linux:*:*)
- echo ${UNAME_MACHINE}-unknown-linux-gnu
- exit 0 ;;
- x86_64:Linux:*:*)
- echo x86_64-unknown-linux-gnu
- exit 0 ;;
- i*86:Linux:*:*)
- # The BFD linker knows what the default object file format is, so
- # first see if it will tell us. cd to the root directory to prevent
- # problems with other programs or directories called `ld' in the path.
- # Set LC_ALL=C to ensure ld outputs messages in English.
- ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \
- | sed -ne '/supported targets:/!d
- s/[ ][ ]*/ /g
- s/.*supported targets: *//
- s/ .*//
- p'`
- case "$ld_supported_targets" in
- elf32-i386)
- TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu"
- ;;
- a.out-i386-linux)
- echo "${UNAME_MACHINE}-pc-linux-gnuaout"
- exit 0 ;;
- coff-i386)
- echo "${UNAME_MACHINE}-pc-linux-gnucoff"
- exit 0 ;;
- "")
- # Either a pre-BFD a.out linker (linux-gnuoldld) or
- # one that does not give us useful --help.
- echo "${UNAME_MACHINE}-pc-linux-gnuoldld"
- exit 0 ;;
- esac
- # Determine whether the default compiler is a.out or elf
- eval $set_cc_for_build
- sed 's/^ //' << EOF >$dummy.c
- #include <features.h>
- #ifdef __ELF__
- # ifdef __GLIBC__
- # if __GLIBC__ >= 2
- LIBC=gnu
- # else
- LIBC=gnulibc1
- # endif
- # else
- LIBC=gnulibc1
- # endif
- #else
- #ifdef __INTEL_COMPILER
- LIBC=gnu
- #else
- LIBC=gnuaout
- #endif
- #endif
- #ifdef __dietlibc__
- LIBC=dietlibc
- #endif
-EOF
- eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=`
- test x"${LIBC}" != x && echo "${UNAME_MACHINE}-pc-linux-${LIBC}" && exit 0
- test x"${TENTATIVE}" != x && echo "${TENTATIVE}" && exit 0
- ;;
- i*86:DYNIX/ptx:4*:*)
- # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
- # earlier versions are messed up and put the nodename in both
- # sysname and nodename.
- echo i386-sequent-sysv4
- exit 0 ;;
- i*86:UNIX_SV:4.2MP:2.*)
- # Unixware is an offshoot of SVR4, but it has its own version
- # number series starting with 2...
- # I am not positive that other SVR4 systems won't match this,
- # I just have to hope. -- rms.
- # Use sysv4.2uw... so that sysv4* matches it.
- echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION}
- exit 0 ;;
- i*86:OS/2:*:*)
- # If we were able to find `uname', then EMX Unix compatibility
- # is probably installed.
- echo ${UNAME_MACHINE}-pc-os2-emx
- exit 0 ;;
- i*86:XTS-300:*:STOP)
- echo ${UNAME_MACHINE}-unknown-stop
- exit 0 ;;
- i*86:atheos:*:*)
- echo ${UNAME_MACHINE}-unknown-atheos
- exit 0 ;;
- i*86:syllable:*:*)
- echo ${UNAME_MACHINE}-pc-syllable
- exit 0 ;;
- i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*)
- echo i386-unknown-lynxos${UNAME_RELEASE}
- exit 0 ;;
- i*86:*DOS:*:*)
- echo ${UNAME_MACHINE}-pc-msdosdjgpp
- exit 0 ;;
- i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*)
- UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'`
- if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then
- echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL}
- else
- echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL}
- fi
- exit 0 ;;
- i*86:*:5:[78]*)
- case `/bin/uname -X | grep "^Machine"` in
- *486*) UNAME_MACHINE=i486 ;;
- *Pentium) UNAME_MACHINE=i586 ;;
- *Pent*|*Celeron) UNAME_MACHINE=i686 ;;
- esac
- echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION}
- exit 0 ;;
- i*86:*:3.2:*)
- if test -f /usr/options/cb.name; then
- UNAME_REL=`sed -n 's/.*Version //p' </usr/options/cb.name`
- echo ${UNAME_MACHINE}-pc-isc$UNAME_REL
- elif /bin/uname -X 2>/dev/null >/dev/null ; then
- UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')`
- (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486
- (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \
- && UNAME_MACHINE=i586
- (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \
- && UNAME_MACHINE=i686
- (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \
- && UNAME_MACHINE=i686
- echo ${UNAME_MACHINE}-pc-sco$UNAME_REL
- else
- echo ${UNAME_MACHINE}-pc-sysv32
- fi
- exit 0 ;;
- pc:*:*:*)
- # Left here for compatibility:
- # uname -m prints for DJGPP always 'pc', but it prints nothing about
- # the processor, so we play safe by assuming i386.
- echo i386-pc-msdosdjgpp
- exit 0 ;;
- Intel:Mach:3*:*)
- echo i386-pc-mach3
- exit 0 ;;
- paragon:*:*:*)
- echo i860-intel-osf1
- exit 0 ;;
- i860:*:4.*:*) # i860-SVR4
- if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then
- echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4
- else # Add other i860-SVR4 vendors below as they are discovered.
- echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4
- fi
- exit 0 ;;
- mini*:CTIX:SYS*5:*)
- # "miniframe"
- echo m68010-convergent-sysv
- exit 0 ;;
- mc68k:UNIX:SYSTEM5:3.51m)
- echo m68k-convergent-sysv
- exit 0 ;;
- M680?0:D-NIX:5.3:*)
- echo m68k-diab-dnix
- exit 0 ;;
- M68*:*:R3V[5678]*:*)
- test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;;
- 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0)
- OS_REL=''
- test -r /etc/.relid \
- && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
- /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
- && echo i486-ncr-sysv4.3${OS_REL} && exit 0
- /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
- && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;;
- 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
- /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
- && echo i486-ncr-sysv4 && exit 0 ;;
- m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
- echo m68k-unknown-lynxos${UNAME_RELEASE}
- exit 0 ;;
- mc68030:UNIX_System_V:4.*:*)
- echo m68k-atari-sysv4
- exit 0 ;;
- TSUNAMI:LynxOS:2.*:*)
- echo sparc-unknown-lynxos${UNAME_RELEASE}
- exit 0 ;;
- rs6000:LynxOS:2.*:*)
- echo rs6000-unknown-lynxos${UNAME_RELEASE}
- exit 0 ;;
- PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*)
- echo powerpc-unknown-lynxos${UNAME_RELEASE}
- exit 0 ;;
- SM[BE]S:UNIX_SV:*:*)
- echo mips-dde-sysv${UNAME_RELEASE}
- exit 0 ;;
- RM*:ReliantUNIX-*:*:*)
- echo mips-sni-sysv4
- exit 0 ;;
- RM*:SINIX-*:*:*)
- echo mips-sni-sysv4
- exit 0 ;;
- *:SINIX-*:*:*)
- if uname -p 2>/dev/null >/dev/null ; then
- UNAME_MACHINE=`(uname -p) 2>/dev/null`
- echo ${UNAME_MACHINE}-sni-sysv4
- else
- echo ns32k-sni-sysv
- fi
- exit 0 ;;
- PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
- # says <Richard.M.Bartel@ccMail.Census.GOV>
- echo i586-unisys-sysv4
- exit 0 ;;
- *:UNIX_System_V:4*:FTX*)
- # From Gerald Hewes <hewes@openmarket.com>.
- # How about differentiating between stratus architectures? -djm
- echo hppa1.1-stratus-sysv4
- exit 0 ;;
- *:*:*:FTX*)
- # From seanf@swdc.stratus.com.
- echo i860-stratus-sysv4
- exit 0 ;;
- *:VOS:*:*)
- # From Paul.Green@stratus.com.
- echo hppa1.1-stratus-vos
- exit 0 ;;
- mc68*:A/UX:*:*)
- echo m68k-apple-aux${UNAME_RELEASE}
- exit 0 ;;
- news*:NEWS-OS:6*:*)
- echo mips-sony-newsos6
- exit 0 ;;
- R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*)
- if [ -d /usr/nec ]; then
- echo mips-nec-sysv${UNAME_RELEASE}
- else
- echo mips-unknown-sysv${UNAME_RELEASE}
- fi
- exit 0 ;;
- BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only.
- echo powerpc-be-beos
- exit 0 ;;
- BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only.
- echo powerpc-apple-beos
- exit 0 ;;
- BePC:BeOS:*:*) # BeOS running on Intel PC compatible.
- echo i586-pc-beos
- exit 0 ;;
- SX-4:SUPER-UX:*:*)
- echo sx4-nec-superux${UNAME_RELEASE}
- exit 0 ;;
- SX-5:SUPER-UX:*:*)
- echo sx5-nec-superux${UNAME_RELEASE}
- exit 0 ;;
- SX-6:SUPER-UX:*:*)
- echo sx6-nec-superux${UNAME_RELEASE}
- exit 0 ;;
- Power*:Rhapsody:*:*)
- echo powerpc-apple-rhapsody${UNAME_RELEASE}
- exit 0 ;;
- *:Rhapsody:*:*)
- echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE}
- exit 0 ;;
- *:Darwin:*:*)
- UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
- case $UNAME_PROCESSOR in
- *86) UNAME_PROCESSOR=i686 ;;
- unknown) UNAME_PROCESSOR=powerpc ;;
- esac
- echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
- exit 0 ;;
- *:procnto*:*:* | *:QNX:[0123456789]*:*)
- UNAME_PROCESSOR=`uname -p`
- if test "$UNAME_PROCESSOR" = "x86"; then
- UNAME_PROCESSOR=i386
- UNAME_MACHINE=pc
- fi
- echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE}
- exit 0 ;;
- *:QNX:*:4*)
- echo i386-pc-qnx
- exit 0 ;;
- NSR-?:NONSTOP_KERNEL:*:*)
- echo nsr-tandem-nsk${UNAME_RELEASE}
- exit 0 ;;
- *:NonStop-UX:*:*)
- echo mips-compaq-nonstopux
- exit 0 ;;
- BS2000:POSIX*:*:*)
- echo bs2000-siemens-sysv
- exit 0 ;;
- DS/*:UNIX_System_V:*:*)
- echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE}
- exit 0 ;;
- *:Plan9:*:*)
- # "uname -m" is not consistent, so use $cputype instead. 386
- # is converted to i386 for consistency with other x86
- # operating systems.
- if test "$cputype" = "386"; then
- UNAME_MACHINE=i386
- else
- UNAME_MACHINE="$cputype"
- fi
- echo ${UNAME_MACHINE}-unknown-plan9
- exit 0 ;;
- *:TOPS-10:*:*)
- echo pdp10-unknown-tops10
- exit 0 ;;
- *:TENEX:*:*)
- echo pdp10-unknown-tenex
- exit 0 ;;
- KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*)
- echo pdp10-dec-tops20
- exit 0 ;;
- XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*)
- echo pdp10-xkl-tops20
- exit 0 ;;
- *:TOPS-20:*:*)
- echo pdp10-unknown-tops20
- exit 0 ;;
- *:ITS:*:*)
- echo pdp10-unknown-its
- exit 0 ;;
- SEI:*:*:SEIUX)
- echo mips-sei-seiux${UNAME_RELEASE}
- exit 0 ;;
- *:DragonFly:*:*)
- echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
- exit 0 ;;
- *:*VMS:*:*)
- UNAME_MACHINE=`(uname -p) 2>/dev/null`
- case "${UNAME_MACHINE}" in
- A*) echo alpha-dec-vms && exit 0 ;;
- I*) echo ia64-dec-vms && exit 0 ;;
- V*) echo vax-dec-vms && exit 0 ;;
- esac
-esac
-
-#echo '(No uname command or uname output not recognized.)' 1>&2
-#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2
-
-eval $set_cc_for_build
-cat >$dummy.c <<EOF
-#ifdef _SEQUENT_
-# include <sys/types.h>
-# include <sys/utsname.h>
-#endif
-main ()
-{
-#if defined (sony)
-#if defined (MIPSEB)
- /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed,
- I don't know.... */
- printf ("mips-sony-bsd\n"); exit (0);
-#else
-#include <sys/param.h>
- printf ("m68k-sony-newsos%s\n",
-#ifdef NEWSOS4
- "4"
-#else
- ""
-#endif
- ); exit (0);
-#endif
-#endif
-
-#if defined (__arm) && defined (__acorn) && defined (__unix)
- printf ("arm-acorn-riscix"); exit (0);
-#endif
-
-#if defined (hp300) && !defined (hpux)
- printf ("m68k-hp-bsd\n"); exit (0);
-#endif
-
-#if defined (NeXT)
-#if !defined (__ARCHITECTURE__)
-#define __ARCHITECTURE__ "m68k"
-#endif
- int version;
- version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`;
- if (version < 4)
- printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version);
- else
- printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version);
- exit (0);
-#endif
-
-#if defined (MULTIMAX) || defined (n16)
-#if defined (UMAXV)
- printf ("ns32k-encore-sysv\n"); exit (0);
-#else
-#if defined (CMU)
- printf ("ns32k-encore-mach\n"); exit (0);
-#else
- printf ("ns32k-encore-bsd\n"); exit (0);
-#endif
-#endif
-#endif
-
-#if defined (__386BSD__)
- printf ("i386-pc-bsd\n"); exit (0);
-#endif
-
-#if defined (sequent)
-#if defined (i386)
- printf ("i386-sequent-dynix\n"); exit (0);
-#endif
-#if defined (ns32000)
- printf ("ns32k-sequent-dynix\n"); exit (0);
-#endif
-#endif
-
-#if defined (_SEQUENT_)
- struct utsname un;
-
- uname(&un);
-
- if (strncmp(un.version, "V2", 2) == 0) {
- printf ("i386-sequent-ptx2\n"); exit (0);
- }
- if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */
- printf ("i386-sequent-ptx1\n"); exit (0);
- }
- printf ("i386-sequent-ptx\n"); exit (0);
-
-#endif
-
-#if defined (vax)
-# if !defined (ultrix)
-# include <sys/param.h>
-# if defined (BSD)
-# if BSD == 43
- printf ("vax-dec-bsd4.3\n"); exit (0);
-# else
-# if BSD == 199006
- printf ("vax-dec-bsd4.3reno\n"); exit (0);
-# else
- printf ("vax-dec-bsd\n"); exit (0);
-# endif
-# endif
-# else
- printf ("vax-dec-bsd\n"); exit (0);
-# endif
-# else
- printf ("vax-dec-ultrix\n"); exit (0);
-# endif
-#endif
-
-#if defined (alliant) && defined (i860)
- printf ("i860-alliant-bsd\n"); exit (0);
-#endif
-
- exit (1);
-}
-EOF
-
-$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && $dummy && exit 0
-
-# Apollos put the system type in the environment.
-
-test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; }
-
-# Convex versions that predate uname can use getsysinfo(1)
-
-if [ -x /usr/convex/getsysinfo ]
-then
- case `getsysinfo -f cpu_type` in
- c1*)
- echo c1-convex-bsd
- exit 0 ;;
- c2*)
- if getsysinfo -f scalar_acc
- then echo c32-convex-bsd
- else echo c2-convex-bsd
- fi
- exit 0 ;;
- c34*)
- echo c34-convex-bsd
- exit 0 ;;
- c38*)
- echo c38-convex-bsd
- exit 0 ;;
- c4*)
- echo c4-convex-bsd
- exit 0 ;;
- esac
-fi
-
-cat >&2 <<EOF
-$0: unable to guess system type
-
-This script, last modified $timestamp, has failed to recognize
-the operating system you are using. It is advised that you
-download the most up to date version of the config scripts from
-
- ftp://ftp.gnu.org/pub/gnu/config/
-
-If the version you run ($0) is already up to date, please
-send the following data and any information you think might be
-pertinent to <config-patches@gnu.org> in order to provide the needed
-information to handle your system.
-
-config.guess timestamp = $timestamp
-
-uname -m = `(uname -m) 2>/dev/null || echo unknown`
-uname -r = `(uname -r) 2>/dev/null || echo unknown`
-uname -s = `(uname -s) 2>/dev/null || echo unknown`
-uname -v = `(uname -v) 2>/dev/null || echo unknown`
-
-/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null`
-/bin/uname -X = `(/bin/uname -X) 2>/dev/null`
-
-hostinfo = `(hostinfo) 2>/dev/null`
-/bin/universe = `(/bin/universe) 2>/dev/null`
-/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null`
-/bin/arch = `(/bin/arch) 2>/dev/null`
-/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null`
-/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null`
-
-UNAME_MACHINE = ${UNAME_MACHINE}
-UNAME_RELEASE = ${UNAME_RELEASE}
-UNAME_SYSTEM = ${UNAME_SYSTEM}
-UNAME_VERSION = ${UNAME_VERSION}
-EOF
-
-exit 1
-
-# Local variables:
-# eval: (add-hook 'write-file-hooks 'time-stamp)
-# time-stamp-start: "timestamp='"
-# time-stamp-format: "%:y-%02m-%02d"
-# time-stamp-end: "'"
-# End:
diff --git a/config.h_win32vc7 b/config.h_win32vc7
deleted file mode 100644
index 44e6696..0000000
--- a/config.h_win32vc7
+++ /dev/null
@@ -1,174 +0,0 @@
-/* Hacked config.h for Windows XP 32-bit & VC7 */
-
-#ifdef (_MSC_VER >= 1400)
-# define HAVE_RAND_S 1
-#endif
-
-/* Define if building for a CISC machine (e.g. Intel). */
-#define CPU_CISC 1
-
-/* Define if building for a RISC machine (assume slow byte access). */
-#undef CPU_RISC
-
-/* Path to random device */
-#undef DEV_URANDOM
-
-/* Define to compile in dynamic debugging system. */
-#undef ENABLE_DEBUGGING
-
-/* Report errors to this file. */
-#undef ERR_REPORTING_FILE
-
-/* Define to use logging to stdout. */
-#undef ERR_REPORTING_STDOUT
-
-/* Define this to use ISMAcryp code. */
-#undef GENERIC_AESICM
-
-/* Define to 1 if you have the <arpa/inet.h> header file. */
-#undef HAVE_ARPA_INET_H
-
-/* Define to 1 if you have the <byteswap.h> header file. */
-#undef HAVE_BYTESWAP_H
-
-/* Define to 1 if you have the `inet_aton' function. */
-#define HAVE_INET_ATON 1
-
-/* Define to 1 if the system has the type `int16_t'. */
-#undef HAVE_INT16_T
-
-/* Define to 1 if the system has the type `int32_t'. */
-#undef HAVE_INT32_T
-
-/* Define to 1 if the system has the type `int8_t'. */
-#undef HAVE_INT8_T
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* Define to 1 if you have the `socket' library (-lsocket). */
-#undef HAVE_LIBSOCKET
-
-/* Define to 1 if you have the <machine/types.h> header file. */
-#undef HAVE_MACHINE_TYPES_H
-
-/* Define to 1 if you have the <memory.h> header file. */
-#define HAVE_MEMORY_H 1
-
-/* Define to 1 if you have the <netinet/in.h> header file. */
-#undef HAVE_NETINET_IN_H
-
-/* Define to 1 if you have the `socket' function. */
-#define HAVE_SOCKET 1
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#undef HAVE_STDINT_H
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#define HAVE_STDLIB_H 1
-
-/* Define to 1 if you have the <strings.h> header file. */
-#define HAVE_STRINGS_H 1
-
-/* Define to 1 if you have the <string.h> header file. */
-#define HAVE_STRING_H 1
-
-/* Define to 1 if you have the <syslog.h> header file. */
-#undef HAVE_SYSLOG_H
-
-/* Define to 1 if you have the <sys/int_types.h> header file. */
-#undef HAVE_SYS_INT_TYPES_H
-
-/* Define to 1 if you have the <sys/socket.h> header file. */
-#undef HAVE_SYS_SOCKET_H
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#undef HAVE_SYS_STAT_H
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#undef HAVE_SYS_TYPES_H
-
-/* Define to 1 if you have the <sys/uio.h> header file. */
-#undef HAVE_SYS_UIO_H
-
-/* Define to 1 if the system has the type `uint16_t'. */
-#undef HAVE_UINT16_T
-
-/* Define to 1 if the system has the type `uint32_t'. */
-#undef HAVE_UINT32_T
-
-/* Define to 1 if the system has the type `uint64_t'. */
-#undef HAVE_UINT64_T
-
-/* Define to 1 if the system has the type `uint8_t'. */
-#undef HAVE_UINT8_T
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#define HAVE_UNISTD_H 1
-
-/* Define to 1 if you have the `usleep' function. */
-#define HAVE_USLEEP 1
-
-/* Define to 1 if you have the <windows.h> header file. */
-#define HAVE_WINDOWS_H 1
-
-/* Define to 1 if you have the <winsock2.h> header file. */
-#define HAVE_WINSOCK2_H 1
-
-/* Define to use X86 inlined assembly code */
-#undef HAVE_X86
-
-/* Define to the address where bug reports for this package should be sent. */
-#undef PACKAGE_BUGREPORT
-
-/* Define to the full name of this package. */
-#undef PACKAGE_NAME
-
-/* Define to the full name and version of this package. */
-#undef PACKAGE_STRING
-
-/* Define to the one symbol short name of this package. */
-#undef PACKAGE_TARNAME
-
-/* Define to the version of this package. */
-#undef PACKAGE_VERSION
-
-/* The size of a `unsigned long', as computed by sizeof. */
-#define SIZEOF_UNSIGNED_LONG 4
-
-/* The size of a `unsigned long long', as computed by sizeof. */
-#define SIZEOF_UNSIGNED_LONG_LONG 8
-
-/* Define to use GDOI. */
-#undef SRTP_GDOI
-
-/* Define to compile for kernel contexts. */
-#undef SRTP_KERNEL
-
-/* Define to compile for Linux kernel context. */
-#undef SRTP_KERNEL_LINUX
-
-/* Define to 1 if you have the ANSI C header files. */
-#undef STDC_HEADERS
-
-/* Write errors to this file */
-#undef USE_ERR_REPORTING_FILE
-
-/* Define to use syslog logging. */
-#undef USE_SYSLOG
-
-/* Define to 1 if your processor stores words with the most significant byte
- first (like Motorola and SPARC, unlike Intel and VAX). */
-#undef WORDS_BIGENDIAN
-
-/* Define to empty if `const' does not conform to ANSI C. */
-//#undef const
-/* Define to `__inline__' or `__inline' if that's what the C compiler
- calls it, or to nothing if 'inline' is not supported under any name. */
-//#ifndef __cplusplus
-//#undef inline
-//#endif
-#define inline __inline
-
-/* Define to `unsigned' if <sys/types.h> does not define. */
-//#undef size_t
diff --git a/config.hw b/config.hw
deleted file mode 100644
index 39d4e07..0000000
--- a/config.hw
+++ /dev/null
@@ -1,196 +0,0 @@
-/* crypto/include/config.h. Generated by configure. */
-/* config_in.h. Generated from configure.in by autoheader. */
-
-#if (_MSC_VER >= 1400)
-# define HAVE_RAND_S 1
-#endif
-
-/* Define if building for a CISC machine (e.g. Intel). */
-#define CPU_CISC 1
-
-/* Define if building for a RISC machine (assume slow byte access). */
-/* #undef CPU_RISC */
-
-/* Path to random device */
-/* #define DEV_URANDOM "/dev/urandom" */
-
-/* Define to compile in dynamic debugging system. */
-#define ENABLE_DEBUGGING 1
-
-/* Report errors to this file. */
-/* #undef ERR_REPORTING_FILE */
-
-/* Define to use logging to stdout. */
-#define ERR_REPORTING_STDOUT 1
-
-/* Define this to use ISMAcryp code. */
-/* #undef GENERIC_AESICM */
-
-/* Define to 1 if you have the <arpa/inet.h> header file. */
-/* #undef HAVE_ARPA_INET_H */
-
-/* Define to 1 if you have the <byteswap.h> header file. */
-/* #undef HAVE_BYTESWAP_H */
-
-/* Define to 1 if you have the `inet_aton' function. */
-/* #undef HAVE_INET_ATON */
-
-/* Define to 1 if the system has the type `int16_t'. */
-#define HAVE_INT16_T 1
-
-/* Define to 1 if the system has the type `int32_t'. */
-#define HAVE_INT32_T 1
-
-/* Define to 1 if the system has the type `int8_t'. */
-#define HAVE_INT8_T 1
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-/* #undef HAVE_INTTYPES_H */
-
-/* Define to 1 if you have the `socket' library (-lsocket). */
-/* #undef HAVE_LIBSOCKET */
-
-/* Define to 1 if you have the <machine/types.h> header file. */
-/* #undef HAVE_MACHINE_TYPES_H */
-
-/* Define to 1 if you have the <memory.h> header file. */
-#define HAVE_MEMORY_H 1
-
-/* Define to 1 if you have the <netinet/in.h> header file. */
-/* #undef HAVE_NETINET_IN_H */
-
-/* Define to 1 if you have the `socket' function. */
-/* #undef HAVE_SOCKET */
-
-/* Define to 1 if you have the <stdint.h> header file. */
-/* #undef HAVE_STDINT_H */
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#define HAVE_STDLIB_H 1
-
-/* Define to 1 if you have the <strings.h> header file. */
-#define HAVE_STRINGS_H 1
-
-/* Define to 1 if you have the <string.h> header file. */
-#define HAVE_STRING_H 1
-
-/* Define to 1 if you have the <syslog.h> header file. */
-/* #undef HAVE_SYSLOG_H */
-
-/* Define to 1 if you have the <sys/int_types.h> header file. */
-/* #undef HAVE_SYS_INT_TYPES_H */
-
-/* Define to 1 if you have the <sys/socket.h> header file. */
-/* #undef HAVE_SYS_SOCKET_H */
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#define HAVE_SYS_STAT_H 1
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#define HAVE_SYS_TYPES_H 1
-
-/* Define to 1 if you have the <sys/uio.h> header file. */
-/* #undef HAVE_SYS_UIO_H */
-
-/* Define to 1 if the system has the type `uint16_t'. */
-#define HAVE_UINT16_T 1
-
-/* Define to 1 if the system has the type `uint32_t'. */
-#define HAVE_UINT32_T 1
-
-/* Define to 1 if the system has the type `uint64_t'. */
-#define HAVE_UINT64_T 1
-
-/* Define to 1 if the system has the type `uint8_t'. */
-#define HAVE_UINT8_T 1
-
-/* Define to 1 if you have the <unistd.h> header file. */
-/* #undef HAVE_UNISTD_H */
-
-/* Define to 1 if you have the `usleep' function. */
-/* #undef HAVE_USLEEP */
-
-/* Define to 1 if you have the <windows.h> header file. */
-#define HAVE_WINDOWS_H 1
-
-/* Define to 1 if you have the <winsock2.h> header file. */
-#define HAVE_WINSOCK2_H 1
-
-/* Define to use X86 inlined assembly code */
-/* #undef HAVE_X86 */
-
-/* Define to the address where bug reports for this package should be sent. */
-#define PACKAGE_BUGREPORT ""
-
-/* Define to the full name of this package. */
-#define PACKAGE_NAME ""
-
-/* Define to the full name and version of this package. */
-#define PACKAGE_STRING ""
-
-/* Define to the one symbol short name of this package. */
-#define PACKAGE_TARNAME ""
-
-/* Define to the version of this package. */
-#define PACKAGE_VERSION ""
-
-/* The size of a `unsigned long', as computed by sizeof. */
-#define SIZEOF_UNSIGNED_LONG 4
-
-/* The size of a `unsigned long long', as computed by sizeof. */
-#define SIZEOF_UNSIGNED_LONG_LONG 8
-
-/* Define to use GDOI. */
-/* #undef SRTP_GDOI */
-
-/* Define to compile for kernel contexts. */
-/* #undef SRTP_KERNEL */
-
-/* Define to compile for Linux kernel context. */
-/* #undef SRTP_KERNEL_LINUX */
-
-/* Define to 1 if you have the ANSI C header files. */
-#define STDC_HEADERS 1
-
-/* Write errors to this file */
-/* #undef USE_ERR_REPORTING_FILE */
-
-/* Define to use syslog logging. */
-/* #undef USE_SYSLOG */
-
-/* Define to 1 if your processor stores words with the most significant byte
- first (like Motorola and SPARC, unlike Intel and VAX). */
-/* #undef WORDS_BIGENDIAN */
-
-/* Define to empty if `const' does not conform to ANSI C. */
-/* #undef const */
-
-/* Define 'inline' to nothing, since the MSVC compiler doesn't support it. */
-#define inline
-
-/* Define to `unsigned' if <sys/types.h> does not define. */
-/* #undef size_t */
-
-#if (_MSC_VER >= 1400) // VC8+
-#ifndef _CRT_SECURE_NO_DEPRECATE
-#define _CRT_SECURE_NO_DEPRECATE
-#endif
-#ifndef _CRT_NONSTDC_NO_DEPRECATE
-#define _CRT_NONSTDC_NO_DEPRECATE
-#endif
-#endif // VC8+
-
-#ifndef uint32_t
-typedef unsigned __int8 uint8_t;
-typedef unsigned __int16 uint16_t;
-typedef unsigned __int32 uint32_t;
-typedef unsigned __int64 uint64_t;
-typedef __int8 int8_t;
-typedef __int16 int16_t;
-typedef __int32 int32_t;
-typedef __int64 int64_t;
-#endif
-
-#ifdef _MSC_VER
-#pragma warning(disable:4311)
-#endif
diff --git a/config.log b/config.log
deleted file mode 100644
index 2e1911a..0000000
--- a/config.log
+++ /dev/null
@@ -1,1130 +0,0 @@
-This file contains any messages produced by compilers while
-running configure, to aid debugging if configure makes a mistake.
-
-It was created by configure, which was
-generated by GNU Autoconf 2.59. Invocation command line was
-
- $ ./configure --prefix=/home/astor/localastor/google3/third_party/libsrtp/v1_4_2
-
-## --------- ##
-## Platform. ##
-## --------- ##
-
-hostname = hpgntae-ubiq59.eem.corp.google.com
-uname -m = x86_64
-uname -r = 2.6.18.5-gg47server-xenu-3.1
-uname -s = Linux
-uname -v = #1 SMP Fri May 22 12:54:38 PDT 2009
-
-/usr/bin/uname -p = unknown
-/bin/uname -X = unknown
-
-/bin/arch = unknown
-/usr/bin/arch -k = unknown
-/usr/convex/getsysinfo = unknown
-hostinfo = unknown
-/bin/machine = unknown
-/usr/bin/oslevel = unknown
-/bin/universe = unknown
-
-PATH: /home/astor/bin
-PATH: /home/astor/software/bin
-PATH: /home/astor/software/usr/bin
-PATH: /home/astor/bin
-PATH: /home/astor/software/bin
-PATH: /home/astor/software/usr/bin
-PATH: /usr/local/symlinks
-PATH: /usr/local/scripts
-PATH: /usr/local/sbin
-PATH: /usr/local/bin
-PATH: /usr/sbin
-PATH: /usr/bin
-PATH: /sbin
-PATH: /bin
-PATH: /usr/bin/X11
-PATH: /opt/alice-1.3/bin
-PATH: /home/build/static/projects/borg
-PATH: /opt/alice-1.3/bin
-PATH: /home/build/static/projects/borg
-
-
-## ----------- ##
-## Core tests. ##
-## ----------- ##
-
-configure:1349: checking for ranlib
-configure:1365: found /usr/bin/ranlib
-configure:1376: result: ranlib
-configure:1434: checking for gcc
-configure:1450: found /usr/bin/gcc
-configure:1460: result: gcc
-configure:1704: checking for C compiler version
-configure:1707: gcc --version </dev/null >&5
-gcc (GCC) 4.2.4 (Ubuntu 4.2.4-1ubuntu4)
-Copyright (C) 2007 Free Software Foundation, Inc.
-This is free software; see the source for copying conditions. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-
-configure:1710: $? = 0
-configure:1712: gcc -v </dev/null >&5
-Using built-in specs.
-Target: x86_64-linux-gnu
-Configured with: ../src/configure -v --enable-languages=c,c++,fortran,objc,obj-c++,treelang --prefix=/usr --enable-shared --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --enable-nls --with-gxx-include-dir=/usr/include/c++/4.2 --program-suffix=-4.2 --enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc --enable-mpfr --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
-Thread model: posix
-gcc version 4.2.4 (Ubuntu 4.2.4-1ubuntu4)
-configure:1715: $? = 0
-configure:1717: gcc -V </dev/null >&5
-gcc: '-V' option must have argument
-configure:1720: $? = 1
-configure:1743: checking for C compiler default output file name
-configure:1746: gcc -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:1749: $? = 0
-configure:1795: result: a.out
-configure:1800: checking whether the C compiler works
-configure:1806: ./a.out
-configure:1809: $? = 0
-configure:1826: result: yes
-configure:1833: checking whether we are cross compiling
-configure:1835: result: no
-configure:1838: checking for suffix of executables
-configure:1840: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:1843: $? = 0
-configure:1868: result:
-configure:1874: checking for suffix of object files
-configure:1895: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:1898: $? = 0
-configure:1920: result: o
-configure:1924: checking whether we are using the GNU C compiler
-configure:1948: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:1954: $? = 0
-configure:1958: test -z
- || test ! -s conftest.err
-configure:1961: $? = 0
-configure:1964: test -s conftest.o
-configure:1967: $? = 0
-configure:1980: result: yes
-configure:1986: checking whether gcc accepts -g
-configure:2007: gcc -c -g conftest.c >&5
-configure:2013: $? = 0
-configure:2017: test -z
- || test ! -s conftest.err
-configure:2020: $? = 0
-configure:2023: test -s conftest.o
-configure:2026: $? = 0
-configure:2037: result: yes
-configure:2054: checking for gcc option to accept ANSI C
-configure:2124: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:2130: $? = 0
-configure:2134: test -z
- || test ! -s conftest.err
-configure:2137: $? = 0
-configure:2140: test -s conftest.o
-configure:2143: $? = 0
-configure:2161: result: none needed
-configure:2179: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-conftest.c:2: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'me'
-configure:2185: $? = 1
-configure: failed program was:
-| #ifndef __cplusplus
-| choke me
-| #endif
-configure:2356: checking for a BSD-compatible install
-configure:2411: result: /usr/bin/install -c
-configure:2436: checking whether to build for Linux kernel context
-configure:2450: result: no
-configure:2454: checking for /dev/urandom
-configure:2469: result: yes
-configure:2499: checking which random device to use
-configure:2513: result: /dev/urandom
-configure:2529: checking how to run the C preprocessor
-configure:2564: gcc -E conftest.c
-configure:2570: $? = 0
-configure:2602: gcc -E conftest.c
-conftest.c:10:28: error: ac_nonexistent.h: No such file or directory
-configure:2608: $? = 1
-configure: failed program was:
-| /* confdefs.h. */
-|
-| #define PACKAGE_NAME ""
-| #define PACKAGE_TARNAME ""
-| #define PACKAGE_VERSION ""
-| #define PACKAGE_STRING ""
-| #define PACKAGE_BUGREPORT ""
-| #define DEV_URANDOM "/dev/urandom"
-| /* end confdefs.h. */
-| #include <ac_nonexistent.h>
-configure:2647: result: gcc -E
-configure:2671: gcc -E conftest.c
-configure:2677: $? = 0
-configure:2709: gcc -E conftest.c
-conftest.c:10:28: error: ac_nonexistent.h: No such file or directory
-configure:2715: $? = 1
-configure: failed program was:
-| /* confdefs.h. */
-|
-| #define PACKAGE_NAME ""
-| #define PACKAGE_TARNAME ""
-| #define PACKAGE_VERSION ""
-| #define PACKAGE_STRING ""
-| #define PACKAGE_BUGREPORT ""
-| #define DEV_URANDOM "/dev/urandom"
-| /* end confdefs.h. */
-| #include <ac_nonexistent.h>
-configure:2759: checking for egrep
-configure:2769: result: grep -E
-configure:2774: checking for ANSI C header files
-configure:2799: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:2805: $? = 0
-configure:2809: test -z
- || test ! -s conftest.err
-configure:2812: $? = 0
-configure:2815: test -s conftest.o
-configure:2818: $? = 0
-configure:2907: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-conftest.c: In function 'main':
-conftest.c:27: warning: implicit declaration of function 'exit'
-conftest.c:27: warning: incompatible implicit declaration of built-in function 'exit'
-configure:2910: $? = 0
-configure:2912: ./conftest
-configure:2915: $? = 0
-configure:2930: result: yes
-configure:2954: checking for sys/types.h
-configure:2970: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:2976: $? = 0
-configure:2980: test -z
- || test ! -s conftest.err
-configure:2983: $? = 0
-configure:2986: test -s conftest.o
-configure:2989: $? = 0
-configure:3000: result: yes
-configure:2954: checking for sys/stat.h
-configure:2970: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:2976: $? = 0
-configure:2980: test -z
- || test ! -s conftest.err
-configure:2983: $? = 0
-configure:2986: test -s conftest.o
-configure:2989: $? = 0
-configure:3000: result: yes
-configure:2954: checking for stdlib.h
-configure:2970: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:2976: $? = 0
-configure:2980: test -z
- || test ! -s conftest.err
-configure:2983: $? = 0
-configure:2986: test -s conftest.o
-configure:2989: $? = 0
-configure:3000: result: yes
-configure:2954: checking for string.h
-configure:2970: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:2976: $? = 0
-configure:2980: test -z
- || test ! -s conftest.err
-configure:2983: $? = 0
-configure:2986: test -s conftest.o
-configure:2989: $? = 0
-configure:3000: result: yes
-configure:2954: checking for memory.h
-configure:2970: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:2976: $? = 0
-configure:2980: test -z
- || test ! -s conftest.err
-configure:2983: $? = 0
-configure:2986: test -s conftest.o
-configure:2989: $? = 0
-configure:3000: result: yes
-configure:2954: checking for strings.h
-configure:2970: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:2976: $? = 0
-configure:2980: test -z
- || test ! -s conftest.err
-configure:2983: $? = 0
-configure:2986: test -s conftest.o
-configure:2989: $? = 0
-configure:3000: result: yes
-configure:2954: checking for inttypes.h
-configure:2970: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:2976: $? = 0
-configure:2980: test -z
- || test ! -s conftest.err
-configure:2983: $? = 0
-configure:2986: test -s conftest.o
-configure:2989: $? = 0
-configure:3000: result: yes
-configure:2954: checking for stdint.h
-configure:2970: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:2976: $? = 0
-configure:2980: test -z
- || test ! -s conftest.err
-configure:2983: $? = 0
-configure:2986: test -s conftest.o
-configure:2989: $? = 0
-configure:3000: result: yes
-configure:2954: checking for unistd.h
-configure:2970: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:2976: $? = 0
-configure:2980: test -z
- || test ! -s conftest.err
-configure:2983: $? = 0
-configure:2986: test -s conftest.o
-configure:2989: $? = 0
-configure:3000: result: yes
-configure:3017: checking for stdlib.h
-configure:3022: result: yes
-configure:3167: checking for unistd.h
-configure:3172: result: yes
-configure:3326: checking byteswap.h usability
-configure:3338: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:3344: $? = 0
-configure:3348: test -z
- || test ! -s conftest.err
-configure:3351: $? = 0
-configure:3354: test -s conftest.o
-configure:3357: $? = 0
-configure:3367: result: yes
-configure:3371: checking byteswap.h presence
-configure:3381: gcc -E conftest.c
-configure:3387: $? = 0
-configure:3407: result: yes
-configure:3442: checking for byteswap.h
-configure:3449: result: yes
-configure:3467: checking for stdint.h
-configure:3472: result: yes
-configure:3626: checking sys/uio.h usability
-configure:3638: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:3644: $? = 0
-configure:3648: test -z
- || test ! -s conftest.err
-configure:3651: $? = 0
-configure:3654: test -s conftest.o
-configure:3657: $? = 0
-configure:3667: result: yes
-configure:3671: checking sys/uio.h presence
-configure:3681: gcc -E conftest.c
-configure:3687: $? = 0
-configure:3707: result: yes
-configure:3742: checking for sys/uio.h
-configure:3749: result: yes
-configure:3767: checking for inttypes.h
-configure:3772: result: yes
-configure:3917: checking for sys/types.h
-configure:3922: result: yes
-configure:4076: checking machine/types.h usability
-configure:4088: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-conftest.c:61:27: error: machine/types.h: No such file or directory
-configure:4094: $? = 1
-configure: failed program was:
-| /* confdefs.h. */
-|
-| #define PACKAGE_NAME ""
-| #define PACKAGE_TARNAME ""
-| #define PACKAGE_VERSION ""
-| #define PACKAGE_STRING ""
-| #define PACKAGE_BUGREPORT ""
-| #define DEV_URANDOM "/dev/urandom"
-| #define STDC_HEADERS 1
-| #define HAVE_SYS_TYPES_H 1
-| #define HAVE_SYS_STAT_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_STRING_H 1
-| #define HAVE_MEMORY_H 1
-| #define HAVE_STRINGS_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_BYTESWAP_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_SYS_UIO_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_SYS_TYPES_H 1
-| /* end confdefs.h. */
-| #include <stdio.h>
-| #if HAVE_SYS_TYPES_H
-| # include <sys/types.h>
-| #endif
-| #if HAVE_SYS_STAT_H
-| # include <sys/stat.h>
-| #endif
-| #if STDC_HEADERS
-| # include <stdlib.h>
-| # include <stddef.h>
-| #else
-| # if HAVE_STDLIB_H
-| # include <stdlib.h>
-| # endif
-| #endif
-| #if HAVE_STRING_H
-| # if !STDC_HEADERS && HAVE_MEMORY_H
-| # include <memory.h>
-| # endif
-| # include <string.h>
-| #endif
-| #if HAVE_STRINGS_H
-| # include <strings.h>
-| #endif
-| #if HAVE_INTTYPES_H
-| # include <inttypes.h>
-| #else
-| # if HAVE_STDINT_H
-| # include <stdint.h>
-| # endif
-| #endif
-| #if HAVE_UNISTD_H
-| # include <unistd.h>
-| #endif
-| #include <machine/types.h>
-configure:4117: result: no
-configure:4121: checking machine/types.h presence
-configure:4131: gcc -E conftest.c
-conftest.c:27:27: error: machine/types.h: No such file or directory
-configure:4137: $? = 1
-configure: failed program was:
-| /* confdefs.h. */
-|
-| #define PACKAGE_NAME ""
-| #define PACKAGE_TARNAME ""
-| #define PACKAGE_VERSION ""
-| #define PACKAGE_STRING ""
-| #define PACKAGE_BUGREPORT ""
-| #define DEV_URANDOM "/dev/urandom"
-| #define STDC_HEADERS 1
-| #define HAVE_SYS_TYPES_H 1
-| #define HAVE_SYS_STAT_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_STRING_H 1
-| #define HAVE_MEMORY_H 1
-| #define HAVE_STRINGS_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_BYTESWAP_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_SYS_UIO_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_SYS_TYPES_H 1
-| /* end confdefs.h. */
-| #include <machine/types.h>
-configure:4157: result: no
-configure:4192: checking for machine/types.h
-configure:4199: result: no
-configure:4226: checking sys/int_types.h usability
-configure:4238: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-conftest.c:61:27: error: sys/int_types.h: No such file or directory
-configure:4244: $? = 1
-configure: failed program was:
-| /* confdefs.h. */
-|
-| #define PACKAGE_NAME ""
-| #define PACKAGE_TARNAME ""
-| #define PACKAGE_VERSION ""
-| #define PACKAGE_STRING ""
-| #define PACKAGE_BUGREPORT ""
-| #define DEV_URANDOM "/dev/urandom"
-| #define STDC_HEADERS 1
-| #define HAVE_SYS_TYPES_H 1
-| #define HAVE_SYS_STAT_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_STRING_H 1
-| #define HAVE_MEMORY_H 1
-| #define HAVE_STRINGS_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_BYTESWAP_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_SYS_UIO_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_SYS_TYPES_H 1
-| /* end confdefs.h. */
-| #include <stdio.h>
-| #if HAVE_SYS_TYPES_H
-| # include <sys/types.h>
-| #endif
-| #if HAVE_SYS_STAT_H
-| # include <sys/stat.h>
-| #endif
-| #if STDC_HEADERS
-| # include <stdlib.h>
-| # include <stddef.h>
-| #else
-| # if HAVE_STDLIB_H
-| # include <stdlib.h>
-| # endif
-| #endif
-| #if HAVE_STRING_H
-| # if !STDC_HEADERS && HAVE_MEMORY_H
-| # include <memory.h>
-| # endif
-| # include <string.h>
-| #endif
-| #if HAVE_STRINGS_H
-| # include <strings.h>
-| #endif
-| #if HAVE_INTTYPES_H
-| # include <inttypes.h>
-| #else
-| # if HAVE_STDINT_H
-| # include <stdint.h>
-| # endif
-| #endif
-| #if HAVE_UNISTD_H
-| # include <unistd.h>
-| #endif
-| #include <sys/int_types.h>
-configure:4267: result: no
-configure:4271: checking sys/int_types.h presence
-configure:4281: gcc -E conftest.c
-conftest.c:27:27: error: sys/int_types.h: No such file or directory
-configure:4287: $? = 1
-configure: failed program was:
-| /* confdefs.h. */
-|
-| #define PACKAGE_NAME ""
-| #define PACKAGE_TARNAME ""
-| #define PACKAGE_VERSION ""
-| #define PACKAGE_STRING ""
-| #define PACKAGE_BUGREPORT ""
-| #define DEV_URANDOM "/dev/urandom"
-| #define STDC_HEADERS 1
-| #define HAVE_SYS_TYPES_H 1
-| #define HAVE_SYS_STAT_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_STRING_H 1
-| #define HAVE_MEMORY_H 1
-| #define HAVE_STRINGS_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_BYTESWAP_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_SYS_UIO_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_SYS_TYPES_H 1
-| /* end confdefs.h. */
-| #include <sys/int_types.h>
-configure:4307: result: no
-configure:4342: checking for sys/int_types.h
-configure:4349: result: no
-configure:4379: checking sys/socket.h usability
-configure:4391: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:4397: $? = 0
-configure:4401: test -z
- || test ! -s conftest.err
-configure:4404: $? = 0
-configure:4407: test -s conftest.o
-configure:4410: $? = 0
-configure:4420: result: yes
-configure:4424: checking sys/socket.h presence
-configure:4434: gcc -E conftest.c
-configure:4440: $? = 0
-configure:4460: result: yes
-configure:4495: checking for sys/socket.h
-configure:4502: result: yes
-configure:4379: checking netinet/in.h usability
-configure:4391: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:4397: $? = 0
-configure:4401: test -z
- || test ! -s conftest.err
-configure:4404: $? = 0
-configure:4407: test -s conftest.o
-configure:4410: $? = 0
-configure:4420: result: yes
-configure:4424: checking netinet/in.h presence
-configure:4434: gcc -E conftest.c
-configure:4440: $? = 0
-configure:4460: result: yes
-configure:4495: checking for netinet/in.h
-configure:4502: result: yes
-configure:4379: checking arpa/inet.h usability
-configure:4391: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:4397: $? = 0
-configure:4401: test -z
- || test ! -s conftest.err
-configure:4404: $? = 0
-configure:4407: test -s conftest.o
-configure:4410: $? = 0
-configure:4420: result: yes
-configure:4424: checking arpa/inet.h presence
-configure:4434: gcc -E conftest.c
-configure:4440: $? = 0
-configure:4460: result: yes
-configure:4495: checking for arpa/inet.h
-configure:4502: result: yes
-configure:4529: checking windows.h usability
-configure:4541: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-conftest.c:64:21: error: windows.h: No such file or directory
-configure:4547: $? = 1
-configure: failed program was:
-| /* confdefs.h. */
-|
-| #define PACKAGE_NAME ""
-| #define PACKAGE_TARNAME ""
-| #define PACKAGE_VERSION ""
-| #define PACKAGE_STRING ""
-| #define PACKAGE_BUGREPORT ""
-| #define DEV_URANDOM "/dev/urandom"
-| #define STDC_HEADERS 1
-| #define HAVE_SYS_TYPES_H 1
-| #define HAVE_SYS_STAT_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_STRING_H 1
-| #define HAVE_MEMORY_H 1
-| #define HAVE_STRINGS_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_BYTESWAP_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_SYS_UIO_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_SYS_TYPES_H 1
-| #define HAVE_SYS_SOCKET_H 1
-| #define HAVE_NETINET_IN_H 1
-| #define HAVE_ARPA_INET_H 1
-| /* end confdefs.h. */
-| #include <stdio.h>
-| #if HAVE_SYS_TYPES_H
-| # include <sys/types.h>
-| #endif
-| #if HAVE_SYS_STAT_H
-| # include <sys/stat.h>
-| #endif
-| #if STDC_HEADERS
-| # include <stdlib.h>
-| # include <stddef.h>
-| #else
-| # if HAVE_STDLIB_H
-| # include <stdlib.h>
-| # endif
-| #endif
-| #if HAVE_STRING_H
-| # if !STDC_HEADERS && HAVE_MEMORY_H
-| # include <memory.h>
-| # endif
-| # include <string.h>
-| #endif
-| #if HAVE_STRINGS_H
-| # include <strings.h>
-| #endif
-| #if HAVE_INTTYPES_H
-| # include <inttypes.h>
-| #else
-| # if HAVE_STDINT_H
-| # include <stdint.h>
-| # endif
-| #endif
-| #if HAVE_UNISTD_H
-| # include <unistd.h>
-| #endif
-| #include <windows.h>
-configure:4570: result: no
-configure:4574: checking windows.h presence
-configure:4584: gcc -E conftest.c
-conftest.c:30:21: error: windows.h: No such file or directory
-configure:4590: $? = 1
-configure: failed program was:
-| /* confdefs.h. */
-|
-| #define PACKAGE_NAME ""
-| #define PACKAGE_TARNAME ""
-| #define PACKAGE_VERSION ""
-| #define PACKAGE_STRING ""
-| #define PACKAGE_BUGREPORT ""
-| #define DEV_URANDOM "/dev/urandom"
-| #define STDC_HEADERS 1
-| #define HAVE_SYS_TYPES_H 1
-| #define HAVE_SYS_STAT_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_STRING_H 1
-| #define HAVE_MEMORY_H 1
-| #define HAVE_STRINGS_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_BYTESWAP_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_SYS_UIO_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_SYS_TYPES_H 1
-| #define HAVE_SYS_SOCKET_H 1
-| #define HAVE_NETINET_IN_H 1
-| #define HAVE_ARPA_INET_H 1
-| /* end confdefs.h. */
-| #include <windows.h>
-configure:4610: result: no
-configure:4645: checking for windows.h
-configure:4652: result: no
-configure:4829: checking syslog.h usability
-configure:4841: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:4847: $? = 0
-configure:4851: test -z
- || test ! -s conftest.err
-configure:4854: $? = 0
-configure:4857: test -s conftest.o
-configure:4860: $? = 0
-configure:4870: result: yes
-configure:4874: checking syslog.h presence
-configure:4884: gcc -E conftest.c
-configure:4890: $? = 0
-configure:4910: result: yes
-configure:4945: checking for syslog.h
-configure:4952: result: yes
-configure:4966: checking for int8_t
-configure:4990: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:4996: $? = 0
-configure:5000: test -z
- || test ! -s conftest.err
-configure:5003: $? = 0
-configure:5006: test -s conftest.o
-configure:5009: $? = 0
-configure:5020: result: yes
-configure:5030: checking for uint8_t
-configure:5054: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:5060: $? = 0
-configure:5064: test -z
- || test ! -s conftest.err
-configure:5067: $? = 0
-configure:5070: test -s conftest.o
-configure:5073: $? = 0
-configure:5084: result: yes
-configure:5094: checking for int16_t
-configure:5118: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:5124: $? = 0
-configure:5128: test -z
- || test ! -s conftest.err
-configure:5131: $? = 0
-configure:5134: test -s conftest.o
-configure:5137: $? = 0
-configure:5148: result: yes
-configure:5158: checking for uint16_t
-configure:5182: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:5188: $? = 0
-configure:5192: test -z
- || test ! -s conftest.err
-configure:5195: $? = 0
-configure:5198: test -s conftest.o
-configure:5201: $? = 0
-configure:5212: result: yes
-configure:5222: checking for int32_t
-configure:5246: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:5252: $? = 0
-configure:5256: test -z
- || test ! -s conftest.err
-configure:5259: $? = 0
-configure:5262: test -s conftest.o
-configure:5265: $? = 0
-configure:5276: result: yes
-configure:5286: checking for uint32_t
-configure:5310: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:5316: $? = 0
-configure:5320: test -z
- || test ! -s conftest.err
-configure:5323: $? = 0
-configure:5326: test -s conftest.o
-configure:5329: $? = 0
-configure:5340: result: yes
-configure:5350: checking for uint64_t
-configure:5374: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:5380: $? = 0
-configure:5384: test -z
- || test ! -s conftest.err
-configure:5387: $? = 0
-configure:5390: test -s conftest.o
-configure:5393: $? = 0
-configure:5404: result: yes
-configure:5415: checking for unsigned long
-configure:5439: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:5445: $? = 0
-configure:5449: test -z
- || test ! -s conftest.err
-configure:5452: $? = 0
-configure:5455: test -s conftest.o
-configure:5458: $? = 0
-configure:5469: result: yes
-configure:5472: checking size of unsigned long
-configure:5791: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:5794: $? = 0
-configure:5796: ./conftest
-configure:5799: $? = 0
-configure:5822: result: 8
-configure:5829: checking for unsigned long long
-configure:5853: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:5859: $? = 0
-configure:5863: test -z
- || test ! -s conftest.err
-configure:5866: $? = 0
-configure:5869: test -s conftest.o
-configure:5872: $? = 0
-configure:5883: result: yes
-configure:5886: checking size of unsigned long long
-configure:6205: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:6208: $? = 0
-configure:6210: ./conftest
-configure:6213: $? = 0
-configure:6236: result: 8
-configure:6244: checking for an ANSI C-conforming const
-configure:6311: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-conftest.c: In function 'main':
-conftest.c:67: warning: unused variable 's'
-conftest.c:87: warning: unused variable 'foo'
-conftest.c:54: warning: unused variable 'zero'
-conftest.c:48: warning: unused variable 'x'
-conftest.c:69: warning: 't' is used uninitialized in this function
-conftest.c:84: warning: 'b' is used uninitialized in this function
-configure:6317: $? = 0
-configure:6321: test -z
- || test ! -s conftest.err
-configure:6324: $? = 0
-configure:6327: test -s conftest.o
-configure:6330: $? = 0
-configure:6341: result: yes
-configure:6351: checking for inline
-configure:6372: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:6378: $? = 0
-configure:6382: test -z
- || test ! -s conftest.err
-configure:6385: $? = 0
-configure:6388: test -s conftest.o
-configure:6391: $? = 0
-configure:6403: result: inline
-configure:6422: checking for size_t
-configure:6446: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:6452: $? = 0
-configure:6456: test -z
- || test ! -s conftest.err
-configure:6459: $? = 0
-configure:6462: test -s conftest.o
-configure:6465: $? = 0
-configure:6476: result: yes
-configure:6495: checking for socket
-configure:6552: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:6558: $? = 0
-configure:6562: test -z
- || test ! -s conftest.err
-configure:6565: $? = 0
-configure:6568: test -s conftest
-configure:6571: $? = 0
-configure:6583: result: yes
-configure:6495: checking for inet_aton
-configure:6552: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:6558: $? = 0
-configure:6562: test -z
- || test ! -s conftest.err
-configure:6565: $? = 0
-configure:6568: test -s conftest
-configure:6571: $? = 0
-configure:6583: result: yes
-configure:6495: checking for usleep
-configure:6552: gcc -o conftest -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:6558: $? = 0
-configure:6562: test -z
- || test ! -s conftest.err
-configure:6565: $? = 0
-configure:6568: test -s conftest
-configure:6571: $? = 0
-configure:6583: result: yes
-configure:6729: checking whether byte ordering is bigendian
-configure:6756: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-configure:6762: $? = 0
-configure:6766: test -z
- || test ! -s conftest.err
-configure:6769: $? = 0
-configure:6772: test -s conftest.o
-configure:6775: $? = 0
-configure:6799: gcc -c -Wall -O4 -fexpensive-optimizations -funroll-loops conftest.c >&5
-conftest.c: In function 'main':
-conftest.c:50: error: 'not' undeclared (first use in this function)
-conftest.c:50: error: (Each undeclared identifier is reported only once
-conftest.c:50: error: for each function it appears in.)
-conftest.c:50: error: expected ';' before 'big'
-configure:6805: $? = 1
-configure: failed program was:
-| /* confdefs.h. */
-|
-| #define PACKAGE_NAME ""
-| #define PACKAGE_TARNAME ""
-| #define PACKAGE_VERSION ""
-| #define PACKAGE_STRING ""
-| #define PACKAGE_BUGREPORT ""
-| #define DEV_URANDOM "/dev/urandom"
-| #define STDC_HEADERS 1
-| #define HAVE_SYS_TYPES_H 1
-| #define HAVE_SYS_STAT_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_STRING_H 1
-| #define HAVE_MEMORY_H 1
-| #define HAVE_STRINGS_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_STDLIB_H 1
-| #define HAVE_UNISTD_H 1
-| #define HAVE_BYTESWAP_H 1
-| #define HAVE_STDINT_H 1
-| #define HAVE_SYS_UIO_H 1
-| #define HAVE_INTTYPES_H 1
-| #define HAVE_SYS_TYPES_H 1
-| #define HAVE_SYS_SOCKET_H 1
-| #define HAVE_NETINET_IN_H 1
-| #define HAVE_ARPA_INET_H 1
-| #define HAVE_SYSLOG_H 1
-| #define HAVE_INT8_T 1
-| #define HAVE_UINT8_T 1
-| #define HAVE_INT16_T 1
-| #define HAVE_UINT16_T 1
-| #define HAVE_INT32_T 1
-| #define HAVE_UINT32_T 1
-| #define HAVE_UINT64_T 1
-| #define SIZEOF_UNSIGNED_LONG 8
-| #define SIZEOF_UNSIGNED_LONG_LONG 8
-| #define HAVE_SOCKET 1
-| #define HAVE_INET_ATON 1
-| #define HAVE_USLEEP 1
-| /* end confdefs.h. */
-| #include <sys/types.h>
-| #include <sys/param.h>
-|
-| int
-| main ()
-| {
-| #if BYTE_ORDER != BIG_ENDIAN
-| not big endian
-| #endif
-|
-| ;
-| return 0;
-| }
-configure:6940: result: no
-configure:6966: checking build system type
-configure:6984: result: x86_64-unknown-linux-gnu
-configure:6992: checking host system type
-configure:7006: result: x86_64-unknown-linux-gnu
-configure:7052: checking whether to compile in debugging
-configure:7068: result: yes
-configure:7071: checking whether to use ISMAcryp code
-configure:7087: result: no
-configure:7090: checking whether to use syslog for error reporting
-configure:7106: result: no
-configure:7109: checking whether to use stdout for error reporting
-configure:7125: result: yes
-configure:7128: checking whether to use /dev/console for error reporting
-configure:7149: result: no
-configure:7152: checking whether to use GDOI key management
-configure:7170: result: no
-configure:7272: creating ./config.status
-
-## ---------------------- ##
-## Running config.status. ##
-## ---------------------- ##
-
-This file was extended by config.status, which was
-generated by GNU Autoconf 2.59. Invocation command line was
-
- CONFIG_FILES =
- CONFIG_HEADERS =
- CONFIG_LINKS =
- CONFIG_COMMANDS =
- $ ./config.status
-
-on hpgntae-ubiq59.eem.corp.google.com
-
-config.status:664: creating Makefile
-config.status:664: creating crypto/Makefile
-config.status:664: creating doc/Makefile
-config.status:768: creating crypto/include/config.h
-
-## ---------------- ##
-## Cache variables. ##
-## ---------------- ##
-
-ac_cv_build=x86_64-unknown-linux-gnu
-ac_cv_build_alias=x86_64-unknown-linux-gnu
-ac_cv_c_bigendian=no
-ac_cv_c_compiler_gnu=yes
-ac_cv_c_const=yes
-ac_cv_c_inline=inline
-ac_cv_env_CC_set=
-ac_cv_env_CC_value=
-ac_cv_env_CFLAGS_set=
-ac_cv_env_CFLAGS_value=
-ac_cv_env_CPPFLAGS_set=
-ac_cv_env_CPPFLAGS_value=
-ac_cv_env_CPP_set=
-ac_cv_env_CPP_value=
-ac_cv_env_LDFLAGS_set=
-ac_cv_env_LDFLAGS_value=
-ac_cv_env_build_alias_set=
-ac_cv_env_build_alias_value=
-ac_cv_env_host_alias_set=
-ac_cv_env_host_alias_value=
-ac_cv_env_target_alias_set=
-ac_cv_env_target_alias_value=
-ac_cv_exeext=
-ac_cv_file__dev_urandom=yes
-ac_cv_func_inet_aton=yes
-ac_cv_func_socket=yes
-ac_cv_func_usleep=yes
-ac_cv_header_arpa_inet_h=yes
-ac_cv_header_byteswap_h=yes
-ac_cv_header_inttypes_h=yes
-ac_cv_header_machine_types_h=no
-ac_cv_header_memory_h=yes
-ac_cv_header_netinet_in_h=yes
-ac_cv_header_stdc=yes
-ac_cv_header_stdint_h=yes
-ac_cv_header_stdlib_h=yes
-ac_cv_header_string_h=yes
-ac_cv_header_strings_h=yes
-ac_cv_header_sys_int_types_h=no
-ac_cv_header_sys_socket_h=yes
-ac_cv_header_sys_stat_h=yes
-ac_cv_header_sys_types_h=yes
-ac_cv_header_sys_uio_h=yes
-ac_cv_header_syslog_h=yes
-ac_cv_header_unistd_h=yes
-ac_cv_header_windows_h=no
-ac_cv_host=x86_64-unknown-linux-gnu
-ac_cv_host_alias=x86_64-unknown-linux-gnu
-ac_cv_objext=o
-ac_cv_path_install='/usr/bin/install -c'
-ac_cv_prog_CPP='gcc -E'
-ac_cv_prog_ac_ct_CC=gcc
-ac_cv_prog_ac_ct_RANLIB=ranlib
-ac_cv_prog_cc_g=yes
-ac_cv_prog_cc_stdc=
-ac_cv_prog_egrep='grep -E'
-ac_cv_sizeof_unsigned_long=8
-ac_cv_sizeof_unsigned_long_long=8
-ac_cv_type_int16_t=yes
-ac_cv_type_int32_t=yes
-ac_cv_type_int8_t=yes
-ac_cv_type_size_t=yes
-ac_cv_type_uint16_t=yes
-ac_cv_type_uint32_t=yes
-ac_cv_type_uint64_t=yes
-ac_cv_type_uint8_t=yes
-ac_cv_type_unsigned_long=yes
-ac_cv_type_unsigned_long_long=yes
-
-## ----------------- ##
-## Output variables. ##
-## ----------------- ##
-
-CC='gcc'
-CFLAGS='-Wall -O4 -fexpensive-optimizations -funroll-loops'
-CPP='gcc -E'
-CPPFLAGS=''
-DEFS='-DHAVE_CONFIG_H'
-ECHO_C=''
-ECHO_N='-n'
-ECHO_T=''
-EGREP='grep -E'
-EXE=''
-EXEEXT=''
-GDOI_OBJS=''
-INSTALL_DATA='${INSTALL} -m 644'
-INSTALL_PROGRAM='${INSTALL}'
-INSTALL_SCRIPT='${INSTALL}'
-LDFLAGS=''
-LIBOBJS=''
-LIBS=''
-LTLIBOBJS=''
-OBJEXT='o'
-PACKAGE_BUGREPORT=''
-PACKAGE_NAME=''
-PACKAGE_STRING=''
-PACKAGE_TARNAME=''
-PACKAGE_VERSION=''
-PATH_SEPARATOR=':'
-RANLIB='ranlib'
-RNG_OBJS='rand_source.o'
-SHELL='/bin/sh'
-ac_ct_CC='gcc'
-ac_ct_RANLIB='ranlib'
-bindir='${exec_prefix}/bin'
-build='x86_64-unknown-linux-gnu'
-build_alias=''
-build_cpu='x86_64'
-build_os='linux-gnu'
-build_vendor='unknown'
-datadir='${prefix}/share'
-exec_prefix='${prefix}'
-host='x86_64-unknown-linux-gnu'
-host_alias=''
-host_cpu='x86_64'
-host_os='linux-gnu'
-host_vendor='unknown'
-includedir='${prefix}/include'
-infodir='${prefix}/info'
-libdir='${exec_prefix}/lib'
-libexecdir='${exec_prefix}/libexec'
-localstatedir='${prefix}/var'
-mandir='${prefix}/man'
-oldincludedir='/usr/include'
-prefix='/home/astor/localastor/google3/third_party/libsrtp/v1_4_2'
-program_transform_name='s,x,x,'
-sbindir='${exec_prefix}/sbin'
-sharedstatedir='${prefix}/com'
-sysconfdir='${prefix}/etc'
-target_alias=''
-
-## ----------- ##
-## confdefs.h. ##
-## ----------- ##
-
-#define CPU_CISC 1
-#define DEV_URANDOM "/dev/urandom"
-#define ENABLE_DEBUGGING 1
-#define ERR_REPORTING_STDOUT 1
-#define HAVE_ARPA_INET_H 1
-#define HAVE_BYTESWAP_H 1
-#define HAVE_INET_ATON 1
-#define HAVE_INT16_T 1
-#define HAVE_INT32_T 1
-#define HAVE_INT8_T 1
-#define HAVE_INTTYPES_H 1
-#define HAVE_INTTYPES_H 1
-#define HAVE_MEMORY_H 1
-#define HAVE_NETINET_IN_H 1
-#define HAVE_SOCKET 1
-#define HAVE_STDINT_H 1
-#define HAVE_STDINT_H 1
-#define HAVE_STDLIB_H 1
-#define HAVE_STDLIB_H 1
-#define HAVE_STRINGS_H 1
-#define HAVE_STRING_H 1
-#define HAVE_SYSLOG_H 1
-#define HAVE_SYS_SOCKET_H 1
-#define HAVE_SYS_STAT_H 1
-#define HAVE_SYS_TYPES_H 1
-#define HAVE_SYS_TYPES_H 1
-#define HAVE_SYS_UIO_H 1
-#define HAVE_UINT16_T 1
-#define HAVE_UINT32_T 1
-#define HAVE_UINT64_T 1
-#define HAVE_UINT8_T 1
-#define HAVE_UNISTD_H 1
-#define HAVE_UNISTD_H 1
-#define HAVE_USLEEP 1
-#define PACKAGE_BUGREPORT ""
-#define PACKAGE_NAME ""
-#define PACKAGE_STRING ""
-#define PACKAGE_TARNAME ""
-#define PACKAGE_VERSION ""
-#define SIZEOF_UNSIGNED_LONG 8
-#define SIZEOF_UNSIGNED_LONG_LONG 8
-#define STDC_HEADERS 1
-
-configure: exit 0
diff --git a/config.status b/config.status
deleted file mode 100755
index 7797f0b..0000000
--- a/config.status
+++ /dev/null
@@ -1,991 +0,0 @@
-#! /bin/sh
-# Generated by configure.
-# Run this file to recreate the current configuration.
-# Compiler output produced by configure, useful for debugging
-# configure, is in config.log if it exists.
-
-debug=false
-ac_cs_recheck=false
-ac_cs_silent=false
-SHELL=${CONFIG_SHELL-/bin/sh}
-## --------------------- ##
-## M4sh Initialization. ##
-## --------------------- ##
-
-# Be Bourne compatible
-if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
- emulate sh
- NULLCMD=:
- # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
- # is contrary to our usage. Disable this feature.
- alias -g '${1+"$@"}'='"$@"'
-elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then
- set -o posix
-fi
-DUALCASE=1; export DUALCASE # for MKS sh
-
-# Support unset when possible.
-if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
- as_unset=unset
-else
- as_unset=false
-fi
-
-
-# Work around bugs in pre-3.0 UWIN ksh.
-$as_unset ENV MAIL MAILPATH
-PS1='$ '
-PS2='> '
-PS4='+ '
-
-# NLS nuisances.
-for as_var in \
- LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \
- LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \
- LC_TELEPHONE LC_TIME
-do
- if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then
- eval $as_var=C; export $as_var
- else
- $as_unset $as_var
- fi
-done
-
-# Required to use basename.
-if expr a : '\(a\)' >/dev/null 2>&1; then
- as_expr=expr
-else
- as_expr=false
-fi
-
-if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then
- as_basename=basename
-else
- as_basename=false
-fi
-
-
-# Name of the executable.
-as_me=`$as_basename "$0" ||
-$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
- X"$0" : 'X\(//\)$' \| \
- X"$0" : 'X\(/\)$' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X/"$0" |
- sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; }
- /^X\/\(\/\/\)$/{ s//\1/; q; }
- /^X\/\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
-
-
-# PATH needs CR, and LINENO needs CR and PATH.
-# Avoid depending upon Character Ranges.
-as_cr_letters='abcdefghijklmnopqrstuvwxyz'
-as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
-as_cr_Letters=$as_cr_letters$as_cr_LETTERS
-as_cr_digits='0123456789'
-as_cr_alnum=$as_cr_Letters$as_cr_digits
-
-# The user is always right.
-if test "${PATH_SEPARATOR+set}" != set; then
- echo "#! /bin/sh" >conf$$.sh
- echo "exit 0" >>conf$$.sh
- chmod +x conf$$.sh
- if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
- PATH_SEPARATOR=';'
- else
- PATH_SEPARATOR=:
- fi
- rm -f conf$$.sh
-fi
-
-
- as_lineno_1=$LINENO
- as_lineno_2=$LINENO
- as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
- test "x$as_lineno_1" != "x$as_lineno_2" &&
- test "x$as_lineno_3" = "x$as_lineno_2" || {
- # Find who we are. Look in the path if we contain no path at all
- # relative or not.
- case $0 in
- *[\\/]* ) as_myself=$0 ;;
- *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
-done
-
- ;;
- esac
- # We did not find ourselves, most probably we were run as `sh COMMAND'
- # in which case we are not to be found in the path.
- if test "x$as_myself" = x; then
- as_myself=$0
- fi
- if test ! -f "$as_myself"; then
- { { echo "$as_me:$LINENO: error: cannot find myself; rerun with an absolute path" >&5
-echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2;}
- { (exit 1); exit 1; }; }
- fi
- case $CONFIG_SHELL in
- '')
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for as_base in sh bash ksh sh5; do
- case $as_dir in
- /*)
- if ("$as_dir/$as_base" -c '
- as_lineno_1=$LINENO
- as_lineno_2=$LINENO
- as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
- test "x$as_lineno_1" != "x$as_lineno_2" &&
- test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then
- $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; }
- $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; }
- CONFIG_SHELL=$as_dir/$as_base
- export CONFIG_SHELL
- exec "$CONFIG_SHELL" "$0" ${1+"$@"}
- fi;;
- esac
- done
-done
-;;
- esac
-
- # Create $as_me.lineno as a copy of $as_myself, but with $LINENO
- # uniformly replaced by the line number. The first 'sed' inserts a
- # line-number line before each line; the second 'sed' does the real
- # work. The second script uses 'N' to pair each line-number line
- # with the numbered line, and appends trailing '-' during
- # substitution so that $LINENO is not a special case at line end.
- # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the
- # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-)
- sed '=' <$as_myself |
- sed '
- N
- s,$,-,
- : loop
- s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3,
- t loop
- s,-$,,
- s,^['$as_cr_digits']*\n,,
- ' >$as_me.lineno &&
- chmod +x $as_me.lineno ||
- { { echo "$as_me:$LINENO: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&5
-echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2;}
- { (exit 1); exit 1; }; }
-
- # Don't try to exec as it changes $[0], causing all sort of problems
- # (the dirname of $[0] is not the place where we might find the
- # original and so on. Autoconf is especially sensible to this).
- . ./$as_me.lineno
- # Exit status is that of the last command.
- exit
-}
-
-
-case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in
- *c*,-n*) ECHO_N= ECHO_C='
-' ECHO_T=' ' ;;
- *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;;
- *) ECHO_N= ECHO_C='\c' ECHO_T= ;;
-esac
-
-if expr a : '\(a\)' >/dev/null 2>&1; then
- as_expr=expr
-else
- as_expr=false
-fi
-
-rm -f conf$$ conf$$.exe conf$$.file
-echo >conf$$.file
-if ln -s conf$$.file conf$$ 2>/dev/null; then
- # We could just check for DJGPP; but this test a) works b) is more generic
- # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04).
- if test -f conf$$.exe; then
- # Don't use ln at all; we don't have any links
- as_ln_s='cp -p'
- else
- as_ln_s='ln -s'
- fi
-elif ln conf$$.file conf$$ 2>/dev/null; then
- as_ln_s=ln
-else
- as_ln_s='cp -p'
-fi
-rm -f conf$$ conf$$.exe conf$$.file
-
-if mkdir -p . 2>/dev/null; then
- as_mkdir_p=:
-else
- test -d ./-p && rmdir ./-p
- as_mkdir_p=false
-fi
-
-as_executable_p="test -f"
-
-# Sed expression to map a string onto a valid CPP name.
-as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
-
-# Sed expression to map a string onto a valid variable name.
-as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
-
-
-# IFS
-# We need space, tab and new line, in precisely that order.
-as_nl='
-'
-IFS=" $as_nl"
-
-# CDPATH.
-$as_unset CDPATH
-
-exec 6>&1
-
-# Open the log real soon, to keep \$[0] and so on meaningful, and to
-# report actual input values of CONFIG_FILES etc. instead of their
-# values after options handling. Logging --version etc. is OK.
-exec 5>>config.log
-{
- echo
- sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
-## Running $as_me. ##
-_ASBOX
-} >&5
-cat >&5 <<_CSEOF
-
-This file was extended by $as_me, which was
-generated by GNU Autoconf 2.59. Invocation command line was
-
- CONFIG_FILES = $CONFIG_FILES
- CONFIG_HEADERS = $CONFIG_HEADERS
- CONFIG_LINKS = $CONFIG_LINKS
- CONFIG_COMMANDS = $CONFIG_COMMANDS
- $ $0 $@
-
-_CSEOF
-echo "on `(hostname || uname -n) 2>/dev/null | sed 1q`" >&5
-echo >&5
-config_files=" Makefile crypto/Makefile doc/Makefile"
-config_headers=" crypto/include/config.h:config_in.h"
-
-ac_cs_usage="\
-\`$as_me' instantiates files from templates according to the
-current configuration.
-
-Usage: $0 [OPTIONS] [FILE]...
-
- -h, --help print this help, then exit
- -V, --version print version number, then exit
- -q, --quiet do not print progress messages
- -d, --debug don't remove temporary files
- --recheck update $as_me by reconfiguring in the same conditions
- --file=FILE[:TEMPLATE]
- instantiate the configuration file FILE
- --header=FILE[:TEMPLATE]
- instantiate the configuration header FILE
-
-Configuration files:
-$config_files
-
-Configuration headers:
-$config_headers
-
-Report bugs to <bug-autoconf@gnu.org>."
-ac_cs_version="\
-config.status
-configured by ./configure, generated by GNU Autoconf 2.59,
- with options \"'--prefix=/home/astor/localastor/google3/third_party/libsrtp/v1_4_2'\"
-
-Copyright (C) 2003 Free Software Foundation, Inc.
-This config.status script is free software; the Free Software Foundation
-gives unlimited permission to copy, distribute and modify it."
-srcdir=.
-INSTALL="/usr/bin/install -c"
-# If no file are specified by the user, then we need to provide default
-# value. By we need to know if files were specified by the user.
-ac_need_defaults=:
-while test $# != 0
-do
- case $1 in
- --*=*)
- ac_option=`expr "x$1" : 'x\([^=]*\)='`
- ac_optarg=`expr "x$1" : 'x[^=]*=\(.*\)'`
- ac_shift=:
- ;;
- -*)
- ac_option=$1
- ac_optarg=$2
- ac_shift=shift
- ;;
- *) # This is not an option, so the user has probably given explicit
- # arguments.
- ac_option=$1
- ac_need_defaults=false;;
- esac
-
- case $ac_option in
- # Handling of the options.
- -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
- ac_cs_recheck=: ;;
- --version | --vers* | -V )
- echo "$ac_cs_version"; exit 0 ;;
- --he | --h)
- # Conflict between --help and --header
- { { echo "$as_me:$LINENO: error: ambiguous option: $1
-Try \`$0 --help' for more information." >&5
-echo "$as_me: error: ambiguous option: $1
-Try \`$0 --help' for more information." >&2;}
- { (exit 1); exit 1; }; };;
- --help | --hel | -h )
- echo "$ac_cs_usage"; exit 0 ;;
- --debug | --d* | -d )
- debug=: ;;
- --file | --fil | --fi | --f )
- $ac_shift
- CONFIG_FILES="$CONFIG_FILES $ac_optarg"
- ac_need_defaults=false;;
- --header | --heade | --head | --hea )
- $ac_shift
- CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg"
- ac_need_defaults=false;;
- -q | -quiet | --quiet | --quie | --qui | --qu | --q \
- | -silent | --silent | --silen | --sile | --sil | --si | --s)
- ac_cs_silent=: ;;
-
- # This is an error.
- -*) { { echo "$as_me:$LINENO: error: unrecognized option: $1
-Try \`$0 --help' for more information." >&5
-echo "$as_me: error: unrecognized option: $1
-Try \`$0 --help' for more information." >&2;}
- { (exit 1); exit 1; }; } ;;
-
- *) ac_config_targets="$ac_config_targets $1" ;;
-
- esac
- shift
-done
-
-ac_configure_extra_args=
-
-if $ac_cs_silent; then
- exec 6>/dev/null
- ac_configure_extra_args="$ac_configure_extra_args --silent"
-fi
-
-if $ac_cs_recheck; then
- echo "running /bin/sh ./configure " '--prefix=/home/astor/localastor/google3/third_party/libsrtp/v1_4_2' $ac_configure_extra_args " --no-create --no-recursion" >&6
- exec /bin/sh ./configure '--prefix=/home/astor/localastor/google3/third_party/libsrtp/v1_4_2' $ac_configure_extra_args --no-create --no-recursion
-fi
-
-for ac_config_target in $ac_config_targets
-do
- case "$ac_config_target" in
- # Handling of arguments.
- "Makefile" ) CONFIG_FILES="$CONFIG_FILES Makefile" ;;
- "crypto/Makefile" ) CONFIG_FILES="$CONFIG_FILES crypto/Makefile" ;;
- "doc/Makefile" ) CONFIG_FILES="$CONFIG_FILES doc/Makefile" ;;
- "crypto/include/config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS crypto/include/config.h:config_in.h" ;;
- *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5
-echo "$as_me: error: invalid argument: $ac_config_target" >&2;}
- { (exit 1); exit 1; }; };;
- esac
-done
-
-# If the user did not use the arguments to specify the items to instantiate,
-# then the envvar interface is used. Set only those that are not.
-# We use the long form for the default assignment because of an extremely
-# bizarre bug on SunOS 4.1.3.
-if $ac_need_defaults; then
- test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
- test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
-fi
-
-# Have a temporary directory for convenience. Make it in the build tree
-# simply because there is no reason to put it here, and in addition,
-# creating and moving files from /tmp can sometimes cause problems.
-# Create a temporary directory, and hook for its removal unless debugging.
-$debug ||
-{
- trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0
- trap '{ (exit 1); exit 1; }' 1 2 13 15
-}
-
-# Create a (secure) tmp directory for tmp files.
-
-{
- tmp=`(umask 077 && mktemp -d -q "./confstatXXXXXX") 2>/dev/null` &&
- test -n "$tmp" && test -d "$tmp"
-} ||
-{
- tmp=./confstat$$-$RANDOM
- (umask 077 && mkdir $tmp)
-} ||
-{
- echo "$me: cannot create a temporary directory in ." >&2
- { (exit 1); exit 1; }
-}
-
-
-#
-# CONFIG_FILES section.
-#
-
-# No need to generate the scripts if there are no CONFIG_FILES.
-# This happens for instance when ./config.status config.h
-if test -n "$CONFIG_FILES"; then
- # Protect against being on the right side of a sed subst in config.status.
- sed 's/,@/@@/; s/@,/@@/; s/,;t t$/@;t t/; /@;t t$/s/[\\&,]/\\&/g;
- s/@@/,@/; s/@@/@,/; s/@;t t$/,;t t/' >$tmp/subs.sed <<\CEOF
-s,@SHELL@,/bin/sh,;t t
-s,@PATH_SEPARATOR@,:,;t t
-s,@PACKAGE_NAME@,,;t t
-s,@PACKAGE_TARNAME@,,;t t
-s,@PACKAGE_VERSION@,,;t t
-s,@PACKAGE_STRING@,,;t t
-s,@PACKAGE_BUGREPORT@,,;t t
-s,@exec_prefix@,${prefix},;t t
-s,@prefix@,/home/astor/localastor/google3/third_party/libsrtp/v1_4_2,;t t
-s,@program_transform_name@,s,x,x,,;t t
-s,@bindir@,${exec_prefix}/bin,;t t
-s,@sbindir@,${exec_prefix}/sbin,;t t
-s,@libexecdir@,${exec_prefix}/libexec,;t t
-s,@datadir@,${prefix}/share,;t t
-s,@sysconfdir@,${prefix}/etc,;t t
-s,@sharedstatedir@,${prefix}/com,;t t
-s,@localstatedir@,${prefix}/var,;t t
-s,@libdir@,${exec_prefix}/lib,;t t
-s,@includedir@,${prefix}/include,;t t
-s,@oldincludedir@,/usr/include,;t t
-s,@infodir@,${prefix}/info,;t t
-s,@mandir@,${prefix}/man,;t t
-s,@build_alias@,,;t t
-s,@host_alias@,,;t t
-s,@target_alias@,,;t t
-s,@DEFS@,-DHAVE_CONFIG_H,;t t
-s,@ECHO_C@,,;t t
-s,@ECHO_N@,-n,;t t
-s,@ECHO_T@,,;t t
-s,@LIBS@,,;t t
-s,@RANLIB@,ranlib,;t t
-s,@ac_ct_RANLIB@,ranlib,;t t
-s,@CC@,gcc,;t t
-s,@CFLAGS@,-Wall -O4 -fexpensive-optimizations -funroll-loops,;t t
-s,@LDFLAGS@,,;t t
-s,@CPPFLAGS@,,;t t
-s,@ac_ct_CC@,gcc,;t t
-s,@EXEEXT@,,;t t
-s,@OBJEXT@,o,;t t
-s,@INSTALL_PROGRAM@,${INSTALL},;t t
-s,@INSTALL_SCRIPT@,${INSTALL},;t t
-s,@INSTALL_DATA@,${INSTALL} -m 644,;t t
-s,@RNG_OBJS@,rand_source.o,;t t
-s,@CPP@,gcc -E,;t t
-s,@EGREP@,grep -E,;t t
-s,@build@,x86_64-unknown-linux-gnu,;t t
-s,@build_cpu@,x86_64,;t t
-s,@build_vendor@,unknown,;t t
-s,@build_os@,linux-gnu,;t t
-s,@host@,x86_64-unknown-linux-gnu,;t t
-s,@host_cpu@,x86_64,;t t
-s,@host_vendor@,unknown,;t t
-s,@host_os@,linux-gnu,;t t
-s,@EXE@,,;t t
-s,@GDOI_OBJS@,,;t t
-s,@LIBOBJS@,,;t t
-s,@LTLIBOBJS@,,;t t
-CEOF
-
- # Split the substitutions into bite-sized pieces for seds with
- # small command number limits, like on Digital OSF/1 and HP-UX.
- ac_max_sed_lines=48
- ac_sed_frag=1 # Number of current file.
- ac_beg=1 # First line for current file.
- ac_end=$ac_max_sed_lines # Line after last line for current file.
- ac_more_lines=:
- ac_sed_cmds=
- while $ac_more_lines; do
- if test $ac_beg -gt 1; then
- sed "1,${ac_beg}d; ${ac_end}q" $tmp/subs.sed >$tmp/subs.frag
- else
- sed "${ac_end}q" $tmp/subs.sed >$tmp/subs.frag
- fi
- if test ! -s $tmp/subs.frag; then
- ac_more_lines=false
- else
- # The purpose of the label and of the branching condition is to
- # speed up the sed processing (if there are no `@' at all, there
- # is no need to browse any of the substitutions).
- # These are the two extra sed commands mentioned above.
- (echo ':t
- /@[a-zA-Z_][a-zA-Z_0-9]*@/!b' && cat $tmp/subs.frag) >$tmp/subs-$ac_sed_frag.sed
- if test -z "$ac_sed_cmds"; then
- ac_sed_cmds="sed -f $tmp/subs-$ac_sed_frag.sed"
- else
- ac_sed_cmds="$ac_sed_cmds | sed -f $tmp/subs-$ac_sed_frag.sed"
- fi
- ac_sed_frag=`expr $ac_sed_frag + 1`
- ac_beg=$ac_end
- ac_end=`expr $ac_end + $ac_max_sed_lines`
- fi
- done
- if test -z "$ac_sed_cmds"; then
- ac_sed_cmds=cat
- fi
-fi # test -n "$CONFIG_FILES"
-
-for ac_file in : $CONFIG_FILES; do test "x$ac_file" = x: && continue
- # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
- case $ac_file in
- - | *:- | *:-:* ) # input from stdin
- cat >$tmp/stdin
- ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
- ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
- *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
- ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
- * ) ac_file_in=$ac_file.in ;;
- esac
-
- # Compute @srcdir@, @top_srcdir@, and @INSTALL@ for subdirectories.
- ac_dir=`(dirname "$ac_file") 2>/dev/null ||
-$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$ac_file" : 'X\(//\)[^/]' \| \
- X"$ac_file" : 'X\(//\)$' \| \
- X"$ac_file" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$ac_file" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- { if $as_mkdir_p; then
- mkdir -p "$ac_dir"
- else
- as_dir="$ac_dir"
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5
-echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;}
- { (exit 1); exit 1; }; }; }
-
- ac_builddir=.
-
-if test "$ac_dir" != .; then
- ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
- # A "../" for each directory in $ac_dir_suffix.
- ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'`
-else
- ac_dir_suffix= ac_top_builddir=
-fi
-
-case $srcdir in
- .) # No --srcdir option. We are building in place.
- ac_srcdir=.
- if test -z "$ac_top_builddir"; then
- ac_top_srcdir=.
- else
- ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'`
- fi ;;
- [\\/]* | ?:[\\/]* ) # Absolute path.
- ac_srcdir=$srcdir$ac_dir_suffix;
- ac_top_srcdir=$srcdir ;;
- *) # Relative path.
- ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix
- ac_top_srcdir=$ac_top_builddir$srcdir ;;
-esac
-
-# Do not use `cd foo && pwd` to compute absolute paths, because
-# the directories may not exist.
-case `pwd` in
-.) ac_abs_builddir="$ac_dir";;
-*)
- case "$ac_dir" in
- .) ac_abs_builddir=`pwd`;;
- [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";;
- *) ac_abs_builddir=`pwd`/"$ac_dir";;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_top_builddir=${ac_top_builddir}.;;
-*)
- case ${ac_top_builddir}. in
- .) ac_abs_top_builddir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;;
- *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_srcdir=$ac_srcdir;;
-*)
- case $ac_srcdir in
- .) ac_abs_srcdir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;;
- *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_top_srcdir=$ac_top_srcdir;;
-*)
- case $ac_top_srcdir in
- .) ac_abs_top_srcdir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;;
- *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;;
- esac;;
-esac
-
-
- case $INSTALL in
- [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;;
- *) ac_INSTALL=$ac_top_builddir$INSTALL ;;
- esac
-
- if test x"$ac_file" != x-; then
- { echo "$as_me:$LINENO: creating $ac_file" >&5
-echo "$as_me: creating $ac_file" >&6;}
- rm -f "$ac_file"
- fi
- # Let's still pretend it is `configure' which instantiates (i.e., don't
- # use $as_me), people would be surprised to read:
- # /* config.h. Generated by config.status. */
- if test x"$ac_file" = x-; then
- configure_input=
- else
- configure_input="$ac_file. "
- fi
- configure_input=$configure_input"Generated from `echo $ac_file_in |
- sed 's,.*/,,'` by configure."
-
- # First look for the input files in the build tree, otherwise in the
- # src tree.
- ac_file_inputs=`IFS=:
- for f in $ac_file_in; do
- case $f in
- -) echo $tmp/stdin ;;
- [\\/$]*)
- # Absolute (can't be DOS-style, as IFS=:)
- test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
-echo "$as_me: error: cannot find input file: $f" >&2;}
- { (exit 1); exit 1; }; }
- echo "$f";;
- *) # Relative
- if test -f "$f"; then
- # Build tree
- echo "$f"
- elif test -f "$srcdir/$f"; then
- # Source tree
- echo "$srcdir/$f"
- else
- # /dev/null tree
- { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
-echo "$as_me: error: cannot find input file: $f" >&2;}
- { (exit 1); exit 1; }; }
- fi;;
- esac
- done` || { (exit 1); exit 1; }
- sed "/^[ ]*VPATH[ ]*=/{
-s/:*\$(srcdir):*/:/;
-s/:*\${srcdir}:*/:/;
-s/:*@srcdir@:*/:/;
-s/^\([^=]*=[ ]*\):*/\1/;
-s/:*$//;
-s/^[^=]*=[ ]*$//;
-}
-
-:t
-/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
-s,@configure_input@,$configure_input,;t t
-s,@srcdir@,$ac_srcdir,;t t
-s,@abs_srcdir@,$ac_abs_srcdir,;t t
-s,@top_srcdir@,$ac_top_srcdir,;t t
-s,@abs_top_srcdir@,$ac_abs_top_srcdir,;t t
-s,@builddir@,$ac_builddir,;t t
-s,@abs_builddir@,$ac_abs_builddir,;t t
-s,@top_builddir@,$ac_top_builddir,;t t
-s,@abs_top_builddir@,$ac_abs_top_builddir,;t t
-s,@INSTALL@,$ac_INSTALL,;t t
-" $ac_file_inputs | (eval "$ac_sed_cmds") >$tmp/out
- rm -f $tmp/stdin
- if test x"$ac_file" != x-; then
- mv $tmp/out $ac_file
- else
- cat $tmp/out
- rm -f $tmp/out
- fi
-
-done
-
-#
-# CONFIG_HEADER section.
-#
-
-# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where
-# NAME is the cpp macro being defined and VALUE is the value it is being given.
-#
-# ac_d sets the value in "#define NAME VALUE" lines.
-ac_dA='s,^\([ ]*\)#\([ ]*define[ ][ ]*\)'
-ac_dB='[ ].*$,\1#\2'
-ac_dC=' '
-ac_dD=',;t'
-# ac_u turns "#undef NAME" without trailing blanks into "#define NAME VALUE".
-ac_uA='s,^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)'
-ac_uB='$,\1#\2define\3'
-ac_uC=' '
-ac_uD=',;t'
-
-for ac_file in : $CONFIG_HEADERS; do test "x$ac_file" = x: && continue
- # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
- case $ac_file in
- - | *:- | *:-:* ) # input from stdin
- cat >$tmp/stdin
- ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
- ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
- *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
- ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
- * ) ac_file_in=$ac_file.in ;;
- esac
-
- test x"$ac_file" != x- && { echo "$as_me:$LINENO: creating $ac_file" >&5
-echo "$as_me: creating $ac_file" >&6;}
-
- # First look for the input files in the build tree, otherwise in the
- # src tree.
- ac_file_inputs=`IFS=:
- for f in $ac_file_in; do
- case $f in
- -) echo $tmp/stdin ;;
- [\\/$]*)
- # Absolute (can't be DOS-style, as IFS=:)
- test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
-echo "$as_me: error: cannot find input file: $f" >&2;}
- { (exit 1); exit 1; }; }
- # Do quote $f, to prevent DOS paths from being IFS'd.
- echo "$f";;
- *) # Relative
- if test -f "$f"; then
- # Build tree
- echo "$f"
- elif test -f "$srcdir/$f"; then
- # Source tree
- echo "$srcdir/$f"
- else
- # /dev/null tree
- { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
-echo "$as_me: error: cannot find input file: $f" >&2;}
- { (exit 1); exit 1; }; }
- fi;;
- esac
- done` || { (exit 1); exit 1; }
- # Remove the trailing spaces.
- sed 's/[ ]*$//' $ac_file_inputs >$tmp/in
-
- # Handle all the #define templates only if necessary.
- if grep "^[ ]*#[ ]*define" $tmp/in >/dev/null; then
- # If there are no defines, we may have an empty if/fi
- :
- cat >$tmp/defines.sed <<CEOF
-/^[ ]*#[ ]*define/!b
-t clr
-: clr
-${ac_dA}PACKAGE_NAME${ac_dB}PACKAGE_NAME${ac_dC}""${ac_dD}
-${ac_dA}PACKAGE_TARNAME${ac_dB}PACKAGE_TARNAME${ac_dC}""${ac_dD}
-${ac_dA}PACKAGE_VERSION${ac_dB}PACKAGE_VERSION${ac_dC}""${ac_dD}
-${ac_dA}PACKAGE_STRING${ac_dB}PACKAGE_STRING${ac_dC}""${ac_dD}
-${ac_dA}PACKAGE_BUGREPORT${ac_dB}PACKAGE_BUGREPORT${ac_dC}""${ac_dD}
-${ac_dA}DEV_URANDOM${ac_dB}DEV_URANDOM${ac_dC}"/dev/urandom"${ac_dD}
-${ac_dA}STDC_HEADERS${ac_dB}STDC_HEADERS${ac_dC}1${ac_dD}
-${ac_dA}HAVE_SYS_TYPES_H${ac_dB}HAVE_SYS_TYPES_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_SYS_STAT_H${ac_dB}HAVE_SYS_STAT_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_STDLIB_H${ac_dB}HAVE_STDLIB_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_STRING_H${ac_dB}HAVE_STRING_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_MEMORY_H${ac_dB}HAVE_MEMORY_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_STRINGS_H${ac_dB}HAVE_STRINGS_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_INTTYPES_H${ac_dB}HAVE_INTTYPES_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_STDINT_H${ac_dB}HAVE_STDINT_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_UNISTD_H${ac_dB}HAVE_UNISTD_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_STDLIB_H${ac_dB}HAVE_STDLIB_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_UNISTD_H${ac_dB}HAVE_UNISTD_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_BYTESWAP_H${ac_dB}HAVE_BYTESWAP_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_STDINT_H${ac_dB}HAVE_STDINT_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_SYS_UIO_H${ac_dB}HAVE_SYS_UIO_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_INTTYPES_H${ac_dB}HAVE_INTTYPES_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_SYS_TYPES_H${ac_dB}HAVE_SYS_TYPES_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_SYS_SOCKET_H${ac_dB}HAVE_SYS_SOCKET_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_NETINET_IN_H${ac_dB}HAVE_NETINET_IN_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_ARPA_INET_H${ac_dB}HAVE_ARPA_INET_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_SYSLOG_H${ac_dB}HAVE_SYSLOG_H${ac_dC}1${ac_dD}
-${ac_dA}HAVE_INT8_T${ac_dB}HAVE_INT8_T${ac_dC}1${ac_dD}
-${ac_dA}HAVE_UINT8_T${ac_dB}HAVE_UINT8_T${ac_dC}1${ac_dD}
-${ac_dA}HAVE_INT16_T${ac_dB}HAVE_INT16_T${ac_dC}1${ac_dD}
-${ac_dA}HAVE_UINT16_T${ac_dB}HAVE_UINT16_T${ac_dC}1${ac_dD}
-${ac_dA}HAVE_INT32_T${ac_dB}HAVE_INT32_T${ac_dC}1${ac_dD}
-${ac_dA}HAVE_UINT32_T${ac_dB}HAVE_UINT32_T${ac_dC}1${ac_dD}
-${ac_dA}HAVE_UINT64_T${ac_dB}HAVE_UINT64_T${ac_dC}1${ac_dD}
-${ac_dA}SIZEOF_UNSIGNED_LONG${ac_dB}SIZEOF_UNSIGNED_LONG${ac_dC}8${ac_dD}
-${ac_dA}SIZEOF_UNSIGNED_LONG_LONG${ac_dB}SIZEOF_UNSIGNED_LONG_LONG${ac_dC}8${ac_dD}
-${ac_dA}HAVE_SOCKET${ac_dB}HAVE_SOCKET${ac_dC}1${ac_dD}
-${ac_dA}HAVE_INET_ATON${ac_dB}HAVE_INET_ATON${ac_dC}1${ac_dD}
-CEOF
- sed -f $tmp/defines.sed $tmp/in >$tmp/out
- rm -f $tmp/in
- mv $tmp/out $tmp/in
-
- cat >$tmp/defines.sed <<CEOF
-/^[ ]*#[ ]*define/!b
-t clr
-: clr
-${ac_dA}HAVE_USLEEP${ac_dB}HAVE_USLEEP${ac_dC}1${ac_dD}
-${ac_dA}CPU_CISC${ac_dB}CPU_CISC${ac_dC}1${ac_dD}
-${ac_dA}ENABLE_DEBUGGING${ac_dB}ENABLE_DEBUGGING${ac_dC}1${ac_dD}
-${ac_dA}ERR_REPORTING_STDOUT${ac_dB}ERR_REPORTING_STDOUT${ac_dC}1${ac_dD}
-CEOF
- sed -f $tmp/defines.sed $tmp/in >$tmp/out
- rm -f $tmp/in
- mv $tmp/out $tmp/in
-
- fi # grep
-
- # Handle all the #undef templates
- cat >$tmp/undefs.sed <<CEOF
-/^[ ]*#[ ]*undef/!b
-t clr
-: clr
-${ac_uA}PACKAGE_NAME${ac_uB}PACKAGE_NAME${ac_uC}""${ac_uD}
-${ac_uA}PACKAGE_TARNAME${ac_uB}PACKAGE_TARNAME${ac_uC}""${ac_uD}
-${ac_uA}PACKAGE_VERSION${ac_uB}PACKAGE_VERSION${ac_uC}""${ac_uD}
-${ac_uA}PACKAGE_STRING${ac_uB}PACKAGE_STRING${ac_uC}""${ac_uD}
-${ac_uA}PACKAGE_BUGREPORT${ac_uB}PACKAGE_BUGREPORT${ac_uC}""${ac_uD}
-${ac_uA}DEV_URANDOM${ac_uB}DEV_URANDOM${ac_uC}"/dev/urandom"${ac_uD}
-${ac_uA}STDC_HEADERS${ac_uB}STDC_HEADERS${ac_uC}1${ac_uD}
-${ac_uA}HAVE_SYS_TYPES_H${ac_uB}HAVE_SYS_TYPES_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_SYS_STAT_H${ac_uB}HAVE_SYS_STAT_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_STDLIB_H${ac_uB}HAVE_STDLIB_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_STRING_H${ac_uB}HAVE_STRING_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_MEMORY_H${ac_uB}HAVE_MEMORY_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_STRINGS_H${ac_uB}HAVE_STRINGS_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_INTTYPES_H${ac_uB}HAVE_INTTYPES_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_STDINT_H${ac_uB}HAVE_STDINT_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_UNISTD_H${ac_uB}HAVE_UNISTD_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_STDLIB_H${ac_uB}HAVE_STDLIB_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_UNISTD_H${ac_uB}HAVE_UNISTD_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_BYTESWAP_H${ac_uB}HAVE_BYTESWAP_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_STDINT_H${ac_uB}HAVE_STDINT_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_SYS_UIO_H${ac_uB}HAVE_SYS_UIO_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_INTTYPES_H${ac_uB}HAVE_INTTYPES_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_SYS_TYPES_H${ac_uB}HAVE_SYS_TYPES_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_SYS_SOCKET_H${ac_uB}HAVE_SYS_SOCKET_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_NETINET_IN_H${ac_uB}HAVE_NETINET_IN_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_ARPA_INET_H${ac_uB}HAVE_ARPA_INET_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_SYSLOG_H${ac_uB}HAVE_SYSLOG_H${ac_uC}1${ac_uD}
-${ac_uA}HAVE_INT8_T${ac_uB}HAVE_INT8_T${ac_uC}1${ac_uD}
-${ac_uA}HAVE_UINT8_T${ac_uB}HAVE_UINT8_T${ac_uC}1${ac_uD}
-${ac_uA}HAVE_INT16_T${ac_uB}HAVE_INT16_T${ac_uC}1${ac_uD}
-${ac_uA}HAVE_UINT16_T${ac_uB}HAVE_UINT16_T${ac_uC}1${ac_uD}
-${ac_uA}HAVE_INT32_T${ac_uB}HAVE_INT32_T${ac_uC}1${ac_uD}
-${ac_uA}HAVE_UINT32_T${ac_uB}HAVE_UINT32_T${ac_uC}1${ac_uD}
-${ac_uA}HAVE_UINT64_T${ac_uB}HAVE_UINT64_T${ac_uC}1${ac_uD}
-${ac_uA}SIZEOF_UNSIGNED_LONG${ac_uB}SIZEOF_UNSIGNED_LONG${ac_uC}8${ac_uD}
-${ac_uA}SIZEOF_UNSIGNED_LONG_LONG${ac_uB}SIZEOF_UNSIGNED_LONG_LONG${ac_uC}8${ac_uD}
-${ac_uA}HAVE_SOCKET${ac_uB}HAVE_SOCKET${ac_uC}1${ac_uD}
-${ac_uA}HAVE_INET_ATON${ac_uB}HAVE_INET_ATON${ac_uC}1${ac_uD}
-CEOF
- sed -f $tmp/undefs.sed $tmp/in >$tmp/out
- rm -f $tmp/in
- mv $tmp/out $tmp/in
-
- cat >$tmp/undefs.sed <<CEOF
-/^[ ]*#[ ]*undef/!b
-t clr
-: clr
-${ac_uA}HAVE_USLEEP${ac_uB}HAVE_USLEEP${ac_uC}1${ac_uD}
-${ac_uA}CPU_CISC${ac_uB}CPU_CISC${ac_uC}1${ac_uD}
-${ac_uA}ENABLE_DEBUGGING${ac_uB}ENABLE_DEBUGGING${ac_uC}1${ac_uD}
-${ac_uA}ERR_REPORTING_STDOUT${ac_uB}ERR_REPORTING_STDOUT${ac_uC}1${ac_uD}
-s,^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*,/* & */,
-CEOF
- sed -f $tmp/undefs.sed $tmp/in >$tmp/out
- rm -f $tmp/in
- mv $tmp/out $tmp/in
-
- # Let's still pretend it is `configure' which instantiates (i.e., don't
- # use $as_me), people would be surprised to read:
- # /* config.h. Generated by config.status. */
- if test x"$ac_file" = x-; then
- echo "/* Generated by configure. */" >$tmp/config.h
- else
- echo "/* $ac_file. Generated by configure. */" >$tmp/config.h
- fi
- cat $tmp/in >>$tmp/config.h
- rm -f $tmp/in
- if test x"$ac_file" != x-; then
- if diff $ac_file $tmp/config.h >/dev/null 2>&1; then
- { echo "$as_me:$LINENO: $ac_file is unchanged" >&5
-echo "$as_me: $ac_file is unchanged" >&6;}
- else
- ac_dir=`(dirname "$ac_file") 2>/dev/null ||
-$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$ac_file" : 'X\(//\)[^/]' \| \
- X"$ac_file" : 'X\(//\)$' \| \
- X"$ac_file" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$ac_file" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- { if $as_mkdir_p; then
- mkdir -p "$ac_dir"
- else
- as_dir="$ac_dir"
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5
-echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;}
- { (exit 1); exit 1; }; }; }
-
- rm -f $ac_file
- mv $tmp/config.h $ac_file
- fi
- else
- cat $tmp/config.h
- rm -f $tmp/config.h
- fi
-done
-
-{ (exit 0); exit 0; }
diff --git a/config.sub b/config.sub
deleted file mode 100755
index edb6b66..0000000
--- a/config.sub
+++ /dev/null
@@ -1,1555 +0,0 @@
-#! /bin/sh
-# Configuration validation subroutine script.
-# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
-# 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
-
-timestamp='2004-08-29'
-
-# This file is (in principle) common to ALL GNU software.
-# The presence of a machine in this file suggests that SOME GNU software
-# can handle that machine. It does not imply ALL GNU software can.
-#
-# This file is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330,
-# Boston, MA 02111-1307, USA.
-
-# As a special exception to the GNU General Public License, if you
-# distribute this file as part of a program that contains a
-# configuration script generated by Autoconf, you may include it under
-# the same distribution terms that you use for the rest of that program.
-
-# Please send patches to <config-patches@gnu.org>. Submit a context
-# diff and a properly formatted ChangeLog entry.
-#
-# Configuration subroutine to validate and canonicalize a configuration type.
-# Supply the specified configuration type as an argument.
-# If it is invalid, we print an error message on stderr and exit with code 1.
-# Otherwise, we print the canonical config type on stdout and succeed.
-
-# This file is supposed to be the same for all GNU packages
-# and recognize all the CPU types, system types and aliases
-# that are meaningful with *any* GNU software.
-# Each package is responsible for reporting which valid configurations
-# it does not support. The user should be able to distinguish
-# a failure to support a valid configuration from a meaningless
-# configuration.
-
-# The goal of this file is to map all the various variations of a given
-# machine specification into a single specification in the form:
-# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
-# or in some cases, the newer four-part form:
-# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
-# It is wrong to echo any other type of specification.
-
-me=`echo "$0" | sed -e 's,.*/,,'`
-
-usage="\
-Usage: $0 [OPTION] CPU-MFR-OPSYS
- $0 [OPTION] ALIAS
-
-Canonicalize a configuration name.
-
-Operation modes:
- -h, --help print this help, then exit
- -t, --time-stamp print date of last modification, then exit
- -v, --version print version number, then exit
-
-Report bugs and patches to <config-patches@gnu.org>."
-
-version="\
-GNU config.sub ($timestamp)
-
-Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004
-Free Software Foundation, Inc.
-
-This is free software; see the source for copying conditions. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
-
-help="
-Try \`$me --help' for more information."
-
-# Parse command line
-while test $# -gt 0 ; do
- case $1 in
- --time-stamp | --time* | -t )
- echo "$timestamp" ; exit 0 ;;
- --version | -v )
- echo "$version" ; exit 0 ;;
- --help | --h* | -h )
- echo "$usage"; exit 0 ;;
- -- ) # Stop option processing
- shift; break ;;
- - ) # Use stdin as input.
- break ;;
- -* )
- echo "$me: invalid option $1$help"
- exit 1 ;;
-
- *local*)
- # First pass through any local machine types.
- echo $1
- exit 0;;
-
- * )
- break ;;
- esac
-done
-
-case $# in
- 0) echo "$me: missing argument$help" >&2
- exit 1;;
- 1) ;;
- *) echo "$me: too many arguments$help" >&2
- exit 1;;
-esac
-
-# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any).
-# Here we must recognize all the valid KERNEL-OS combinations.
-maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
-case $maybe_os in
- nto-qnx* | linux-gnu* | linux-dietlibc | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | \
- kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*)
- os=-$maybe_os
- basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
- ;;
- *)
- basic_machine=`echo $1 | sed 's/-[^-]*$//'`
- if [ $basic_machine != $1 ]
- then os=`echo $1 | sed 's/.*-/-/'`
- else os=; fi
- ;;
-esac
-
-### Let's recognize common machines as not being operating systems so
-### that things like config.sub decstation-3100 work. We also
-### recognize some manufacturers as not being operating systems, so we
-### can provide default operating systems below.
-case $os in
- -sun*os*)
- # Prevent following clause from handling this invalid input.
- ;;
- -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \
- -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \
- -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \
- -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
- -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
- -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
- -apple | -axis | -knuth | -cray)
- os=
- basic_machine=$1
- ;;
- -sim | -cisco | -oki | -wec | -winbond)
- os=
- basic_machine=$1
- ;;
- -scout)
- ;;
- -wrs)
- os=-vxworks
- basic_machine=$1
- ;;
- -chorusos*)
- os=-chorusos
- basic_machine=$1
- ;;
- -chorusrdb)
- os=-chorusrdb
- basic_machine=$1
- ;;
- -hiux*)
- os=-hiuxwe2
- ;;
- -sco5)
- os=-sco3.2v5
- basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
- ;;
- -sco4)
- os=-sco3.2v4
- basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
- ;;
- -sco3.2.[4-9]*)
- os=`echo $os | sed -e 's/sco3.2./sco3.2v/'`
- basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
- ;;
- -sco3.2v[4-9]*)
- # Don't forget version if it is 3.2v4 or newer.
- basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
- ;;
- -sco*)
- os=-sco3.2v2
- basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
- ;;
- -udk*)
- basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
- ;;
- -isc)
- os=-isc2.2
- basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
- ;;
- -clix*)
- basic_machine=clipper-intergraph
- ;;
- -isc*)
- basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
- ;;
- -lynx*)
- os=-lynxos
- ;;
- -ptx*)
- basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'`
- ;;
- -windowsnt*)
- os=`echo $os | sed -e 's/windowsnt/winnt/'`
- ;;
- -psos*)
- os=-psos
- ;;
- -mint | -mint[0-9]*)
- basic_machine=m68k-atari
- os=-mint
- ;;
-esac
-
-# Decode aliases for certain CPU-COMPANY combinations.
-case $basic_machine in
- # Recognize the basic CPU types without company name.
- # Some are omitted here because they have special meanings below.
- 1750a | 580 \
- | a29k \
- | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
- | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
- | am33_2.0 \
- | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \
- | c4x | clipper \
- | d10v | d30v | dlx | dsp16xx \
- | fr30 | frv \
- | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
- | i370 | i860 | i960 | ia64 \
- | ip2k | iq2000 \
- | m32r | m32rle | m68000 | m68k | m88k | mcore \
- | mips | mipsbe | mipseb | mipsel | mipsle \
- | mips16 \
- | mips64 | mips64el \
- | mips64vr | mips64vrel \
- | mips64orion | mips64orionel \
- | mips64vr4100 | mips64vr4100el \
- | mips64vr4300 | mips64vr4300el \
- | mips64vr5000 | mips64vr5000el \
- | mipsisa32 | mipsisa32el \
- | mipsisa32r2 | mipsisa32r2el \
- | mipsisa64 | mipsisa64el \
- | mipsisa64r2 | mipsisa64r2el \
- | mipsisa64sb1 | mipsisa64sb1el \
- | mipsisa64sr71k | mipsisa64sr71kel \
- | mipstx39 | mipstx39el \
- | mn10200 | mn10300 \
- | msp430 \
- | ns16k | ns32k \
- | openrisc | or32 \
- | pdp10 | pdp11 | pj | pjl \
- | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
- | pyramid \
- | sh | sh[1234] | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
- | sh64 | sh64le \
- | sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv8 | sparcv9 | sparcv9b \
- | strongarm \
- | tahoe | thumb | tic4x | tic80 | tron \
- | v850 | v850e \
- | we32k \
- | x86 | xscale | xstormy16 | xtensa \
- | z8k)
- basic_machine=$basic_machine-unknown
- ;;
- m6811 | m68hc11 | m6812 | m68hc12)
- # Motorola 68HC11/12.
- basic_machine=$basic_machine-unknown
- os=-none
- ;;
- m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
- ;;
-
- # We use `pc' rather than `unknown'
- # because (1) that's what they normally are, and
- # (2) the word "unknown" tends to confuse beginning users.
- i*86 | x86_64)
- basic_machine=$basic_machine-pc
- ;;
- # Object if more than one company name word.
- *-*-*)
- echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
- exit 1
- ;;
- # Recognize the basic CPU types with company name.
- 580-* \
- | a29k-* \
- | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
- | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
- | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
- | arm-* | armbe-* | armle-* | armeb-* | armv*-* \
- | avr-* \
- | bs2000-* \
- | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
- | clipper-* | craynv-* | cydra-* \
- | d10v-* | d30v-* | dlx-* \
- | elxsi-* \
- | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \
- | h8300-* | h8500-* \
- | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
- | i*86-* | i860-* | i960-* | ia64-* \
- | ip2k-* | iq2000-* \
- | m32r-* | m32rle-* \
- | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
- | m88110-* | m88k-* | mcore-* \
- | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
- | mips16-* \
- | mips64-* | mips64el-* \
- | mips64vr-* | mips64vrel-* \
- | mips64orion-* | mips64orionel-* \
- | mips64vr4100-* | mips64vr4100el-* \
- | mips64vr4300-* | mips64vr4300el-* \
- | mips64vr5000-* | mips64vr5000el-* \
- | mipsisa32-* | mipsisa32el-* \
- | mipsisa32r2-* | mipsisa32r2el-* \
- | mipsisa64-* | mipsisa64el-* \
- | mipsisa64r2-* | mipsisa64r2el-* \
- | mipsisa64sb1-* | mipsisa64sb1el-* \
- | mipsisa64sr71k-* | mipsisa64sr71kel-* \
- | mipstx39-* | mipstx39el-* \
- | mmix-* \
- | msp430-* \
- | none-* | np1-* | ns16k-* | ns32k-* \
- | orion-* \
- | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
- | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
- | pyramid-* \
- | romp-* | rs6000-* \
- | sh-* | sh[1234]-* | sh[23]e-* | sh[34]eb-* | shbe-* \
- | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
- | sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \
- | sparcv8-* | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
- | tahoe-* | thumb-* \
- | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
- | tron-* \
- | v850-* | v850e-* | vax-* \
- | we32k-* \
- | x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \
- | xtensa-* \
- | ymp-* \
- | z8k-*)
- ;;
- # Recognize the various machine names and aliases which stand
- # for a CPU type and a company and sometimes even an OS.
- 386bsd)
- basic_machine=i386-unknown
- os=-bsd
- ;;
- 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc)
- basic_machine=m68000-att
- ;;
- 3b*)
- basic_machine=we32k-att
- ;;
- a29khif)
- basic_machine=a29k-amd
- os=-udi
- ;;
- abacus)
- basic_machine=abacus-unknown
- ;;
- adobe68k)
- basic_machine=m68010-adobe
- os=-scout
- ;;
- alliant | fx80)
- basic_machine=fx80-alliant
- ;;
- altos | altos3068)
- basic_machine=m68k-altos
- ;;
- am29k)
- basic_machine=a29k-none
- os=-bsd
- ;;
- amd64)
- basic_machine=x86_64-pc
- ;;
- amd64-*)
- basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'`
- ;;
- amdahl)
- basic_machine=580-amdahl
- os=-sysv
- ;;
- amiga | amiga-*)
- basic_machine=m68k-unknown
- ;;
- amigaos | amigados)
- basic_machine=m68k-unknown
- os=-amigaos
- ;;
- amigaunix | amix)
- basic_machine=m68k-unknown
- os=-sysv4
- ;;
- apollo68)
- basic_machine=m68k-apollo
- os=-sysv
- ;;
- apollo68bsd)
- basic_machine=m68k-apollo
- os=-bsd
- ;;
- aux)
- basic_machine=m68k-apple
- os=-aux
- ;;
- balance)
- basic_machine=ns32k-sequent
- os=-dynix
- ;;
- c90)
- basic_machine=c90-cray
- os=-unicos
- ;;
- convex-c1)
- basic_machine=c1-convex
- os=-bsd
- ;;
- convex-c2)
- basic_machine=c2-convex
- os=-bsd
- ;;
- convex-c32)
- basic_machine=c32-convex
- os=-bsd
- ;;
- convex-c34)
- basic_machine=c34-convex
- os=-bsd
- ;;
- convex-c38)
- basic_machine=c38-convex
- os=-bsd
- ;;
- cray | j90)
- basic_machine=j90-cray
- os=-unicos
- ;;
- craynv)
- basic_machine=craynv-cray
- os=-unicosmp
- ;;
- cr16c)
- basic_machine=cr16c-unknown
- os=-elf
- ;;
- crds | unos)
- basic_machine=m68k-crds
- ;;
- crisv32 | crisv32-* | etraxfs*)
- basic_machine=crisv32-axis
- ;;
- cris | cris-* | etrax*)
- basic_machine=cris-axis
- ;;
- crx)
- basic_machine=crx-unknown
- os=-elf
- ;;
- da30 | da30-*)
- basic_machine=m68k-da30
- ;;
- decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn)
- basic_machine=mips-dec
- ;;
- decsystem10* | dec10*)
- basic_machine=pdp10-dec
- os=-tops10
- ;;
- decsystem20* | dec20*)
- basic_machine=pdp10-dec
- os=-tops20
- ;;
- delta | 3300 | motorola-3300 | motorola-delta \
- | 3300-motorola | delta-motorola)
- basic_machine=m68k-motorola
- ;;
- delta88)
- basic_machine=m88k-motorola
- os=-sysv3
- ;;
- dpx20 | dpx20-*)
- basic_machine=rs6000-bull
- os=-bosx
- ;;
- dpx2* | dpx2*-bull)
- basic_machine=m68k-bull
- os=-sysv3
- ;;
- ebmon29k)
- basic_machine=a29k-amd
- os=-ebmon
- ;;
- elxsi)
- basic_machine=elxsi-elxsi
- os=-bsd
- ;;
- encore | umax | mmax)
- basic_machine=ns32k-encore
- ;;
- es1800 | OSE68k | ose68k | ose | OSE)
- basic_machine=m68k-ericsson
- os=-ose
- ;;
- fx2800)
- basic_machine=i860-alliant
- ;;
- genix)
- basic_machine=ns32k-ns
- ;;
- gmicro)
- basic_machine=tron-gmicro
- os=-sysv
- ;;
- go32)
- basic_machine=i386-pc
- os=-go32
- ;;
- h3050r* | hiux*)
- basic_machine=hppa1.1-hitachi
- os=-hiuxwe2
- ;;
- h8300hms)
- basic_machine=h8300-hitachi
- os=-hms
- ;;
- h8300xray)
- basic_machine=h8300-hitachi
- os=-xray
- ;;
- h8500hms)
- basic_machine=h8500-hitachi
- os=-hms
- ;;
- harris)
- basic_machine=m88k-harris
- os=-sysv3
- ;;
- hp300-*)
- basic_machine=m68k-hp
- ;;
- hp300bsd)
- basic_machine=m68k-hp
- os=-bsd
- ;;
- hp300hpux)
- basic_machine=m68k-hp
- os=-hpux
- ;;
- hp3k9[0-9][0-9] | hp9[0-9][0-9])
- basic_machine=hppa1.0-hp
- ;;
- hp9k2[0-9][0-9] | hp9k31[0-9])
- basic_machine=m68000-hp
- ;;
- hp9k3[2-9][0-9])
- basic_machine=m68k-hp
- ;;
- hp9k6[0-9][0-9] | hp6[0-9][0-9])
- basic_machine=hppa1.0-hp
- ;;
- hp9k7[0-79][0-9] | hp7[0-79][0-9])
- basic_machine=hppa1.1-hp
- ;;
- hp9k78[0-9] | hp78[0-9])
- # FIXME: really hppa2.0-hp
- basic_machine=hppa1.1-hp
- ;;
- hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893)
- # FIXME: really hppa2.0-hp
- basic_machine=hppa1.1-hp
- ;;
- hp9k8[0-9][13679] | hp8[0-9][13679])
- basic_machine=hppa1.1-hp
- ;;
- hp9k8[0-9][0-9] | hp8[0-9][0-9])
- basic_machine=hppa1.0-hp
- ;;
- hppa-next)
- os=-nextstep3
- ;;
- hppaosf)
- basic_machine=hppa1.1-hp
- os=-osf
- ;;
- hppro)
- basic_machine=hppa1.1-hp
- os=-proelf
- ;;
- i370-ibm* | ibm*)
- basic_machine=i370-ibm
- ;;
-# I'm not sure what "Sysv32" means. Should this be sysv3.2?
- i*86v32)
- basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
- os=-sysv32
- ;;
- i*86v4*)
- basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
- os=-sysv4
- ;;
- i*86v)
- basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
- os=-sysv
- ;;
- i*86sol2)
- basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
- os=-solaris2
- ;;
- i386mach)
- basic_machine=i386-mach
- os=-mach
- ;;
- i386-vsta | vsta)
- basic_machine=i386-unknown
- os=-vsta
- ;;
- iris | iris4d)
- basic_machine=mips-sgi
- case $os in
- -irix*)
- ;;
- *)
- os=-irix4
- ;;
- esac
- ;;
- isi68 | isi)
- basic_machine=m68k-isi
- os=-sysv
- ;;
- m88k-omron*)
- basic_machine=m88k-omron
- ;;
- magnum | m3230)
- basic_machine=mips-mips
- os=-sysv
- ;;
- merlin)
- basic_machine=ns32k-utek
- os=-sysv
- ;;
- mingw32)
- basic_machine=i386-pc
- os=-mingw32
- ;;
- miniframe)
- basic_machine=m68000-convergent
- ;;
- *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*)
- basic_machine=m68k-atari
- os=-mint
- ;;
- mips3*-*)
- basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
- ;;
- mips3*)
- basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
- ;;
- monitor)
- basic_machine=m68k-rom68k
- os=-coff
- ;;
- morphos)
- basic_machine=powerpc-unknown
- os=-morphos
- ;;
- msdos)
- basic_machine=i386-pc
- os=-msdos
- ;;
- mvs)
- basic_machine=i370-ibm
- os=-mvs
- ;;
- ncr3000)
- basic_machine=i486-ncr
- os=-sysv4
- ;;
- netbsd386)
- basic_machine=i386-unknown
- os=-netbsd
- ;;
- netwinder)
- basic_machine=armv4l-rebel
- os=-linux
- ;;
- news | news700 | news800 | news900)
- basic_machine=m68k-sony
- os=-newsos
- ;;
- news1000)
- basic_machine=m68030-sony
- os=-newsos
- ;;
- news-3600 | risc-news)
- basic_machine=mips-sony
- os=-newsos
- ;;
- necv70)
- basic_machine=v70-nec
- os=-sysv
- ;;
- next | m*-next )
- basic_machine=m68k-next
- case $os in
- -nextstep* )
- ;;
- -ns2*)
- os=-nextstep2
- ;;
- *)
- os=-nextstep3
- ;;
- esac
- ;;
- nh3000)
- basic_machine=m68k-harris
- os=-cxux
- ;;
- nh[45]000)
- basic_machine=m88k-harris
- os=-cxux
- ;;
- nindy960)
- basic_machine=i960-intel
- os=-nindy
- ;;
- mon960)
- basic_machine=i960-intel
- os=-mon960
- ;;
- nonstopux)
- basic_machine=mips-compaq
- os=-nonstopux
- ;;
- np1)
- basic_machine=np1-gould
- ;;
- nsr-tandem)
- basic_machine=nsr-tandem
- ;;
- op50n-* | op60c-*)
- basic_machine=hppa1.1-oki
- os=-proelf
- ;;
- or32 | or32-*)
- basic_machine=or32-unknown
- os=-coff
- ;;
- os400)
- basic_machine=powerpc-ibm
- os=-os400
- ;;
- OSE68000 | ose68000)
- basic_machine=m68000-ericsson
- os=-ose
- ;;
- os68k)
- basic_machine=m68k-none
- os=-os68k
- ;;
- pa-hitachi)
- basic_machine=hppa1.1-hitachi
- os=-hiuxwe2
- ;;
- paragon)
- basic_machine=i860-intel
- os=-osf
- ;;
- pbd)
- basic_machine=sparc-tti
- ;;
- pbb)
- basic_machine=m68k-tti
- ;;
- pc532 | pc532-*)
- basic_machine=ns32k-pc532
- ;;
- pentium | p5 | k5 | k6 | nexgen | viac3)
- basic_machine=i586-pc
- ;;
- pentiumpro | p6 | 6x86 | athlon | athlon_*)
- basic_machine=i686-pc
- ;;
- pentiumii | pentium2 | pentiumiii | pentium3)
- basic_machine=i686-pc
- ;;
- pentium4)
- basic_machine=i786-pc
- ;;
- pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*)
- basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
- ;;
- pentiumpro-* | p6-* | 6x86-* | athlon-*)
- basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
- ;;
- pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*)
- basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
- ;;
- pentium4-*)
- basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'`
- ;;
- pn)
- basic_machine=pn-gould
- ;;
- power) basic_machine=power-ibm
- ;;
- ppc) basic_machine=powerpc-unknown
- ;;
- ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
- ;;
- ppcle | powerpclittle | ppc-le | powerpc-little)
- basic_machine=powerpcle-unknown
- ;;
- ppcle-* | powerpclittle-*)
- basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
- ;;
- ppc64) basic_machine=powerpc64-unknown
- ;;
- ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'`
- ;;
- ppc64le | powerpc64little | ppc64-le | powerpc64-little)
- basic_machine=powerpc64le-unknown
- ;;
- ppc64le-* | powerpc64little-*)
- basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'`
- ;;
- ps2)
- basic_machine=i386-ibm
- ;;
- pw32)
- basic_machine=i586-unknown
- os=-pw32
- ;;
- rom68k)
- basic_machine=m68k-rom68k
- os=-coff
- ;;
- rm[46]00)
- basic_machine=mips-siemens
- ;;
- rtpc | rtpc-*)
- basic_machine=romp-ibm
- ;;
- s390 | s390-*)
- basic_machine=s390-ibm
- ;;
- s390x | s390x-*)
- basic_machine=s390x-ibm
- ;;
- sa29200)
- basic_machine=a29k-amd
- os=-udi
- ;;
- sb1)
- basic_machine=mipsisa64sb1-unknown
- ;;
- sb1el)
- basic_machine=mipsisa64sb1el-unknown
- ;;
- sei)
- basic_machine=mips-sei
- os=-seiux
- ;;
- sequent)
- basic_machine=i386-sequent
- ;;
- sh)
- basic_machine=sh-hitachi
- os=-hms
- ;;
- sh64)
- basic_machine=sh64-unknown
- ;;
- sparclite-wrs | simso-wrs)
- basic_machine=sparclite-wrs
- os=-vxworks
- ;;
- sps7)
- basic_machine=m68k-bull
- os=-sysv2
- ;;
- spur)
- basic_machine=spur-unknown
- ;;
- st2000)
- basic_machine=m68k-tandem
- ;;
- stratus)
- basic_machine=i860-stratus
- os=-sysv4
- ;;
- sun2)
- basic_machine=m68000-sun
- ;;
- sun2os3)
- basic_machine=m68000-sun
- os=-sunos3
- ;;
- sun2os4)
- basic_machine=m68000-sun
- os=-sunos4
- ;;
- sun3os3)
- basic_machine=m68k-sun
- os=-sunos3
- ;;
- sun3os4)
- basic_machine=m68k-sun
- os=-sunos4
- ;;
- sun4os3)
- basic_machine=sparc-sun
- os=-sunos3
- ;;
- sun4os4)
- basic_machine=sparc-sun
- os=-sunos4
- ;;
- sun4sol2)
- basic_machine=sparc-sun
- os=-solaris2
- ;;
- sun3 | sun3-*)
- basic_machine=m68k-sun
- ;;
- sun4)
- basic_machine=sparc-sun
- ;;
- sun386 | sun386i | roadrunner)
- basic_machine=i386-sun
- ;;
- sv1)
- basic_machine=sv1-cray
- os=-unicos
- ;;
- symmetry)
- basic_machine=i386-sequent
- os=-dynix
- ;;
- t3e)
- basic_machine=alphaev5-cray
- os=-unicos
- ;;
- t90)
- basic_machine=t90-cray
- os=-unicos
- ;;
- tic54x | c54x*)
- basic_machine=tic54x-unknown
- os=-coff
- ;;
- tic55x | c55x*)
- basic_machine=tic55x-unknown
- os=-coff
- ;;
- tic6x | c6x*)
- basic_machine=tic6x-unknown
- os=-coff
- ;;
- tx39)
- basic_machine=mipstx39-unknown
- ;;
- tx39el)
- basic_machine=mipstx39el-unknown
- ;;
- toad1)
- basic_machine=pdp10-xkl
- os=-tops20
- ;;
- tower | tower-32)
- basic_machine=m68k-ncr
- ;;
- tpf)
- basic_machine=s390x-ibm
- os=-tpf
- ;;
- udi29k)
- basic_machine=a29k-amd
- os=-udi
- ;;
- ultra3)
- basic_machine=a29k-nyu
- os=-sym1
- ;;
- v810 | necv810)
- basic_machine=v810-nec
- os=-none
- ;;
- vaxv)
- basic_machine=vax-dec
- os=-sysv
- ;;
- vms)
- basic_machine=vax-dec
- os=-vms
- ;;
- vpp*|vx|vx-*)
- basic_machine=f301-fujitsu
- ;;
- vxworks960)
- basic_machine=i960-wrs
- os=-vxworks
- ;;
- vxworks68)
- basic_machine=m68k-wrs
- os=-vxworks
- ;;
- vxworks29k)
- basic_machine=a29k-wrs
- os=-vxworks
- ;;
- w65*)
- basic_machine=w65-wdc
- os=-none
- ;;
- w89k-*)
- basic_machine=hppa1.1-winbond
- os=-proelf
- ;;
- xps | xps100)
- basic_machine=xps100-honeywell
- ;;
- ymp)
- basic_machine=ymp-cray
- os=-unicos
- ;;
- z8k-*-coff)
- basic_machine=z8k-unknown
- os=-sim
- ;;
- none)
- basic_machine=none-none
- os=-none
- ;;
-
-# Here we handle the default manufacturer of certain CPU types. It is in
-# some cases the only manufacturer, in others, it is the most popular.
- w89k)
- basic_machine=hppa1.1-winbond
- ;;
- op50n)
- basic_machine=hppa1.1-oki
- ;;
- op60c)
- basic_machine=hppa1.1-oki
- ;;
- romp)
- basic_machine=romp-ibm
- ;;
- mmix)
- basic_machine=mmix-knuth
- ;;
- rs6000)
- basic_machine=rs6000-ibm
- ;;
- vax)
- basic_machine=vax-dec
- ;;
- pdp10)
- # there are many clones, so DEC is not a safe bet
- basic_machine=pdp10-unknown
- ;;
- pdp11)
- basic_machine=pdp11-dec
- ;;
- we32k)
- basic_machine=we32k-att
- ;;
- sh3 | sh4 | sh[34]eb | sh[1234]le | sh[23]ele)
- basic_machine=sh-unknown
- ;;
- sh64)
- basic_machine=sh64-unknown
- ;;
- sparc | sparcv8 | sparcv9 | sparcv9b)
- basic_machine=sparc-sun
- ;;
- cydra)
- basic_machine=cydra-cydrome
- ;;
- orion)
- basic_machine=orion-highlevel
- ;;
- orion105)
- basic_machine=clipper-highlevel
- ;;
- mac | mpw | mac-mpw)
- basic_machine=m68k-apple
- ;;
- pmac | pmac-mpw)
- basic_machine=powerpc-apple
- ;;
- *-unknown)
- # Make sure to match an already-canonicalized machine name.
- ;;
- *)
- echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
- exit 1
- ;;
-esac
-
-# Here we canonicalize certain aliases for manufacturers.
-case $basic_machine in
- *-digital*)
- basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'`
- ;;
- *-commodore*)
- basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'`
- ;;
- *)
- ;;
-esac
-
-# Decode manufacturer-specific aliases for certain operating systems.
-
-if [ x"$os" != x"" ]
-then
-case $os in
- # First match some system type aliases
- # that might get confused with valid system types.
- # -solaris* is a basic system type, with this one exception.
- -solaris1 | -solaris1.*)
- os=`echo $os | sed -e 's|solaris1|sunos4|'`
- ;;
- -solaris)
- os=-solaris2
- ;;
- -svr4*)
- os=-sysv4
- ;;
- -unixware*)
- os=-sysv4.2uw
- ;;
- -gnu/linux*)
- os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'`
- ;;
- # First accept the basic system types.
- # The portable systems comes first.
- # Each alternative MUST END IN A *, to match a version number.
- # -sysv* is not here because it comes later, after sysvr4.
- -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
- | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
- | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
- | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
- | -aos* \
- | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
- | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
- | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* | -openbsd* \
- | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
- | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
- | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
- | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
- | -chorusos* | -chorusrdb* \
- | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
- | -mingw32* | -linux-gnu* | -linux-uclibc* | -uxpv* | -beos* | -mpeix* | -udk* \
- | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
- | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
- | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
- | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
- | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
- | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly*)
- # Remember, each alternative MUST END IN *, to match a version number.
- ;;
- -qnx*)
- case $basic_machine in
- x86-* | i*86-*)
- ;;
- *)
- os=-nto$os
- ;;
- esac
- ;;
- -nto-qnx*)
- ;;
- -nto*)
- os=`echo $os | sed -e 's|nto|nto-qnx|'`
- ;;
- -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
- | -windows* | -osx | -abug | -netware* | -os9* | -beos* \
- | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*)
- ;;
- -mac*)
- os=`echo $os | sed -e 's|mac|macos|'`
- ;;
- -linux-dietlibc)
- os=-linux-dietlibc
- ;;
- -linux*)
- os=`echo $os | sed -e 's|linux|linux-gnu|'`
- ;;
- -sunos5*)
- os=`echo $os | sed -e 's|sunos5|solaris2|'`
- ;;
- -sunos6*)
- os=`echo $os | sed -e 's|sunos6|solaris3|'`
- ;;
- -opened*)
- os=-openedition
- ;;
- -os400*)
- os=-os400
- ;;
- -wince*)
- os=-wince
- ;;
- -osfrose*)
- os=-osfrose
- ;;
- -osf*)
- os=-osf
- ;;
- -utek*)
- os=-bsd
- ;;
- -dynix*)
- os=-bsd
- ;;
- -acis*)
- os=-aos
- ;;
- -atheos*)
- os=-atheos
- ;;
- -syllable*)
- os=-syllable
- ;;
- -386bsd)
- os=-bsd
- ;;
- -ctix* | -uts*)
- os=-sysv
- ;;
- -nova*)
- os=-rtmk-nova
- ;;
- -ns2 )
- os=-nextstep2
- ;;
- -nsk*)
- os=-nsk
- ;;
- # Preserve the version number of sinix5.
- -sinix5.*)
- os=`echo $os | sed -e 's|sinix|sysv|'`
- ;;
- -sinix*)
- os=-sysv4
- ;;
- -tpf*)
- os=-tpf
- ;;
- -triton*)
- os=-sysv3
- ;;
- -oss*)
- os=-sysv3
- ;;
- -svr4)
- os=-sysv4
- ;;
- -svr3)
- os=-sysv3
- ;;
- -sysvr4)
- os=-sysv4
- ;;
- # This must come after -sysvr4.
- -sysv*)
- ;;
- -ose*)
- os=-ose
- ;;
- -es1800*)
- os=-ose
- ;;
- -xenix)
- os=-xenix
- ;;
- -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
- os=-mint
- ;;
- -aros*)
- os=-aros
- ;;
- -kaos*)
- os=-kaos
- ;;
- -none)
- ;;
- *)
- # Get rid of the `-' at the beginning of $os.
- os=`echo $os | sed 's/[^-]*-//'`
- echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2
- exit 1
- ;;
-esac
-else
-
-# Here we handle the default operating systems that come with various machines.
-# The value should be what the vendor currently ships out the door with their
-# machine or put another way, the most popular os provided with the machine.
-
-# Note that if you're going to try to match "-MANUFACTURER" here (say,
-# "-sun"), then you have to tell the case statement up towards the top
-# that MANUFACTURER isn't an operating system. Otherwise, code above
-# will signal an error saying that MANUFACTURER isn't an operating
-# system, and we'll never get to this point.
-
-case $basic_machine in
- *-acorn)
- os=-riscix1.2
- ;;
- arm*-rebel)
- os=-linux
- ;;
- arm*-semi)
- os=-aout
- ;;
- c4x-* | tic4x-*)
- os=-coff
- ;;
- # This must come before the *-dec entry.
- pdp10-*)
- os=-tops20
- ;;
- pdp11-*)
- os=-none
- ;;
- *-dec | vax-*)
- os=-ultrix4.2
- ;;
- m68*-apollo)
- os=-domain
- ;;
- i386-sun)
- os=-sunos4.0.2
- ;;
- m68000-sun)
- os=-sunos3
- # This also exists in the configure program, but was not the
- # default.
- # os=-sunos4
- ;;
- m68*-cisco)
- os=-aout
- ;;
- mips*-cisco)
- os=-elf
- ;;
- mips*-*)
- os=-elf
- ;;
- or32-*)
- os=-coff
- ;;
- *-tti) # must be before sparc entry or we get the wrong os.
- os=-sysv3
- ;;
- sparc-* | *-sun)
- os=-sunos4.1.1
- ;;
- *-be)
- os=-beos
- ;;
- *-ibm)
- os=-aix
- ;;
- *-knuth)
- os=-mmixware
- ;;
- *-wec)
- os=-proelf
- ;;
- *-winbond)
- os=-proelf
- ;;
- *-oki)
- os=-proelf
- ;;
- *-hp)
- os=-hpux
- ;;
- *-hitachi)
- os=-hiux
- ;;
- i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent)
- os=-sysv
- ;;
- *-cbm)
- os=-amigaos
- ;;
- *-dg)
- os=-dgux
- ;;
- *-dolphin)
- os=-sysv3
- ;;
- m68k-ccur)
- os=-rtu
- ;;
- m88k-omron*)
- os=-luna
- ;;
- *-next )
- os=-nextstep
- ;;
- *-sequent)
- os=-ptx
- ;;
- *-crds)
- os=-unos
- ;;
- *-ns)
- os=-genix
- ;;
- i370-*)
- os=-mvs
- ;;
- *-next)
- os=-nextstep3
- ;;
- *-gould)
- os=-sysv
- ;;
- *-highlevel)
- os=-bsd
- ;;
- *-encore)
- os=-bsd
- ;;
- *-sgi)
- os=-irix
- ;;
- *-siemens)
- os=-sysv4
- ;;
- *-masscomp)
- os=-rtu
- ;;
- f30[01]-fujitsu | f700-fujitsu)
- os=-uxpv
- ;;
- *-rom68k)
- os=-coff
- ;;
- *-*bug)
- os=-coff
- ;;
- *-apple)
- os=-macos
- ;;
- *-atari*)
- os=-mint
- ;;
- *)
- os=-none
- ;;
-esac
-fi
-
-# Here we handle the case where we know the os, and the CPU type, but not the
-# manufacturer. We pick the logical manufacturer.
-vendor=unknown
-case $basic_machine in
- *-unknown)
- case $os in
- -riscix*)
- vendor=acorn
- ;;
- -sunos*)
- vendor=sun
- ;;
- -aix*)
- vendor=ibm
- ;;
- -beos*)
- vendor=be
- ;;
- -hpux*)
- vendor=hp
- ;;
- -mpeix*)
- vendor=hp
- ;;
- -hiux*)
- vendor=hitachi
- ;;
- -unos*)
- vendor=crds
- ;;
- -dgux*)
- vendor=dg
- ;;
- -luna*)
- vendor=omron
- ;;
- -genix*)
- vendor=ns
- ;;
- -mvs* | -opened*)
- vendor=ibm
- ;;
- -os400*)
- vendor=ibm
- ;;
- -ptx*)
- vendor=sequent
- ;;
- -tpf*)
- vendor=ibm
- ;;
- -vxsim* | -vxworks* | -windiss*)
- vendor=wrs
- ;;
- -aux*)
- vendor=apple
- ;;
- -hms*)
- vendor=hitachi
- ;;
- -mpw* | -macos*)
- vendor=apple
- ;;
- -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
- vendor=atari
- ;;
- -vos*)
- vendor=stratus
- ;;
- esac
- basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
- ;;
-esac
-
-echo $basic_machine$os
-exit 0
-
-# Local variables:
-# eval: (add-hook 'write-file-hooks 'time-stamp)
-# time-stamp-start: "timestamp='"
-# time-stamp-format: "%:y-%02m-%02d"
-# time-stamp-end: "'"
-# End:
diff --git a/config_in.h b/config_in.h
deleted file mode 100644
index 5951861..0000000
--- a/config_in.h
+++ /dev/null
@@ -1,170 +0,0 @@
-/* config_in.h. Generated from configure.in by autoheader. */
-
-/* Define if building for a CISC machine (e.g. Intel). */
-#undef CPU_CISC
-
-/* Define if building for a RISC machine (assume slow byte access). */
-#undef CPU_RISC
-
-/* Path to random device */
-#undef DEV_URANDOM
-
-/* Define to compile in dynamic debugging system. */
-#undef ENABLE_DEBUGGING
-
-/* Report errors to this file. */
-#undef ERR_REPORTING_FILE
-
-/* Define to use logging to stdout. */
-#undef ERR_REPORTING_STDOUT
-
-/* Define this to use ISMAcryp code. */
-#undef GENERIC_AESICM
-
-/* Define to 1 if you have the <arpa/inet.h> header file. */
-#undef HAVE_ARPA_INET_H
-
-/* Define to 1 if you have the <byteswap.h> header file. */
-#undef HAVE_BYTESWAP_H
-
-/* Define to 1 if you have the `inet_aton' function. */
-#undef HAVE_INET_ATON
-
-/* Define to 1 if the system has the type `int16_t'. */
-#undef HAVE_INT16_T
-
-/* Define to 1 if the system has the type `int32_t'. */
-#undef HAVE_INT32_T
-
-/* Define to 1 if the system has the type `int8_t'. */
-#undef HAVE_INT8_T
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* Define to 1 if you have the `socket' library (-lsocket). */
-#undef HAVE_LIBSOCKET
-
-/* Define to 1 if you have the <machine/types.h> header file. */
-#undef HAVE_MACHINE_TYPES_H
-
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
-/* Define to 1 if you have the <netinet/in.h> header file. */
-#undef HAVE_NETINET_IN_H
-
-/* Define to 1 if you have the `socket' function. */
-#undef HAVE_SOCKET
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#undef HAVE_STDINT_H
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#undef HAVE_STDLIB_H
-
-/* Define to 1 if you have the <strings.h> header file. */
-#undef HAVE_STRINGS_H
-
-/* Define to 1 if you have the <string.h> header file. */
-#undef HAVE_STRING_H
-
-/* Define to 1 if you have the <syslog.h> header file. */
-#undef HAVE_SYSLOG_H
-
-/* Define to 1 if you have the <sys/int_types.h> header file. */
-#undef HAVE_SYS_INT_TYPES_H
-
-/* Define to 1 if you have the <sys/socket.h> header file. */
-#undef HAVE_SYS_SOCKET_H
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#undef HAVE_SYS_STAT_H
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#undef HAVE_SYS_TYPES_H
-
-/* Define to 1 if you have the <sys/uio.h> header file. */
-#undef HAVE_SYS_UIO_H
-
-/* Define to 1 if the system has the type `uint16_t'. */
-#undef HAVE_UINT16_T
-
-/* Define to 1 if the system has the type `uint32_t'. */
-#undef HAVE_UINT32_T
-
-/* Define to 1 if the system has the type `uint64_t'. */
-#undef HAVE_UINT64_T
-
-/* Define to 1 if the system has the type `uint8_t'. */
-#undef HAVE_UINT8_T
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#undef HAVE_UNISTD_H
-
-/* Define to 1 if you have the `usleep' function. */
-#undef HAVE_USLEEP
-
-/* Define to 1 if you have the <windows.h> header file. */
-#undef HAVE_WINDOWS_H
-
-/* Define to 1 if you have the <winsock2.h> header file. */
-#undef HAVE_WINSOCK2_H
-
-/* Define to use X86 inlined assembly code */
-#undef HAVE_X86
-
-/* Define to the address where bug reports for this package should be sent. */
-#undef PACKAGE_BUGREPORT
-
-/* Define to the full name of this package. */
-#undef PACKAGE_NAME
-
-/* Define to the full name and version of this package. */
-#undef PACKAGE_STRING
-
-/* Define to the one symbol short name of this package. */
-#undef PACKAGE_TARNAME
-
-/* Define to the version of this package. */
-#undef PACKAGE_VERSION
-
-/* The size of a `unsigned long', as computed by sizeof. */
-#undef SIZEOF_UNSIGNED_LONG
-
-/* The size of a `unsigned long long', as computed by sizeof. */
-#undef SIZEOF_UNSIGNED_LONG_LONG
-
-/* Define to use GDOI. */
-#undef SRTP_GDOI
-
-/* Define to compile for kernel contexts. */
-#undef SRTP_KERNEL
-
-/* Define to compile for Linux kernel context. */
-#undef SRTP_KERNEL_LINUX
-
-/* Define to 1 if you have the ANSI C header files. */
-#undef STDC_HEADERS
-
-/* Write errors to this file */
-#undef USE_ERR_REPORTING_FILE
-
-/* Define to use syslog logging. */
-#undef USE_SYSLOG
-
-/* Define to 1 if your processor stores words with the most significant byte
- first (like Motorola and SPARC, unlike Intel and VAX). */
-#undef WORDS_BIGENDIAN
-
-/* Define to empty if `const' does not conform to ANSI C. */
-#undef const
-
-/* Define to `__inline__' or `__inline' if that's what the C compiler
- calls it, or to nothing if 'inline' is not supported under any name. */
-#ifndef __cplusplus
-#undef inline
-#endif
-
-/* Define to `unsigned' if <sys/types.h> does not define. */
-#undef size_t
diff --git a/configure b/configure
deleted file mode 100755
index 1bc6fc4..0000000
--- a/configure
+++ /dev/null
@@ -1,8606 +0,0 @@
-#! /bin/sh
-# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.59.
-#
-# Copyright (C) 2003 Free Software Foundation, Inc.
-# This configure script is free software; the Free Software Foundation
-# gives unlimited permission to copy, distribute and modify it.
-## --------------------- ##
-## M4sh Initialization. ##
-## --------------------- ##
-
-# Be Bourne compatible
-if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
- emulate sh
- NULLCMD=:
- # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
- # is contrary to our usage. Disable this feature.
- alias -g '${1+"$@"}'='"$@"'
-elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then
- set -o posix
-fi
-DUALCASE=1; export DUALCASE # for MKS sh
-
-# Support unset when possible.
-if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
- as_unset=unset
-else
- as_unset=false
-fi
-
-
-# Work around bugs in pre-3.0 UWIN ksh.
-$as_unset ENV MAIL MAILPATH
-PS1='$ '
-PS2='> '
-PS4='+ '
-
-# NLS nuisances.
-for as_var in \
- LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \
- LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \
- LC_TELEPHONE LC_TIME
-do
- if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then
- eval $as_var=C; export $as_var
- else
- $as_unset $as_var
- fi
-done
-
-# Required to use basename.
-if expr a : '\(a\)' >/dev/null 2>&1; then
- as_expr=expr
-else
- as_expr=false
-fi
-
-if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then
- as_basename=basename
-else
- as_basename=false
-fi
-
-
-# Name of the executable.
-as_me=`$as_basename "$0" ||
-$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
- X"$0" : 'X\(//\)$' \| \
- X"$0" : 'X\(/\)$' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X/"$0" |
- sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; }
- /^X\/\(\/\/\)$/{ s//\1/; q; }
- /^X\/\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
-
-
-# PATH needs CR, and LINENO needs CR and PATH.
-# Avoid depending upon Character Ranges.
-as_cr_letters='abcdefghijklmnopqrstuvwxyz'
-as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
-as_cr_Letters=$as_cr_letters$as_cr_LETTERS
-as_cr_digits='0123456789'
-as_cr_alnum=$as_cr_Letters$as_cr_digits
-
-# The user is always right.
-if test "${PATH_SEPARATOR+set}" != set; then
- echo "#! /bin/sh" >conf$$.sh
- echo "exit 0" >>conf$$.sh
- chmod +x conf$$.sh
- if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
- PATH_SEPARATOR=';'
- else
- PATH_SEPARATOR=:
- fi
- rm -f conf$$.sh
-fi
-
-
- as_lineno_1=$LINENO
- as_lineno_2=$LINENO
- as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
- test "x$as_lineno_1" != "x$as_lineno_2" &&
- test "x$as_lineno_3" = "x$as_lineno_2" || {
- # Find who we are. Look in the path if we contain no path at all
- # relative or not.
- case $0 in
- *[\\/]* ) as_myself=$0 ;;
- *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
-done
-
- ;;
- esac
- # We did not find ourselves, most probably we were run as `sh COMMAND'
- # in which case we are not to be found in the path.
- if test "x$as_myself" = x; then
- as_myself=$0
- fi
- if test ! -f "$as_myself"; then
- { echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2
- { (exit 1); exit 1; }; }
- fi
- case $CONFIG_SHELL in
- '')
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for as_base in sh bash ksh sh5; do
- case $as_dir in
- /*)
- if ("$as_dir/$as_base" -c '
- as_lineno_1=$LINENO
- as_lineno_2=$LINENO
- as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
- test "x$as_lineno_1" != "x$as_lineno_2" &&
- test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then
- $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; }
- $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; }
- CONFIG_SHELL=$as_dir/$as_base
- export CONFIG_SHELL
- exec "$CONFIG_SHELL" "$0" ${1+"$@"}
- fi;;
- esac
- done
-done
-;;
- esac
-
- # Create $as_me.lineno as a copy of $as_myself, but with $LINENO
- # uniformly replaced by the line number. The first 'sed' inserts a
- # line-number line before each line; the second 'sed' does the real
- # work. The second script uses 'N' to pair each line-number line
- # with the numbered line, and appends trailing '-' during
- # substitution so that $LINENO is not a special case at line end.
- # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the
- # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-)
- sed '=' <$as_myself |
- sed '
- N
- s,$,-,
- : loop
- s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3,
- t loop
- s,-$,,
- s,^['$as_cr_digits']*\n,,
- ' >$as_me.lineno &&
- chmod +x $as_me.lineno ||
- { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2
- { (exit 1); exit 1; }; }
-
- # Don't try to exec as it changes $[0], causing all sort of problems
- # (the dirname of $[0] is not the place where we might find the
- # original and so on. Autoconf is especially sensible to this).
- . ./$as_me.lineno
- # Exit status is that of the last command.
- exit
-}
-
-
-case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in
- *c*,-n*) ECHO_N= ECHO_C='
-' ECHO_T=' ' ;;
- *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;;
- *) ECHO_N= ECHO_C='\c' ECHO_T= ;;
-esac
-
-if expr a : '\(a\)' >/dev/null 2>&1; then
- as_expr=expr
-else
- as_expr=false
-fi
-
-rm -f conf$$ conf$$.exe conf$$.file
-echo >conf$$.file
-if ln -s conf$$.file conf$$ 2>/dev/null; then
- # We could just check for DJGPP; but this test a) works b) is more generic
- # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04).
- if test -f conf$$.exe; then
- # Don't use ln at all; we don't have any links
- as_ln_s='cp -p'
- else
- as_ln_s='ln -s'
- fi
-elif ln conf$$.file conf$$ 2>/dev/null; then
- as_ln_s=ln
-else
- as_ln_s='cp -p'
-fi
-rm -f conf$$ conf$$.exe conf$$.file
-
-if mkdir -p . 2>/dev/null; then
- as_mkdir_p=:
-else
- test -d ./-p && rmdir ./-p
- as_mkdir_p=false
-fi
-
-as_executable_p="test -f"
-
-# Sed expression to map a string onto a valid CPP name.
-as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
-
-# Sed expression to map a string onto a valid variable name.
-as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
-
-
-# IFS
-# We need space, tab and new line, in precisely that order.
-as_nl='
-'
-IFS=" $as_nl"
-
-# CDPATH.
-$as_unset CDPATH
-
-
-# Name of the host.
-# hostname on some systems (SVR3.2, Linux) returns a bogus exit status,
-# so uname gets run too.
-ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q`
-
-exec 6>&1
-
-#
-# Initializations.
-#
-ac_default_prefix=/usr/local
-ac_config_libobj_dir=.
-cross_compiling=no
-subdirs=
-MFLAGS=
-MAKEFLAGS=
-SHELL=${CONFIG_SHELL-/bin/sh}
-
-# Maximum number of lines to put in a shell here document.
-# This variable seems obsolete. It should probably be removed, and
-# only ac_max_sed_lines should be used.
-: ${ac_max_here_lines=38}
-
-# Identity of this package.
-PACKAGE_NAME=
-PACKAGE_TARNAME=
-PACKAGE_VERSION=
-PACKAGE_STRING=
-PACKAGE_BUGREPORT=
-
-ac_unique_file="srtp"
-# Factoring default headers for most tests.
-ac_includes_default="\
-#include <stdio.h>
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#if HAVE_SYS_STAT_H
-# include <sys/stat.h>
-#endif
-#if STDC_HEADERS
-# include <stdlib.h>
-# include <stddef.h>
-#else
-# if HAVE_STDLIB_H
-# include <stdlib.h>
-# endif
-#endif
-#if HAVE_STRING_H
-# if !STDC_HEADERS && HAVE_MEMORY_H
-# include <memory.h>
-# endif
-# include <string.h>
-#endif
-#if HAVE_STRINGS_H
-# include <strings.h>
-#endif
-#if HAVE_INTTYPES_H
-# include <inttypes.h>
-#else
-# if HAVE_STDINT_H
-# include <stdint.h>
-# endif
-#endif
-#if HAVE_UNISTD_H
-# include <unistd.h>
-#endif"
-
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS RANLIB ac_ct_RANLIB CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA build build_cpu build_vendor build_os host host_cpu host_vendor host_os EXE RNG_OBJS CPP EGREP GDOI_OBJS LIBOBJS LTLIBOBJS'
-ac_subst_files=''
-
-# Initialize some variables set by options.
-ac_init_help=
-ac_init_version=false
-# The variables have the same names as the options, with
-# dashes changed to underlines.
-cache_file=/dev/null
-exec_prefix=NONE
-no_create=
-no_recursion=
-prefix=NONE
-program_prefix=NONE
-program_suffix=NONE
-program_transform_name=s,x,x,
-silent=
-site=
-srcdir=
-verbose=
-x_includes=NONE
-x_libraries=NONE
-
-# Installation directory options.
-# These are left unexpanded so users can "make install exec_prefix=/foo"
-# and all the variables that are supposed to be based on exec_prefix
-# by default will actually change.
-# Use braces instead of parens because sh, perl, etc. also accept them.
-bindir='${exec_prefix}/bin'
-sbindir='${exec_prefix}/sbin'
-libexecdir='${exec_prefix}/libexec'
-datadir='${prefix}/share'
-sysconfdir='${prefix}/etc'
-sharedstatedir='${prefix}/com'
-localstatedir='${prefix}/var'
-libdir='${exec_prefix}/lib'
-includedir='${prefix}/include'
-oldincludedir='/usr/include'
-infodir='${prefix}/info'
-mandir='${prefix}/man'
-
-ac_prev=
-for ac_option
-do
- # If the previous option needs an argument, assign it.
- if test -n "$ac_prev"; then
- eval "$ac_prev=\$ac_option"
- ac_prev=
- continue
- fi
-
- ac_optarg=`expr "x$ac_option" : 'x[^=]*=\(.*\)'`
-
- # Accept the important Cygnus configure options, so we can diagnose typos.
-
- case $ac_option in
-
- -bindir | --bindir | --bindi | --bind | --bin | --bi)
- ac_prev=bindir ;;
- -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
- bindir=$ac_optarg ;;
-
- -build | --build | --buil | --bui | --bu)
- ac_prev=build_alias ;;
- -build=* | --build=* | --buil=* | --bui=* | --bu=*)
- build_alias=$ac_optarg ;;
-
- -cache-file | --cache-file | --cache-fil | --cache-fi \
- | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
- ac_prev=cache_file ;;
- -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
- | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
- cache_file=$ac_optarg ;;
-
- --config-cache | -C)
- cache_file=config.cache ;;
-
- -datadir | --datadir | --datadi | --datad | --data | --dat | --da)
- ac_prev=datadir ;;
- -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \
- | --da=*)
- datadir=$ac_optarg ;;
-
- -disable-* | --disable-*)
- ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
- # Reject names that are not valid shell variable names.
- expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null &&
- { echo "$as_me: error: invalid feature name: $ac_feature" >&2
- { (exit 1); exit 1; }; }
- ac_feature=`echo $ac_feature | sed 's/-/_/g'`
- eval "enable_$ac_feature=no" ;;
-
- -enable-* | --enable-*)
- ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
- # Reject names that are not valid shell variable names.
- expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null &&
- { echo "$as_me: error: invalid feature name: $ac_feature" >&2
- { (exit 1); exit 1; }; }
- ac_feature=`echo $ac_feature | sed 's/-/_/g'`
- case $ac_option in
- *=*) ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`;;
- *) ac_optarg=yes ;;
- esac
- eval "enable_$ac_feature='$ac_optarg'" ;;
-
- -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
- | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
- | --exec | --exe | --ex)
- ac_prev=exec_prefix ;;
- -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
- | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
- | --exec=* | --exe=* | --ex=*)
- exec_prefix=$ac_optarg ;;
-
- -gas | --gas | --ga | --g)
- # Obsolete; use --with-gas.
- with_gas=yes ;;
-
- -help | --help | --hel | --he | -h)
- ac_init_help=long ;;
- -help=r* | --help=r* | --hel=r* | --he=r* | -hr*)
- ac_init_help=recursive ;;
- -help=s* | --help=s* | --hel=s* | --he=s* | -hs*)
- ac_init_help=short ;;
-
- -host | --host | --hos | --ho)
- ac_prev=host_alias ;;
- -host=* | --host=* | --hos=* | --ho=*)
- host_alias=$ac_optarg ;;
-
- -includedir | --includedir | --includedi | --included | --include \
- | --includ | --inclu | --incl | --inc)
- ac_prev=includedir ;;
- -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
- | --includ=* | --inclu=* | --incl=* | --inc=*)
- includedir=$ac_optarg ;;
-
- -infodir | --infodir | --infodi | --infod | --info | --inf)
- ac_prev=infodir ;;
- -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
- infodir=$ac_optarg ;;
-
- -libdir | --libdir | --libdi | --libd)
- ac_prev=libdir ;;
- -libdir=* | --libdir=* | --libdi=* | --libd=*)
- libdir=$ac_optarg ;;
-
- -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
- | --libexe | --libex | --libe)
- ac_prev=libexecdir ;;
- -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
- | --libexe=* | --libex=* | --libe=*)
- libexecdir=$ac_optarg ;;
-
- -localstatedir | --localstatedir | --localstatedi | --localstated \
- | --localstate | --localstat | --localsta | --localst \
- | --locals | --local | --loca | --loc | --lo)
- ac_prev=localstatedir ;;
- -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
- | --localstate=* | --localstat=* | --localsta=* | --localst=* \
- | --locals=* | --local=* | --loca=* | --loc=* | --lo=*)
- localstatedir=$ac_optarg ;;
-
- -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
- ac_prev=mandir ;;
- -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
- mandir=$ac_optarg ;;
-
- -nfp | --nfp | --nf)
- # Obsolete; use --without-fp.
- with_fp=no ;;
-
- -no-create | --no-create | --no-creat | --no-crea | --no-cre \
- | --no-cr | --no-c | -n)
- no_create=yes ;;
-
- -no-recursion | --no-recursion | --no-recursio | --no-recursi \
- | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
- no_recursion=yes ;;
-
- -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
- | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
- | --oldin | --oldi | --old | --ol | --o)
- ac_prev=oldincludedir ;;
- -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
- | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
- | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
- oldincludedir=$ac_optarg ;;
-
- -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
- ac_prev=prefix ;;
- -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
- prefix=$ac_optarg ;;
-
- -program-prefix | --program-prefix | --program-prefi | --program-pref \
- | --program-pre | --program-pr | --program-p)
- ac_prev=program_prefix ;;
- -program-prefix=* | --program-prefix=* | --program-prefi=* \
- | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
- program_prefix=$ac_optarg ;;
-
- -program-suffix | --program-suffix | --program-suffi | --program-suff \
- | --program-suf | --program-su | --program-s)
- ac_prev=program_suffix ;;
- -program-suffix=* | --program-suffix=* | --program-suffi=* \
- | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
- program_suffix=$ac_optarg ;;
-
- -program-transform-name | --program-transform-name \
- | --program-transform-nam | --program-transform-na \
- | --program-transform-n | --program-transform- \
- | --program-transform | --program-transfor \
- | --program-transfo | --program-transf \
- | --program-trans | --program-tran \
- | --progr-tra | --program-tr | --program-t)
- ac_prev=program_transform_name ;;
- -program-transform-name=* | --program-transform-name=* \
- | --program-transform-nam=* | --program-transform-na=* \
- | --program-transform-n=* | --program-transform-=* \
- | --program-transform=* | --program-transfor=* \
- | --program-transfo=* | --program-transf=* \
- | --program-trans=* | --program-tran=* \
- | --progr-tra=* | --program-tr=* | --program-t=*)
- program_transform_name=$ac_optarg ;;
-
- -q | -quiet | --quiet | --quie | --qui | --qu | --q \
- | -silent | --silent | --silen | --sile | --sil)
- silent=yes ;;
-
- -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
- ac_prev=sbindir ;;
- -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
- | --sbi=* | --sb=*)
- sbindir=$ac_optarg ;;
-
- -sharedstatedir | --sharedstatedir | --sharedstatedi \
- | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
- | --sharedst | --shareds | --shared | --share | --shar \
- | --sha | --sh)
- ac_prev=sharedstatedir ;;
- -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
- | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
- | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
- | --sha=* | --sh=*)
- sharedstatedir=$ac_optarg ;;
-
- -site | --site | --sit)
- ac_prev=site ;;
- -site=* | --site=* | --sit=*)
- site=$ac_optarg ;;
-
- -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
- ac_prev=srcdir ;;
- -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
- srcdir=$ac_optarg ;;
-
- -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
- | --syscon | --sysco | --sysc | --sys | --sy)
- ac_prev=sysconfdir ;;
- -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
- | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
- sysconfdir=$ac_optarg ;;
-
- -target | --target | --targe | --targ | --tar | --ta | --t)
- ac_prev=target_alias ;;
- -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
- target_alias=$ac_optarg ;;
-
- -v | -verbose | --verbose | --verbos | --verbo | --verb)
- verbose=yes ;;
-
- -version | --version | --versio | --versi | --vers | -V)
- ac_init_version=: ;;
-
- -with-* | --with-*)
- ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
- # Reject names that are not valid shell variable names.
- expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null &&
- { echo "$as_me: error: invalid package name: $ac_package" >&2
- { (exit 1); exit 1; }; }
- ac_package=`echo $ac_package| sed 's/-/_/g'`
- case $ac_option in
- *=*) ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`;;
- *) ac_optarg=yes ;;
- esac
- eval "with_$ac_package='$ac_optarg'" ;;
-
- -without-* | --without-*)
- ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'`
- # Reject names that are not valid shell variable names.
- expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null &&
- { echo "$as_me: error: invalid package name: $ac_package" >&2
- { (exit 1); exit 1; }; }
- ac_package=`echo $ac_package | sed 's/-/_/g'`
- eval "with_$ac_package=no" ;;
-
- --x)
- # Obsolete; use --with-x.
- with_x=yes ;;
-
- -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
- | --x-incl | --x-inc | --x-in | --x-i)
- ac_prev=x_includes ;;
- -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
- | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
- x_includes=$ac_optarg ;;
-
- -x-libraries | --x-libraries | --x-librarie | --x-librari \
- | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
- ac_prev=x_libraries ;;
- -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
- | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
- x_libraries=$ac_optarg ;;
-
- -*) { echo "$as_me: error: unrecognized option: $ac_option
-Try \`$0 --help' for more information." >&2
- { (exit 1); exit 1; }; }
- ;;
-
- *=*)
- ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='`
- # Reject names that are not valid shell variable names.
- expr "x$ac_envvar" : ".*[^_$as_cr_alnum]" >/dev/null &&
- { echo "$as_me: error: invalid variable name: $ac_envvar" >&2
- { (exit 1); exit 1; }; }
- ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`
- eval "$ac_envvar='$ac_optarg'"
- export $ac_envvar ;;
-
- *)
- # FIXME: should be removed in autoconf 3.0.
- echo "$as_me: WARNING: you should use --build, --host, --target" >&2
- expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
- echo "$as_me: WARNING: invalid host type: $ac_option" >&2
- : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}
- ;;
-
- esac
-done
-
-if test -n "$ac_prev"; then
- ac_option=--`echo $ac_prev | sed 's/_/-/g'`
- { echo "$as_me: error: missing argument to $ac_option" >&2
- { (exit 1); exit 1; }; }
-fi
-
-# Be sure to have absolute paths.
-for ac_var in exec_prefix prefix
-do
- eval ac_val=$`echo $ac_var`
- case $ac_val in
- [\\/$]* | ?:[\\/]* | NONE | '' ) ;;
- *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2
- { (exit 1); exit 1; }; };;
- esac
-done
-
-# Be sure to have absolute paths.
-for ac_var in bindir sbindir libexecdir datadir sysconfdir sharedstatedir \
- localstatedir libdir includedir oldincludedir infodir mandir
-do
- eval ac_val=$`echo $ac_var`
- case $ac_val in
- [\\/$]* | ?:[\\/]* ) ;;
- *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2
- { (exit 1); exit 1; }; };;
- esac
-done
-
-# There might be people who depend on the old broken behavior: `$host'
-# used to hold the argument of --host etc.
-# FIXME: To remove some day.
-build=$build_alias
-host=$host_alias
-target=$target_alias
-
-# FIXME: To remove some day.
-if test "x$host_alias" != x; then
- if test "x$build_alias" = x; then
- cross_compiling=maybe
- echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host.
- If a cross compiler is detected then cross compile mode will be used." >&2
- elif test "x$build_alias" != "x$host_alias"; then
- cross_compiling=yes
- fi
-fi
-
-ac_tool_prefix=
-test -n "$host_alias" && ac_tool_prefix=$host_alias-
-
-test "$silent" = yes && exec 6>/dev/null
-
-
-# Find the source files, if location was not specified.
-if test -z "$srcdir"; then
- ac_srcdir_defaulted=yes
- # Try the directory containing this script, then its parent.
- ac_confdir=`(dirname "$0") 2>/dev/null ||
-$as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$0" : 'X\(//\)[^/]' \| \
- X"$0" : 'X\(//\)$' \| \
- X"$0" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$0" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- srcdir=$ac_confdir
- if test ! -r $srcdir/$ac_unique_file; then
- srcdir=..
- fi
-else
- ac_srcdir_defaulted=no
-fi
-if test ! -r $srcdir/$ac_unique_file; then
- if test "$ac_srcdir_defaulted" = yes; then
- { echo "$as_me: error: cannot find sources ($ac_unique_file) in $ac_confdir or .." >&2
- { (exit 1); exit 1; }; }
- else
- { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2
- { (exit 1); exit 1; }; }
- fi
-fi
-(cd $srcdir && test -r ./$ac_unique_file) 2>/dev/null ||
- { echo "$as_me: error: sources are in $srcdir, but \`cd $srcdir' does not work" >&2
- { (exit 1); exit 1; }; }
-srcdir=`echo "$srcdir" | sed 's%\([^\\/]\)[\\/]*$%\1%'`
-ac_env_build_alias_set=${build_alias+set}
-ac_env_build_alias_value=$build_alias
-ac_cv_env_build_alias_set=${build_alias+set}
-ac_cv_env_build_alias_value=$build_alias
-ac_env_host_alias_set=${host_alias+set}
-ac_env_host_alias_value=$host_alias
-ac_cv_env_host_alias_set=${host_alias+set}
-ac_cv_env_host_alias_value=$host_alias
-ac_env_target_alias_set=${target_alias+set}
-ac_env_target_alias_value=$target_alias
-ac_cv_env_target_alias_set=${target_alias+set}
-ac_cv_env_target_alias_value=$target_alias
-ac_env_CC_set=${CC+set}
-ac_env_CC_value=$CC
-ac_cv_env_CC_set=${CC+set}
-ac_cv_env_CC_value=$CC
-ac_env_CFLAGS_set=${CFLAGS+set}
-ac_env_CFLAGS_value=$CFLAGS
-ac_cv_env_CFLAGS_set=${CFLAGS+set}
-ac_cv_env_CFLAGS_value=$CFLAGS
-ac_env_LDFLAGS_set=${LDFLAGS+set}
-ac_env_LDFLAGS_value=$LDFLAGS
-ac_cv_env_LDFLAGS_set=${LDFLAGS+set}
-ac_cv_env_LDFLAGS_value=$LDFLAGS
-ac_env_CPPFLAGS_set=${CPPFLAGS+set}
-ac_env_CPPFLAGS_value=$CPPFLAGS
-ac_cv_env_CPPFLAGS_set=${CPPFLAGS+set}
-ac_cv_env_CPPFLAGS_value=$CPPFLAGS
-ac_env_CPP_set=${CPP+set}
-ac_env_CPP_value=$CPP
-ac_cv_env_CPP_set=${CPP+set}
-ac_cv_env_CPP_value=$CPP
-
-#
-# Report the --help message.
-#
-if test "$ac_init_help" = "long"; then
- # Omit some internal or obsolete options to make the list less imposing.
- # This message is too long to be a string in the A/UX 3.1 sh.
- cat <<_ACEOF
-\`configure' configures this package to adapt to many kinds of systems.
-
-Usage: $0 [OPTION]... [VAR=VALUE]...
-
-To assign environment variables (e.g., CC, CFLAGS...), specify them as
-VAR=VALUE. See below for descriptions of some of the useful variables.
-
-Defaults for the options are specified in brackets.
-
-Configuration:
- -h, --help display this help and exit
- --help=short display options specific to this package
- --help=recursive display the short help of all the included packages
- -V, --version display version information and exit
- -q, --quiet, --silent do not print \`checking...' messages
- --cache-file=FILE cache test results in FILE [disabled]
- -C, --config-cache alias for \`--cache-file=config.cache'
- -n, --no-create do not create output files
- --srcdir=DIR find the sources in DIR [configure dir or \`..']
-
-_ACEOF
-
- cat <<_ACEOF
-Installation directories:
- --prefix=PREFIX install architecture-independent files in PREFIX
- [$ac_default_prefix]
- --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
- [PREFIX]
-
-By default, \`make install' will install all the files in
-\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify
-an installation prefix other than \`$ac_default_prefix' using \`--prefix',
-for instance \`--prefix=\$HOME'.
-
-For better control, use the options below.
-
-Fine tuning of the installation directories:
- --bindir=DIR user executables [EPREFIX/bin]
- --sbindir=DIR system admin executables [EPREFIX/sbin]
- --libexecdir=DIR program executables [EPREFIX/libexec]
- --datadir=DIR read-only architecture-independent data [PREFIX/share]
- --sysconfdir=DIR read-only single-machine data [PREFIX/etc]
- --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
- --localstatedir=DIR modifiable single-machine data [PREFIX/var]
- --libdir=DIR object code libraries [EPREFIX/lib]
- --includedir=DIR C header files [PREFIX/include]
- --oldincludedir=DIR C header files for non-gcc [/usr/include]
- --infodir=DIR info documentation [PREFIX/info]
- --mandir=DIR man documentation [PREFIX/man]
-_ACEOF
-
- cat <<\_ACEOF
-
-System types:
- --build=BUILD configure for building on BUILD [guessed]
- --host=HOST cross-compile to build programs to run on HOST [BUILD]
-_ACEOF
-fi
-
-if test -n "$ac_init_help"; then
-
- cat <<\_ACEOF
-
-Optional Features:
- --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
- --enable-FEATURE[=ARG] include FEATURE [ARG=yes]
- --enable-kernel-linux build library to run in Linux kernel context
- --disable-debug do not compile in dynamic debugging system
- --enable-generic-aesicm compile in changes for ISMAcryp
- --enable-syslog use syslog for error reporting
- --disable-stdout don't use stdout for error reporting
- --enable-console use /dev/console for error reporting
- --enable-gdoi enable GDOI key management
-
-Some influential environment variables:
- CC C compiler command
- CFLAGS C compiler flags
- LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
- nonstandard directory <lib dir>
- CPPFLAGS C/C++ preprocessor flags, e.g. -I<include dir> if you have
- headers in a nonstandard directory <include dir>
- CPP C preprocessor
-
-Use these variables to override the choices made by `configure' or to help
-it to find libraries and programs with nonstandard names/locations.
-
-_ACEOF
-fi
-
-if test "$ac_init_help" = "recursive"; then
- # If there are subdirs, report their specific --help.
- ac_popdir=`pwd`
- for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
- test -d $ac_dir || continue
- ac_builddir=.
-
-if test "$ac_dir" != .; then
- ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
- # A "../" for each directory in $ac_dir_suffix.
- ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'`
-else
- ac_dir_suffix= ac_top_builddir=
-fi
-
-case $srcdir in
- .) # No --srcdir option. We are building in place.
- ac_srcdir=.
- if test -z "$ac_top_builddir"; then
- ac_top_srcdir=.
- else
- ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'`
- fi ;;
- [\\/]* | ?:[\\/]* ) # Absolute path.
- ac_srcdir=$srcdir$ac_dir_suffix;
- ac_top_srcdir=$srcdir ;;
- *) # Relative path.
- ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix
- ac_top_srcdir=$ac_top_builddir$srcdir ;;
-esac
-
-# Do not use `cd foo && pwd` to compute absolute paths, because
-# the directories may not exist.
-case `pwd` in
-.) ac_abs_builddir="$ac_dir";;
-*)
- case "$ac_dir" in
- .) ac_abs_builddir=`pwd`;;
- [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";;
- *) ac_abs_builddir=`pwd`/"$ac_dir";;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_top_builddir=${ac_top_builddir}.;;
-*)
- case ${ac_top_builddir}. in
- .) ac_abs_top_builddir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;;
- *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_srcdir=$ac_srcdir;;
-*)
- case $ac_srcdir in
- .) ac_abs_srcdir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;;
- *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_top_srcdir=$ac_top_srcdir;;
-*)
- case $ac_top_srcdir in
- .) ac_abs_top_srcdir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;;
- *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;;
- esac;;
-esac
-
- cd $ac_dir
- # Check for guested configure; otherwise get Cygnus style configure.
- if test -f $ac_srcdir/configure.gnu; then
- echo
- $SHELL $ac_srcdir/configure.gnu --help=recursive
- elif test -f $ac_srcdir/configure; then
- echo
- $SHELL $ac_srcdir/configure --help=recursive
- elif test -f $ac_srcdir/configure.ac ||
- test -f $ac_srcdir/configure.in; then
- echo
- $ac_configure --help
- else
- echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
- fi
- cd $ac_popdir
- done
-fi
-
-test -n "$ac_init_help" && exit 0
-if $ac_init_version; then
- cat <<\_ACEOF
-
-Copyright (C) 2003 Free Software Foundation, Inc.
-This configure script is free software; the Free Software Foundation
-gives unlimited permission to copy, distribute and modify it.
-_ACEOF
- exit 0
-fi
-exec 5>config.log
-cat >&5 <<_ACEOF
-This file contains any messages produced by compilers while
-running configure, to aid debugging if configure makes a mistake.
-
-It was created by $as_me, which was
-generated by GNU Autoconf 2.59. Invocation command line was
-
- $ $0 $@
-
-_ACEOF
-{
-cat <<_ASUNAME
-## --------- ##
-## Platform. ##
-## --------- ##
-
-hostname = `(hostname || uname -n) 2>/dev/null | sed 1q`
-uname -m = `(uname -m) 2>/dev/null || echo unknown`
-uname -r = `(uname -r) 2>/dev/null || echo unknown`
-uname -s = `(uname -s) 2>/dev/null || echo unknown`
-uname -v = `(uname -v) 2>/dev/null || echo unknown`
-
-/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown`
-/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown`
-
-/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown`
-/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown`
-/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown`
-hostinfo = `(hostinfo) 2>/dev/null || echo unknown`
-/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown`
-/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown`
-/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown`
-
-_ASUNAME
-
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- echo "PATH: $as_dir"
-done
-
-} >&5
-
-cat >&5 <<_ACEOF
-
-
-## ----------- ##
-## Core tests. ##
-## ----------- ##
-
-_ACEOF
-
-
-# Keep a trace of the command line.
-# Strip out --no-create and --no-recursion so they do not pile up.
-# Strip out --silent because we don't want to record it for future runs.
-# Also quote any args containing shell meta-characters.
-# Make two passes to allow for proper duplicate-argument suppression.
-ac_configure_args=
-ac_configure_args0=
-ac_configure_args1=
-ac_sep=
-ac_must_keep_next=false
-for ac_pass in 1 2
-do
- for ac_arg
- do
- case $ac_arg in
- -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;;
- -q | -quiet | --quiet | --quie | --qui | --qu | --q \
- | -silent | --silent | --silen | --sile | --sil)
- continue ;;
- *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*)
- ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
- esac
- case $ac_pass in
- 1) ac_configure_args0="$ac_configure_args0 '$ac_arg'" ;;
- 2)
- ac_configure_args1="$ac_configure_args1 '$ac_arg'"
- if test $ac_must_keep_next = true; then
- ac_must_keep_next=false # Got value, back to normal.
- else
- case $ac_arg in
- *=* | --config-cache | -C | -disable-* | --disable-* \
- | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \
- | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \
- | -with-* | --with-* | -without-* | --without-* | --x)
- case "$ac_configure_args0 " in
- "$ac_configure_args1"*" '$ac_arg' "* ) continue ;;
- esac
- ;;
- -* ) ac_must_keep_next=true ;;
- esac
- fi
- ac_configure_args="$ac_configure_args$ac_sep'$ac_arg'"
- # Get rid of the leading space.
- ac_sep=" "
- ;;
- esac
- done
-done
-$as_unset ac_configure_args0 || test "${ac_configure_args0+set}" != set || { ac_configure_args0=; export ac_configure_args0; }
-$as_unset ac_configure_args1 || test "${ac_configure_args1+set}" != set || { ac_configure_args1=; export ac_configure_args1; }
-
-# When interrupted or exit'd, cleanup temporary files, and complete
-# config.log. We remove comments because anyway the quotes in there
-# would cause problems or look ugly.
-# WARNING: Be sure not to use single quotes in there, as some shells,
-# such as our DU 5.0 friend, will then `close' the trap.
-trap 'exit_status=$?
- # Save into config.log some information that might help in debugging.
- {
- echo
-
- cat <<\_ASBOX
-## ---------------- ##
-## Cache variables. ##
-## ---------------- ##
-_ASBOX
- echo
- # The following way of writing the cache mishandles newlines in values,
-{
- (set) 2>&1 |
- case `(ac_space='"'"' '"'"'; set | grep ac_space) 2>&1` in
- *ac_space=\ *)
- sed -n \
- "s/'"'"'/'"'"'\\\\'"'"''"'"'/g;
- s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='"'"'\\2'"'"'/p"
- ;;
- *)
- sed -n \
- "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p"
- ;;
- esac;
-}
- echo
-
- cat <<\_ASBOX
-## ----------------- ##
-## Output variables. ##
-## ----------------- ##
-_ASBOX
- echo
- for ac_var in $ac_subst_vars
- do
- eval ac_val=$`echo $ac_var`
- echo "$ac_var='"'"'$ac_val'"'"'"
- done | sort
- echo
-
- if test -n "$ac_subst_files"; then
- cat <<\_ASBOX
-## ------------- ##
-## Output files. ##
-## ------------- ##
-_ASBOX
- echo
- for ac_var in $ac_subst_files
- do
- eval ac_val=$`echo $ac_var`
- echo "$ac_var='"'"'$ac_val'"'"'"
- done | sort
- echo
- fi
-
- if test -s confdefs.h; then
- cat <<\_ASBOX
-## ----------- ##
-## confdefs.h. ##
-## ----------- ##
-_ASBOX
- echo
- sed "/^$/d" confdefs.h | sort
- echo
- fi
- test "$ac_signal" != 0 &&
- echo "$as_me: caught signal $ac_signal"
- echo "$as_me: exit $exit_status"
- } >&5
- rm -f core *.core &&
- rm -rf conftest* confdefs* conf$$* $ac_clean_files &&
- exit $exit_status
- ' 0
-for ac_signal in 1 2 13 15; do
- trap 'ac_signal='$ac_signal'; { (exit 1); exit 1; }' $ac_signal
-done
-ac_signal=0
-
-# confdefs.h avoids OS command line length limits that DEFS can exceed.
-rm -rf conftest* confdefs.h
-# AIX cpp loses on an empty file, so make sure it contains at least a newline.
-echo >confdefs.h
-
-# Predefined preprocessor variables.
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_NAME "$PACKAGE_NAME"
-_ACEOF
-
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_TARNAME "$PACKAGE_TARNAME"
-_ACEOF
-
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_VERSION "$PACKAGE_VERSION"
-_ACEOF
-
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_STRING "$PACKAGE_STRING"
-_ACEOF
-
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT"
-_ACEOF
-
-
-# Let the site file select an alternate cache file if it wants to.
-# Prefer explicitly selected file to automatically selected ones.
-if test -z "$CONFIG_SITE"; then
- if test "x$prefix" != xNONE; then
- CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site"
- else
- CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site"
- fi
-fi
-for ac_site_file in $CONFIG_SITE; do
- if test -r "$ac_site_file"; then
- { echo "$as_me:$LINENO: loading site script $ac_site_file" >&5
-echo "$as_me: loading site script $ac_site_file" >&6;}
- sed 's/^/| /' "$ac_site_file" >&5
- . "$ac_site_file"
- fi
-done
-
-if test -r "$cache_file"; then
- # Some versions of bash will fail to source /dev/null (special
- # files actually), so we avoid doing that.
- if test -f "$cache_file"; then
- { echo "$as_me:$LINENO: loading cache $cache_file" >&5
-echo "$as_me: loading cache $cache_file" >&6;}
- case $cache_file in
- [\\/]* | ?:[\\/]* ) . $cache_file;;
- *) . ./$cache_file;;
- esac
- fi
-else
- { echo "$as_me:$LINENO: creating cache $cache_file" >&5
-echo "$as_me: creating cache $cache_file" >&6;}
- >$cache_file
-fi
-
-# Check that the precious variables saved in the cache have kept the same
-# value.
-ac_cache_corrupted=false
-for ac_var in `(set) 2>&1 |
- sed -n 's/^ac_env_\([a-zA-Z_0-9]*\)_set=.*/\1/p'`; do
- eval ac_old_set=\$ac_cv_env_${ac_var}_set
- eval ac_new_set=\$ac_env_${ac_var}_set
- eval ac_old_val="\$ac_cv_env_${ac_var}_value"
- eval ac_new_val="\$ac_env_${ac_var}_value"
- case $ac_old_set,$ac_new_set in
- set,)
- { echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
-echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
- ac_cache_corrupted=: ;;
- ,set)
- { echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5
-echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
- ac_cache_corrupted=: ;;
- ,);;
- *)
- if test "x$ac_old_val" != "x$ac_new_val"; then
- { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5
-echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
- { echo "$as_me:$LINENO: former value: $ac_old_val" >&5
-echo "$as_me: former value: $ac_old_val" >&2;}
- { echo "$as_me:$LINENO: current value: $ac_new_val" >&5
-echo "$as_me: current value: $ac_new_val" >&2;}
- ac_cache_corrupted=:
- fi;;
- esac
- # Pass precious variables to config.status.
- if test "$ac_new_set" = set; then
- case $ac_new_val in
- *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*)
- ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
- *) ac_arg=$ac_var=$ac_new_val ;;
- esac
- case " $ac_configure_args " in
- *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy.
- *) ac_configure_args="$ac_configure_args '$ac_arg'" ;;
- esac
- fi
-done
-if $ac_cache_corrupted; then
- { echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5
-echo "$as_me: error: changes in the environment can compromise the build" >&2;}
- { { echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5
-echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;}
- { (exit 1); exit 1; }; }
-fi
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-if test -z "$CFLAGS"; then
- CFLAGS="-Wall -O4 -fexpensive-optimizations -funroll-loops"
-fi
-
-if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args.
-set dummy ${ac_tool_prefix}ranlib; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_RANLIB+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test -n "$RANLIB"; then
- ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib"
- echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
-done
-
-fi
-fi
-RANLIB=$ac_cv_prog_RANLIB
-if test -n "$RANLIB"; then
- echo "$as_me:$LINENO: result: $RANLIB" >&5
-echo "${ECHO_T}$RANLIB" >&6
-else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-
-fi
-if test -z "$ac_cv_prog_RANLIB"; then
- ac_ct_RANLIB=$RANLIB
- # Extract the first word of "ranlib", so it can be a program name with args.
-set dummy ranlib; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test -n "$ac_ct_RANLIB"; then
- ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_ac_ct_RANLIB="ranlib"
- echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
-done
-
- test -z "$ac_cv_prog_ac_ct_RANLIB" && ac_cv_prog_ac_ct_RANLIB=":"
-fi
-fi
-ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB
-if test -n "$ac_ct_RANLIB"; then
- echo "$as_me:$LINENO: result: $ac_ct_RANLIB" >&5
-echo "${ECHO_T}$ac_ct_RANLIB" >&6
-else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-
- RANLIB=$ac_ct_RANLIB
-else
- RANLIB="$ac_cv_prog_RANLIB"
-fi
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}gcc; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_CC+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_CC="${ac_tool_prefix}gcc"
- echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
-done
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- echo "$as_me:$LINENO: result: $CC" >&5
-echo "${ECHO_T}$CC" >&6
-else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-
-fi
-if test -z "$ac_cv_prog_CC"; then
- ac_ct_CC=$CC
- # Extract the first word of "gcc", so it can be a program name with args.
-set dummy gcc; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test -n "$ac_ct_CC"; then
- ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_ac_ct_CC="gcc"
- echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
-done
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
- echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
-echo "${ECHO_T}$ac_ct_CC" >&6
-else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-
- CC=$ac_ct_CC
-else
- CC="$ac_cv_prog_CC"
-fi
-
-if test -z "$CC"; then
- if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}cc; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_CC+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_CC="${ac_tool_prefix}cc"
- echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
-done
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- echo "$as_me:$LINENO: result: $CC" >&5
-echo "${ECHO_T}$CC" >&6
-else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-
-fi
-if test -z "$ac_cv_prog_CC"; then
- ac_ct_CC=$CC
- # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test -n "$ac_ct_CC"; then
- ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_ac_ct_CC="cc"
- echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
-done
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
- echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
-echo "${ECHO_T}$ac_ct_CC" >&6
-else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-
- CC=$ac_ct_CC
-else
- CC="$ac_cv_prog_CC"
-fi
-
-fi
-if test -z "$CC"; then
- # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_CC+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
- ac_prog_rejected=no
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
- ac_prog_rejected=yes
- continue
- fi
- ac_cv_prog_CC="cc"
- echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
-done
-
-if test $ac_prog_rejected = yes; then
- # We found a bogon in the path, so make sure we never use it.
- set dummy $ac_cv_prog_CC
- shift
- if test $# != 0; then
- # We chose a different compiler from the bogus one.
- # However, it has the same basename, so the bogon will be chosen
- # first if we set CC to just the basename; use the full file name.
- shift
- ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
- fi
-fi
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- echo "$as_me:$LINENO: result: $CC" >&5
-echo "${ECHO_T}$CC" >&6
-else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-
-fi
-if test -z "$CC"; then
- if test -n "$ac_tool_prefix"; then
- for ac_prog in cl
- do
- # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
-set dummy $ac_tool_prefix$ac_prog; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_CC+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
- echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
-done
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- echo "$as_me:$LINENO: result: $CC" >&5
-echo "${ECHO_T}$CC" >&6
-else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-
- test -n "$CC" && break
- done
-fi
-if test -z "$CC"; then
- ac_ct_CC=$CC
- for ac_prog in cl
-do
- # Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test -n "$ac_ct_CC"; then
- ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_prog_ac_ct_CC="$ac_prog"
- echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
-done
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
- echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
-echo "${ECHO_T}$ac_ct_CC" >&6
-else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-
- test -n "$ac_ct_CC" && break
-done
-
- CC=$ac_ct_CC
-fi
-
-fi
-
-
-test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH
-See \`config.log' for more details." >&5
-echo "$as_me: error: no acceptable C compiler found in \$PATH
-See \`config.log' for more details." >&2;}
- { (exit 1); exit 1; }; }
-
-# Provide some information about the compiler.
-echo "$as_me:$LINENO:" \
- "checking for C compiler version" >&5
-ac_compiler=`set X $ac_compile; echo $2`
-{ (eval echo "$as_me:$LINENO: \"$ac_compiler --version </dev/null >&5\"") >&5
- (eval $ac_compiler --version </dev/null >&5) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }
-{ (eval echo "$as_me:$LINENO: \"$ac_compiler -v </dev/null >&5\"") >&5
- (eval $ac_compiler -v </dev/null >&5) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }
-{ (eval echo "$as_me:$LINENO: \"$ac_compiler -V </dev/null >&5\"") >&5
- (eval $ac_compiler -V </dev/null >&5) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }
-
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-ac_clean_files_save=$ac_clean_files
-ac_clean_files="$ac_clean_files a.out a.exe b.out"
-# Try to create an executable without -o first, disregard a.out.
-# It will help us diagnose broken compilers, and finding out an intuition
-# of exeext.
-echo "$as_me:$LINENO: checking for C compiler default output file name" >&5
-echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6
-ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
-if { (eval echo "$as_me:$LINENO: \"$ac_link_default\"") >&5
- (eval $ac_link_default) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; then
- # Find the output, starting from the most likely. This scheme is
-# not robust to junk in `.', hence go to wildcards (a.*) only as a last
-# resort.
-
-# Be careful to initialize this variable, since it used to be cached.
-# Otherwise an old cache value of `no' led to `EXEEXT = no' in a Makefile.
-ac_cv_exeext=
-# b.out is created by i960 compilers.
-for ac_file in a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out
-do
- test -f "$ac_file" || continue
- case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj )
- ;;
- conftest.$ac_ext )
- # This is the source file.
- ;;
- [ab].out )
- # We found the default executable, but exeext='' is most
- # certainly right.
- break;;
- *.* )
- ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
- # FIXME: I believe we export ac_cv_exeext for Libtool,
- # but it would be cool to find out if it's true. Does anybody
- # maintain Libtool? --akim.
- export ac_cv_exeext
- break;;
- * )
- break;;
- esac
-done
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-{ { echo "$as_me:$LINENO: error: C compiler cannot create executables
-See \`config.log' for more details." >&5
-echo "$as_me: error: C compiler cannot create executables
-See \`config.log' for more details." >&2;}
- { (exit 77); exit 77; }; }
-fi
-
-ac_exeext=$ac_cv_exeext
-echo "$as_me:$LINENO: result: $ac_file" >&5
-echo "${ECHO_T}$ac_file" >&6
-
-# Check the compiler produces executables we can run. If not, either
-# the compiler is broken, or we cross compile.
-echo "$as_me:$LINENO: checking whether the C compiler works" >&5
-echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6
-# FIXME: These cross compiler hacks should be removed for Autoconf 3.0
-# If not cross compiling, check that we can run a simple program.
-if test "$cross_compiling" != yes; then
- if { ac_try='./$ac_file'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- cross_compiling=no
- else
- if test "$cross_compiling" = maybe; then
- cross_compiling=yes
- else
- { { echo "$as_me:$LINENO: error: cannot run C compiled programs.
-If you meant to cross compile, use \`--host'.
-See \`config.log' for more details." >&5
-echo "$as_me: error: cannot run C compiled programs.
-If you meant to cross compile, use \`--host'.
-See \`config.log' for more details." >&2;}
- { (exit 1); exit 1; }; }
- fi
- fi
-fi
-echo "$as_me:$LINENO: result: yes" >&5
-echo "${ECHO_T}yes" >&6
-
-rm -f a.out a.exe conftest$ac_cv_exeext b.out
-ac_clean_files=$ac_clean_files_save
-# Check the compiler produces executables we can run. If not, either
-# the compiler is broken, or we cross compile.
-echo "$as_me:$LINENO: checking whether we are cross compiling" >&5
-echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6
-echo "$as_me:$LINENO: result: $cross_compiling" >&5
-echo "${ECHO_T}$cross_compiling" >&6
-
-echo "$as_me:$LINENO: checking for suffix of executables" >&5
-echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; then
- # If both `conftest.exe' and `conftest' are `present' (well, observable)
-# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will
-# work properly (i.e., refer to `conftest.exe'), while it won't with
-# `rm'.
-for ac_file in conftest.exe conftest conftest.*; do
- test -f "$ac_file" || continue
- case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj ) ;;
- *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
- export ac_cv_exeext
- break;;
- * ) break;;
- esac
-done
-else
- { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link
-See \`config.log' for more details." >&5
-echo "$as_me: error: cannot compute suffix of executables: cannot compile and link
-See \`config.log' for more details." >&2;}
- { (exit 1); exit 1; }; }
-fi
-
-rm -f conftest$ac_cv_exeext
-echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5
-echo "${ECHO_T}$ac_cv_exeext" >&6
-
-rm -f conftest.$ac_ext
-EXEEXT=$ac_cv_exeext
-ac_exeext=$EXEEXT
-echo "$as_me:$LINENO: checking for suffix of object files" >&5
-echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6
-if test "${ac_cv_objext+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.o conftest.obj
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; then
- for ac_file in `(ls conftest.o conftest.obj; ls conftest.*) 2>/dev/null`; do
- case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg ) ;;
- *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
- break;;
- esac
-done
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-{ { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile
-See \`config.log' for more details." >&5
-echo "$as_me: error: cannot compute suffix of object files: cannot compile
-See \`config.log' for more details." >&2;}
- { (exit 1); exit 1; }; }
-fi
-
-rm -f conftest.$ac_cv_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_objext" >&5
-echo "${ECHO_T}$ac_cv_objext" >&6
-OBJEXT=$ac_cv_objext
-ac_objext=$OBJEXT
-echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5
-echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6
-if test "${ac_cv_c_compiler_gnu+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-
-int
-main ()
-{
-#ifndef __GNUC__
- choke me
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_compiler_gnu=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_compiler_gnu=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-ac_cv_c_compiler_gnu=$ac_compiler_gnu
-
-fi
-echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5
-echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6
-GCC=`test $ac_compiler_gnu = yes && echo yes`
-ac_test_CFLAGS=${CFLAGS+set}
-ac_save_CFLAGS=$CFLAGS
-CFLAGS="-g"
-echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5
-echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6
-if test "${ac_cv_prog_cc_g+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_prog_cc_g=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_prog_cc_g=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5
-echo "${ECHO_T}$ac_cv_prog_cc_g" >&6
-if test "$ac_test_CFLAGS" = set; then
- CFLAGS=$ac_save_CFLAGS
-elif test $ac_cv_prog_cc_g = yes; then
- if test "$GCC" = yes; then
- CFLAGS="-g -O2"
- else
- CFLAGS="-g"
- fi
-else
- if test "$GCC" = yes; then
- CFLAGS="-O2"
- else
- CFLAGS=
- fi
-fi
-echo "$as_me:$LINENO: checking for $CC option to accept ANSI C" >&5
-echo $ECHO_N "checking for $CC option to accept ANSI C... $ECHO_C" >&6
-if test "${ac_cv_prog_cc_stdc+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- ac_cv_prog_cc_stdc=no
-ac_save_CC=$CC
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <stdarg.h>
-#include <stdio.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */
-struct buf { int x; };
-FILE * (*rcsopen) (struct buf *, struct stat *, int);
-static char *e (p, i)
- char **p;
- int i;
-{
- return p[i];
-}
-static char *f (char * (*g) (char **, int), char **p, ...)
-{
- char *s;
- va_list v;
- va_start (v,p);
- s = g (p, va_arg (v,int));
- va_end (v);
- return s;
-}
-
-/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has
- function prototypes and stuff, but not '\xHH' hex character constants.
- These don't provoke an error unfortunately, instead are silently treated
- as 'x'. The following induces an error, until -std1 is added to get
- proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an
- array size at least. It's necessary to write '\x00'==0 to get something
- that's true only with -std1. */
-int osf4_cc_array ['\x00' == 0 ? 1 : -1];
-
-int test (int i, double x);
-struct s1 {int (*f) (int a);};
-struct s2 {int (*f) (double a);};
-int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
-int argc;
-char **argv;
-int
-main ()
-{
-return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1];
- ;
- return 0;
-}
-_ACEOF
-# Don't try gcc -ansi; that turns off useful extensions and
-# breaks some systems' header files.
-# AIX -qlanglvl=ansi
-# Ultrix and OSF/1 -std1
-# HP-UX 10.20 and later -Ae
-# HP-UX older versions -Aa -D_HPUX_SOURCE
-# SVR4 -Xc -D__EXTENSIONS__
-for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
-do
- CC="$ac_save_CC $ac_arg"
- rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_prog_cc_stdc=$ac_arg
-break
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-fi
-rm -f conftest.err conftest.$ac_objext
-done
-rm -f conftest.$ac_ext conftest.$ac_objext
-CC=$ac_save_CC
-
-fi
-
-case "x$ac_cv_prog_cc_stdc" in
- x|xno)
- echo "$as_me:$LINENO: result: none needed" >&5
-echo "${ECHO_T}none needed" >&6 ;;
- *)
- echo "$as_me:$LINENO: result: $ac_cv_prog_cc_stdc" >&5
-echo "${ECHO_T}$ac_cv_prog_cc_stdc" >&6
- CC="$CC $ac_cv_prog_cc_stdc" ;;
-esac
-
-# Some people use a C++ compiler to compile C. Since we use `exit',
-# in C++ we need to declare it. In case someone uses the same compiler
-# for both compiling C and C++ we need to have the C++ compiler decide
-# the declaration of exit, since it's the most demanding environment.
-cat >conftest.$ac_ext <<_ACEOF
-#ifndef __cplusplus
- choke me
-#endif
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- for ac_declaration in \
- '' \
- 'extern "C" void std::exit (int) throw (); using std::exit;' \
- 'extern "C" void std::exit (int); using std::exit;' \
- 'extern "C" void exit (int) throw ();' \
- 'extern "C" void exit (int);' \
- 'void exit (int);'
-do
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_declaration
-#include <stdlib.h>
-int
-main ()
-{
-exit (42);
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- :
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-continue
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_declaration
-int
-main ()
-{
-exit (42);
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- break
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-done
-rm -f conftest*
-if test -n "$ac_declaration"; then
- echo '#ifdef __cplusplus' >>confdefs.h
- echo $ac_declaration >>confdefs.h
- echo '#endif' >>confdefs.h
-fi
-
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-ac_aux_dir=
-for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do
- if test -f $ac_dir/install-sh; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/install-sh -c"
- break
- elif test -f $ac_dir/install.sh; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/install.sh -c"
- break
- elif test -f $ac_dir/shtool; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/shtool install -c"
- break
- fi
-done
-if test -z "$ac_aux_dir"; then
- { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&5
-echo "$as_me: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&2;}
- { (exit 1); exit 1; }; }
-fi
-ac_config_guess="$SHELL $ac_aux_dir/config.guess"
-ac_config_sub="$SHELL $ac_aux_dir/config.sub"
-ac_configure="$SHELL $ac_aux_dir/configure" # This should be Cygnus configure.
-
-# Find a good install program. We prefer a C program (faster),
-# so one script is as good as another. But avoid the broken or
-# incompatible versions:
-# SysV /etc/install, /usr/sbin/install
-# SunOS /usr/etc/install
-# IRIX /sbin/install
-# AIX /bin/install
-# AmigaOS /C/install, which installs bootblocks on floppy discs
-# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag
-# AFS /usr/afsws/bin/install, which mishandles nonexistent args
-# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
-# OS/2's system install, which has a completely different semantic
-# ./install, which can be erroneously created by make from ./install.sh.
-echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5
-echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6
-if test -z "$INSTALL"; then
-if test "${ac_cv_path_install+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- # Account for people who put trailing slashes in PATH elements.
-case $as_dir/ in
- ./ | .// | /cC/* | \
- /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \
- ?:\\/os2\\/install\\/* | ?:\\/OS2\\/INSTALL\\/* | \
- /usr/ucb/* ) ;;
- *)
- # OSF1 and SCO ODT 3.0 have their own names for install.
- # Don't use installbsd from OSF since it installs stuff as root
- # by default.
- for ac_prog in ginstall scoinst install; do
- for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then
- if test $ac_prog = install &&
- grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
- # AIX install. It has an incompatible calling convention.
- :
- elif test $ac_prog = install &&
- grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
- # program-specific install script used by HP pwplus--don't use.
- :
- else
- ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c"
- break 3
- fi
- fi
- done
- done
- ;;
-esac
-done
-
-
-fi
- if test "${ac_cv_path_install+set}" = set; then
- INSTALL=$ac_cv_path_install
- else
- # As a last resort, use the slow shell script. We don't cache a
- # path for INSTALL within a source directory, because that will
- # break other packages using the cache if that directory is
- # removed, or if the path is relative.
- INSTALL=$ac_install_sh
- fi
-fi
-echo "$as_me:$LINENO: result: $INSTALL" >&5
-echo "${ECHO_T}$INSTALL" >&6
-
-# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
-# It thinks the first close brace ends the variable substitution.
-test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
-
-test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}'
-
-test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
-
-
-
-echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5
-echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6
-if test "${ac_cv_c_bigendian+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- # See if sys/param.h defines the BYTE_ORDER macro.
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <sys/types.h>
-#include <sys/param.h>
-
-int
-main ()
-{
-#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN
- bogus endian macros
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- # It does; now see whether it defined to BIG_ENDIAN or not.
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <sys/types.h>
-#include <sys/param.h>
-
-int
-main ()
-{
-#if BYTE_ORDER != BIG_ENDIAN
- not big endian
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_c_bigendian=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_c_bigendian=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-# It does not; compile a test program.
-if test "$cross_compiling" = yes; then
- # try to guess the endianness by grepping values into an object file
- ac_cv_c_bigendian=unknown
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-short ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 };
-short ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 };
-void _ascii () { char *s = (char *) ascii_mm; s = (char *) ascii_ii; }
-short ebcdic_ii[] = { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 };
-short ebcdic_mm[] = { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 };
-void _ebcdic () { char *s = (char *) ebcdic_mm; s = (char *) ebcdic_ii; }
-int
-main ()
-{
- _ascii (); _ebcdic ();
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- if grep BIGenDianSyS conftest.$ac_objext >/dev/null ; then
- ac_cv_c_bigendian=yes
-fi
-if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then
- if test "$ac_cv_c_bigendian" = unknown; then
- ac_cv_c_bigendian=no
- else
- # finding both strings is unlikely to happen, but who knows?
- ac_cv_c_bigendian=unknown
- fi
-fi
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-int
-main ()
-{
- /* Are we little or big endian? From Harbison&Steele. */
- union
- {
- long l;
- char c[sizeof (long)];
- } u;
- u.l = 1;
- exit (u.c[sizeof (long) - 1] == 1);
-}
-_ACEOF
-rm -f conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_c_bigendian=no
-else
- echo "$as_me: program exited with status $ac_status" >&5
-echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-( exit $ac_status )
-ac_cv_c_bigendian=yes
-fi
-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
-fi
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5
-echo "${ECHO_T}$ac_cv_c_bigendian" >&6
-case $ac_cv_c_bigendian in
- yes)
-
-cat >>confdefs.h <<\_ACEOF
-#define WORDS_BIGENDIAN 1
-_ACEOF
- ;;
- no)
- ;;
- *)
- { { echo "$as_me:$LINENO: error: unknown endianness
-presetting ac_cv_c_bigendian=no (or yes) will help" >&5
-echo "$as_me: error: unknown endianness
-presetting ac_cv_c_bigendian=no (or yes) will help" >&2;}
- { (exit 1); exit 1; }; } ;;
-esac
-
-
-# Make sure we can run config.sub.
-$ac_config_sub sun4 >/dev/null 2>&1 ||
- { { echo "$as_me:$LINENO: error: cannot run $ac_config_sub" >&5
-echo "$as_me: error: cannot run $ac_config_sub" >&2;}
- { (exit 1); exit 1; }; }
-
-echo "$as_me:$LINENO: checking build system type" >&5
-echo $ECHO_N "checking build system type... $ECHO_C" >&6
-if test "${ac_cv_build+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- ac_cv_build_alias=$build_alias
-test -z "$ac_cv_build_alias" &&
- ac_cv_build_alias=`$ac_config_guess`
-test -z "$ac_cv_build_alias" &&
- { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5
-echo "$as_me: error: cannot guess build type; you must specify one" >&2;}
- { (exit 1); exit 1; }; }
-ac_cv_build=`$ac_config_sub $ac_cv_build_alias` ||
- { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_build_alias failed" >&5
-echo "$as_me: error: $ac_config_sub $ac_cv_build_alias failed" >&2;}
- { (exit 1); exit 1; }; }
-
-fi
-echo "$as_me:$LINENO: result: $ac_cv_build" >&5
-echo "${ECHO_T}$ac_cv_build" >&6
-build=$ac_cv_build
-build_cpu=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
-build_vendor=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
-build_os=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
-
-
-echo "$as_me:$LINENO: checking host system type" >&5
-echo $ECHO_N "checking host system type... $ECHO_C" >&6
-if test "${ac_cv_host+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- ac_cv_host_alias=$host_alias
-test -z "$ac_cv_host_alias" &&
- ac_cv_host_alias=$ac_cv_build_alias
-ac_cv_host=`$ac_config_sub $ac_cv_host_alias` ||
- { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_host_alias failed" >&5
-echo "$as_me: error: $ac_config_sub $ac_cv_host_alias failed" >&2;}
- { (exit 1); exit 1; }; }
-
-fi
-echo "$as_me:$LINENO: result: $ac_cv_host" >&5
-echo "${ECHO_T}$ac_cv_host" >&6
-host=$ac_cv_host
-host_cpu=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
-host_vendor=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
-host_os=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
-
-
-
-case $host_cpu in
- i*86 )
-
-cat >>confdefs.h <<\_ACEOF
-#define CPU_CISC 1
-_ACEOF
-
-
-cat >>confdefs.h <<\_ACEOF
-#define HAVE_X86 1
-_ACEOF
-;;
- * )
- # CPU_RISC is only supported for big endian machines.
- if test "$ac_cv_c_bigendian" = "yes"; then
-
-cat >>confdefs.h <<\_ACEOF
-#define CPU_RISC 1
-_ACEOF
-
- else
- cat >>confdefs.h <<\_ACEOF
-#define CPU_CISC 1
-_ACEOF
-
- fi
- ;;
-esac
-
-case $host_os in
- *cygwin*|*mingw* )
- EXE=.exe
- HOST_IS_WINDOWS=yes
- ;;
- * )
- EXE=""
- ;;
-esac
- # define executable suffix; this is needed for `make clean'
-
-
-# Check whether --enable-kernel-linux or --disable-kernel-linux was given.
-if test "${enable_kernel_linux+set}" = set; then
- enableval="$enable_kernel_linux"
-
-else
- enable_kernel_linux=no
-fi;
-echo "$as_me:$LINENO: checking whether to build for Linux kernel context" >&5
-echo $ECHO_N "checking whether to build for Linux kernel context... $ECHO_C" >&6
-if test "$enable_kernel_linux" = "yes"; then
-
-cat >>confdefs.h <<\_ACEOF
-#define SRTP_KERNEL 1
-_ACEOF
-
-
-cat >>confdefs.h <<\_ACEOF
-#define SRTP_KERNEL_LINUX 1
-_ACEOF
-
-fi
-echo "$as_me:$LINENO: result: $enable_kernel_linux" >&5
-echo "${ECHO_T}$enable_kernel_linux" >&6
-
-if test "$cross_compiling" != yes -a "$HOST_IS_WINDOWS" != yes; then
- echo "$as_me:$LINENO: checking for /dev/urandom" >&5
-echo $ECHO_N "checking for /dev/urandom... $ECHO_C" >&6
-if test "${ac_cv_file__dev_urandom+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- test "$cross_compiling" = yes &&
- { { echo "$as_me:$LINENO: error: cannot check for file existence when cross compiling" >&5
-echo "$as_me: error: cannot check for file existence when cross compiling" >&2;}
- { (exit 1); exit 1; }; }
-if test -r "/dev/urandom"; then
- ac_cv_file__dev_urandom=yes
-else
- ac_cv_file__dev_urandom=no
-fi
-fi
-echo "$as_me:$LINENO: result: $ac_cv_file__dev_urandom" >&5
-echo "${ECHO_T}$ac_cv_file__dev_urandom" >&6
-if test $ac_cv_file__dev_urandom = yes; then
- DEV_URANDOM=/dev/urandom
-else
- echo "$as_me:$LINENO: checking for /dev/random" >&5
-echo $ECHO_N "checking for /dev/random... $ECHO_C" >&6
-if test "${ac_cv_file__dev_random+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- test "$cross_compiling" = yes &&
- { { echo "$as_me:$LINENO: error: cannot check for file existence when cross compiling" >&5
-echo "$as_me: error: cannot check for file existence when cross compiling" >&2;}
- { (exit 1); exit 1; }; }
-if test -r "/dev/random"; then
- ac_cv_file__dev_random=yes
-else
- ac_cv_file__dev_random=no
-fi
-fi
-echo "$as_me:$LINENO: result: $ac_cv_file__dev_random" >&5
-echo "${ECHO_T}$ac_cv_file__dev_random" >&6
-if test $ac_cv_file__dev_random = yes; then
- DEV_URANDOM=/dev/random
-fi
-
-fi
-
-fi
-
-echo "$as_me:$LINENO: checking which random device to use" >&5
-echo $ECHO_N "checking which random device to use... $ECHO_C" >&6
-if test "$enable_kernel_linux" = "yes"; then
- RNG_OBJS=rand_linux_kernel.o
- echo "$as_me:$LINENO: result: Linux kernel builtin" >&5
-echo "${ECHO_T}Linux kernel builtin" >&6
-else
- RNG_OBJS=rand_source.o
- if test -n "$DEV_URANDOM"; then
-
-cat >>confdefs.h <<_ACEOF
-#define DEV_URANDOM "$DEV_URANDOM"
-_ACEOF
-
- echo "$as_me:$LINENO: result: $DEV_URANDOM" >&5
-echo "${ECHO_T}$DEV_URANDOM" >&6
- else
- echo "$as_me:$LINENO: result: standard rand() function..." >&5
-echo "${ECHO_T}standard rand() function..." >&6
- fi
-fi
-
-
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-echo "$as_me:$LINENO: checking how to run the C preprocessor" >&5
-echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6
-# On Suns, sometimes $CPP names a directory.
-if test -n "$CPP" && test -d "$CPP"; then
- CPP=
-fi
-if test -z "$CPP"; then
- if test "${ac_cv_prog_CPP+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- # Double quotes because CPP needs to be expanded
- for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp"
- do
- ac_preproc_ok=false
-for ac_c_preproc_warn_flag in '' yes
-do
- # Use a header file that comes with gcc, so configuring glibc
- # with a fresh cross-compiler works.
- # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
- # <limits.h> exists even on freestanding compilers.
- # On the NeXT, cc -E runs the code through the compiler's parser,
- # not just through cpp. "Syntax error" is here to catch this case.
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
- Syntax error
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- :
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- # Broken: fails on valid input.
-continue
-fi
-rm -f conftest.err conftest.$ac_ext
-
- # OK, works on sane cases. Now check whether non-existent headers
- # can be detected and how.
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <ac_nonexistent.h>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- # Broken: success on invalid input.
-continue
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- # Passes both tests.
-ac_preproc_ok=:
-break
-fi
-rm -f conftest.err conftest.$ac_ext
-
-done
-# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
-rm -f conftest.err conftest.$ac_ext
-if $ac_preproc_ok; then
- break
-fi
-
- done
- ac_cv_prog_CPP=$CPP
-
-fi
- CPP=$ac_cv_prog_CPP
-else
- ac_cv_prog_CPP=$CPP
-fi
-echo "$as_me:$LINENO: result: $CPP" >&5
-echo "${ECHO_T}$CPP" >&6
-ac_preproc_ok=false
-for ac_c_preproc_warn_flag in '' yes
-do
- # Use a header file that comes with gcc, so configuring glibc
- # with a fresh cross-compiler works.
- # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
- # <limits.h> exists even on freestanding compilers.
- # On the NeXT, cc -E runs the code through the compiler's parser,
- # not just through cpp. "Syntax error" is here to catch this case.
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
- Syntax error
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- :
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- # Broken: fails on valid input.
-continue
-fi
-rm -f conftest.err conftest.$ac_ext
-
- # OK, works on sane cases. Now check whether non-existent headers
- # can be detected and how.
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <ac_nonexistent.h>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- # Broken: success on invalid input.
-continue
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- # Passes both tests.
-ac_preproc_ok=:
-break
-fi
-rm -f conftest.err conftest.$ac_ext
-
-done
-# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
-rm -f conftest.err conftest.$ac_ext
-if $ac_preproc_ok; then
- :
-else
- { { echo "$as_me:$LINENO: error: C preprocessor \"$CPP\" fails sanity check
-See \`config.log' for more details." >&5
-echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check
-See \`config.log' for more details." >&2;}
- { (exit 1); exit 1; }; }
-fi
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-
-echo "$as_me:$LINENO: checking for egrep" >&5
-echo $ECHO_N "checking for egrep... $ECHO_C" >&6
-if test "${ac_cv_prog_egrep+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if echo a | (grep -E '(a|b)') >/dev/null 2>&1
- then ac_cv_prog_egrep='grep -E'
- else ac_cv_prog_egrep='egrep'
- fi
-fi
-echo "$as_me:$LINENO: result: $ac_cv_prog_egrep" >&5
-echo "${ECHO_T}$ac_cv_prog_egrep" >&6
- EGREP=$ac_cv_prog_egrep
-
-
-echo "$as_me:$LINENO: checking for ANSI C header files" >&5
-echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6
-if test "${ac_cv_header_stdc+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <stdlib.h>
-#include <stdarg.h>
-#include <string.h>
-#include <float.h>
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_header_stdc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_header_stdc=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-
-if test $ac_cv_header_stdc = yes; then
- # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <string.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
- $EGREP "memchr" >/dev/null 2>&1; then
- :
-else
- ac_cv_header_stdc=no
-fi
-rm -f conftest*
-
-fi
-
-if test $ac_cv_header_stdc = yes; then
- # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <stdlib.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
- $EGREP "free" >/dev/null 2>&1; then
- :
-else
- ac_cv_header_stdc=no
-fi
-rm -f conftest*
-
-fi
-
-if test $ac_cv_header_stdc = yes; then
- # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
- if test "$cross_compiling" = yes; then
- :
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <ctype.h>
-#if ((' ' & 0x0FF) == 0x020)
-# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
-# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
-#else
-# define ISLOWER(c) \
- (('a' <= (c) && (c) <= 'i') \
- || ('j' <= (c) && (c) <= 'r') \
- || ('s' <= (c) && (c) <= 'z'))
-# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
-#endif
-
-#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
-int
-main ()
-{
- int i;
- for (i = 0; i < 256; i++)
- if (XOR (islower (i), ISLOWER (i))
- || toupper (i) != TOUPPER (i))
- exit(2);
- exit (0);
-}
-_ACEOF
-rm -f conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- :
-else
- echo "$as_me: program exited with status $ac_status" >&5
-echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-( exit $ac_status )
-ac_cv_header_stdc=no
-fi
-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
-fi
-fi
-fi
-echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5
-echo "${ECHO_T}$ac_cv_header_stdc" >&6
-if test $ac_cv_header_stdc = yes; then
-
-cat >>confdefs.h <<\_ACEOF
-#define STDC_HEADERS 1
-_ACEOF
-
-fi
-
-# On IRIX 5.3, sys/types and inttypes.h are conflicting.
-
-
-
-
-
-
-
-
-
-for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
- inttypes.h stdint.h unistd.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "$as_ac_Header=yes"
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-eval "$as_ac_Header=no"
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-
-for ac_header in stdlib.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-for ac_header in unistd.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-for ac_header in byteswap.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-for ac_header in stdint.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-for ac_header in sys/uio.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-for ac_header in inttypes.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-for ac_header in sys/types.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-for ac_header in machine/types.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-for ac_header in sys/int_types.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-
-
-
-for ac_header in sys/socket.h netinet/in.h arpa/inet.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-for ac_header in windows.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-for ac_header in winsock2.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-fi
-
-done
-
-
-
-for ac_header in syslog.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-echo "$as_me:$LINENO: checking for int8_t" >&5
-echo $ECHO_N "checking for int8_t... $ECHO_C" >&6
-if test "${ac_cv_type_int8_t+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-if ((int8_t *) 0)
- return 0;
-if (sizeof (int8_t))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_type_int8_t=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_type_int8_t=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_type_int8_t" >&5
-echo "${ECHO_T}$ac_cv_type_int8_t" >&6
-if test $ac_cv_type_int8_t = yes; then
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_INT8_T 1
-_ACEOF
-
-
-fi
-echo "$as_me:$LINENO: checking for uint8_t" >&5
-echo $ECHO_N "checking for uint8_t... $ECHO_C" >&6
-if test "${ac_cv_type_uint8_t+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-if ((uint8_t *) 0)
- return 0;
-if (sizeof (uint8_t))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_type_uint8_t=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_type_uint8_t=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_type_uint8_t" >&5
-echo "${ECHO_T}$ac_cv_type_uint8_t" >&6
-if test $ac_cv_type_uint8_t = yes; then
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_UINT8_T 1
-_ACEOF
-
-
-fi
-echo "$as_me:$LINENO: checking for int16_t" >&5
-echo $ECHO_N "checking for int16_t... $ECHO_C" >&6
-if test "${ac_cv_type_int16_t+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-if ((int16_t *) 0)
- return 0;
-if (sizeof (int16_t))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_type_int16_t=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_type_int16_t=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_type_int16_t" >&5
-echo "${ECHO_T}$ac_cv_type_int16_t" >&6
-if test $ac_cv_type_int16_t = yes; then
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_INT16_T 1
-_ACEOF
-
-
-fi
-echo "$as_me:$LINENO: checking for uint16_t" >&5
-echo $ECHO_N "checking for uint16_t... $ECHO_C" >&6
-if test "${ac_cv_type_uint16_t+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-if ((uint16_t *) 0)
- return 0;
-if (sizeof (uint16_t))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_type_uint16_t=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_type_uint16_t=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_type_uint16_t" >&5
-echo "${ECHO_T}$ac_cv_type_uint16_t" >&6
-if test $ac_cv_type_uint16_t = yes; then
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_UINT16_T 1
-_ACEOF
-
-
-fi
-echo "$as_me:$LINENO: checking for int32_t" >&5
-echo $ECHO_N "checking for int32_t... $ECHO_C" >&6
-if test "${ac_cv_type_int32_t+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-if ((int32_t *) 0)
- return 0;
-if (sizeof (int32_t))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_type_int32_t=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_type_int32_t=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_type_int32_t" >&5
-echo "${ECHO_T}$ac_cv_type_int32_t" >&6
-if test $ac_cv_type_int32_t = yes; then
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_INT32_T 1
-_ACEOF
-
-
-fi
-echo "$as_me:$LINENO: checking for uint32_t" >&5
-echo $ECHO_N "checking for uint32_t... $ECHO_C" >&6
-if test "${ac_cv_type_uint32_t+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-if ((uint32_t *) 0)
- return 0;
-if (sizeof (uint32_t))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_type_uint32_t=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_type_uint32_t=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_type_uint32_t" >&5
-echo "${ECHO_T}$ac_cv_type_uint32_t" >&6
-if test $ac_cv_type_uint32_t = yes; then
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_UINT32_T 1
-_ACEOF
-
-
-fi
-echo "$as_me:$LINENO: checking for uint64_t" >&5
-echo $ECHO_N "checking for uint64_t... $ECHO_C" >&6
-if test "${ac_cv_type_uint64_t+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-if ((uint64_t *) 0)
- return 0;
-if (sizeof (uint64_t))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_type_uint64_t=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_type_uint64_t=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_type_uint64_t" >&5
-echo "${ECHO_T}$ac_cv_type_uint64_t" >&6
-if test $ac_cv_type_uint64_t = yes; then
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_UINT64_T 1
-_ACEOF
-
-
-fi
-
-echo "$as_me:$LINENO: checking for unsigned long" >&5
-echo $ECHO_N "checking for unsigned long... $ECHO_C" >&6
-if test "${ac_cv_type_unsigned_long+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-if ((unsigned long *) 0)
- return 0;
-if (sizeof (unsigned long))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_type_unsigned_long=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_type_unsigned_long=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_type_unsigned_long" >&5
-echo "${ECHO_T}$ac_cv_type_unsigned_long" >&6
-
-echo "$as_me:$LINENO: checking size of unsigned long" >&5
-echo $ECHO_N "checking size of unsigned long... $ECHO_C" >&6
-if test "${ac_cv_sizeof_unsigned_long+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test "$ac_cv_type_unsigned_long" = yes; then
- # The cast to unsigned long works around a bug in the HP C Compiler
- # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
- # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
- # This bug is HP SR number 8606223364.
- if test "$cross_compiling" = yes; then
- # Depending upon the size, compute the lo and hi bounds.
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-static int test_array [1 - 2 * !(((long) (sizeof (unsigned long))) >= 0)];
-test_array [0] = 0
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_lo=0 ac_mid=0
- while :; do
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-static int test_array [1 - 2 * !(((long) (sizeof (unsigned long))) <= $ac_mid)];
-test_array [0] = 0
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_hi=$ac_mid; break
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_lo=`expr $ac_mid + 1`
- if test $ac_lo -le $ac_mid; then
- ac_lo= ac_hi=
- break
- fi
- ac_mid=`expr 2 '*' $ac_mid + 1`
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
- done
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-static int test_array [1 - 2 * !(((long) (sizeof (unsigned long))) < 0)];
-test_array [0] = 0
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_hi=-1 ac_mid=-1
- while :; do
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-static int test_array [1 - 2 * !(((long) (sizeof (unsigned long))) >= $ac_mid)];
-test_array [0] = 0
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_lo=$ac_mid; break
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_hi=`expr '(' $ac_mid ')' - 1`
- if test $ac_mid -le $ac_hi; then
- ac_lo= ac_hi=
- break
- fi
- ac_mid=`expr 2 '*' $ac_mid`
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
- done
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_lo= ac_hi=
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-# Binary search between lo and hi bounds.
-while test "x$ac_lo" != "x$ac_hi"; do
- ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo`
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-static int test_array [1 - 2 * !(((long) (sizeof (unsigned long))) <= $ac_mid)];
-test_array [0] = 0
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_hi=$ac_mid
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_lo=`expr '(' $ac_mid ')' + 1`
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-done
-case $ac_lo in
-?*) ac_cv_sizeof_unsigned_long=$ac_lo;;
-'') { { echo "$as_me:$LINENO: error: cannot compute sizeof (unsigned long), 77
-See \`config.log' for more details." >&5
-echo "$as_me: error: cannot compute sizeof (unsigned long), 77
-See \`config.log' for more details." >&2;}
- { (exit 1); exit 1; }; } ;;
-esac
-else
- if test "$cross_compiling" = yes; then
- { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling
-See \`config.log' for more details." >&5
-echo "$as_me: error: cannot run test program while cross compiling
-See \`config.log' for more details." >&2;}
- { (exit 1); exit 1; }; }
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-long longval () { return (long) (sizeof (unsigned long)); }
-unsigned long ulongval () { return (long) (sizeof (unsigned long)); }
-#include <stdio.h>
-#include <stdlib.h>
-int
-main ()
-{
-
- FILE *f = fopen ("conftest.val", "w");
- if (! f)
- exit (1);
- if (((long) (sizeof (unsigned long))) < 0)
- {
- long i = longval ();
- if (i != ((long) (sizeof (unsigned long))))
- exit (1);
- fprintf (f, "%ld\n", i);
- }
- else
- {
- unsigned long i = ulongval ();
- if (i != ((long) (sizeof (unsigned long))))
- exit (1);
- fprintf (f, "%lu\n", i);
- }
- exit (ferror (f) || fclose (f) != 0);
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_sizeof_unsigned_long=`cat conftest.val`
-else
- echo "$as_me: program exited with status $ac_status" >&5
-echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-( exit $ac_status )
-{ { echo "$as_me:$LINENO: error: cannot compute sizeof (unsigned long), 77
-See \`config.log' for more details." >&5
-echo "$as_me: error: cannot compute sizeof (unsigned long), 77
-See \`config.log' for more details." >&2;}
- { (exit 1); exit 1; }; }
-fi
-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
-fi
-fi
-rm -f conftest.val
-else
- ac_cv_sizeof_unsigned_long=0
-fi
-fi
-echo "$as_me:$LINENO: result: $ac_cv_sizeof_unsigned_long" >&5
-echo "${ECHO_T}$ac_cv_sizeof_unsigned_long" >&6
-cat >>confdefs.h <<_ACEOF
-#define SIZEOF_UNSIGNED_LONG $ac_cv_sizeof_unsigned_long
-_ACEOF
-
-
-echo "$as_me:$LINENO: checking for unsigned long long" >&5
-echo $ECHO_N "checking for unsigned long long... $ECHO_C" >&6
-if test "${ac_cv_type_unsigned_long_long+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-if ((unsigned long long *) 0)
- return 0;
-if (sizeof (unsigned long long))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_type_unsigned_long_long=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_type_unsigned_long_long=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_type_unsigned_long_long" >&5
-echo "${ECHO_T}$ac_cv_type_unsigned_long_long" >&6
-
-echo "$as_me:$LINENO: checking size of unsigned long long" >&5
-echo $ECHO_N "checking size of unsigned long long... $ECHO_C" >&6
-if test "${ac_cv_sizeof_unsigned_long_long+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test "$ac_cv_type_unsigned_long_long" = yes; then
- # The cast to unsigned long works around a bug in the HP C Compiler
- # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
- # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
- # This bug is HP SR number 8606223364.
- if test "$cross_compiling" = yes; then
- # Depending upon the size, compute the lo and hi bounds.
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-static int test_array [1 - 2 * !(((long) (sizeof (unsigned long long))) >= 0)];
-test_array [0] = 0
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_lo=0 ac_mid=0
- while :; do
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-static int test_array [1 - 2 * !(((long) (sizeof (unsigned long long))) <= $ac_mid)];
-test_array [0] = 0
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_hi=$ac_mid; break
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_lo=`expr $ac_mid + 1`
- if test $ac_lo -le $ac_mid; then
- ac_lo= ac_hi=
- break
- fi
- ac_mid=`expr 2 '*' $ac_mid + 1`
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
- done
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-static int test_array [1 - 2 * !(((long) (sizeof (unsigned long long))) < 0)];
-test_array [0] = 0
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_hi=-1 ac_mid=-1
- while :; do
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-static int test_array [1 - 2 * !(((long) (sizeof (unsigned long long))) >= $ac_mid)];
-test_array [0] = 0
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_lo=$ac_mid; break
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_hi=`expr '(' $ac_mid ')' - 1`
- if test $ac_mid -le $ac_hi; then
- ac_lo= ac_hi=
- break
- fi
- ac_mid=`expr 2 '*' $ac_mid`
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
- done
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_lo= ac_hi=
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-# Binary search between lo and hi bounds.
-while test "x$ac_lo" != "x$ac_hi"; do
- ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo`
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-static int test_array [1 - 2 * !(((long) (sizeof (unsigned long long))) <= $ac_mid)];
-test_array [0] = 0
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_hi=$ac_mid
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_lo=`expr '(' $ac_mid ')' + 1`
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-done
-case $ac_lo in
-?*) ac_cv_sizeof_unsigned_long_long=$ac_lo;;
-'') { { echo "$as_me:$LINENO: error: cannot compute sizeof (unsigned long long), 77
-See \`config.log' for more details." >&5
-echo "$as_me: error: cannot compute sizeof (unsigned long long), 77
-See \`config.log' for more details." >&2;}
- { (exit 1); exit 1; }; } ;;
-esac
-else
- if test "$cross_compiling" = yes; then
- { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling
-See \`config.log' for more details." >&5
-echo "$as_me: error: cannot run test program while cross compiling
-See \`config.log' for more details." >&2;}
- { (exit 1); exit 1; }; }
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-long longval () { return (long) (sizeof (unsigned long long)); }
-unsigned long ulongval () { return (long) (sizeof (unsigned long long)); }
-#include <stdio.h>
-#include <stdlib.h>
-int
-main ()
-{
-
- FILE *f = fopen ("conftest.val", "w");
- if (! f)
- exit (1);
- if (((long) (sizeof (unsigned long long))) < 0)
- {
- long i = longval ();
- if (i != ((long) (sizeof (unsigned long long))))
- exit (1);
- fprintf (f, "%ld\n", i);
- }
- else
- {
- unsigned long i = ulongval ();
- if (i != ((long) (sizeof (unsigned long long))))
- exit (1);
- fprintf (f, "%lu\n", i);
- }
- exit (ferror (f) || fclose (f) != 0);
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_sizeof_unsigned_long_long=`cat conftest.val`
-else
- echo "$as_me: program exited with status $ac_status" >&5
-echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-( exit $ac_status )
-{ { echo "$as_me:$LINENO: error: cannot compute sizeof (unsigned long long), 77
-See \`config.log' for more details." >&5
-echo "$as_me: error: cannot compute sizeof (unsigned long long), 77
-See \`config.log' for more details." >&2;}
- { (exit 1); exit 1; }; }
-fi
-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
-fi
-fi
-rm -f conftest.val
-else
- ac_cv_sizeof_unsigned_long_long=0
-fi
-fi
-echo "$as_me:$LINENO: result: $ac_cv_sizeof_unsigned_long_long" >&5
-echo "${ECHO_T}$ac_cv_sizeof_unsigned_long_long" >&6
-cat >>confdefs.h <<_ACEOF
-#define SIZEOF_UNSIGNED_LONG_LONG $ac_cv_sizeof_unsigned_long_long
-_ACEOF
-
-
-
-echo "$as_me:$LINENO: checking for an ANSI C-conforming const" >&5
-echo $ECHO_N "checking for an ANSI C-conforming const... $ECHO_C" >&6
-if test "${ac_cv_c_const+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-
-int
-main ()
-{
-/* FIXME: Include the comments suggested by Paul. */
-#ifndef __cplusplus
- /* Ultrix mips cc rejects this. */
- typedef int charset[2];
- const charset x;
- /* SunOS 4.1.1 cc rejects this. */
- char const *const *ccp;
- char **p;
- /* NEC SVR4.0.2 mips cc rejects this. */
- struct point {int x, y;};
- static struct point const zero = {0,0};
- /* AIX XL C 1.02.0.0 rejects this.
- It does not let you subtract one const X* pointer from another in
- an arm of an if-expression whose if-part is not a constant
- expression */
- const char *g = "string";
- ccp = &g + (g ? g-g : 0);
- /* HPUX 7.0 cc rejects these. */
- ++ccp;
- p = (char**) ccp;
- ccp = (char const *const *) p;
- { /* SCO 3.2v4 cc rejects this. */
- char *t;
- char const *s = 0 ? (char *) 0 : (char const *) 0;
-
- *t++ = 0;
- }
- { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */
- int x[] = {25, 17};
- const int *foo = &x[0];
- ++foo;
- }
- { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */
- typedef const int *iptr;
- iptr p = 0;
- ++p;
- }
- { /* AIX XL C 1.02.0.0 rejects this saying
- "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */
- struct s { int j; const int *ap[3]; };
- struct s *b; b->j = 5;
- }
- { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */
- const int foo = 10;
- }
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_c_const=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_c_const=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_c_const" >&5
-echo "${ECHO_T}$ac_cv_c_const" >&6
-if test $ac_cv_c_const = no; then
-
-cat >>confdefs.h <<\_ACEOF
-#define const
-_ACEOF
-
-fi
-
-echo "$as_me:$LINENO: checking for inline" >&5
-echo $ECHO_N "checking for inline... $ECHO_C" >&6
-if test "${ac_cv_c_inline+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- ac_cv_c_inline=no
-for ac_kw in inline __inline__ __inline; do
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#ifndef __cplusplus
-typedef int foo_t;
-static $ac_kw foo_t static_foo () {return 0; }
-$ac_kw foo_t foo () {return 0; }
-#endif
-
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_c_inline=$ac_kw; break
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-done
-
-fi
-echo "$as_me:$LINENO: result: $ac_cv_c_inline" >&5
-echo "${ECHO_T}$ac_cv_c_inline" >&6
-
-
-case $ac_cv_c_inline in
- inline | yes) ;;
- *)
- case $ac_cv_c_inline in
- no) ac_val=;;
- *) ac_val=$ac_cv_c_inline;;
- esac
- cat >>confdefs.h <<_ACEOF
-#ifndef __cplusplus
-#define inline $ac_val
-#endif
-_ACEOF
- ;;
-esac
-
-echo "$as_me:$LINENO: checking for size_t" >&5
-echo $ECHO_N "checking for size_t... $ECHO_C" >&6
-if test "${ac_cv_type_size_t+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-if ((size_t *) 0)
- return 0;
-if (sizeof (size_t))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_type_size_t=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_type_size_t=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: $ac_cv_type_size_t" >&5
-echo "${ECHO_T}$ac_cv_type_size_t" >&6
-if test $ac_cv_type_size_t = yes; then
- :
-else
-
-cat >>confdefs.h <<_ACEOF
-#define size_t unsigned
-_ACEOF
-
-fi
-
-
-
-
-
-for ac_func in socket inet_aton usleep
-do
-as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
-echo "$as_me:$LINENO: checking for $ac_func" >&5
-echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
-if eval "test \"\${$as_ac_var+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
- For example, HP-UX 11i <limits.h> declares gettimeofday. */
-#define $ac_func innocuous_$ac_func
-
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char $ac_func (); below.
- Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
- <limits.h> exists even on freestanding compilers. */
-
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
-
-#undef $ac_func
-
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-{
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char $ac_func ();
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-char (*f) () = $ac_func;
-#endif
-#ifdef __cplusplus
-}
-#endif
-
-int
-main ()
-{
-return f != $ac_func;
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "$as_ac_var=yes"
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-eval "$as_ac_var=no"
-fi
-rm -f conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
-if test `eval echo '${'$as_ac_var'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-
-if test "x$ac_cv_func_socket" = "xno"; then
-
-echo "$as_me:$LINENO: checking for socket in -lsocket" >&5
-echo $ECHO_N "checking for socket in -lsocket... $ECHO_C" >&6
-if test "${ac_cv_lib_socket_socket+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lsocket $LIBS"
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char socket ();
-int
-main ()
-{
-socket ();
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_lib_socket_socket=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_cv_lib_socket_socket=no
-fi
-rm -f conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-echo "$as_me:$LINENO: result: $ac_cv_lib_socket_socket" >&5
-echo "${ECHO_T}$ac_cv_lib_socket_socket" >&6
-if test $ac_cv_lib_socket_socket = yes; then
- cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBSOCKET 1
-_ACEOF
-
- LIBS="-lsocket $LIBS"
-
-fi
-
- echo "$as_me:$LINENO: checking for socket in -lwsock32" >&5
-echo $ECHO_N "checking for socket in -lwsock32... $ECHO_C" >&6
- SAVELIBS="$LIBS"
- LIBS="$LIBS -lwsock32"
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-
-#include <winsock2.h>
-
-int
-main ()
-{
-
-socket(0, 0, 0);
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_func_socket=yes
- echo "$as_me:$LINENO: result: yes" >&5
-echo "${ECHO_T}yes" >&6
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-LIBS="$SAVELIBS"
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-rm -f conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-fi
-
-echo "$as_me:$LINENO: checking whether to compile in debugging" >&5
-echo $ECHO_N "checking whether to compile in debugging... $ECHO_C" >&6
-# Check whether --enable-debug or --disable-debug was given.
-if test "${enable_debug+set}" = set; then
- enableval="$enable_debug"
-
-else
- enable_debug=yes
-fi;
-if test "$enable_debug" = "yes"; then
-
-cat >>confdefs.h <<\_ACEOF
-#define ENABLE_DEBUGGING 1
-_ACEOF
-
-fi
-echo "$as_me:$LINENO: result: $enable_debug" >&5
-echo "${ECHO_T}$enable_debug" >&6
-
-echo "$as_me:$LINENO: checking whether to use ISMAcryp code" >&5
-echo $ECHO_N "checking whether to use ISMAcryp code... $ECHO_C" >&6
-# Check whether --enable-generic-aesicm or --disable-generic-aesicm was given.
-if test "${enable_generic_aesicm+set}" = set; then
- enableval="$enable_generic_aesicm"
-
-else
- enable_generic_aesicm=no
-fi;
-if test "$enable_generic_aesicm" = "yes"; then
-
-cat >>confdefs.h <<\_ACEOF
-#define GENERIC_AESICM 1
-_ACEOF
-
-fi
-echo "$as_me:$LINENO: result: $enable_generic_aesicm" >&5
-echo "${ECHO_T}$enable_generic_aesicm" >&6
-
-echo "$as_me:$LINENO: checking whether to use syslog for error reporting" >&5
-echo $ECHO_N "checking whether to use syslog for error reporting... $ECHO_C" >&6
-# Check whether --enable-syslog or --disable-syslog was given.
-if test "${enable_syslog+set}" = set; then
- enableval="$enable_syslog"
-
-else
- enable_syslog=no
-fi;
-if test "$enable_syslog" = "yes"; then
-
-cat >>confdefs.h <<\_ACEOF
-#define USE_SYSLOG 1
-_ACEOF
-
-fi
-echo "$as_me:$LINENO: result: $enable_syslog" >&5
-echo "${ECHO_T}$enable_syslog" >&6
-
-echo "$as_me:$LINENO: checking whether to use stdout for error reporting" >&5
-echo $ECHO_N "checking whether to use stdout for error reporting... $ECHO_C" >&6
-# Check whether --enable-stdout or --disable-stdout was given.
-if test "${enable_stdout+set}" = set; then
- enableval="$enable_stdout"
-
-else
- enable_stdout=yes
-fi;
-if test "$enable_stdout" = "yes"; then
-
-cat >>confdefs.h <<\_ACEOF
-#define ERR_REPORTING_STDOUT 1
-_ACEOF
-
-fi
-echo "$as_me:$LINENO: result: $enable_stdout" >&5
-echo "${ECHO_T}$enable_stdout" >&6
-
-echo "$as_me:$LINENO: checking whether to use /dev/console for error reporting" >&5
-echo $ECHO_N "checking whether to use /dev/console for error reporting... $ECHO_C" >&6
-# Check whether --enable-console or --disable-console was given.
-if test "${enable_console+set}" = set; then
- enableval="$enable_console"
-
-else
- enable_console=no
-fi;
-if test "$enable_console" = "yes"; then
-
-cat >>confdefs.h <<\_ACEOF
-#define USE_ERR_REPORTING_FILE 1
-_ACEOF
-
-
-cat >>confdefs.h <<\_ACEOF
-#define ERR_REPORTING_FILE "/dev/console"
-_ACEOF
-
-fi
-echo "$as_me:$LINENO: result: $enable_console" >&5
-echo "${ECHO_T}$enable_console" >&6
-
-echo "$as_me:$LINENO: checking whether to use GDOI key management" >&5
-echo $ECHO_N "checking whether to use GDOI key management... $ECHO_C" >&6
-# Check whether --enable-gdoi or --disable-gdoi was given.
-if test "${enable_gdoi+set}" = set; then
- enableval="$enable_gdoi"
-
-else
- enable_gdoi=no
-fi;
-if test "$enable_gdoi" = "yes"; then
-
-cat >>confdefs.h <<\_ACEOF
-#define SRTP_GDOI 1
-_ACEOF
-
- GDOI_OBJS=gdoi/srtp+gdoi.o
-
-fi
-echo "$as_me:$LINENO: result: $enable_gdoi" >&5
-echo "${ECHO_T}$enable_gdoi" >&6
-
- ac_config_headers="$ac_config_headers crypto/include/config.h:config_in.h"
-
-
- ac_config_files="$ac_config_files Makefile crypto/Makefile doc/Makefile"
-cat >confcache <<\_ACEOF
-# This file is a shell script that caches the results of configure
-# tests run on this system so they can be shared between configure
-# scripts and configure runs, see configure's option --config-cache.
-# It is not useful on other systems. If it contains results you don't
-# want to keep, you may remove or edit it.
-#
-# config.status only pays attention to the cache file if you give it
-# the --recheck option to rerun configure.
-#
-# `ac_cv_env_foo' variables (set or unset) will be overridden when
-# loading this file, other *unset* `ac_cv_foo' will be assigned the
-# following values.
-
-_ACEOF
-
-# The following way of writing the cache mishandles newlines in values,
-# but we know of no workaround that is simple, portable, and efficient.
-# So, don't put newlines in cache variables' values.
-# Ultrix sh set writes to stderr and can't be redirected directly,
-# and sets the high bit in the cache file unless we assign to the vars.
-{
- (set) 2>&1 |
- case `(ac_space=' '; set | grep ac_space) 2>&1` in
- *ac_space=\ *)
- # `set' does not quote correctly, so add quotes (double-quote
- # substitution turns \\\\ into \\, and sed turns \\ into \).
- sed -n \
- "s/'/'\\\\''/g;
- s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p"
- ;;
- *)
- # `set' quotes correctly as required by POSIX, so do not add quotes.
- sed -n \
- "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p"
- ;;
- esac;
-} |
- sed '
- t clear
- : clear
- s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/
- t end
- /^ac_cv_env/!s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/
- : end' >>confcache
-if diff $cache_file confcache >/dev/null 2>&1; then :; else
- if test -w $cache_file; then
- test "x$cache_file" != "x/dev/null" && echo "updating cache $cache_file"
- cat confcache >$cache_file
- else
- echo "not updating unwritable cache $cache_file"
- fi
-fi
-rm -f confcache
-
-test "x$prefix" = xNONE && prefix=$ac_default_prefix
-# Let make expand exec_prefix.
-test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
-
-# VPATH may cause trouble with some makes, so we remove $(srcdir),
-# ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and
-# trailing colons and then remove the whole line if VPATH becomes empty
-# (actually we leave an empty line to preserve line numbers).
-if test "x$srcdir" = x.; then
- ac_vpsub='/^[ ]*VPATH[ ]*=/{
-s/:*\$(srcdir):*/:/;
-s/:*\${srcdir}:*/:/;
-s/:*@srcdir@:*/:/;
-s/^\([^=]*=[ ]*\):*/\1/;
-s/:*$//;
-s/^[^=]*=[ ]*$//;
-}'
-fi
-
-DEFS=-DHAVE_CONFIG_H
-
-ac_libobjs=
-ac_ltlibobjs=
-for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
- # 1. Remove the extension, and $U if already installed.
- ac_i=`echo "$ac_i" |
- sed 's/\$U\././;s/\.o$//;s/\.obj$//'`
- # 2. Add them.
- ac_libobjs="$ac_libobjs $ac_i\$U.$ac_objext"
- ac_ltlibobjs="$ac_ltlibobjs $ac_i"'$U.lo'
-done
-LIBOBJS=$ac_libobjs
-
-LTLIBOBJS=$ac_ltlibobjs
-
-
-
-: ${CONFIG_STATUS=./config.status}
-ac_clean_files_save=$ac_clean_files
-ac_clean_files="$ac_clean_files $CONFIG_STATUS"
-{ echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5
-echo "$as_me: creating $CONFIG_STATUS" >&6;}
-cat >$CONFIG_STATUS <<_ACEOF
-#! $SHELL
-# Generated by $as_me.
-# Run this file to recreate the current configuration.
-# Compiler output produced by configure, useful for debugging
-# configure, is in config.log if it exists.
-
-debug=false
-ac_cs_recheck=false
-ac_cs_silent=false
-SHELL=\${CONFIG_SHELL-$SHELL}
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF
-## --------------------- ##
-## M4sh Initialization. ##
-## --------------------- ##
-
-# Be Bourne compatible
-if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
- emulate sh
- NULLCMD=:
- # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
- # is contrary to our usage. Disable this feature.
- alias -g '${1+"$@"}'='"$@"'
-elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then
- set -o posix
-fi
-DUALCASE=1; export DUALCASE # for MKS sh
-
-# Support unset when possible.
-if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
- as_unset=unset
-else
- as_unset=false
-fi
-
-
-# Work around bugs in pre-3.0 UWIN ksh.
-$as_unset ENV MAIL MAILPATH
-PS1='$ '
-PS2='> '
-PS4='+ '
-
-# NLS nuisances.
-for as_var in \
- LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \
- LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \
- LC_TELEPHONE LC_TIME
-do
- if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then
- eval $as_var=C; export $as_var
- else
- $as_unset $as_var
- fi
-done
-
-# Required to use basename.
-if expr a : '\(a\)' >/dev/null 2>&1; then
- as_expr=expr
-else
- as_expr=false
-fi
-
-if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then
- as_basename=basename
-else
- as_basename=false
-fi
-
-
-# Name of the executable.
-as_me=`$as_basename "$0" ||
-$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
- X"$0" : 'X\(//\)$' \| \
- X"$0" : 'X\(/\)$' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X/"$0" |
- sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; }
- /^X\/\(\/\/\)$/{ s//\1/; q; }
- /^X\/\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
-
-
-# PATH needs CR, and LINENO needs CR and PATH.
-# Avoid depending upon Character Ranges.
-as_cr_letters='abcdefghijklmnopqrstuvwxyz'
-as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
-as_cr_Letters=$as_cr_letters$as_cr_LETTERS
-as_cr_digits='0123456789'
-as_cr_alnum=$as_cr_Letters$as_cr_digits
-
-# The user is always right.
-if test "${PATH_SEPARATOR+set}" != set; then
- echo "#! /bin/sh" >conf$$.sh
- echo "exit 0" >>conf$$.sh
- chmod +x conf$$.sh
- if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
- PATH_SEPARATOR=';'
- else
- PATH_SEPARATOR=:
- fi
- rm -f conf$$.sh
-fi
-
-
- as_lineno_1=$LINENO
- as_lineno_2=$LINENO
- as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
- test "x$as_lineno_1" != "x$as_lineno_2" &&
- test "x$as_lineno_3" = "x$as_lineno_2" || {
- # Find who we are. Look in the path if we contain no path at all
- # relative or not.
- case $0 in
- *[\\/]* ) as_myself=$0 ;;
- *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
-done
-
- ;;
- esac
- # We did not find ourselves, most probably we were run as `sh COMMAND'
- # in which case we are not to be found in the path.
- if test "x$as_myself" = x; then
- as_myself=$0
- fi
- if test ! -f "$as_myself"; then
- { { echo "$as_me:$LINENO: error: cannot find myself; rerun with an absolute path" >&5
-echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2;}
- { (exit 1); exit 1; }; }
- fi
- case $CONFIG_SHELL in
- '')
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for as_base in sh bash ksh sh5; do
- case $as_dir in
- /*)
- if ("$as_dir/$as_base" -c '
- as_lineno_1=$LINENO
- as_lineno_2=$LINENO
- as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null`
- test "x$as_lineno_1" != "x$as_lineno_2" &&
- test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then
- $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; }
- $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; }
- CONFIG_SHELL=$as_dir/$as_base
- export CONFIG_SHELL
- exec "$CONFIG_SHELL" "$0" ${1+"$@"}
- fi;;
- esac
- done
-done
-;;
- esac
-
- # Create $as_me.lineno as a copy of $as_myself, but with $LINENO
- # uniformly replaced by the line number. The first 'sed' inserts a
- # line-number line before each line; the second 'sed' does the real
- # work. The second script uses 'N' to pair each line-number line
- # with the numbered line, and appends trailing '-' during
- # substitution so that $LINENO is not a special case at line end.
- # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the
- # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-)
- sed '=' <$as_myself |
- sed '
- N
- s,$,-,
- : loop
- s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3,
- t loop
- s,-$,,
- s,^['$as_cr_digits']*\n,,
- ' >$as_me.lineno &&
- chmod +x $as_me.lineno ||
- { { echo "$as_me:$LINENO: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&5
-echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2;}
- { (exit 1); exit 1; }; }
-
- # Don't try to exec as it changes $[0], causing all sort of problems
- # (the dirname of $[0] is not the place where we might find the
- # original and so on. Autoconf is especially sensible to this).
- . ./$as_me.lineno
- # Exit status is that of the last command.
- exit
-}
-
-
-case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in
- *c*,-n*) ECHO_N= ECHO_C='
-' ECHO_T=' ' ;;
- *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;;
- *) ECHO_N= ECHO_C='\c' ECHO_T= ;;
-esac
-
-if expr a : '\(a\)' >/dev/null 2>&1; then
- as_expr=expr
-else
- as_expr=false
-fi
-
-rm -f conf$$ conf$$.exe conf$$.file
-echo >conf$$.file
-if ln -s conf$$.file conf$$ 2>/dev/null; then
- # We could just check for DJGPP; but this test a) works b) is more generic
- # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04).
- if test -f conf$$.exe; then
- # Don't use ln at all; we don't have any links
- as_ln_s='cp -p'
- else
- as_ln_s='ln -s'
- fi
-elif ln conf$$.file conf$$ 2>/dev/null; then
- as_ln_s=ln
-else
- as_ln_s='cp -p'
-fi
-rm -f conf$$ conf$$.exe conf$$.file
-
-if mkdir -p . 2>/dev/null; then
- as_mkdir_p=:
-else
- test -d ./-p && rmdir ./-p
- as_mkdir_p=false
-fi
-
-as_executable_p="test -f"
-
-# Sed expression to map a string onto a valid CPP name.
-as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
-
-# Sed expression to map a string onto a valid variable name.
-as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
-
-
-# IFS
-# We need space, tab and new line, in precisely that order.
-as_nl='
-'
-IFS=" $as_nl"
-
-# CDPATH.
-$as_unset CDPATH
-
-exec 6>&1
-
-# Open the log real soon, to keep \$[0] and so on meaningful, and to
-# report actual input values of CONFIG_FILES etc. instead of their
-# values after options handling. Logging --version etc. is OK.
-exec 5>>config.log
-{
- echo
- sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
-## Running $as_me. ##
-_ASBOX
-} >&5
-cat >&5 <<_CSEOF
-
-This file was extended by $as_me, which was
-generated by GNU Autoconf 2.59. Invocation command line was
-
- CONFIG_FILES = $CONFIG_FILES
- CONFIG_HEADERS = $CONFIG_HEADERS
- CONFIG_LINKS = $CONFIG_LINKS
- CONFIG_COMMANDS = $CONFIG_COMMANDS
- $ $0 $@
-
-_CSEOF
-echo "on `(hostname || uname -n) 2>/dev/null | sed 1q`" >&5
-echo >&5
-_ACEOF
-
-# Files that config.status was made for.
-if test -n "$ac_config_files"; then
- echo "config_files=\"$ac_config_files\"" >>$CONFIG_STATUS
-fi
-
-if test -n "$ac_config_headers"; then
- echo "config_headers=\"$ac_config_headers\"" >>$CONFIG_STATUS
-fi
-
-if test -n "$ac_config_links"; then
- echo "config_links=\"$ac_config_links\"" >>$CONFIG_STATUS
-fi
-
-if test -n "$ac_config_commands"; then
- echo "config_commands=\"$ac_config_commands\"" >>$CONFIG_STATUS
-fi
-
-cat >>$CONFIG_STATUS <<\_ACEOF
-
-ac_cs_usage="\
-\`$as_me' instantiates files from templates according to the
-current configuration.
-
-Usage: $0 [OPTIONS] [FILE]...
-
- -h, --help print this help, then exit
- -V, --version print version number, then exit
- -q, --quiet do not print progress messages
- -d, --debug don't remove temporary files
- --recheck update $as_me by reconfiguring in the same conditions
- --file=FILE[:TEMPLATE]
- instantiate the configuration file FILE
- --header=FILE[:TEMPLATE]
- instantiate the configuration header FILE
-
-Configuration files:
-$config_files
-
-Configuration headers:
-$config_headers
-
-Report bugs to <bug-autoconf@gnu.org>."
-_ACEOF
-
-cat >>$CONFIG_STATUS <<_ACEOF
-ac_cs_version="\\
-config.status
-configured by $0, generated by GNU Autoconf 2.59,
- with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
-
-Copyright (C) 2003 Free Software Foundation, Inc.
-This config.status script is free software; the Free Software Foundation
-gives unlimited permission to copy, distribute and modify it."
-srcdir=$srcdir
-INSTALL="$INSTALL"
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF
-# If no file are specified by the user, then we need to provide default
-# value. By we need to know if files were specified by the user.
-ac_need_defaults=:
-while test $# != 0
-do
- case $1 in
- --*=*)
- ac_option=`expr "x$1" : 'x\([^=]*\)='`
- ac_optarg=`expr "x$1" : 'x[^=]*=\(.*\)'`
- ac_shift=:
- ;;
- -*)
- ac_option=$1
- ac_optarg=$2
- ac_shift=shift
- ;;
- *) # This is not an option, so the user has probably given explicit
- # arguments.
- ac_option=$1
- ac_need_defaults=false;;
- esac
-
- case $ac_option in
- # Handling of the options.
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF
- -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
- ac_cs_recheck=: ;;
- --version | --vers* | -V )
- echo "$ac_cs_version"; exit 0 ;;
- --he | --h)
- # Conflict between --help and --header
- { { echo "$as_me:$LINENO: error: ambiguous option: $1
-Try \`$0 --help' for more information." >&5
-echo "$as_me: error: ambiguous option: $1
-Try \`$0 --help' for more information." >&2;}
- { (exit 1); exit 1; }; };;
- --help | --hel | -h )
- echo "$ac_cs_usage"; exit 0 ;;
- --debug | --d* | -d )
- debug=: ;;
- --file | --fil | --fi | --f )
- $ac_shift
- CONFIG_FILES="$CONFIG_FILES $ac_optarg"
- ac_need_defaults=false;;
- --header | --heade | --head | --hea )
- $ac_shift
- CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg"
- ac_need_defaults=false;;
- -q | -quiet | --quiet | --quie | --qui | --qu | --q \
- | -silent | --silent | --silen | --sile | --sil | --si | --s)
- ac_cs_silent=: ;;
-
- # This is an error.
- -*) { { echo "$as_me:$LINENO: error: unrecognized option: $1
-Try \`$0 --help' for more information." >&5
-echo "$as_me: error: unrecognized option: $1
-Try \`$0 --help' for more information." >&2;}
- { (exit 1); exit 1; }; } ;;
-
- *) ac_config_targets="$ac_config_targets $1" ;;
-
- esac
- shift
-done
-
-ac_configure_extra_args=
-
-if $ac_cs_silent; then
- exec 6>/dev/null
- ac_configure_extra_args="$ac_configure_extra_args --silent"
-fi
-
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF
-if \$ac_cs_recheck; then
- echo "running $SHELL $0 " $ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6
- exec $SHELL $0 $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
-fi
-
-_ACEOF
-
-
-
-
-
-cat >>$CONFIG_STATUS <<\_ACEOF
-for ac_config_target in $ac_config_targets
-do
- case "$ac_config_target" in
- # Handling of arguments.
- "Makefile" ) CONFIG_FILES="$CONFIG_FILES Makefile" ;;
- "crypto/Makefile" ) CONFIG_FILES="$CONFIG_FILES crypto/Makefile" ;;
- "doc/Makefile" ) CONFIG_FILES="$CONFIG_FILES doc/Makefile" ;;
- "crypto/include/config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS crypto/include/config.h:config_in.h" ;;
- *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5
-echo "$as_me: error: invalid argument: $ac_config_target" >&2;}
- { (exit 1); exit 1; }; };;
- esac
-done
-
-# If the user did not use the arguments to specify the items to instantiate,
-# then the envvar interface is used. Set only those that are not.
-# We use the long form for the default assignment because of an extremely
-# bizarre bug on SunOS 4.1.3.
-if $ac_need_defaults; then
- test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
- test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
-fi
-
-# Have a temporary directory for convenience. Make it in the build tree
-# simply because there is no reason to put it here, and in addition,
-# creating and moving files from /tmp can sometimes cause problems.
-# Create a temporary directory, and hook for its removal unless debugging.
-$debug ||
-{
- trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0
- trap '{ (exit 1); exit 1; }' 1 2 13 15
-}
-
-# Create a (secure) tmp directory for tmp files.
-
-{
- tmp=`(umask 077 && mktemp -d -q "./confstatXXXXXX") 2>/dev/null` &&
- test -n "$tmp" && test -d "$tmp"
-} ||
-{
- tmp=./confstat$$-$RANDOM
- (umask 077 && mkdir $tmp)
-} ||
-{
- echo "$me: cannot create a temporary directory in ." >&2
- { (exit 1); exit 1; }
-}
-
-_ACEOF
-
-cat >>$CONFIG_STATUS <<_ACEOF
-
-#
-# CONFIG_FILES section.
-#
-
-# No need to generate the scripts if there are no CONFIG_FILES.
-# This happens for instance when ./config.status config.h
-if test -n "\$CONFIG_FILES"; then
- # Protect against being on the right side of a sed subst in config.status.
- sed 's/,@/@@/; s/@,/@@/; s/,;t t\$/@;t t/; /@;t t\$/s/[\\\\&,]/\\\\&/g;
- s/@@/,@/; s/@@/@,/; s/@;t t\$/,;t t/' >\$tmp/subs.sed <<\\CEOF
-s,@SHELL@,$SHELL,;t t
-s,@PATH_SEPARATOR@,$PATH_SEPARATOR,;t t
-s,@PACKAGE_NAME@,$PACKAGE_NAME,;t t
-s,@PACKAGE_TARNAME@,$PACKAGE_TARNAME,;t t
-s,@PACKAGE_VERSION@,$PACKAGE_VERSION,;t t
-s,@PACKAGE_STRING@,$PACKAGE_STRING,;t t
-s,@PACKAGE_BUGREPORT@,$PACKAGE_BUGREPORT,;t t
-s,@exec_prefix@,$exec_prefix,;t t
-s,@prefix@,$prefix,;t t
-s,@program_transform_name@,$program_transform_name,;t t
-s,@bindir@,$bindir,;t t
-s,@sbindir@,$sbindir,;t t
-s,@libexecdir@,$libexecdir,;t t
-s,@datadir@,$datadir,;t t
-s,@sysconfdir@,$sysconfdir,;t t
-s,@sharedstatedir@,$sharedstatedir,;t t
-s,@localstatedir@,$localstatedir,;t t
-s,@libdir@,$libdir,;t t
-s,@includedir@,$includedir,;t t
-s,@oldincludedir@,$oldincludedir,;t t
-s,@infodir@,$infodir,;t t
-s,@mandir@,$mandir,;t t
-s,@build_alias@,$build_alias,;t t
-s,@host_alias@,$host_alias,;t t
-s,@target_alias@,$target_alias,;t t
-s,@DEFS@,$DEFS,;t t
-s,@ECHO_C@,$ECHO_C,;t t
-s,@ECHO_N@,$ECHO_N,;t t
-s,@ECHO_T@,$ECHO_T,;t t
-s,@LIBS@,$LIBS,;t t
-s,@RANLIB@,$RANLIB,;t t
-s,@ac_ct_RANLIB@,$ac_ct_RANLIB,;t t
-s,@CC@,$CC,;t t
-s,@CFLAGS@,$CFLAGS,;t t
-s,@LDFLAGS@,$LDFLAGS,;t t
-s,@CPPFLAGS@,$CPPFLAGS,;t t
-s,@ac_ct_CC@,$ac_ct_CC,;t t
-s,@EXEEXT@,$EXEEXT,;t t
-s,@OBJEXT@,$OBJEXT,;t t
-s,@INSTALL_PROGRAM@,$INSTALL_PROGRAM,;t t
-s,@INSTALL_SCRIPT@,$INSTALL_SCRIPT,;t t
-s,@INSTALL_DATA@,$INSTALL_DATA,;t t
-s,@build@,$build,;t t
-s,@build_cpu@,$build_cpu,;t t
-s,@build_vendor@,$build_vendor,;t t
-s,@build_os@,$build_os,;t t
-s,@host@,$host,;t t
-s,@host_cpu@,$host_cpu,;t t
-s,@host_vendor@,$host_vendor,;t t
-s,@host_os@,$host_os,;t t
-s,@EXE@,$EXE,;t t
-s,@RNG_OBJS@,$RNG_OBJS,;t t
-s,@CPP@,$CPP,;t t
-s,@EGREP@,$EGREP,;t t
-s,@GDOI_OBJS@,$GDOI_OBJS,;t t
-s,@LIBOBJS@,$LIBOBJS,;t t
-s,@LTLIBOBJS@,$LTLIBOBJS,;t t
-CEOF
-
-_ACEOF
-
- cat >>$CONFIG_STATUS <<\_ACEOF
- # Split the substitutions into bite-sized pieces for seds with
- # small command number limits, like on Digital OSF/1 and HP-UX.
- ac_max_sed_lines=48
- ac_sed_frag=1 # Number of current file.
- ac_beg=1 # First line for current file.
- ac_end=$ac_max_sed_lines # Line after last line for current file.
- ac_more_lines=:
- ac_sed_cmds=
- while $ac_more_lines; do
- if test $ac_beg -gt 1; then
- sed "1,${ac_beg}d; ${ac_end}q" $tmp/subs.sed >$tmp/subs.frag
- else
- sed "${ac_end}q" $tmp/subs.sed >$tmp/subs.frag
- fi
- if test ! -s $tmp/subs.frag; then
- ac_more_lines=false
- else
- # The purpose of the label and of the branching condition is to
- # speed up the sed processing (if there are no `@' at all, there
- # is no need to browse any of the substitutions).
- # These are the two extra sed commands mentioned above.
- (echo ':t
- /@[a-zA-Z_][a-zA-Z_0-9]*@/!b' && cat $tmp/subs.frag) >$tmp/subs-$ac_sed_frag.sed
- if test -z "$ac_sed_cmds"; then
- ac_sed_cmds="sed -f $tmp/subs-$ac_sed_frag.sed"
- else
- ac_sed_cmds="$ac_sed_cmds | sed -f $tmp/subs-$ac_sed_frag.sed"
- fi
- ac_sed_frag=`expr $ac_sed_frag + 1`
- ac_beg=$ac_end
- ac_end=`expr $ac_end + $ac_max_sed_lines`
- fi
- done
- if test -z "$ac_sed_cmds"; then
- ac_sed_cmds=cat
- fi
-fi # test -n "$CONFIG_FILES"
-
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF
-for ac_file in : $CONFIG_FILES; do test "x$ac_file" = x: && continue
- # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
- case $ac_file in
- - | *:- | *:-:* ) # input from stdin
- cat >$tmp/stdin
- ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
- ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
- *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
- ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
- * ) ac_file_in=$ac_file.in ;;
- esac
-
- # Compute @srcdir@, @top_srcdir@, and @INSTALL@ for subdirectories.
- ac_dir=`(dirname "$ac_file") 2>/dev/null ||
-$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$ac_file" : 'X\(//\)[^/]' \| \
- X"$ac_file" : 'X\(//\)$' \| \
- X"$ac_file" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$ac_file" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- { if $as_mkdir_p; then
- mkdir -p "$ac_dir"
- else
- as_dir="$ac_dir"
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5
-echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;}
- { (exit 1); exit 1; }; }; }
-
- ac_builddir=.
-
-if test "$ac_dir" != .; then
- ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
- # A "../" for each directory in $ac_dir_suffix.
- ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'`
-else
- ac_dir_suffix= ac_top_builddir=
-fi
-
-case $srcdir in
- .) # No --srcdir option. We are building in place.
- ac_srcdir=.
- if test -z "$ac_top_builddir"; then
- ac_top_srcdir=.
- else
- ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'`
- fi ;;
- [\\/]* | ?:[\\/]* ) # Absolute path.
- ac_srcdir=$srcdir$ac_dir_suffix;
- ac_top_srcdir=$srcdir ;;
- *) # Relative path.
- ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix
- ac_top_srcdir=$ac_top_builddir$srcdir ;;
-esac
-
-# Do not use `cd foo && pwd` to compute absolute paths, because
-# the directories may not exist.
-case `pwd` in
-.) ac_abs_builddir="$ac_dir";;
-*)
- case "$ac_dir" in
- .) ac_abs_builddir=`pwd`;;
- [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";;
- *) ac_abs_builddir=`pwd`/"$ac_dir";;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_top_builddir=${ac_top_builddir}.;;
-*)
- case ${ac_top_builddir}. in
- .) ac_abs_top_builddir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;;
- *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_srcdir=$ac_srcdir;;
-*)
- case $ac_srcdir in
- .) ac_abs_srcdir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;;
- *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;;
- esac;;
-esac
-case $ac_abs_builddir in
-.) ac_abs_top_srcdir=$ac_top_srcdir;;
-*)
- case $ac_top_srcdir in
- .) ac_abs_top_srcdir=$ac_abs_builddir;;
- [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;;
- *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;;
- esac;;
-esac
-
-
- case $INSTALL in
- [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;;
- *) ac_INSTALL=$ac_top_builddir$INSTALL ;;
- esac
-
- if test x"$ac_file" != x-; then
- { echo "$as_me:$LINENO: creating $ac_file" >&5
-echo "$as_me: creating $ac_file" >&6;}
- rm -f "$ac_file"
- fi
- # Let's still pretend it is `configure' which instantiates (i.e., don't
- # use $as_me), people would be surprised to read:
- # /* config.h. Generated by config.status. */
- if test x"$ac_file" = x-; then
- configure_input=
- else
- configure_input="$ac_file. "
- fi
- configure_input=$configure_input"Generated from `echo $ac_file_in |
- sed 's,.*/,,'` by configure."
-
- # First look for the input files in the build tree, otherwise in the
- # src tree.
- ac_file_inputs=`IFS=:
- for f in $ac_file_in; do
- case $f in
- -) echo $tmp/stdin ;;
- [\\/$]*)
- # Absolute (can't be DOS-style, as IFS=:)
- test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
-echo "$as_me: error: cannot find input file: $f" >&2;}
- { (exit 1); exit 1; }; }
- echo "$f";;
- *) # Relative
- if test -f "$f"; then
- # Build tree
- echo "$f"
- elif test -f "$srcdir/$f"; then
- # Source tree
- echo "$srcdir/$f"
- else
- # /dev/null tree
- { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
-echo "$as_me: error: cannot find input file: $f" >&2;}
- { (exit 1); exit 1; }; }
- fi;;
- esac
- done` || { (exit 1); exit 1; }
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF
- sed "$ac_vpsub
-$extrasub
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF
-:t
-/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
-s,@configure_input@,$configure_input,;t t
-s,@srcdir@,$ac_srcdir,;t t
-s,@abs_srcdir@,$ac_abs_srcdir,;t t
-s,@top_srcdir@,$ac_top_srcdir,;t t
-s,@abs_top_srcdir@,$ac_abs_top_srcdir,;t t
-s,@builddir@,$ac_builddir,;t t
-s,@abs_builddir@,$ac_abs_builddir,;t t
-s,@top_builddir@,$ac_top_builddir,;t t
-s,@abs_top_builddir@,$ac_abs_top_builddir,;t t
-s,@INSTALL@,$ac_INSTALL,;t t
-" $ac_file_inputs | (eval "$ac_sed_cmds") >$tmp/out
- rm -f $tmp/stdin
- if test x"$ac_file" != x-; then
- mv $tmp/out $ac_file
- else
- cat $tmp/out
- rm -f $tmp/out
- fi
-
-done
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF
-
-#
-# CONFIG_HEADER section.
-#
-
-# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where
-# NAME is the cpp macro being defined and VALUE is the value it is being given.
-#
-# ac_d sets the value in "#define NAME VALUE" lines.
-ac_dA='s,^\([ ]*\)#\([ ]*define[ ][ ]*\)'
-ac_dB='[ ].*$,\1#\2'
-ac_dC=' '
-ac_dD=',;t'
-# ac_u turns "#undef NAME" without trailing blanks into "#define NAME VALUE".
-ac_uA='s,^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)'
-ac_uB='$,\1#\2define\3'
-ac_uC=' '
-ac_uD=',;t'
-
-for ac_file in : $CONFIG_HEADERS; do test "x$ac_file" = x: && continue
- # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
- case $ac_file in
- - | *:- | *:-:* ) # input from stdin
- cat >$tmp/stdin
- ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
- ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
- *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'`
- ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;;
- * ) ac_file_in=$ac_file.in ;;
- esac
-
- test x"$ac_file" != x- && { echo "$as_me:$LINENO: creating $ac_file" >&5
-echo "$as_me: creating $ac_file" >&6;}
-
- # First look for the input files in the build tree, otherwise in the
- # src tree.
- ac_file_inputs=`IFS=:
- for f in $ac_file_in; do
- case $f in
- -) echo $tmp/stdin ;;
- [\\/$]*)
- # Absolute (can't be DOS-style, as IFS=:)
- test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
-echo "$as_me: error: cannot find input file: $f" >&2;}
- { (exit 1); exit 1; }; }
- # Do quote $f, to prevent DOS paths from being IFS'd.
- echo "$f";;
- *) # Relative
- if test -f "$f"; then
- # Build tree
- echo "$f"
- elif test -f "$srcdir/$f"; then
- # Source tree
- echo "$srcdir/$f"
- else
- # /dev/null tree
- { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5
-echo "$as_me: error: cannot find input file: $f" >&2;}
- { (exit 1); exit 1; }; }
- fi;;
- esac
- done` || { (exit 1); exit 1; }
- # Remove the trailing spaces.
- sed 's/[ ]*$//' $ac_file_inputs >$tmp/in
-
-_ACEOF
-
-# Transform confdefs.h into two sed scripts, `conftest.defines' and
-# `conftest.undefs', that substitutes the proper values into
-# config.h.in to produce config.h. The first handles `#define'
-# templates, and the second `#undef' templates.
-# And first: Protect against being on the right side of a sed subst in
-# config.status. Protect against being in an unquoted here document
-# in config.status.
-rm -f conftest.defines conftest.undefs
-# Using a here document instead of a string reduces the quoting nightmare.
-# Putting comments in sed scripts is not portable.
-#
-# `end' is used to avoid that the second main sed command (meant for
-# 0-ary CPP macros) applies to n-ary macro definitions.
-# See the Autoconf documentation for `clear'.
-cat >confdef2sed.sed <<\_ACEOF
-s/[\\&,]/\\&/g
-s,[\\$`],\\&,g
-t clear
-: clear
-s,^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*\)\(([^)]*)\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1\2${ac_dC}\3${ac_dD},gp
-t end
-s,^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD},gp
-: end
-_ACEOF
-# If some macros were called several times there might be several times
-# the same #defines, which is useless. Nevertheless, we may not want to
-# sort them, since we want the *last* AC-DEFINE to be honored.
-uniq confdefs.h | sed -n -f confdef2sed.sed >conftest.defines
-sed 's/ac_d/ac_u/g' conftest.defines >conftest.undefs
-rm -f confdef2sed.sed
-
-# This sed command replaces #undef with comments. This is necessary, for
-# example, in the case of _POSIX_SOURCE, which is predefined and required
-# on some systems where configure will not decide to define it.
-cat >>conftest.undefs <<\_ACEOF
-s,^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*,/* & */,
-_ACEOF
-
-# Break up conftest.defines because some shells have a limit on the size
-# of here documents, and old seds have small limits too (100 cmds).
-echo ' # Handle all the #define templates only if necessary.' >>$CONFIG_STATUS
-echo ' if grep "^[ ]*#[ ]*define" $tmp/in >/dev/null; then' >>$CONFIG_STATUS
-echo ' # If there are no defines, we may have an empty if/fi' >>$CONFIG_STATUS
-echo ' :' >>$CONFIG_STATUS
-rm -f conftest.tail
-while grep . conftest.defines >/dev/null
-do
- # Write a limited-size here document to $tmp/defines.sed.
- echo ' cat >$tmp/defines.sed <<CEOF' >>$CONFIG_STATUS
- # Speed up: don't consider the non `#define' lines.
- echo '/^[ ]*#[ ]*define/!b' >>$CONFIG_STATUS
- # Work around the forget-to-reset-the-flag bug.
- echo 't clr' >>$CONFIG_STATUS
- echo ': clr' >>$CONFIG_STATUS
- sed ${ac_max_here_lines}q conftest.defines >>$CONFIG_STATUS
- echo 'CEOF
- sed -f $tmp/defines.sed $tmp/in >$tmp/out
- rm -f $tmp/in
- mv $tmp/out $tmp/in
-' >>$CONFIG_STATUS
- sed 1,${ac_max_here_lines}d conftest.defines >conftest.tail
- rm -f conftest.defines
- mv conftest.tail conftest.defines
-done
-rm -f conftest.defines
-echo ' fi # grep' >>$CONFIG_STATUS
-echo >>$CONFIG_STATUS
-
-# Break up conftest.undefs because some shells have a limit on the size
-# of here documents, and old seds have small limits too (100 cmds).
-echo ' # Handle all the #undef templates' >>$CONFIG_STATUS
-rm -f conftest.tail
-while grep . conftest.undefs >/dev/null
-do
- # Write a limited-size here document to $tmp/undefs.sed.
- echo ' cat >$tmp/undefs.sed <<CEOF' >>$CONFIG_STATUS
- # Speed up: don't consider the non `#undef'
- echo '/^[ ]*#[ ]*undef/!b' >>$CONFIG_STATUS
- # Work around the forget-to-reset-the-flag bug.
- echo 't clr' >>$CONFIG_STATUS
- echo ': clr' >>$CONFIG_STATUS
- sed ${ac_max_here_lines}q conftest.undefs >>$CONFIG_STATUS
- echo 'CEOF
- sed -f $tmp/undefs.sed $tmp/in >$tmp/out
- rm -f $tmp/in
- mv $tmp/out $tmp/in
-' >>$CONFIG_STATUS
- sed 1,${ac_max_here_lines}d conftest.undefs >conftest.tail
- rm -f conftest.undefs
- mv conftest.tail conftest.undefs
-done
-rm -f conftest.undefs
-
-cat >>$CONFIG_STATUS <<\_ACEOF
- # Let's still pretend it is `configure' which instantiates (i.e., don't
- # use $as_me), people would be surprised to read:
- # /* config.h. Generated by config.status. */
- if test x"$ac_file" = x-; then
- echo "/* Generated by configure. */" >$tmp/config.h
- else
- echo "/* $ac_file. Generated by configure. */" >$tmp/config.h
- fi
- cat $tmp/in >>$tmp/config.h
- rm -f $tmp/in
- if test x"$ac_file" != x-; then
- if diff $ac_file $tmp/config.h >/dev/null 2>&1; then
- { echo "$as_me:$LINENO: $ac_file is unchanged" >&5
-echo "$as_me: $ac_file is unchanged" >&6;}
- else
- ac_dir=`(dirname "$ac_file") 2>/dev/null ||
-$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$ac_file" : 'X\(//\)[^/]' \| \
- X"$ac_file" : 'X\(//\)$' \| \
- X"$ac_file" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$ac_file" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- { if $as_mkdir_p; then
- mkdir -p "$ac_dir"
- else
- as_dir="$ac_dir"
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5
-echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;}
- { (exit 1); exit 1; }; }; }
-
- rm -f $ac_file
- mv $tmp/config.h $ac_file
- fi
- else
- cat $tmp/config.h
- rm -f $tmp/config.h
- fi
-done
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF
-
-{ (exit 0); exit 0; }
-_ACEOF
-chmod +x $CONFIG_STATUS
-ac_clean_files=$ac_clean_files_save
-
-
-# configure is writing to config.log, and then calls config.status.
-# config.status does its own redirection, appending to config.log.
-# Unfortunately, on DOS this fails, as config.log is still kept open
-# by configure, so config.status won't be able to write to it; its
-# output is simply discarded. So we exec the FD to /dev/null,
-# effectively closing config.log, so it can be properly (re)opened and
-# appended to by config.status. When coming back to configure, we
-# need to make the FD available again.
-if test "$no_create" != yes; then
- ac_cs_success=:
- ac_config_status_args=
- test "$silent" = yes &&
- ac_config_status_args="$ac_config_status_args --quiet"
- exec 5>/dev/null
- $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false
- exec 5>>config.log
- # Use ||, not &&, to avoid exiting from the if with $? = 1, which
- # would make configure fail if this is the last instruction.
- $ac_cs_success || { (exit 1); exit 1; }
-fi
-
-
-# This is needed when building outside the source dir.
-{ if $as_mkdir_p; then
- mkdir -p crypto/ae_xfm
- else
- as_dir=crypto/ae_xfm
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/ae_xfm" >&5
-echo "$as_me: error: cannot create directory crypto/ae_xfm" >&2;}
- { (exit 1); exit 1; }; }; }
-
-{ if $as_mkdir_p; then
- mkdir -p crypto/cipher
- else
- as_dir=crypto/cipher
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/cipher" >&5
-echo "$as_me: error: cannot create directory crypto/cipher" >&2;}
- { (exit 1); exit 1; }; }; }
-
-{ if $as_mkdir_p; then
- mkdir -p crypto/hash
- else
- as_dir=crypto/hash
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/hash" >&5
-echo "$as_me: error: cannot create directory crypto/hash" >&2;}
- { (exit 1); exit 1; }; }; }
-
-{ if $as_mkdir_p; then
- mkdir -p crypto/kernel
- else
- as_dir=crypto/kernel
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/kernel" >&5
-echo "$as_me: error: cannot create directory crypto/kernel" >&2;}
- { (exit 1); exit 1; }; }; }
-
-{ if $as_mkdir_p; then
- mkdir -p crypto/math
- else
- as_dir=crypto/math
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/math" >&5
-echo "$as_me: error: cannot create directory crypto/math" >&2;}
- { (exit 1); exit 1; }; }; }
-
-{ if $as_mkdir_p; then
- mkdir -p crypto/replay
- else
- as_dir=crypto/replay
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/replay" >&5
-echo "$as_me: error: cannot create directory crypto/replay" >&2;}
- { (exit 1); exit 1; }; }; }
-
-{ if $as_mkdir_p; then
- mkdir -p crypto/rng
- else
- as_dir=crypto/rng
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/rng" >&5
-echo "$as_me: error: cannot create directory crypto/rng" >&2;}
- { (exit 1); exit 1; }; }; }
-
-{ if $as_mkdir_p; then
- mkdir -p crypto/test
- else
- as_dir=crypto/test
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory crypto/test" >&5
-echo "$as_me: error: cannot create directory crypto/test" >&2;}
- { (exit 1); exit 1; }; }; }
-
-{ if $as_mkdir_p; then
- mkdir -p doc
- else
- as_dir=doc
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory doc" >&5
-echo "$as_me: error: cannot create directory doc" >&2;}
- { (exit 1); exit 1; }; }; }
-
-{ if $as_mkdir_p; then
- mkdir -p srtp
- else
- as_dir=srtp
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory srtp" >&5
-echo "$as_me: error: cannot create directory srtp" >&2;}
- { (exit 1); exit 1; }; }; }
-
-{ if $as_mkdir_p; then
- mkdir -p tables
- else
- as_dir=tables
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory tables" >&5
-echo "$as_me: error: cannot create directory tables" >&2;}
- { (exit 1); exit 1; }; }; }
-
-{ if $as_mkdir_p; then
- mkdir -p test
- else
- as_dir=test
- as_dirs=
- while test ! -d "$as_dir"; do
- as_dirs="$as_dir $as_dirs"
- as_dir=`(dirname "$as_dir") 2>/dev/null ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| \
- . : '\(.\)' 2>/dev/null ||
-echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
- /^X\(\/\/\)[^/].*/{ s//\1/; q; }
- /^X\(\/\/\)$/{ s//\1/; q; }
- /^X\(\/\).*/{ s//\1/; q; }
- s/.*/./; q'`
- done
- test ! -n "$as_dirs" || mkdir $as_dirs
- fi || { { echo "$as_me:$LINENO: error: cannot create directory test" >&5
-echo "$as_me: error: cannot create directory test" >&2;}
- { (exit 1); exit 1; }; }; }
-
diff --git a/configure.in b/configure.in
deleted file mode 100644
index d6ad247..0000000
--- a/configure.in
+++ /dev/null
@@ -1,209 +0,0 @@
-dnl Process this file with autoconf to produce a configure script.
-AC_INIT(srtp)
-
-dnl Must come before AC_PROG_CC
-if test -z "$CFLAGS"; then
- dnl Default value for CFLAGS if not specified.
- CFLAGS="-Wall -O4 -fexpensive-optimizations -funroll-loops"
-fi
-
-dnl Checks for programs.
-AC_PROG_RANLIB
-AC_PROG_CC
-AC_PROG_INSTALL
-
-dnl Check the byte order
-AC_C_BIGENDIAN
-
-AC_CANONICAL_HOST
-
-dnl check host_cpu type, set defines appropriately
-case $host_cpu in
- i*86 )
- AC_DEFINE(CPU_CISC, 1,
- [Define if building for a CISC machine (e.g. Intel).])
- AC_DEFINE(HAVE_X86, 1,
- [Define to use X86 inlined assembly code]);;
- * )
- # CPU_RISC is only supported for big endian machines.
- if test "$ac_cv_c_bigendian" = "yes"; then
- AC_DEFINE(CPU_RISC, 1,
- [Define if building for a RISC machine (assume slow byte access).])
- else
- AC_DEFINE(CPU_CISC, 1)
- fi
- ;;
-esac
-
-dnl Check if we are on a Windows platform.
-case $host_os in
- *cygwin*|*mingw* )
- EXE=.exe
- HOST_IS_WINDOWS=yes
- ;;
- * )
- EXE=""
- ;;
-esac
-AC_SUBST(EXE) # define executable suffix; this is needed for `make clean'
-
-
-AC_ARG_ENABLE(kernel-linux,
- [AS_HELP_STRING([--enable-kernel-linux],
- [build library to run in Linux kernel context])],
- [], enable_kernel_linux=no)
-AC_MSG_CHECKING(whether to build for Linux kernel context)
-if test "$enable_kernel_linux" = "yes"; then
- AC_DEFINE(SRTP_KERNEL, 1,
- [Define to compile for kernel contexts.])
- AC_DEFINE(SRTP_KERNEL_LINUX, 1,
- [Define to compile for Linux kernel context.])
-fi
-AC_MSG_RESULT($enable_kernel_linux)
-
-if test "$cross_compiling" != yes -a "$HOST_IS_WINDOWS" != yes; then
- dnl Check for /dev/urandom
- AC_CHECK_FILE(/dev/urandom, DEV_URANDOM=/dev/urandom,
- [AC_CHECK_FILE(/dev/random, DEV_URANDOM=/dev/random)])
-fi
-
-AC_MSG_CHECKING(which random device to use)
-if test "$enable_kernel_linux" = "yes"; then
- RNG_OBJS=rand_linux_kernel.o
- AC_MSG_RESULT([Linux kernel builtin])
-else
- RNG_OBJS=rand_source.o
- if test -n "$DEV_URANDOM"; then
- AC_DEFINE_UNQUOTED(DEV_URANDOM, "$DEV_URANDOM",[Path to random device])
- AC_MSG_RESULT([$DEV_URANDOM])
- else
- AC_MSG_RESULT([standard rand() function...])
- fi
-fi
-AC_SUBST(RNG_OBJS)
-
-
-dnl Checks for header files.
-AC_HEADER_STDC
-AC_CHECK_HEADERS(stdlib.h)
-AC_CHECK_HEADERS(unistd.h)
-AC_CHECK_HEADERS(byteswap.h)
-AC_CHECK_HEADERS(stdint.h)
-AC_CHECK_HEADERS(sys/uio.h)
-AC_CHECK_HEADERS(inttypes.h)
-AC_CHECK_HEADERS(sys/types.h)
-AC_CHECK_HEADERS(machine/types.h)
-AC_CHECK_HEADERS(sys/int_types.h)
-
-dnl socket() and friends
-AC_CHECK_HEADERS(sys/socket.h netinet/in.h arpa/inet.h)
-AC_CHECK_HEADERS(windows.h, [AC_CHECK_HEADERS(winsock2.h)])
-
-AC_CHECK_HEADERS(syslog.h)
-
-AC_CHECK_TYPES([int8_t,uint8_t,int16_t,uint16_t,int32_t,uint32_t,uint64_t])
-AC_CHECK_SIZEOF(unsigned long)
-AC_CHECK_SIZEOF(unsigned long long)
-
-dnl Checks for typedefs, structures, and compiler characteristics.
-AC_C_CONST
-AC_C_INLINE
-AC_TYPE_SIZE_T
-
-dnl Checks for library functions.
-AC_CHECK_FUNCS(socket inet_aton usleep)
-
-dnl Find socket function if not found yet.
-if test "x$ac_cv_func_socket" = "xno"; then
- AC_CHECK_LIB(socket, socket)
- AC_MSG_CHECKING([for socket in -lwsock32])
- SAVELIBS="$LIBS"
- LIBS="$LIBS -lwsock32"
- AC_TRY_LINK([
-#include <winsock2.h>
-],[
-socket(0, 0, 0);
-],
- ac_cv_func_socket=yes
- AC_MSG_RESULT(yes),
- LIBS="$SAVELIBS"
- AC_MSG_RESULT(no))
-fi
-
-AC_MSG_CHECKING(whether to compile in debugging)
-AC_ARG_ENABLE(debug,
- [AS_HELP_STRING([--disable-debug],
- [do not compile in dynamic debugging system])],
- [], enable_debug=yes)
-if test "$enable_debug" = "yes"; then
- AC_DEFINE(ENABLE_DEBUGGING, 1,
- [Define to compile in dynamic debugging system.])
-fi
-AC_MSG_RESULT($enable_debug)
-
-AC_MSG_CHECKING(whether to use ISMAcryp code)
-AC_ARG_ENABLE(generic-aesicm,
- [AS_HELP_STRING([--enable-generic-aesicm],
- [compile in changes for ISMAcryp])],
- [], enable_generic_aesicm=no)
-if test "$enable_generic_aesicm" = "yes"; then
- AC_DEFINE(GENERIC_AESICM, 1, [Define this to use ISMAcryp code.])
-fi
-AC_MSG_RESULT($enable_generic_aesicm)
-
-AC_MSG_CHECKING(whether to use syslog for error reporting)
-AC_ARG_ENABLE(syslog,
- [AS_HELP_STRING([--enable-syslog], [use syslog for error reporting])],
- [], enable_syslog=no)
-if test "$enable_syslog" = "yes"; then
- AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog logging.])
-fi
-AC_MSG_RESULT($enable_syslog)
-
-AC_MSG_CHECKING(whether to use stdout for error reporting)
-AC_ARG_ENABLE(stdout,
- [AS_HELP_STRING([--disable-stdout], [don't use stdout for error reporting])],
- [], enable_stdout=yes)
-if test "$enable_stdout" = "yes"; then
- AC_DEFINE(ERR_REPORTING_STDOUT, 1, [Define to use logging to stdout.])
-fi
-AC_MSG_RESULT($enable_stdout)
-
-AC_MSG_CHECKING(whether to use /dev/console for error reporting)
-AC_ARG_ENABLE(console,
- [AS_HELP_STRING([--enable-console], [use /dev/console for error reporting])],
- [], enable_console=no)
-if test "$enable_console" = "yes"; then
- AC_DEFINE(USE_ERR_REPORTING_FILE, 1, [Write errors to this file])
- AC_DEFINE(ERR_REPORTING_FILE, "/dev/console", [Report errors to this file.])
-fi
-AC_MSG_RESULT($enable_console)
-
-AC_MSG_CHECKING(whether to use GDOI key management)
-AC_ARG_ENABLE(gdoi,
- [AS_HELP_STRING([--enable-gdoi], [enable GDOI key management])],
- [], enable_gdoi=no)
-if test "$enable_gdoi" = "yes"; then
- AC_DEFINE(SRTP_GDOI, 1, [Define to use GDOI.])
- GDOI_OBJS=gdoi/srtp+gdoi.o
- AC_SUBST(GDOI_OBJS)
-fi
-AC_MSG_RESULT($enable_gdoi)
-
-AC_CONFIG_HEADER(crypto/include/config.h:config_in.h)
-
-AC_OUTPUT(Makefile crypto/Makefile doc/Makefile)
-
-# This is needed when building outside the source dir.
-AS_MKDIR_P(crypto/ae_xfm)
-AS_MKDIR_P(crypto/cipher)
-AS_MKDIR_P(crypto/hash)
-AS_MKDIR_P(crypto/kernel)
-AS_MKDIR_P(crypto/math)
-AS_MKDIR_P(crypto/replay)
-AS_MKDIR_P(crypto/rng)
-AS_MKDIR_P(crypto/test)
-AS_MKDIR_P(doc)
-AS_MKDIR_P(srtp)
-AS_MKDIR_P(tables)
-AS_MKDIR_P(test)
diff --git a/crypto/Makefile b/crypto/Makefile
deleted file mode 100644
index d7ac61f..0000000
--- a/crypto/Makefile
+++ /dev/null
@@ -1,130 +0,0 @@
-# Makefile for libcryptomodule.a
-#
-# David A. McGrew
-# Cisco Systems, Inc.
-
-srcdir = .
-top_srcdir = ..
-top_builddir = ../
-
-
-CC = gcc
-INCDIR = -Iinclude -I$(srcdir)/include
-DEFS = -DHAVE_CONFIG_H
-CPPFLAGS=
-CFLAGS = -Wall -O4 -fexpensive-optimizations -funroll-loops
-LIBS =
-LDFLAGS = -L.
-COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS)
-CRYPTOLIB = -lcryptomodule
-
-RANLIB = ranlib
-
-# EXE defines the suffix on executables - it's .exe for cygwin, and
-# null on linux, bsd, and OS X and other OSes. we define this so that
-# `make clean` will work on the cygwin platform
-EXE =
-# Random source.
-RNG_OBJS = rand_source.o
-
-ifdef ARCH
- DEFS += -D$(ARCH)=1
-endif
-
-ifdef sysname
- DEFS += -D$(sysname)=1
-endif
-
-.PHONY: dummy all runtest clean superclean
-
-dummy : all runtest
-
-# test applications
-
-testapp = test/cipher_driver$(EXE) test/datatypes_driver$(EXE) \
- test/stat_driver$(EXE) test/sha1_driver$(EXE) \
- test/kernel_driver$(EXE) test/aes_calc$(EXE) test/rand_gen$(EXE) \
- test/env$(EXE)
-
-# data values used to test the aes_calc application
-
-k=000102030405060708090a0b0c0d0e0f
-p=00112233445566778899aabbccddeeff
-c=69c4e0d86a7b0430d8cdb78070b4c55a
-
-runtest: libcryptomodule.a $(testapp)
- test/env$(EXE) # print out information on the build environment
- @echo "running libcryptomodule test applications..."
- test `test/aes_calc $k $p` = $c
- test/cipher_driver$(EXE) -v >/dev/null
- test/datatypes_driver$(EXE) -v >/dev/null
- test/stat_driver$(EXE) >/dev/null
- test/sha1_driver$(EXE) -v >/dev/null
- test/kernel_driver$(EXE) -v >/dev/null
- test/rand_gen$(EXE) -n 256 >/dev/null
- @echo "libcryptomodule test applications passed."
-
-# libcryptomodule.a (the crypto engine)
-
-ciphers = cipher/cipher.o cipher/null_cipher.o \
- cipher/aes.o cipher/aes_icm.o \
- cipher/aes_cbc.o
-
-hashes = hash/null_auth.o hash/sha1.o \
- hash/hmac.o hash/auth.o
-
-math = math/datatypes.o math/stat.o
-
-rng = rng/$(RNG_OBJS) rng/rand_source.o rng/prng.o rng/ctr_prng.o
-
-err = kernel/err.o
-
-kernel = kernel/crypto_kernel.o kernel/alloc.o \
- kernel/key.o $(rng) $(err)
-
-xfm = ae_xfm/xfm.o
-
-cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(xfm)
-
-# the rule for making object files and test apps
-
-%.o: %.c
- $(COMPILE) -c $< -o $@
-
-%$(EXE): %.c libcryptomodule.a
- $(COMPILE) $(LDFLAGS) $< -o $@ $(CRYPTOLIB) $(LIBS)
-
-ifndef AR
- AR=ar
-endif
-
-# and the crypto module library itself
-
-libcryptomodule.a: $(cryptobj)
- $(AR) cr libcryptomodule.a $(cryptobj)
- $(RANLIB) libcryptomodule.a
-
-all: libcryptomodule.a $(testapp)
-
-# housekeeping functions
-
-clean:
- rm -f libcryptomodule.a
- rm -f $(testapp) *.o */*.o
- for a in * .* */*; do if [ -f "$$a~" ] ; then rm $$a~; fi; done;
- rm -f `find . -name "*.[ch]~*~"`
- rm -rf latex
-
-superclean: clean
- rm -f *core TAGS ktrace.out
-
-
-# the target 'package' builds a compressed tar archive of the source code
-
-distname = crypto-$(shell cat VERSION)
-
-package: superclean
- cd ..; tar cvzf $(distname).tgz crypto/
-
-
-# EOF
diff --git a/crypto/Makefile.in b/crypto/Makefile.in
deleted file mode 100644
index c14dba5..0000000
--- a/crypto/Makefile.in
+++ /dev/null
@@ -1,130 +0,0 @@
-# Makefile for libcryptomodule.a
-#
-# David A. McGrew
-# Cisco Systems, Inc.
-
-srcdir = @srcdir@
-top_srcdir = @top_srcdir@
-top_builddir = @top_builddir@
-VPATH = @srcdir@
-
-CC = @CC@
-INCDIR = -Iinclude -I$(srcdir)/include
-DEFS = @DEFS@
-CPPFLAGS= @CPPFLAGS@
-CFLAGS = @CFLAGS@
-LIBS = @LIBS@
-LDFLAGS = @LDFLAGS@ -L.
-COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS)
-CRYPTOLIB = -lcryptomodule
-
-RANLIB = @RANLIB@
-
-# EXE defines the suffix on executables - it's .exe for cygwin, and
-# null on linux, bsd, and OS X and other OSes. we define this so that
-# `make clean` will work on the cygwin platform
-EXE = @EXE@
-# Random source.
-RNG_OBJS = @RNG_OBJS@
-
-ifdef ARCH
- DEFS += -D$(ARCH)=1
-endif
-
-ifdef sysname
- DEFS += -D$(sysname)=1
-endif
-
-.PHONY: dummy all runtest clean superclean
-
-dummy : all runtest
-
-# test applications
-
-testapp = test/cipher_driver$(EXE) test/datatypes_driver$(EXE) \
- test/stat_driver$(EXE) test/sha1_driver$(EXE) \
- test/kernel_driver$(EXE) test/aes_calc$(EXE) test/rand_gen$(EXE) \
- test/env$(EXE)
-
-# data values used to test the aes_calc application
-
-k=000102030405060708090a0b0c0d0e0f
-p=00112233445566778899aabbccddeeff
-c=69c4e0d86a7b0430d8cdb78070b4c55a
-
-runtest: libcryptomodule.a $(testapp)
- test/env$(EXE) # print out information on the build environment
- @echo "running libcryptomodule test applications..."
- test `test/aes_calc $k $p` = $c
- test/cipher_driver$(EXE) -v >/dev/null
- test/datatypes_driver$(EXE) -v >/dev/null
- test/stat_driver$(EXE) >/dev/null
- test/sha1_driver$(EXE) -v >/dev/null
- test/kernel_driver$(EXE) -v >/dev/null
- test/rand_gen$(EXE) -n 256 >/dev/null
- @echo "libcryptomodule test applications passed."
-
-# libcryptomodule.a (the crypto engine)
-
-ciphers = cipher/cipher.o cipher/null_cipher.o \
- cipher/aes.o cipher/aes_icm.o \
- cipher/aes_cbc.o
-
-hashes = hash/null_auth.o hash/sha1.o \
- hash/hmac.o hash/auth.o
-
-math = math/datatypes.o math/stat.o
-
-rng = rng/$(RNG_OBJS) rng/rand_source.o rng/prng.o rng/ctr_prng.o
-
-err = kernel/err.o
-
-kernel = kernel/crypto_kernel.o kernel/alloc.o \
- kernel/key.o $(rng) $(err)
-
-xfm = ae_xfm/xfm.o
-
-cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(xfm)
-
-# the rule for making object files and test apps
-
-%.o: %.c
- $(COMPILE) -c $< -o $@
-
-%$(EXE): %.c libcryptomodule.a
- $(COMPILE) $(LDFLAGS) $< -o $@ $(CRYPTOLIB) $(LIBS)
-
-ifndef AR
- AR=ar
-endif
-
-# and the crypto module library itself
-
-libcryptomodule.a: $(cryptobj)
- $(AR) cr libcryptomodule.a $(cryptobj)
- $(RANLIB) libcryptomodule.a
-
-all: libcryptomodule.a $(testapp)
-
-# housekeeping functions
-
-clean:
- rm -f libcryptomodule.a
- rm -f $(testapp) *.o */*.o
- for a in * .* */*; do if [ -f "$$a~" ] ; then rm $$a~; fi; done;
- rm -f `find . -name "*.[ch]~*~"`
- rm -rf latex
-
-superclean: clean
- rm -f *core TAGS ktrace.out
-
-
-# the target 'package' builds a compressed tar archive of the source code
-
-distname = crypto-$(shell cat VERSION)
-
-package: superclean
- cd ..; tar cvzf $(distname).tgz crypto/
-
-
-# EOF
diff --git a/crypto/VERSION b/crypto/VERSION
deleted file mode 100644
index 3eefcb9..0000000
--- a/crypto/VERSION
+++ /dev/null
@@ -1 +0,0 @@
-1.0.0
diff --git a/crypto/ae_xfm/xfm.c b/crypto/ae_xfm/xfm.c
deleted file mode 100644
index 4765b0a..0000000
--- a/crypto/ae_xfm/xfm.c
+++ /dev/null
@@ -1,571 +0,0 @@
-/*
- * xfm.c
- *
- * Crypto transform implementation
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-#include "cryptoalg.h"
-#include "aes_cbc.h"
-#include "hmac.h"
-#include "crypto_kernel.h" /* for crypto_get_random() */
-
-#define KEY_LEN 16
-#define ENC_KEY_LEN 16
-#define MAC_KEY_LEN 16
-#define IV_LEN 16
-#define TAG_LEN 12
-#define MAX_EXPAND 27
-
-err_status_t
-aes_128_cbc_hmac_sha1_96_func(void *key,
- void *clear,
- unsigned clear_len,
- void *iv,
- void *opaque,
- unsigned *opaque_len,
- void *auth_tag) {
- aes_cbc_ctx_t aes_ctx;
- hmac_ctx_t hmac_ctx;
- unsigned char enc_key[ENC_KEY_LEN];
- unsigned char mac_key[MAC_KEY_LEN];
- err_status_t status;
-
- /* check if we're doing authentication only */
- if ((iv == NULL) && (opaque == NULL) && (opaque_len == NULL)) {
-
- /* perform authentication only */
-
- } else if ((iv == NULL) || (opaque == NULL) || (opaque_len == NULL)) {
-
- /*
- * bad parameter - we expect either all three pointers to be NULL,
- * or none of those pointers to be NULL
- */
- return err_status_fail;
-
- } else {
-
- /* derive encryption and authentication keys from the input key */
- status = hmac_init(&hmac_ctx, key, KEY_LEN);
- if (status) return status;
- status = hmac_compute(&hmac_ctx, "ENC", 3, ENC_KEY_LEN, enc_key);
- if (status) return status;
-
- status = hmac_init(&hmac_ctx, key, KEY_LEN);
- if (status) return status;
- status = hmac_compute(&hmac_ctx, "MAC", 3, MAC_KEY_LEN, mac_key);
- if (status) return status;
-
-
- /* perform encryption and authentication */
-
- /* set aes key */
- status = aes_cbc_context_init(&aes_ctx, key, direction_encrypt);
- if (status) return status;
-
- /* set iv */
- status = crypto_get_random(iv, IV_LEN);
- if (status) return status;
- status = aes_cbc_set_iv(&aes_ctx, iv);
-
- /* encrypt the opaque data */
- status = aes_cbc_nist_encrypt(&aes_ctx, opaque, opaque_len);
- if (status) return status;
-
- /* authenticate clear and opaque data */
- status = hmac_init(&hmac_ctx, mac_key, MAC_KEY_LEN);
- if (status) return status;
-
- status = hmac_start(&hmac_ctx);
- if (status) return status;
-
- status = hmac_update(&hmac_ctx, clear, clear_len);
- if (status) return status;
-
- status = hmac_compute(&hmac_ctx, opaque, *opaque_len, TAG_LEN, auth_tag);
- if (status) return status;
-
- }
-
- return err_status_ok;
-}
-
-err_status_t
-aes_128_cbc_hmac_sha1_96_inv(void *key,
- void *clear,
- unsigned clear_len,
- void *iv,
- void *opaque,
- unsigned *opaque_len,
- void *auth_tag) {
- aes_cbc_ctx_t aes_ctx;
- hmac_ctx_t hmac_ctx;
- unsigned char enc_key[ENC_KEY_LEN];
- unsigned char mac_key[MAC_KEY_LEN];
- unsigned char tmp_tag[TAG_LEN];
- unsigned char *tag = auth_tag;
- err_status_t status;
- int i;
-
- /* check if we're doing authentication only */
- if ((iv == NULL) && (opaque == NULL) && (opaque_len == NULL)) {
-
- /* perform authentication only */
-
- } else if ((iv == NULL) || (opaque == NULL) || (opaque_len == NULL)) {
-
- /*
- * bad parameter - we expect either all three pointers to be NULL,
- * or none of those pointers to be NULL
- */
- return err_status_fail;
-
- } else {
-
- /* derive encryption and authentication keys from the input key */
- status = hmac_init(&hmac_ctx, key, KEY_LEN);
- if (status) return status;
- status = hmac_compute(&hmac_ctx, "ENC", 3, ENC_KEY_LEN, enc_key);
- if (status) return status;
-
- status = hmac_init(&hmac_ctx, key, KEY_LEN);
- if (status) return status;
- status = hmac_compute(&hmac_ctx, "MAC", 3, MAC_KEY_LEN, mac_key);
- if (status) return status;
-
- /* perform encryption and authentication */
-
- /* set aes key */
- status = aes_cbc_context_init(&aes_ctx, key, direction_decrypt);
- if (status) return status;
-
- /* set iv */
- status = rand_source_get_octet_string(iv, IV_LEN);
- if (status) return status;
- status = aes_cbc_set_iv(&aes_ctx, iv);
-
- /* encrypt the opaque data */
- status = aes_cbc_nist_decrypt(&aes_ctx, opaque, opaque_len);
- if (status) return status;
-
- /* authenticate clear and opaque data */
- status = hmac_init(&hmac_ctx, mac_key, MAC_KEY_LEN);
- if (status) return status;
-
- status = hmac_start(&hmac_ctx);
- if (status) return status;
-
- status = hmac_update(&hmac_ctx, clear, clear_len);
- if (status) return status;
-
- status = hmac_compute(&hmac_ctx, opaque, *opaque_len, TAG_LEN, tmp_tag);
- if (status) return status;
-
- /* compare the computed tag with the one provided as input */
- for (i=0; i < TAG_LEN; i++)
- if (tmp_tag[i] != tag[i])
- return err_status_auth_fail;
-
- }
-
- return err_status_ok;
-}
-
-
-#define ENC 1
-
-#undef DEBUG
-#define DEBUG 0
-
-err_status_t
-aes_128_cbc_hmac_sha1_96_enc(void *key,
- const void *clear,
- unsigned clear_len,
- void *iv,
- void *opaque,
- unsigned *opaque_len) {
- aes_cbc_ctx_t aes_ctx;
- hmac_ctx_t hmac_ctx;
- unsigned char enc_key[ENC_KEY_LEN];
- unsigned char mac_key[MAC_KEY_LEN];
- unsigned char *auth_tag;
- err_status_t status;
-
- /* check if we're doing authentication only */
- if ((iv == NULL) && (opaque == NULL) && (opaque_len == NULL)) {
-
- /* perform authentication only */
-
- } else if ((iv == NULL) || (opaque == NULL) || (opaque_len == NULL)) {
-
- /*
- * bad parameter - we expect either all three pointers to be NULL,
- * or none of those pointers to be NULL
- */
- return err_status_fail;
-
- } else {
-
-#if DEBUG
- printf("ENC using key %s\n", octet_string_hex_string(key, KEY_LEN));
-#endif
-
- /* derive encryption and authentication keys from the input key */
- status = hmac_init(&hmac_ctx, key, KEY_LEN);
- if (status) return status;
- status = hmac_compute(&hmac_ctx, "ENC", 3, ENC_KEY_LEN, enc_key);
- if (status) return status;
-
- status = hmac_init(&hmac_ctx, key, KEY_LEN);
- if (status) return status;
- status = hmac_compute(&hmac_ctx, "MAC", 3, MAC_KEY_LEN, mac_key);
- if (status) return status;
-
-
- /* perform encryption and authentication */
-
- /* set aes key */
- status = aes_cbc_context_init(&aes_ctx, key, direction_encrypt);
- if (status) return status;
-
- /* set iv */
- status = rand_source_get_octet_string(iv, IV_LEN);
- if (status) return status;
- status = aes_cbc_set_iv(&aes_ctx, iv);
- if (status) return status;
-
-#if DEBUG
- printf("plaintext len: %d\n", *opaque_len);
- printf("iv: %s\n", octet_string_hex_string(iv, IV_LEN));
- printf("plaintext: %s\n", octet_string_hex_string(opaque, *opaque_len));
-#endif
-
-#if ENC
- /* encrypt the opaque data */
- status = aes_cbc_nist_encrypt(&aes_ctx, opaque, opaque_len);
- if (status) return status;
-#endif
-
-#if DEBUG
- printf("ciphertext len: %d\n", *opaque_len);
- printf("ciphertext: %s\n", octet_string_hex_string(opaque, *opaque_len));
-#endif
-
- /*
- * authenticate clear and opaque data, then write the
- * authentication tag to the location immediately following the
- * ciphertext
- */
- status = hmac_init(&hmac_ctx, mac_key, MAC_KEY_LEN);
- if (status) return status;
-
- status = hmac_start(&hmac_ctx);
- if (status) return status;
-
- status = hmac_update(&hmac_ctx, clear, clear_len);
- if (status) return status;
-#if DEBUG
- printf("hmac input: %s\n",
- octet_string_hex_string(clear, clear_len));
-#endif
- auth_tag = (unsigned char *)opaque;
- auth_tag += *opaque_len;
- status = hmac_compute(&hmac_ctx, opaque, *opaque_len, TAG_LEN, auth_tag);
- if (status) return status;
-#if DEBUG
- printf("hmac input: %s\n",
- octet_string_hex_string(opaque, *opaque_len));
-#endif
- /* bump up the opaque_len to reflect the authentication tag */
- *opaque_len += TAG_LEN;
-
-#if DEBUG
- printf("prot data len: %d\n", *opaque_len);
- printf("prot data: %s\n", octet_string_hex_string(opaque, *opaque_len));
-#endif
- }
-
- return err_status_ok;
-}
-
-err_status_t
-aes_128_cbc_hmac_sha1_96_dec(void *key,
- const void *clear,
- unsigned clear_len,
- void *iv,
- void *opaque,
- unsigned *opaque_len) {
- aes_cbc_ctx_t aes_ctx;
- hmac_ctx_t hmac_ctx;
- unsigned char enc_key[ENC_KEY_LEN];
- unsigned char mac_key[MAC_KEY_LEN];
- unsigned char tmp_tag[TAG_LEN];
- unsigned char *auth_tag;
- unsigned ciphertext_len;
- err_status_t status;
- int i;
-
- /* check if we're doing authentication only */
- if ((iv == NULL) && (opaque == NULL) && (opaque_len == NULL)) {
-
- /* perform authentication only */
-
- } else if ((iv == NULL) || (opaque == NULL) || (opaque_len == NULL)) {
-
- /*
- * bad parameter - we expect either all three pointers to be NULL,
- * or none of those pointers to be NULL
- */
- return err_status_fail;
-
- } else {
-#if DEBUG
- printf("DEC using key %s\n", octet_string_hex_string(key, KEY_LEN));
-#endif
-
- /* derive encryption and authentication keys from the input key */
- status = hmac_init(&hmac_ctx, key, KEY_LEN);
- if (status) return status;
- status = hmac_compute(&hmac_ctx, "ENC", 3, ENC_KEY_LEN, enc_key);
- if (status) return status;
-
- status = hmac_init(&hmac_ctx, key, KEY_LEN);
- if (status) return status;
- status = hmac_compute(&hmac_ctx, "MAC", 3, MAC_KEY_LEN, mac_key);
- if (status) return status;
-
-#if DEBUG
- printf("prot data len: %d\n", *opaque_len);
- printf("prot data: %s\n", octet_string_hex_string(opaque, *opaque_len));
-#endif
-
- /*
- * set the protected data length to that of the ciphertext, by
- * subtracting out the length of the authentication tag
- */
- ciphertext_len = *opaque_len - TAG_LEN;
-
-#if DEBUG
- printf("ciphertext len: %d\n", ciphertext_len);
-#endif
- /* verify the authentication tag */
-
- /*
- * compute the authentication tag for the clear and opaque data,
- * and write it to a temporary location
- */
- status = hmac_init(&hmac_ctx, mac_key, MAC_KEY_LEN);
- if (status) return status;
-
- status = hmac_start(&hmac_ctx);
- if (status) return status;
-
- status = hmac_update(&hmac_ctx, clear, clear_len);
- if (status) return status;
-
-#if DEBUG
- printf("hmac input: %s\n",
- octet_string_hex_string(clear, clear_len));
-#endif
-
- status = hmac_compute(&hmac_ctx, opaque, ciphertext_len, TAG_LEN, tmp_tag);
- if (status) return status;
-
-#if DEBUG
- printf("hmac input: %s\n",
- octet_string_hex_string(opaque, ciphertext_len));
-#endif
-
- /*
- * compare the computed tag with the one provided as input (which
- * immediately follows the ciphertext)
- */
- auth_tag = (unsigned char *)opaque;
- auth_tag += ciphertext_len;
-#if DEBUG
- printf("auth_tag: %s\n", octet_string_hex_string(auth_tag, TAG_LEN));
- printf("tmp_tag: %s\n", octet_string_hex_string(tmp_tag, TAG_LEN));
-#endif
- for (i=0; i < TAG_LEN; i++) {
- if (tmp_tag[i] != auth_tag[i])
- return err_status_auth_fail;
- }
-
- /* bump down the opaque_len to reflect the authentication tag */
- *opaque_len -= TAG_LEN;
-
- /* decrypt the confidential data */
- status = aes_cbc_context_init(&aes_ctx, key, direction_decrypt);
- if (status) return status;
- status = aes_cbc_set_iv(&aes_ctx, iv);
- if (status) return status;
-
-#if DEBUG
- printf("ciphertext: %s\n", octet_string_hex_string(opaque, *opaque_len));
- printf("iv: %s\n", octet_string_hex_string(iv, IV_LEN));
-#endif
-
-#if ENC
- status = aes_cbc_nist_decrypt(&aes_ctx, opaque, &ciphertext_len);
- if (status) return status;
-#endif
-
-#if DEBUG
- printf("plaintext len: %d\n", ciphertext_len);
- printf("plaintext: %s\n",
- octet_string_hex_string(opaque, ciphertext_len));
-#endif
-
- /* indicate the length of the plaintext */
- *opaque_len = ciphertext_len;
- }
-
- return err_status_ok;
-}
-
-cryptoalg_ctx_t cryptoalg_ctx = {
- aes_128_cbc_hmac_sha1_96_enc,
- aes_128_cbc_hmac_sha1_96_dec,
- KEY_LEN,
- IV_LEN,
- TAG_LEN,
- MAX_EXPAND,
-};
-
-cryptoalg_t cryptoalg = &cryptoalg_ctx;
-
-#define NULL_TAG_LEN 12
-
-err_status_t
-null_enc(void *key,
- const void *clear,
- unsigned clear_len,
- void *iv,
- void *opaque,
- unsigned *opaque_len) {
- int i;
- unsigned char *auth_tag;
- unsigned char *init_vec = iv;
-
- /* check if we're doing authentication only */
- if ((iv == NULL) && (opaque == NULL) && (opaque_len == NULL)) {
-
- /* perform authentication only */
-
- } else if ((iv == NULL) || (opaque == NULL) || (opaque_len == NULL)) {
-
- /*
- * bad parameter - we expect either all three pointers to be NULL,
- * or none of those pointers to be NULL
- */
- return err_status_fail;
-
- } else {
-
-#if DEBUG
- printf("NULL ENC using key %s\n", octet_string_hex_string(key, KEY_LEN));
- printf("NULL_TAG_LEN: %d\n", NULL_TAG_LEN);
- printf("plaintext len: %d\n", *opaque_len);
-#endif
- for (i=0; i < IV_LEN; i++)
- init_vec[i] = i + (i * 16);
-#if DEBUG
- printf("iv: %s\n",
- octet_string_hex_string(iv, IV_LEN));
- printf("plaintext: %s\n",
- octet_string_hex_string(opaque, *opaque_len));
-#endif
- auth_tag = opaque;
- auth_tag += *opaque_len;
- for (i=0; i < NULL_TAG_LEN; i++)
- auth_tag[i] = i + (i * 16);
- *opaque_len += NULL_TAG_LEN;
-#if DEBUG
- printf("protected data len: %d\n", *opaque_len);
- printf("protected data: %s\n",
- octet_string_hex_string(opaque, *opaque_len));
-#endif
-
- }
-
- return err_status_ok;
-}
-
-err_status_t
-null_dec(void *key,
- const void *clear,
- unsigned clear_len,
- void *iv,
- void *opaque,
- unsigned *opaque_len) {
- unsigned char *auth_tag;
-
- /* check if we're doing authentication only */
- if ((iv == NULL) && (opaque == NULL) && (opaque_len == NULL)) {
-
- /* perform authentication only */
-
- } else if ((iv == NULL) || (opaque == NULL) || (opaque_len == NULL)) {
-
- /*
- * bad parameter - we expect either all three pointers to be NULL,
- * or none of those pointers to be NULL
- */
- return err_status_fail;
-
- } else {
-
-#if DEBUG
- printf("NULL DEC using key %s\n", octet_string_hex_string(key, KEY_LEN));
-
- printf("protected data len: %d\n", *opaque_len);
- printf("protected data: %s\n",
- octet_string_hex_string(opaque, *opaque_len));
-#endif
- auth_tag = opaque;
- auth_tag += (*opaque_len - NULL_TAG_LEN);
-#if DEBUG
- printf("iv: %s\n", octet_string_hex_string(iv, IV_LEN));
-#endif
- *opaque_len -= NULL_TAG_LEN;
-#if DEBUG
- printf("plaintext len: %d\n", *opaque_len);
- printf("plaintext: %s\n",
- octet_string_hex_string(opaque, *opaque_len));
-#endif
- }
-
- return err_status_ok;
-}
-
-cryptoalg_ctx_t null_cryptoalg_ctx = {
- null_enc,
- null_dec,
- KEY_LEN,
- IV_LEN,
- NULL_TAG_LEN,
- MAX_EXPAND,
-};
-
-cryptoalg_t null_cryptoalg = &null_cryptoalg_ctx;
-
-int
-cryptoalg_get_id(cryptoalg_t c) {
- if (c == cryptoalg)
- return 1;
- return 0;
-}
-
-cryptoalg_t
-cryptoalg_find_by_id(int id) {
- switch(id) {
- case 1:
- return cryptoalg;
- default:
- break;
- }
- return 0;
-}
diff --git a/crypto/cipher/aes.c b/crypto/cipher/aes.c
deleted file mode 100644
index f1286c3..0000000
--- a/crypto/cipher/aes.c
+++ /dev/null
@@ -1,1951 +0,0 @@
-/*
- * aes.c
- *
- * An implemnetation of the AES block cipher.
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "aes.h"
-#include "err.h"
-
-/*
- * we use the tables T0, T1, T2, T3, and T4 to compute AES, and
- * the tables U0, U1, U2, and U4 to compute its inverse
- *
- * different tables are used on little-endian (Intel, VMS) and
- * big-endian processors (everything else)
- *
- * these tables are computed using the program tables/aes_tables; use
- * this program to generate different tables for porting or
- * optimization on a different platform
- */
-
-#ifndef WORDS_BIGENDIAN
-
-static uint32_t T0[256] = {
- 0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6,
- 0xdf2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591,
- 0x50303060, 0x3010102, 0xa96767ce, 0x7d2b2b56,
- 0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec,
- 0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa,
- 0x15fafaef, 0xeb5959b2, 0xc947478e, 0xbf0f0fb,
- 0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45,
- 0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b,
- 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c,
- 0x5a36366c, 0x413f3f7e, 0x2f7f7f5, 0x4fcccc83,
- 0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x8f1f1f9,
- 0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a,
- 0xc040408, 0x52c7c795, 0x65232346, 0x5ec3c39d,
- 0x28181830, 0xa1969637, 0xf05050a, 0xb59a9a2f,
- 0x907070e, 0x36121224, 0x9b80801b, 0x3de2e2df,
- 0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea,
- 0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34,
- 0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b,
- 0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d,
- 0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413,
- 0xf55353a6, 0x68d1d1b9, 0x0, 0x2cededc1,
- 0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6,
- 0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972,
- 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85,
- 0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed,
- 0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511,
- 0xcf45458a, 0x10f9f9e9, 0x6020204, 0x817f7ffe,
- 0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b,
- 0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05,
- 0xad92923f, 0xbc9d9d21, 0x48383870, 0x4f5f5f1,
- 0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142,
- 0x30101020, 0x1affffe5, 0xef3f3fd, 0x6dd2d2bf,
- 0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3,
- 0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e,
- 0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a,
- 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6,
- 0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3,
- 0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b,
- 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428,
- 0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad,
- 0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14,
- 0xdb494992, 0xa06060c, 0x6c242448, 0xe45c5cb8,
- 0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4,
- 0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2,
- 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda,
- 0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949,
- 0xb46c6cd8, 0xfa5656ac, 0x7f4f4f3, 0x25eaeacf,
- 0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810,
- 0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c,
- 0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697,
- 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e,
- 0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f,
- 0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc,
- 0xd8484890, 0x5030306, 0x1f6f6f7, 0x120e0e1c,
- 0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969,
- 0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27,
- 0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122,
- 0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433,
- 0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9,
- 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5,
- 0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a,
- 0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0,
- 0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e,
- 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c,
-};
-
-static uint32_t T1[256] = {
- 0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d,
- 0xf2f2ff0d, 0x6b6bd6bd, 0x6f6fdeb1, 0xc5c59154,
- 0x30306050, 0x1010203, 0x6767cea9, 0x2b2b567d,
- 0xfefee719, 0xd7d7b562, 0xabab4de6, 0x7676ec9a,
- 0xcaca8f45, 0x82821f9d, 0xc9c98940, 0x7d7dfa87,
- 0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b,
- 0xadad41ec, 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea,
- 0x9c9c23bf, 0xa4a453f7, 0x7272e496, 0xc0c09b5b,
- 0xb7b775c2, 0xfdfde11c, 0x93933dae, 0x26264c6a,
- 0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f,
- 0x3434685c, 0xa5a551f4, 0xe5e5d134, 0xf1f1f908,
- 0x7171e293, 0xd8d8ab73, 0x31316253, 0x15152a3f,
- 0x404080c, 0xc7c79552, 0x23234665, 0xc3c39d5e,
- 0x18183028, 0x969637a1, 0x5050a0f, 0x9a9a2fb5,
- 0x7070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d,
- 0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f,
- 0x909121b, 0x83831d9e, 0x2c2c5874, 0x1a1a342e,
- 0x1b1b362d, 0x6e6edcb2, 0x5a5ab4ee, 0xa0a05bfb,
- 0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 0xb3b37dce,
- 0x2929527b, 0xe3e3dd3e, 0x2f2f5e71, 0x84841397,
- 0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c,
- 0x20204060, 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed,
- 0x6a6ad4be, 0xcbcb8d46, 0xbebe67d9, 0x3939724b,
- 0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 0xcfcf854a,
- 0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16,
- 0x434386c5, 0x4d4d9ad7, 0x33336655, 0x85851194,
- 0x45458acf, 0xf9f9e910, 0x2020406, 0x7f7ffe81,
- 0x5050a0f0, 0x3c3c7844, 0x9f9f25ba, 0xa8a84be3,
- 0x5151a2f3, 0xa3a35dfe, 0x404080c0, 0x8f8f058a,
- 0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104,
- 0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263,
- 0x10102030, 0xffffe51a, 0xf3f3fd0e, 0xd2d2bf6d,
- 0xcdcd814c, 0xc0c1814, 0x13132635, 0xececc32f,
- 0x5f5fbee1, 0x979735a2, 0x444488cc, 0x17172e39,
- 0xc4c49357, 0xa7a755f2, 0x7e7efc82, 0x3d3d7a47,
- 0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695,
- 0x6060c0a0, 0x81811998, 0x4f4f9ed1, 0xdcdca37f,
- 0x22224466, 0x2a2a547e, 0x90903bab, 0x88880b83,
- 0x46468cca, 0xeeeec729, 0xb8b86bd3, 0x1414283c,
- 0xdedea779, 0x5e5ebce2, 0xb0b161d, 0xdbdbad76,
- 0xe0e0db3b, 0x32326456, 0x3a3a744e, 0xa0a141e,
- 0x494992db, 0x6060c0a, 0x2424486c, 0x5c5cb8e4,
- 0xc2c29f5d, 0xd3d3bd6e, 0xacac43ef, 0x6262c4a6,
- 0x919139a8, 0x959531a4, 0xe4e4d337, 0x7979f28b,
- 0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7,
- 0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0,
- 0x6c6cd8b4, 0x5656acfa, 0xf4f4f307, 0xeaeacf25,
- 0x6565caaf, 0x7a7af48e, 0xaeae47e9, 0x8081018,
- 0xbaba6fd5, 0x7878f088, 0x25254a6f, 0x2e2e5c72,
- 0x1c1c3824, 0xa6a657f1, 0xb4b473c7, 0xc6c69751,
- 0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21,
- 0x4b4b96dd, 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85,
- 0x7070e090, 0x3e3e7c42, 0xb5b571c4, 0x6666ccaa,
- 0x484890d8, 0x3030605, 0xf6f6f701, 0xe0e1c12,
- 0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0,
- 0x86861791, 0xc1c19958, 0x1d1d3a27, 0x9e9e27b9,
- 0xe1e1d938, 0xf8f8eb13, 0x98982bb3, 0x11112233,
- 0x6969d2bb, 0xd9d9a970, 0x8e8e0789, 0x949433a7,
- 0x9b9b2db6, 0x1e1e3c22, 0x87871592, 0xe9e9c920,
- 0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a,
- 0x8c8c038f, 0xa1a159f8, 0x89890980, 0xd0d1a17,
- 0xbfbf65da, 0xe6e6d731, 0x424284c6, 0x6868d0b8,
- 0x414182c3, 0x999929b0, 0x2d2d5a77, 0xf0f1e11,
- 0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a,
-};
-
-static uint32_t T2[256] = {
- 0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b,
- 0xf2ff0df2, 0x6bd6bd6b, 0x6fdeb16f, 0xc59154c5,
- 0x30605030, 0x1020301, 0x67cea967, 0x2b567d2b,
- 0xfee719fe, 0xd7b562d7, 0xab4de6ab, 0x76ec9a76,
- 0xca8f45ca, 0x821f9d82, 0xc98940c9, 0x7dfa877d,
- 0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0,
- 0xad41ecad, 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf,
- 0x9c23bf9c, 0xa453f7a4, 0x72e49672, 0xc09b5bc0,
- 0xb775c2b7, 0xfde11cfd, 0x933dae93, 0x264c6a26,
- 0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc,
- 0x34685c34, 0xa551f4a5, 0xe5d134e5, 0xf1f908f1,
- 0x71e29371, 0xd8ab73d8, 0x31625331, 0x152a3f15,
- 0x4080c04, 0xc79552c7, 0x23466523, 0xc39d5ec3,
- 0x18302818, 0x9637a196, 0x50a0f05, 0x9a2fb59a,
- 0x70e0907, 0x12243612, 0x801b9b80, 0xe2df3de2,
- 0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75,
- 0x9121b09, 0x831d9e83, 0x2c58742c, 0x1a342e1a,
- 0x1b362d1b, 0x6edcb26e, 0x5ab4ee5a, 0xa05bfba0,
- 0x52a4f652, 0x3b764d3b, 0xd6b761d6, 0xb37dceb3,
- 0x29527b29, 0xe3dd3ee3, 0x2f5e712f, 0x84139784,
- 0x53a6f553, 0xd1b968d1, 0x0, 0xedc12ced,
- 0x20406020, 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b,
- 0x6ad4be6a, 0xcb8d46cb, 0xbe67d9be, 0x39724b39,
- 0x4a94de4a, 0x4c98d44c, 0x58b0e858, 0xcf854acf,
- 0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb,
- 0x4386c543, 0x4d9ad74d, 0x33665533, 0x85119485,
- 0x458acf45, 0xf9e910f9, 0x2040602, 0x7ffe817f,
- 0x50a0f050, 0x3c78443c, 0x9f25ba9f, 0xa84be3a8,
- 0x51a2f351, 0xa35dfea3, 0x4080c040, 0x8f058a8f,
- 0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5,
- 0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321,
- 0x10203010, 0xffe51aff, 0xf3fd0ef3, 0xd2bf6dd2,
- 0xcd814ccd, 0xc18140c, 0x13263513, 0xecc32fec,
- 0x5fbee15f, 0x9735a297, 0x4488cc44, 0x172e3917,
- 0xc49357c4, 0xa755f2a7, 0x7efc827e, 0x3d7a473d,
- 0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573,
- 0x60c0a060, 0x81199881, 0x4f9ed14f, 0xdca37fdc,
- 0x22446622, 0x2a547e2a, 0x903bab90, 0x880b8388,
- 0x468cca46, 0xeec729ee, 0xb86bd3b8, 0x14283c14,
- 0xdea779de, 0x5ebce25e, 0xb161d0b, 0xdbad76db,
- 0xe0db3be0, 0x32645632, 0x3a744e3a, 0xa141e0a,
- 0x4992db49, 0x60c0a06, 0x24486c24, 0x5cb8e45c,
- 0xc29f5dc2, 0xd3bd6ed3, 0xac43efac, 0x62c4a662,
- 0x9139a891, 0x9531a495, 0xe4d337e4, 0x79f28b79,
- 0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d,
- 0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9,
- 0x6cd8b46c, 0x56acfa56, 0xf4f307f4, 0xeacf25ea,
- 0x65caaf65, 0x7af48e7a, 0xae47e9ae, 0x8101808,
- 0xba6fd5ba, 0x78f08878, 0x254a6f25, 0x2e5c722e,
- 0x1c38241c, 0xa657f1a6, 0xb473c7b4, 0xc69751c6,
- 0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f,
- 0x4b96dd4b, 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a,
- 0x70e09070, 0x3e7c423e, 0xb571c4b5, 0x66ccaa66,
- 0x4890d848, 0x3060503, 0xf6f701f6, 0xe1c120e,
- 0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9,
- 0x86179186, 0xc19958c1, 0x1d3a271d, 0x9e27b99e,
- 0xe1d938e1, 0xf8eb13f8, 0x982bb398, 0x11223311,
- 0x69d2bb69, 0xd9a970d9, 0x8e07898e, 0x9433a794,
- 0x9b2db69b, 0x1e3c221e, 0x87159287, 0xe9c920e9,
- 0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf,
- 0x8c038f8c, 0xa159f8a1, 0x89098089, 0xd1a170d,
- 0xbf65dabf, 0xe6d731e6, 0x4284c642, 0x68d0b868,
- 0x4182c341, 0x9929b099, 0x2d5a772d, 0xf1e110f,
- 0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16,
-};
-
-static uint32_t T3[256] = {
- 0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b,
- 0xff0df2f2, 0xd6bd6b6b, 0xdeb16f6f, 0x9154c5c5,
- 0x60503030, 0x2030101, 0xcea96767, 0x567d2b2b,
- 0xe719fefe, 0xb562d7d7, 0x4de6abab, 0xec9a7676,
- 0x8f45caca, 0x1f9d8282, 0x8940c9c9, 0xfa877d7d,
- 0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0,
- 0x41ecadad, 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf,
- 0x23bf9c9c, 0x53f7a4a4, 0xe4967272, 0x9b5bc0c0,
- 0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 0x4c6a2626,
- 0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc,
- 0x685c3434, 0x51f4a5a5, 0xd134e5e5, 0xf908f1f1,
- 0xe2937171, 0xab73d8d8, 0x62533131, 0x2a3f1515,
- 0x80c0404, 0x9552c7c7, 0x46652323, 0x9d5ec3c3,
- 0x30281818, 0x37a19696, 0xa0f0505, 0x2fb59a9a,
- 0xe090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2,
- 0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575,
- 0x121b0909, 0x1d9e8383, 0x58742c2c, 0x342e1a1a,
- 0x362d1b1b, 0xdcb26e6e, 0xb4ee5a5a, 0x5bfba0a0,
- 0xa4f65252, 0x764d3b3b, 0xb761d6d6, 0x7dceb3b3,
- 0x527b2929, 0xdd3ee3e3, 0x5e712f2f, 0x13978484,
- 0xa6f55353, 0xb968d1d1, 0x0, 0xc12ceded,
- 0x40602020, 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b,
- 0xd4be6a6a, 0x8d46cbcb, 0x67d9bebe, 0x724b3939,
- 0x94de4a4a, 0x98d44c4c, 0xb0e85858, 0x854acfcf,
- 0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb,
- 0x86c54343, 0x9ad74d4d, 0x66553333, 0x11948585,
- 0x8acf4545, 0xe910f9f9, 0x4060202, 0xfe817f7f,
- 0xa0f05050, 0x78443c3c, 0x25ba9f9f, 0x4be3a8a8,
- 0xa2f35151, 0x5dfea3a3, 0x80c04040, 0x58a8f8f,
- 0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5,
- 0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121,
- 0x20301010, 0xe51affff, 0xfd0ef3f3, 0xbf6dd2d2,
- 0x814ccdcd, 0x18140c0c, 0x26351313, 0xc32fecec,
- 0xbee15f5f, 0x35a29797, 0x88cc4444, 0x2e391717,
- 0x9357c4c4, 0x55f2a7a7, 0xfc827e7e, 0x7a473d3d,
- 0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373,
- 0xc0a06060, 0x19988181, 0x9ed14f4f, 0xa37fdcdc,
- 0x44662222, 0x547e2a2a, 0x3bab9090, 0xb838888,
- 0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 0x283c1414,
- 0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb,
- 0xdb3be0e0, 0x64563232, 0x744e3a3a, 0x141e0a0a,
- 0x92db4949, 0xc0a0606, 0x486c2424, 0xb8e45c5c,
- 0x9f5dc2c2, 0xbd6ed3d3, 0x43efacac, 0xc4a66262,
- 0x39a89191, 0x31a49595, 0xd337e4e4, 0xf28b7979,
- 0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d,
- 0x18c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9,
- 0xd8b46c6c, 0xacfa5656, 0xf307f4f4, 0xcf25eaea,
- 0xcaaf6565, 0xf48e7a7a, 0x47e9aeae, 0x10180808,
- 0x6fd5baba, 0xf0887878, 0x4a6f2525, 0x5c722e2e,
- 0x38241c1c, 0x57f1a6a6, 0x73c7b4b4, 0x9751c6c6,
- 0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f,
- 0x96dd4b4b, 0x61dcbdbd, 0xd868b8b, 0xf858a8a,
- 0xe0907070, 0x7c423e3e, 0x71c4b5b5, 0xccaa6666,
- 0x90d84848, 0x6050303, 0xf701f6f6, 0x1c120e0e,
- 0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9,
- 0x17918686, 0x9958c1c1, 0x3a271d1d, 0x27b99e9e,
- 0xd938e1e1, 0xeb13f8f8, 0x2bb39898, 0x22331111,
- 0xd2bb6969, 0xa970d9d9, 0x7898e8e, 0x33a79494,
- 0x2db69b9b, 0x3c221e1e, 0x15928787, 0xc920e9e9,
- 0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf,
- 0x38f8c8c, 0x59f8a1a1, 0x9808989, 0x1a170d0d,
- 0x65dabfbf, 0xd731e6e6, 0x84c64242, 0xd0b86868,
- 0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f,
- 0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616,
-};
-
-static uint32_t U0[256] = {
- 0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a,
- 0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b,
- 0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5,
- 0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5,
- 0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d,
- 0x2752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b,
- 0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295,
- 0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e,
- 0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927,
- 0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d,
- 0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362,
- 0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9,
- 0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52,
- 0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566,
- 0x728ebb2, 0x3c2b52f, 0x9a7bc586, 0xa50837d3,
- 0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed,
- 0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e,
- 0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4,
- 0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4,
- 0x39ec830b, 0xaaef6040, 0x69f715e, 0x51106ebd,
- 0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d,
- 0xb58d5491, 0x55dc471, 0x6fd40604, 0xff155060,
- 0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967,
- 0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879,
- 0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x0,
- 0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c,
- 0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36,
- 0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624,
- 0xb1670a0c, 0xfe75793, 0xd296eeb4, 0x9e919b1b,
- 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c,
- 0xaba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12,
- 0xb0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14,
- 0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3,
- 0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b,
- 0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8,
- 0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684,
- 0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7,
- 0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177,
- 0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947,
- 0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322,
- 0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498,
- 0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f,
- 0xe49d3a2c, 0xd927850, 0x9bcc5f6a, 0x62467e54,
- 0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382,
- 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf,
- 0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb,
- 0x97826cd, 0xf418596e, 0x1b79aec, 0xa89a4f83,
- 0x656e95e6, 0x7ee6ffaa, 0x8cfbc21, 0xe6e815ef,
- 0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029,
- 0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235,
- 0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733,
- 0x4a9804f1, 0xf7daec41, 0xe50cd7f, 0x2ff69117,
- 0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4,
- 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546,
- 0x4ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb,
- 0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d,
- 0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb,
- 0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a,
- 0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773,
- 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478,
- 0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2,
- 0x72c31d16, 0xc25e2bc, 0x8b493c28, 0x41950dff,
- 0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664,
- 0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0,
-};
-
-static uint32_t U1[256] = {
- 0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96,
- 0x6bab3bcb, 0x459d1ff1, 0x58faacab, 0x3e34b93,
- 0xfa302055, 0x6d76adf6, 0x76cc8891, 0x4c02f525,
- 0xd7e54ffc, 0xcb2ac5d7, 0x44352680, 0xa362b58f,
- 0x5ab1de49, 0x1bba2567, 0xeea4598, 0xc0fe5de1,
- 0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6,
- 0x5f8f03e7, 0x9c921595, 0x7a6dbfeb, 0x595295da,
- 0x83bed42d, 0x217458d3, 0x69e04929, 0xc8c98e44,
- 0x89c2756a, 0x798ef478, 0x3e58996b, 0x71b927dd,
- 0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4,
- 0x4adf6318, 0x311ae582, 0x33519760, 0x7f536245,
- 0x7764b1e0, 0xae6bbb84, 0xa081fe1c, 0x2b08f994,
- 0x68487058, 0xfd458f19, 0x6cde9487, 0xf87b52b7,
- 0xd373ab23, 0x24b72e2, 0x8f1fe357, 0xab55662a,
- 0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x837d3a5,
- 0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c,
- 0x1ccf8a2b, 0xb479a792, 0xf207f3f0, 0xe2694ea1,
- 0xf4da65cd, 0xbe0506d5, 0x6234d11f, 0xfea6c48a,
- 0x532e349d, 0x55f3a2a0, 0xe18a0532, 0xebf6a475,
- 0xec830b39, 0xef6040aa, 0x9f715e06, 0x106ebd51,
- 0x8a213ef9, 0x6dd963d, 0x53eddae, 0xbde64d46,
- 0x8d5491b5, 0x5dc47105, 0xd406046f, 0x155060ff,
- 0xfb981924, 0xe9bdd697, 0x434089cc, 0x9ed96777,
- 0x42e8b0bd, 0x8b890788, 0x5b19e738, 0xeec879db,
- 0xa7ca147, 0xf427ce9, 0x1e84f8c9, 0x0,
- 0x86800983, 0xed2b3248, 0x70111eac, 0x725a6c4e,
- 0xff0efdfb, 0x38850f56, 0xd5ae3d1e, 0x392d3627,
- 0xd90f0a64, 0xa65c6821, 0x545b9bd1, 0x2e36243a,
- 0x670a0cb1, 0xe757930f, 0x96eeb4d2, 0x919b1b9e,
- 0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16,
- 0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d,
- 0xd090e0b, 0xc78bf2ad, 0xa8b62db9, 0xa91e14c8,
- 0x19f15785, 0x775af4c, 0xdd99eebb, 0x607fa3fd,
- 0x2601f79f, 0xf5725cbc, 0x3b6644c5, 0x7efb5b34,
- 0x29438b76, 0xc623cbdc, 0xfcedb668, 0xf1e4b863,
- 0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420,
- 0x244a857d, 0x3dbbd2f8, 0x32f9ae11, 0xa129c76d,
- 0x2f9e1d4b, 0x30b2dcf3, 0x52860dec, 0xe3c177d0,
- 0x16b32b6c, 0xb970a999, 0x489411fa, 0x64e94722,
- 0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef,
- 0x4e4987c7, 0xd138d9c1, 0xa2ca8cfe, 0xbd49836,
- 0x81f5a6cf, 0xde7aa528, 0x8eb7da26, 0xbfad3fa4,
- 0x9d3a2ce4, 0x9278500d, 0xcc5f6a9b, 0x467e5462,
- 0x138df6c2, 0xb8d890e8, 0xf7392e5e, 0xafc382f5,
- 0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3,
- 0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b,
- 0x7826cd09, 0x18596ef4, 0xb79aec01, 0x9a4f83a8,
- 0x6e95e665, 0xe6ffaa7e, 0xcfbc2108, 0xe815efe6,
- 0x9be7bad9, 0x366f4ace, 0x99fead4, 0x7cb029d6,
- 0xb2a431af, 0x233f2a31, 0x94a5c630, 0x66a235c0,
- 0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315,
- 0x9804f14a, 0xdaec41f7, 0x50cd7f0e, 0xf691172f,
- 0xd64d768d, 0xb0ef434d, 0x4daacc54, 0x496e4df,
- 0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8, 0x5165467f,
- 0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e,
- 0x1d67b35a, 0xd2db9252, 0x5610e933, 0x47d66d13,
- 0x61d79a8c, 0xca1377a, 0x14f8598e, 0x3c13eb89,
- 0x27a9ceee, 0xc961b735, 0xe51ce1ed, 0xb1477a3c,
- 0xdfd29c59, 0x73f2553f, 0xce141879, 0x37c773bf,
- 0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886,
- 0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f,
- 0xc31d1672, 0x25e2bc0c, 0x493c288b, 0x950dff41,
- 0x1a83971, 0xb30c08de, 0xe4b4d89c, 0xc1566490,
- 0x84cb7b61, 0xb632d570, 0x5c6c4874, 0x57b8d042,
-};
-
-static uint32_t U2[256] = {
- 0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e,
- 0xab3bcb6b, 0x9d1ff145, 0xfaacab58, 0xe34b9303,
- 0x302055fa, 0x76adf66d, 0xcc889176, 0x2f5254c,
- 0xe54ffcd7, 0x2ac5d7cb, 0x35268044, 0x62b58fa3,
- 0xb1de495a, 0xba25671b, 0xea45980e, 0xfe5de1c0,
- 0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9,
- 0x8f03e75f, 0x9215959c, 0x6dbfeb7a, 0x5295da59,
- 0xbed42d83, 0x7458d321, 0xe0492969, 0xc98e44c8,
- 0xc2756a89, 0x8ef47879, 0x58996b3e, 0xb927dd71,
- 0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a,
- 0xdf63184a, 0x1ae58231, 0x51976033, 0x5362457f,
- 0x64b1e077, 0x6bbb84ae, 0x81fe1ca0, 0x8f9942b,
- 0x48705868, 0x458f19fd, 0xde94876c, 0x7b52b7f8,
- 0x73ab23d3, 0x4b72e202, 0x1fe3578f, 0x55662aab,
- 0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508,
- 0x2830f287, 0xbf23b2a5, 0x302ba6a, 0x16ed5c82,
- 0xcf8a2b1c, 0x79a792b4, 0x7f3f0f2, 0x694ea1e2,
- 0xda65cdf4, 0x506d5be, 0x34d11f62, 0xa6c48afe,
- 0x2e349d53, 0xf3a2a055, 0x8a0532e1, 0xf6a475eb,
- 0x830b39ec, 0x6040aaef, 0x715e069f, 0x6ebd5110,
- 0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd,
- 0x5491b58d, 0xc471055d, 0x6046fd4, 0x5060ff15,
- 0x981924fb, 0xbdd697e9, 0x4089cc43, 0xd967779e,
- 0xe8b0bd42, 0x8907888b, 0x19e7385b, 0xc879dbee,
- 0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x0,
- 0x80098386, 0x2b3248ed, 0x111eac70, 0x5a6c4e72,
- 0xefdfbff, 0x850f5638, 0xae3d1ed5, 0x2d362739,
- 0xf0a64d9, 0x5c6821a6, 0x5b9bd154, 0x36243a2e,
- 0xa0cb167, 0x57930fe7, 0xeeb4d296, 0x9b1b9e91,
- 0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a,
- 0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17,
- 0x90e0b0d, 0x8bf2adc7, 0xb62db9a8, 0x1e14c8a9,
- 0xf1578519, 0x75af4c07, 0x99eebbdd, 0x7fa3fd60,
- 0x1f79f26, 0x725cbcf5, 0x6644c53b, 0xfb5b347e,
- 0x438b7629, 0x23cbdcc6, 0xedb668fc, 0xe4b863f1,
- 0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011,
- 0x4a857d24, 0xbbd2f83d, 0xf9ae1132, 0x29c76da1,
- 0x9e1d4b2f, 0xb2dcf330, 0x860dec52, 0xc177d0e3,
- 0xb32b6c16, 0x70a999b9, 0x9411fa48, 0xe9472264,
- 0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90,
- 0x4987c74e, 0x38d9c1d1, 0xca8cfea2, 0xd498360b,
- 0xf5a6cf81, 0x7aa528de, 0xb7da268e, 0xad3fa4bf,
- 0x3a2ce49d, 0x78500d92, 0x5f6a9bcc, 0x7e546246,
- 0x8df6c213, 0xd890e8b8, 0x392e5ef7, 0xc382f5af,
- 0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312,
- 0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb,
- 0x26cd0978, 0x596ef418, 0x9aec01b7, 0x4f83a89a,
- 0x95e6656e, 0xffaa7ee6, 0xbc2108cf, 0x15efe6e8,
- 0xe7bad99b, 0x6f4ace36, 0x9fead409, 0xb029d67c,
- 0xa431afb2, 0x3f2a3123, 0xa5c63094, 0xa235c066,
- 0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8,
- 0x4f14a98, 0xec41f7da, 0xcd7f0e50, 0x91172ff6,
- 0x4d768dd6, 0xef434db0, 0xaacc544d, 0x96e4df04,
- 0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f, 0x65467f51,
- 0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0xbfb2e41,
- 0x67b35a1d, 0xdb9252d2, 0x10e93356, 0xd66d1347,
- 0xd79a8c61, 0xa1377a0c, 0xf8598e14, 0x13eb893c,
- 0xa9ceee27, 0x61b735c9, 0x1ce1ede5, 0x477a3cb1,
- 0xd29c59df, 0xf2553f73, 0x141879ce, 0xc773bf37,
- 0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db,
- 0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40,
- 0x1d1672c3, 0xe2bc0c25, 0x3c288b49, 0xdff4195,
- 0xa8397101, 0xc08deb3, 0xb4d89ce4, 0x566490c1,
- 0xcb7b6184, 0x32d570b6, 0x6c48745c, 0xb8d04257,
-};
-
-static uint32_t U3[256] = {
- 0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27,
- 0x3bcb6bab, 0x1ff1459d, 0xacab58fa, 0x4b9303e3,
- 0x2055fa30, 0xadf66d76, 0x889176cc, 0xf5254c02,
- 0x4ffcd7e5, 0xc5d7cb2a, 0x26804435, 0xb58fa362,
- 0xde495ab1, 0x25671bba, 0x45980eea, 0x5de1c0fe,
- 0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3,
- 0x3e75f8f, 0x15959c92, 0xbfeb7a6d, 0x95da5952,
- 0xd42d83be, 0x58d32174, 0x492969e0, 0x8e44c8c9,
- 0x756a89c2, 0xf478798e, 0x996b3e58, 0x27dd71b9,
- 0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace,
- 0x63184adf, 0xe582311a, 0x97603351, 0x62457f53,
- 0xb1e07764, 0xbb84ae6b, 0xfe1ca081, 0xf9942b08,
- 0x70586848, 0x8f19fd45, 0x94876cde, 0x52b7f87b,
- 0xab23d373, 0x72e2024b, 0xe3578f1f, 0x662aab55,
- 0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837,
- 0x30f28728, 0x23b2a5bf, 0x2ba6a03, 0xed5c8216,
- 0x8a2b1ccf, 0xa792b479, 0xf3f0f207, 0x4ea1e269,
- 0x65cdf4da, 0x6d5be05, 0xd11f6234, 0xc48afea6,
- 0x349d532e, 0xa2a055f3, 0x532e18a, 0xa475ebf6,
- 0xb39ec83, 0x40aaef60, 0x5e069f71, 0xbd51106e,
- 0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6,
- 0x91b58d54, 0x71055dc4, 0x46fd406, 0x60ff1550,
- 0x1924fb98, 0xd697e9bd, 0x89cc4340, 0x67779ed9,
- 0xb0bd42e8, 0x7888b89, 0xe7385b19, 0x79dbeec8,
- 0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x0,
- 0x9838680, 0x3248ed2b, 0x1eac7011, 0x6c4e725a,
- 0xfdfbff0e, 0xf563885, 0x3d1ed5ae, 0x3627392d,
- 0xa64d90f, 0x6821a65c, 0x9bd1545b, 0x243a2e36,
- 0xcb1670a, 0x930fe757, 0xb4d296ee, 0x1b9e919b,
- 0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12,
- 0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b,
- 0xe0b0d09, 0xf2adc78b, 0x2db9a8b6, 0x14c8a91e,
- 0x578519f1, 0xaf4c0775, 0xeebbdd99, 0xa3fd607f,
- 0xf79f2601, 0x5cbcf572, 0x44c53b66, 0x5b347efb,
- 0x8b762943, 0xcbdcc623, 0xb668fced, 0xb863f1e4,
- 0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6,
- 0x857d244a, 0xd2f83dbb, 0xae1132f9, 0xc76da129,
- 0x1d4b2f9e, 0xdcf330b2, 0xdec5286, 0x77d0e3c1,
- 0x2b6c16b3, 0xa999b970, 0x11fa4894, 0x472264e9,
- 0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033,
- 0x87c74e49, 0xd9c1d138, 0x8cfea2ca, 0x98360bd4,
- 0xa6cf81f5, 0xa528de7a, 0xda268eb7, 0x3fa4bfad,
- 0x2ce49d3a, 0x500d9278, 0x6a9bcc5f, 0x5462467e,
- 0xf6c2138d, 0x90e8b8d8, 0x2e5ef739, 0x82f5afc3,
- 0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225,
- 0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b,
- 0xcd097826, 0x6ef41859, 0xec01b79a, 0x83a89a4f,
- 0xe6656e95, 0xaa7ee6ff, 0x2108cfbc, 0xefe6e815,
- 0xbad99be7, 0x4ace366f, 0xead4099f, 0x29d67cb0,
- 0x31afb2a4, 0x2a31233f, 0xc63094a5, 0x35c066a2,
- 0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7,
- 0xf14a9804, 0x41f7daec, 0x7f0e50cd, 0x172ff691,
- 0x768dd64d, 0x434db0ef, 0xcc544daa, 0xe4df0496,
- 0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c, 0x467f5165,
- 0x9d04ea5e, 0x15d358c, 0xfa737487, 0xfb2e410b,
- 0xb35a1d67, 0x9252d2db, 0xe9335610, 0x6d1347d6,
- 0x9a8c61d7, 0x377a0ca1, 0x598e14f8, 0xeb893c13,
- 0xceee27a9, 0xb735c961, 0xe1ede51c, 0x7a3cb147,
- 0x9c59dfd2, 0x553f73f2, 0x1879ce14, 0x73bf37c7,
- 0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44,
- 0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3,
- 0x1672c31d, 0xbc0c25e2, 0x288b493c, 0xff41950d,
- 0x397101a8, 0x8deb30c, 0xd89ce4b4, 0x6490c156,
- 0x7b6184cb, 0xd570b632, 0x48745c6c, 0xd04257b8,
-};
-
-#else /* assume big endian */
-
-static uint32_t T0[256] = {
- 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
- 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
- 0x60303050, 0x2010103, 0xce6767a9, 0x562b2b7d,
- 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
- 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
- 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
- 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
- 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
- 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
- 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
- 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
- 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
- 0x804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
- 0x30181828, 0x379696a1, 0xa05050f, 0x2f9a9ab5,
- 0xe070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
- 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
- 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
- 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
- 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
- 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
- 0xa65353f5, 0xb9d1d168, 0x0, 0xc1eded2c,
- 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
- 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
- 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
- 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
- 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
- 0x8a4545cf, 0xe9f9f910, 0x4020206, 0xfe7f7f81,
- 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
- 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x58f8f8a,
- 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
- 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
- 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
- 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
- 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
- 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
- 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
- 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
- 0x44222266, 0x542a2a7e, 0x3b9090ab, 0xb888883,
- 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
- 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
- 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
- 0x924949db, 0xc06060a, 0x4824246c, 0xb85c5ce4,
- 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
- 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
- 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
- 0x18d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
- 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
- 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
- 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
- 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
- 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
- 0x964b4bdd, 0x61bdbddc, 0xd8b8b86, 0xf8a8a85,
- 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
- 0x904848d8, 0x6030305, 0xf7f6f601, 0x1c0e0e12,
- 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
- 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
- 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
- 0xd26969bb, 0xa9d9d970, 0x78e8e89, 0x339494a7,
- 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
- 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
- 0x38c8c8f, 0x59a1a1f8, 0x9898980, 0x1a0d0d17,
- 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
- 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
- 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a,
-};
-
-static uint32_t T1[256] = {
- 0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b,
- 0xdfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5,
- 0x50603030, 0x3020101, 0xa9ce6767, 0x7d562b2b,
- 0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676,
- 0x458fcaca, 0x9d1f8282, 0x4089c9c9, 0x87fa7d7d,
- 0x15effafa, 0xebb25959, 0xc98e4747, 0xbfbf0f0,
- 0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf,
- 0xbf239c9c, 0xf753a4a4, 0x96e47272, 0x5b9bc0c0,
- 0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626,
- 0x5a6c3636, 0x417e3f3f, 0x2f5f7f7, 0x4f83cccc,
- 0x5c683434, 0xf451a5a5, 0x34d1e5e5, 0x8f9f1f1,
- 0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515,
- 0xc080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3,
- 0x28301818, 0xa1379696, 0xf0a0505, 0xb52f9a9a,
- 0x90e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2,
- 0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575,
- 0x1b120909, 0x9e1d8383, 0x74582c2c, 0x2e341a1a,
- 0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0,
- 0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3,
- 0x7b522929, 0x3edde3e3, 0x715e2f2f, 0x97138484,
- 0xf5a65353, 0x68b9d1d1, 0x0, 0x2cc1eded,
- 0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b,
- 0xbed46a6a, 0x468dcbcb, 0xd967bebe, 0x4b723939,
- 0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf,
- 0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb,
- 0xc5864343, 0xd79a4d4d, 0x55663333, 0x94118585,
- 0xcf8a4545, 0x10e9f9f9, 0x6040202, 0x81fe7f7f,
- 0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8,
- 0xf3a25151, 0xfe5da3a3, 0xc0804040, 0x8a058f8f,
- 0xad3f9292, 0xbc219d9d, 0x48703838, 0x4f1f5f5,
- 0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121,
- 0x30201010, 0x1ae5ffff, 0xefdf3f3, 0x6dbfd2d2,
- 0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec,
- 0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717,
- 0x5793c4c4, 0xf255a7a7, 0x82fc7e7e, 0x477a3d3d,
- 0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373,
- 0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc,
- 0x66442222, 0x7e542a2a, 0xab3b9090, 0x830b8888,
- 0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414,
- 0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb,
- 0x3bdbe0e0, 0x56643232, 0x4e743a3a, 0x1e140a0a,
- 0xdb924949, 0xa0c0606, 0x6c482424, 0xe4b85c5c,
- 0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262,
- 0xa8399191, 0xa4319595, 0x37d3e4e4, 0x8bf27979,
- 0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d,
- 0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9,
- 0xb4d86c6c, 0xfaac5656, 0x7f3f4f4, 0x25cfeaea,
- 0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808,
- 0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e,
- 0x24381c1c, 0xf157a6a6, 0xc773b4b4, 0x5197c6c6,
- 0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f,
- 0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a,
- 0x90e07070, 0x427c3e3e, 0xc471b5b5, 0xaacc6666,
- 0xd8904848, 0x5060303, 0x1f7f6f6, 0x121c0e0e,
- 0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9,
- 0x91178686, 0x5899c1c1, 0x273a1d1d, 0xb9279e9e,
- 0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111,
- 0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494,
- 0xb62d9b9b, 0x223c1e1e, 0x92158787, 0x20c9e9e9,
- 0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf,
- 0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d,
- 0xda65bfbf, 0x31d7e6e6, 0xc6844242, 0xb8d06868,
- 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f,
- 0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616,
-};
-
-static uint32_t T2[256] = {
- 0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b,
- 0xf20dfff2, 0x6bbdd66b, 0x6fb1de6f, 0xc55491c5,
- 0x30506030, 0x1030201, 0x67a9ce67, 0x2b7d562b,
- 0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76,
- 0xca458fca, 0x829d1f82, 0xc94089c9, 0x7d87fa7d,
- 0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0,
- 0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af,
- 0x9cbf239c, 0xa4f753a4, 0x7296e472, 0xc05b9bc0,
- 0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26,
- 0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc,
- 0x345c6834, 0xa5f451a5, 0xe534d1e5, 0xf108f9f1,
- 0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15,
- 0x40c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3,
- 0x18283018, 0x96a13796, 0x50f0a05, 0x9ab52f9a,
- 0x7090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2,
- 0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75,
- 0x91b1209, 0x839e1d83, 0x2c74582c, 0x1a2e341a,
- 0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0,
- 0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3,
- 0x297b5229, 0xe33edde3, 0x2f715e2f, 0x84971384,
- 0x53f5a653, 0xd168b9d1, 0x0, 0xed2cc1ed,
- 0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b,
- 0x6abed46a, 0xcb468dcb, 0xbed967be, 0x394b7239,
- 0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf,
- 0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb,
- 0x43c58643, 0x4dd79a4d, 0x33556633, 0x85941185,
- 0x45cf8a45, 0xf910e9f9, 0x2060402, 0x7f81fe7f,
- 0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8,
- 0x51f3a251, 0xa3fe5da3, 0x40c08040, 0x8f8a058f,
- 0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5,
- 0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221,
- 0x10302010, 0xff1ae5ff, 0xf30efdf3, 0xd26dbfd2,
- 0xcd4c81cd, 0xc14180c, 0x13352613, 0xec2fc3ec,
- 0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17,
- 0xc45793c4, 0xa7f255a7, 0x7e82fc7e, 0x3d477a3d,
- 0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673,
- 0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc,
- 0x22664422, 0x2a7e542a, 0x90ab3b90, 0x88830b88,
- 0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814,
- 0xde79a7de, 0x5ee2bc5e, 0xb1d160b, 0xdb76addb,
- 0xe03bdbe0, 0x32566432, 0x3a4e743a, 0xa1e140a,
- 0x49db9249, 0x60a0c06, 0x246c4824, 0x5ce4b85c,
- 0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462,
- 0x91a83991, 0x95a43195, 0xe437d3e4, 0x798bf279,
- 0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d,
- 0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9,
- 0x6cb4d86c, 0x56faac56, 0xf407f3f4, 0xea25cfea,
- 0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x8181008,
- 0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e,
- 0x1c24381c, 0xa6f157a6, 0xb4c773b4, 0xc65197c6,
- 0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f,
- 0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a,
- 0x7090e070, 0x3e427c3e, 0xb5c471b5, 0x66aacc66,
- 0x48d89048, 0x3050603, 0xf601f7f6, 0xe121c0e,
- 0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9,
- 0x86911786, 0xc15899c1, 0x1d273a1d, 0x9eb9279e,
- 0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211,
- 0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394,
- 0x9bb62d9b, 0x1e223c1e, 0x87921587, 0xe920c9e9,
- 0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df,
- 0x8c8f038c, 0xa1f859a1, 0x89800989, 0xd171a0d,
- 0xbfda65bf, 0xe631d7e6, 0x42c68442, 0x68b8d068,
- 0x41c38241, 0x99b02999, 0x2d775a2d, 0xf111e0f,
- 0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16,
-};
-
-static uint32_t T3[256] = {
- 0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6,
- 0xf2f20dff, 0x6b6bbdd6, 0x6f6fb1de, 0xc5c55491,
- 0x30305060, 0x1010302, 0x6767a9ce, 0x2b2b7d56,
- 0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec,
- 0xcaca458f, 0x82829d1f, 0xc9c94089, 0x7d7d87fa,
- 0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb,
- 0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45,
- 0x9c9cbf23, 0xa4a4f753, 0x727296e4, 0xc0c05b9b,
- 0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c,
- 0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83,
- 0x34345c68, 0xa5a5f451, 0xe5e534d1, 0xf1f108f9,
- 0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a,
- 0x4040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d,
- 0x18182830, 0x9696a137, 0x5050f0a, 0x9a9ab52f,
- 0x707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf,
- 0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea,
- 0x9091b12, 0x83839e1d, 0x2c2c7458, 0x1a1a2e34,
- 0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b,
- 0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d,
- 0x29297b52, 0xe3e33edd, 0x2f2f715e, 0x84849713,
- 0x5353f5a6, 0xd1d168b9, 0x0, 0xeded2cc1,
- 0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6,
- 0x6a6abed4, 0xcbcb468d, 0xbebed967, 0x39394b72,
- 0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85,
- 0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed,
- 0x4343c586, 0x4d4dd79a, 0x33335566, 0x85859411,
- 0x4545cf8a, 0xf9f910e9, 0x2020604, 0x7f7f81fe,
- 0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b,
- 0x5151f3a2, 0xa3a3fe5d, 0x4040c080, 0x8f8f8a05,
- 0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1,
- 0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342,
- 0x10103020, 0xffff1ae5, 0xf3f30efd, 0xd2d26dbf,
- 0xcdcd4c81, 0xc0c1418, 0x13133526, 0xecec2fc3,
- 0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e,
- 0xc4c45793, 0xa7a7f255, 0x7e7e82fc, 0x3d3d477a,
- 0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6,
- 0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3,
- 0x22226644, 0x2a2a7e54, 0x9090ab3b, 0x8888830b,
- 0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28,
- 0xdede79a7, 0x5e5ee2bc, 0xb0b1d16, 0xdbdb76ad,
- 0xe0e03bdb, 0x32325664, 0x3a3a4e74, 0xa0a1e14,
- 0x4949db92, 0x6060a0c, 0x24246c48, 0x5c5ce4b8,
- 0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4,
- 0x9191a839, 0x9595a431, 0xe4e437d3, 0x79798bf2,
- 0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da,
- 0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049,
- 0x6c6cb4d8, 0x5656faac, 0xf4f407f3, 0xeaea25cf,
- 0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x8081810,
- 0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c,
- 0x1c1c2438, 0xa6a6f157, 0xb4b4c773, 0xc6c65197,
- 0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e,
- 0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f,
- 0x707090e0, 0x3e3e427c, 0xb5b5c471, 0x6666aacc,
- 0x4848d890, 0x3030506, 0xf6f601f7, 0xe0e121c,
- 0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069,
- 0x86869117, 0xc1c15899, 0x1d1d273a, 0x9e9eb927,
- 0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322,
- 0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733,
- 0x9b9bb62d, 0x1e1e223c, 0x87879215, 0xe9e920c9,
- 0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5,
- 0x8c8c8f03, 0xa1a1f859, 0x89898009, 0xd0d171a,
- 0xbfbfda65, 0xe6e631d7, 0x4242c684, 0x6868b8d0,
- 0x4141c382, 0x9999b029, 0x2d2d775a, 0xf0f111e,
- 0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c,
-};
-
-static uint32_t U0[256] = {
- 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
- 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
- 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
- 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
- 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
- 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
- 0x38f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
- 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
- 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
- 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
- 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
- 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
- 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
- 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
- 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
- 0x302887f2, 0x23bfa5b2, 0x2036aba, 0xed16825c,
- 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
- 0x65daf4cd, 0x605bed5, 0xd134621f, 0xc4a6fe8a,
- 0x342e539d, 0xa2f355a0, 0x58ae132, 0xa4f6eb75,
- 0xb83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
- 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
- 0x91548db5, 0x71c45d05, 0x406d46f, 0x605015ff,
- 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
- 0xb0e842bd, 0x7898b88, 0xe7195b38, 0x79c8eedb,
- 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x0,
- 0x9808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
- 0xfd0efffb, 0xf853856, 0x3daed51e, 0x362d3927,
- 0xa0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
- 0xc0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
- 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
- 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
- 0xe090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
- 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
- 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
- 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
- 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
- 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
- 0x1d9e2f4b, 0xdcb230f3, 0xd8652ec, 0x77c1e3d0,
- 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
- 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
- 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
- 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
- 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
- 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
- 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
- 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
- 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
- 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
- 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
- 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
- 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
- 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
- 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
- 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
- 0x9d5eea04, 0x18c355d, 0xfa877473, 0xfb0b412e,
- 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
- 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
- 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
- 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
- 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
- 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
- 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
- 0x39a80171, 0x80cb3de, 0xd8b4e49c, 0x6456c190,
- 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
-};
-
-static uint32_t U1[256] = {
- 0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e,
- 0xcb3bab6b, 0xf11f9d45, 0xabacfa58, 0x934be303,
- 0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c,
- 0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3,
- 0x49deb15a, 0x6725ba1b, 0x9845ea0e, 0xe15dfec0,
- 0x2c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9,
- 0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259,
- 0x2dd4be83, 0xd3587421, 0x2949e069, 0x448ec9c8,
- 0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971,
- 0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a,
- 0x1863df4a, 0x82e51a31, 0x60975133, 0x4562537f,
- 0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b,
- 0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8,
- 0x23ab73d3, 0xe2724b02, 0x57e31f8f, 0x2a6655ab,
- 0x7b2eb28, 0x32fb5c2, 0x9a86c57b, 0xa5d33708,
- 0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682,
- 0x2b8acf1c, 0x92a779b4, 0xf0f307f2, 0xa14e69e2,
- 0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe,
- 0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb,
- 0x390b83ec, 0xaa4060ef, 0x65e719f, 0x51bd6e10,
- 0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd,
- 0xb591548d, 0x571c45d, 0x6f0406d4, 0xff605015,
- 0x241998fb, 0x97d6bde9, 0xcc894043, 0x7767d99e,
- 0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee,
- 0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x0,
- 0x83098086, 0x48322bed, 0xac1e1170, 0x4e6c5a72,
- 0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39,
- 0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e,
- 0xb10c0a67, 0xf9357e7, 0xd2b4ee96, 0x9e1b9b91,
- 0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a,
- 0xae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17,
- 0xb0e090d, 0xadf28bc7, 0xb92db6a8, 0xc8141ea9,
- 0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60,
- 0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e,
- 0x768b4329, 0xdccb23c6, 0x68b6edfc, 0x63b8e4f1,
- 0xcad731dc, 0x10426385, 0x40139722, 0x2084c611,
- 0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1,
- 0x4b1d9e2f, 0xf3dcb230, 0xec0d8652, 0xd077c1e3,
- 0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964,
- 0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390,
- 0xc787494e, 0xc1d938d1, 0xfe8ccaa2, 0x3698d40b,
- 0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf,
- 0xe42c3a9d, 0xd507892, 0x9b6a5fcc, 0x62547e46,
- 0xc2f68d13, 0xe890d8b8, 0x5e2e39f7, 0xf582c3af,
- 0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512,
- 0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb,
- 0x9cd2678, 0xf46e5918, 0x1ec9ab7, 0xa8834f9a,
- 0x65e6956e, 0x7eaaffe6, 0x821bccf, 0xe6ef15e8,
- 0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c,
- 0xaf31a4b2, 0x312a3f23, 0x30c6a594, 0xc035a266,
- 0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8,
- 0x4af10498, 0xf741ecda, 0xe7fcd50, 0x2f1791f6,
- 0x8d764dd6, 0x4d43efb0, 0x54ccaa4d, 0xdfe49604,
- 0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551,
- 0x49d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41,
- 0x5ab3671d, 0x5292dbd2, 0x33e91056, 0x136dd647,
- 0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c,
- 0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1,
- 0x599cd2df, 0x3f55f273, 0x791814ce, 0xbf73c737,
- 0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db,
- 0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340,
- 0x72161dc3, 0xcbce225, 0x8b283c49, 0x41ff0d95,
- 0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1,
- 0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857
-};
-
-static uint32_t U2[256] = {
- 0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27,
- 0x6bcb3bab, 0x45f11f9d, 0x58abacfa, 0x3934be3,
- 0xfa552030, 0x6df6ad76, 0x769188cc, 0x4c25f502,
- 0xd7fc4fe5, 0xcbd7c52a, 0x44802635, 0xa38fb562,
- 0x5a49deb1, 0x1b6725ba, 0xe9845ea, 0xc0e15dfe,
- 0x7502c32f, 0xf012814c, 0x97a38d46, 0xf9c66bd3,
- 0x5fe7038f, 0x9c951592, 0x7aebbf6d, 0x59da9552,
- 0x832dd4be, 0x21d35874, 0x692949e0, 0xc8448ec9,
- 0x896a75c2, 0x7978f48e, 0x3e6b9958, 0x71dd27b9,
- 0x4fb6bee1, 0xad17f088, 0xac66c920, 0x3ab47dce,
- 0x4a1863df, 0x3182e51a, 0x33609751, 0x7f456253,
- 0x77e0b164, 0xae84bb6b, 0xa01cfe81, 0x2b94f908,
- 0x68587048, 0xfd198f45, 0x6c8794de, 0xf8b7527b,
- 0xd323ab73, 0x2e2724b, 0x8f57e31f, 0xab2a6655,
- 0x2807b2eb, 0xc2032fb5, 0x7b9a86c5, 0x8a5d337,
- 0x87f23028, 0xa5b223bf, 0x6aba0203, 0x825ced16,
- 0x1c2b8acf, 0xb492a779, 0xf2f0f307, 0xe2a14e69,
- 0xf4cd65da, 0xbed50605, 0x621fd134, 0xfe8ac4a6,
- 0x539d342e, 0x55a0a2f3, 0xe132058a, 0xeb75a4f6,
- 0xec390b83, 0xefaa4060, 0x9f065e71, 0x1051bd6e,
- 0x8af93e21, 0x63d96dd, 0x5aedd3e, 0xbd464de6,
- 0x8db59154, 0x5d0571c4, 0xd46f0406, 0x15ff6050,
- 0xfb241998, 0xe997d6bd, 0x43cc8940, 0x9e7767d9,
- 0x42bdb0e8, 0x8b880789, 0x5b38e719, 0xeedb79c8,
- 0xa47a17c, 0xfe97c42, 0x1ec9f884, 0x0,
- 0x86830980, 0xed48322b, 0x70ac1e11, 0x724e6c5a,
- 0xfffbfd0e, 0x38560f85, 0xd51e3dae, 0x3927362d,
- 0xd9640a0f, 0xa621685c, 0x54d19b5b, 0x2e3a2436,
- 0x67b10c0a, 0xe70f9357, 0x96d2b4ee, 0x919e1b9b,
- 0xc54f80c0, 0x20a261dc, 0x4b695a77, 0x1a161c12,
- 0xba0ae293, 0x2ae5c0a0, 0xe0433c22, 0x171d121b,
- 0xd0b0e09, 0xc7adf28b, 0xa8b92db6, 0xa9c8141e,
- 0x198557f1, 0x74caf75, 0xddbbee99, 0x60fda37f,
- 0x269ff701, 0xf5bc5c72, 0x3bc54466, 0x7e345bfb,
- 0x29768b43, 0xc6dccb23, 0xfc68b6ed, 0xf163b8e4,
- 0xdccad731, 0x85104263, 0x22401397, 0x112084c6,
- 0x247d854a, 0x3df8d2bb, 0x3211aef9, 0xa16dc729,
- 0x2f4b1d9e, 0x30f3dcb2, 0x52ec0d86, 0xe3d077c1,
- 0x166c2bb3, 0xb999a970, 0x48fa1194, 0x642247e9,
- 0x8cc4a8fc, 0x3f1aa0f0, 0x2cd8567d, 0x90ef2233,
- 0x4ec78749, 0xd1c1d938, 0xa2fe8cca, 0xb3698d4,
- 0x81cfa6f5, 0xde28a57a, 0x8e26dab7, 0xbfa43fad,
- 0x9de42c3a, 0x920d5078, 0xcc9b6a5f, 0x4662547e,
- 0x13c2f68d, 0xb8e890d8, 0xf75e2e39, 0xaff582c3,
- 0x80be9f5d, 0x937c69d0, 0x2da96fd5, 0x12b3cf25,
- 0x993bc8ac, 0x7da71018, 0x636ee89c, 0xbb7bdb3b,
- 0x7809cd26, 0x18f46e59, 0xb701ec9a, 0x9aa8834f,
- 0x6e65e695, 0xe67eaaff, 0xcf0821bc, 0xe8e6ef15,
- 0x9bd9bae7, 0x36ce4a6f, 0x9d4ea9f, 0x7cd629b0,
- 0xb2af31a4, 0x23312a3f, 0x9430c6a5, 0x66c035a2,
- 0xbc37744e, 0xcaa6fc82, 0xd0b0e090, 0xd81533a7,
- 0x984af104, 0xdaf741ec, 0x500e7fcd, 0xf62f1791,
- 0xd68d764d, 0xb04d43ef, 0x4d54ccaa, 0x4dfe496,
- 0xb5e39ed1, 0x881b4c6a, 0x1fb8c12c, 0x517f4665,
- 0xea049d5e, 0x355d018c, 0x7473fa87, 0x412efb0b,
- 0x1d5ab367, 0xd25292db, 0x5633e910, 0x47136dd6,
- 0x618c9ad7, 0xc7a37a1, 0x148e59f8, 0x3c89eb13,
- 0x27eecea9, 0xc935b761, 0xe5ede11c, 0xb13c7a47,
- 0xdf599cd2, 0x733f55f2, 0xce791814, 0x37bf73c7,
- 0xcdea53f7, 0xaa5b5ffd, 0x6f14df3d, 0xdb867844,
- 0xf381caaf, 0xc43eb968, 0x342c3824, 0x405fc2a3,
- 0xc372161d, 0x250cbce2, 0x498b283c, 0x9541ff0d,
- 0x17139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456,
- 0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8
-};
-
-static uint32_t U3[256] = {
- 0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a,
- 0xab6bcb3b, 0x9d45f11f, 0xfa58abac, 0xe303934b,
- 0x30fa5520, 0x766df6ad, 0xcc769188, 0x24c25f5,
- 0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5,
- 0xb15a49de, 0xba1b6725, 0xea0e9845, 0xfec0e15d,
- 0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b,
- 0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95,
- 0xbe832dd4, 0x7421d358, 0xe0692949, 0xc9c8448e,
- 0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27,
- 0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d,
- 0xdf4a1863, 0x1a3182e5, 0x51336097, 0x537f4562,
- 0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x82b94f9,
- 0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752,
- 0x73d323ab, 0x4b02e272, 0x1f8f57e3, 0x55ab2a66,
- 0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3,
- 0x2887f230, 0xbfa5b223, 0x36aba02, 0x16825ced,
- 0xcf1c2b8a, 0x79b492a7, 0x7f2f0f3, 0x69e2a14e,
- 0xdaf4cd65, 0x5bed506, 0x34621fd1, 0xa6fe8ac4,
- 0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4,
- 0x83ec390b, 0x60efaa40, 0x719f065e, 0x6e1051bd,
- 0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d,
- 0x548db591, 0xc45d0571, 0x6d46f04, 0x5015ff60,
- 0x98fb2419, 0xbde997d6, 0x4043cc89, 0xd99e7767,
- 0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79,
- 0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x0,
- 0x80868309, 0x2bed4832, 0x1170ac1e, 0x5a724e6c,
- 0xefffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736,
- 0xfd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24,
- 0xa67b10c, 0x57e70f93, 0xee96d2b4, 0x9b919e1b,
- 0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c,
- 0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12,
- 0x90d0b0e, 0x8bc7adf2, 0xb6a8b92d, 0x1ea9c814,
- 0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3,
- 0x1269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b,
- 0x4329768b, 0x23c6dccb, 0xedfc68b6, 0xe4f163b8,
- 0x31dccad7, 0x63851042, 0x97224013, 0xc6112084,
- 0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7,
- 0x9e2f4b1d, 0xb230f3dc, 0x8652ec0d, 0xc1e3d077,
- 0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247,
- 0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22,
- 0x494ec787, 0x38d1c1d9, 0xcaa2fe8c, 0xd40b3698,
- 0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f,
- 0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254,
- 0x8d13c2f6, 0xd8b8e890, 0x39f75e2e, 0xc3aff582,
- 0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf,
- 0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb,
- 0x267809cd, 0x5918f46e, 0x9ab701ec, 0x4f9aa883,
- 0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef,
- 0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629,
- 0xa4b2af31, 0x3f23312a, 0xa59430c6, 0xa266c035,
- 0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533,
- 0x4984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17,
- 0x4dd68d76, 0xefb04d43, 0xaa4d54cc, 0x9604dfe4,
- 0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46,
- 0x5eea049d, 0x8c355d01, 0x877473fa, 0xb412efb,
- 0x671d5ab3, 0xdbd25292, 0x105633e9, 0xd647136d,
- 0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb,
- 0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a,
- 0xd2df599c, 0xf2733f55, 0x14ce7918, 0xc737bf73,
- 0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678,
- 0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2,
- 0x1dc37216, 0xe2250cbc, 0x3c498b28, 0xd9541ff,
- 0xa8017139, 0xcb3de08, 0xb4e49cd8, 0x56c19064,
- 0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0
-};
-
-#endif
-
-/*
- * the following tables (aes_sbox, aes_inv_sbox, T4, U4) are
- * endian-neutral
- */
-
-static uint8_t
-aes_sbox[256] = {
- 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5,
- 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
- 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
- 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
- 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc,
- 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
- 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a,
- 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
- 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
- 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
- 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b,
- 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
- 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85,
- 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
- 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
- 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
- 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17,
- 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
- 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88,
- 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
- 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
- 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
- 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9,
- 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
- 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6,
- 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
- 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
- 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
- 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94,
- 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
- 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68,
- 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
-};
-
-#ifndef CPU_RISC
-static uint8_t
-aes_inv_sbox[256] = {
- 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38,
- 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
- 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87,
- 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
- 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d,
- 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
- 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2,
- 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
- 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16,
- 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
- 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda,
- 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
- 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a,
- 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
- 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02,
- 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
- 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea,
- 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
- 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85,
- 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
- 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89,
- 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
- 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20,
- 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
- 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31,
- 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
- 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d,
- 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
- 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0,
- 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
- 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26,
- 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
-};
-#endif /* ! CPU_RISC */
-
-#ifdef CPU_RISC
-static uint32_t
-T4[256] = {
- 0x63636363, 0x7c7c7c7c, 0x77777777, 0x7b7b7b7b,
- 0xf2f2f2f2, 0x6b6b6b6b, 0x6f6f6f6f, 0xc5c5c5c5,
- 0x30303030, 0x01010101, 0x67676767, 0x2b2b2b2b,
- 0xfefefefe, 0xd7d7d7d7, 0xabababab, 0x76767676,
- 0xcacacaca, 0x82828282, 0xc9c9c9c9, 0x7d7d7d7d,
- 0xfafafafa, 0x59595959, 0x47474747, 0xf0f0f0f0,
- 0xadadadad, 0xd4d4d4d4, 0xa2a2a2a2, 0xafafafaf,
- 0x9c9c9c9c, 0xa4a4a4a4, 0x72727272, 0xc0c0c0c0,
- 0xb7b7b7b7, 0xfdfdfdfd, 0x93939393, 0x26262626,
- 0x36363636, 0x3f3f3f3f, 0xf7f7f7f7, 0xcccccccc,
- 0x34343434, 0xa5a5a5a5, 0xe5e5e5e5, 0xf1f1f1f1,
- 0x71717171, 0xd8d8d8d8, 0x31313131, 0x15151515,
- 0x04040404, 0xc7c7c7c7, 0x23232323, 0xc3c3c3c3,
- 0x18181818, 0x96969696, 0x05050505, 0x9a9a9a9a,
- 0x07070707, 0x12121212, 0x80808080, 0xe2e2e2e2,
- 0xebebebeb, 0x27272727, 0xb2b2b2b2, 0x75757575,
- 0x09090909, 0x83838383, 0x2c2c2c2c, 0x1a1a1a1a,
- 0x1b1b1b1b, 0x6e6e6e6e, 0x5a5a5a5a, 0xa0a0a0a0,
- 0x52525252, 0x3b3b3b3b, 0xd6d6d6d6, 0xb3b3b3b3,
- 0x29292929, 0xe3e3e3e3, 0x2f2f2f2f, 0x84848484,
- 0x53535353, 0xd1d1d1d1, 0x00000000, 0xedededed,
- 0x20202020, 0xfcfcfcfc, 0xb1b1b1b1, 0x5b5b5b5b,
- 0x6a6a6a6a, 0xcbcbcbcb, 0xbebebebe, 0x39393939,
- 0x4a4a4a4a, 0x4c4c4c4c, 0x58585858, 0xcfcfcfcf,
- 0xd0d0d0d0, 0xefefefef, 0xaaaaaaaa, 0xfbfbfbfb,
- 0x43434343, 0x4d4d4d4d, 0x33333333, 0x85858585,
- 0x45454545, 0xf9f9f9f9, 0x02020202, 0x7f7f7f7f,
- 0x50505050, 0x3c3c3c3c, 0x9f9f9f9f, 0xa8a8a8a8,
- 0x51515151, 0xa3a3a3a3, 0x40404040, 0x8f8f8f8f,
- 0x92929292, 0x9d9d9d9d, 0x38383838, 0xf5f5f5f5,
- 0xbcbcbcbc, 0xb6b6b6b6, 0xdadadada, 0x21212121,
- 0x10101010, 0xffffffff, 0xf3f3f3f3, 0xd2d2d2d2,
- 0xcdcdcdcd, 0x0c0c0c0c, 0x13131313, 0xecececec,
- 0x5f5f5f5f, 0x97979797, 0x44444444, 0x17171717,
- 0xc4c4c4c4, 0xa7a7a7a7, 0x7e7e7e7e, 0x3d3d3d3d,
- 0x64646464, 0x5d5d5d5d, 0x19191919, 0x73737373,
- 0x60606060, 0x81818181, 0x4f4f4f4f, 0xdcdcdcdc,
- 0x22222222, 0x2a2a2a2a, 0x90909090, 0x88888888,
- 0x46464646, 0xeeeeeeee, 0xb8b8b8b8, 0x14141414,
- 0xdededede, 0x5e5e5e5e, 0x0b0b0b0b, 0xdbdbdbdb,
- 0xe0e0e0e0, 0x32323232, 0x3a3a3a3a, 0x0a0a0a0a,
- 0x49494949, 0x06060606, 0x24242424, 0x5c5c5c5c,
- 0xc2c2c2c2, 0xd3d3d3d3, 0xacacacac, 0x62626262,
- 0x91919191, 0x95959595, 0xe4e4e4e4, 0x79797979,
- 0xe7e7e7e7, 0xc8c8c8c8, 0x37373737, 0x6d6d6d6d,
- 0x8d8d8d8d, 0xd5d5d5d5, 0x4e4e4e4e, 0xa9a9a9a9,
- 0x6c6c6c6c, 0x56565656, 0xf4f4f4f4, 0xeaeaeaea,
- 0x65656565, 0x7a7a7a7a, 0xaeaeaeae, 0x08080808,
- 0xbabababa, 0x78787878, 0x25252525, 0x2e2e2e2e,
- 0x1c1c1c1c, 0xa6a6a6a6, 0xb4b4b4b4, 0xc6c6c6c6,
- 0xe8e8e8e8, 0xdddddddd, 0x74747474, 0x1f1f1f1f,
- 0x4b4b4b4b, 0xbdbdbdbd, 0x8b8b8b8b, 0x8a8a8a8a,
- 0x70707070, 0x3e3e3e3e, 0xb5b5b5b5, 0x66666666,
- 0x48484848, 0x03030303, 0xf6f6f6f6, 0x0e0e0e0e,
- 0x61616161, 0x35353535, 0x57575757, 0xb9b9b9b9,
- 0x86868686, 0xc1c1c1c1, 0x1d1d1d1d, 0x9e9e9e9e,
- 0xe1e1e1e1, 0xf8f8f8f8, 0x98989898, 0x11111111,
- 0x69696969, 0xd9d9d9d9, 0x8e8e8e8e, 0x94949494,
- 0x9b9b9b9b, 0x1e1e1e1e, 0x87878787, 0xe9e9e9e9,
- 0xcececece, 0x55555555, 0x28282828, 0xdfdfdfdf,
- 0x8c8c8c8c, 0xa1a1a1a1, 0x89898989, 0x0d0d0d0d,
- 0xbfbfbfbf, 0xe6e6e6e6, 0x42424242, 0x68686868,
- 0x41414141, 0x99999999, 0x2d2d2d2d, 0x0f0f0f0f,
- 0xb0b0b0b0, 0x54545454, 0xbbbbbbbb, 0x16161616
-};
-
-static uint32_t U4[256] = {
- 0x52525252, 0x9090909, 0x6a6a6a6a, 0xd5d5d5d5,
- 0x30303030, 0x36363636, 0xa5a5a5a5, 0x38383838,
- 0xbfbfbfbf, 0x40404040, 0xa3a3a3a3, 0x9e9e9e9e,
- 0x81818181, 0xf3f3f3f3, 0xd7d7d7d7, 0xfbfbfbfb,
- 0x7c7c7c7c, 0xe3e3e3e3, 0x39393939, 0x82828282,
- 0x9b9b9b9b, 0x2f2f2f2f, 0xffffffff, 0x87878787,
- 0x34343434, 0x8e8e8e8e, 0x43434343, 0x44444444,
- 0xc4c4c4c4, 0xdededede, 0xe9e9e9e9, 0xcbcbcbcb,
- 0x54545454, 0x7b7b7b7b, 0x94949494, 0x32323232,
- 0xa6a6a6a6, 0xc2c2c2c2, 0x23232323, 0x3d3d3d3d,
- 0xeeeeeeee, 0x4c4c4c4c, 0x95959595, 0xb0b0b0b,
- 0x42424242, 0xfafafafa, 0xc3c3c3c3, 0x4e4e4e4e,
- 0x8080808, 0x2e2e2e2e, 0xa1a1a1a1, 0x66666666,
- 0x28282828, 0xd9d9d9d9, 0x24242424, 0xb2b2b2b2,
- 0x76767676, 0x5b5b5b5b, 0xa2a2a2a2, 0x49494949,
- 0x6d6d6d6d, 0x8b8b8b8b, 0xd1d1d1d1, 0x25252525,
- 0x72727272, 0xf8f8f8f8, 0xf6f6f6f6, 0x64646464,
- 0x86868686, 0x68686868, 0x98989898, 0x16161616,
- 0xd4d4d4d4, 0xa4a4a4a4, 0x5c5c5c5c, 0xcccccccc,
- 0x5d5d5d5d, 0x65656565, 0xb6b6b6b6, 0x92929292,
- 0x6c6c6c6c, 0x70707070, 0x48484848, 0x50505050,
- 0xfdfdfdfd, 0xedededed, 0xb9b9b9b9, 0xdadadada,
- 0x5e5e5e5e, 0x15151515, 0x46464646, 0x57575757,
- 0xa7a7a7a7, 0x8d8d8d8d, 0x9d9d9d9d, 0x84848484,
- 0x90909090, 0xd8d8d8d8, 0xabababab, 0x0,
- 0x8c8c8c8c, 0xbcbcbcbc, 0xd3d3d3d3, 0xa0a0a0a,
- 0xf7f7f7f7, 0xe4e4e4e4, 0x58585858, 0x5050505,
- 0xb8b8b8b8, 0xb3b3b3b3, 0x45454545, 0x6060606,
- 0xd0d0d0d0, 0x2c2c2c2c, 0x1e1e1e1e, 0x8f8f8f8f,
- 0xcacacaca, 0x3f3f3f3f, 0xf0f0f0f, 0x2020202,
- 0xc1c1c1c1, 0xafafafaf, 0xbdbdbdbd, 0x3030303,
- 0x1010101, 0x13131313, 0x8a8a8a8a, 0x6b6b6b6b,
- 0x3a3a3a3a, 0x91919191, 0x11111111, 0x41414141,
- 0x4f4f4f4f, 0x67676767, 0xdcdcdcdc, 0xeaeaeaea,
- 0x97979797, 0xf2f2f2f2, 0xcfcfcfcf, 0xcececece,
- 0xf0f0f0f0, 0xb4b4b4b4, 0xe6e6e6e6, 0x73737373,
- 0x96969696, 0xacacacac, 0x74747474, 0x22222222,
- 0xe7e7e7e7, 0xadadadad, 0x35353535, 0x85858585,
- 0xe2e2e2e2, 0xf9f9f9f9, 0x37373737, 0xe8e8e8e8,
- 0x1c1c1c1c, 0x75757575, 0xdfdfdfdf, 0x6e6e6e6e,
- 0x47474747, 0xf1f1f1f1, 0x1a1a1a1a, 0x71717171,
- 0x1d1d1d1d, 0x29292929, 0xc5c5c5c5, 0x89898989,
- 0x6f6f6f6f, 0xb7b7b7b7, 0x62626262, 0xe0e0e0e,
- 0xaaaaaaaa, 0x18181818, 0xbebebebe, 0x1b1b1b1b,
- 0xfcfcfcfc, 0x56565656, 0x3e3e3e3e, 0x4b4b4b4b,
- 0xc6c6c6c6, 0xd2d2d2d2, 0x79797979, 0x20202020,
- 0x9a9a9a9a, 0xdbdbdbdb, 0xc0c0c0c0, 0xfefefefe,
- 0x78787878, 0xcdcdcdcd, 0x5a5a5a5a, 0xf4f4f4f4,
- 0x1f1f1f1f, 0xdddddddd, 0xa8a8a8a8, 0x33333333,
- 0x88888888, 0x7070707, 0xc7c7c7c7, 0x31313131,
- 0xb1b1b1b1, 0x12121212, 0x10101010, 0x59595959,
- 0x27272727, 0x80808080, 0xecececec, 0x5f5f5f5f,
- 0x60606060, 0x51515151, 0x7f7f7f7f, 0xa9a9a9a9,
- 0x19191919, 0xb5b5b5b5, 0x4a4a4a4a, 0xd0d0d0d,
- 0x2d2d2d2d, 0xe5e5e5e5, 0x7a7a7a7a, 0x9f9f9f9f,
- 0x93939393, 0xc9c9c9c9, 0x9c9c9c9c, 0xefefefef,
- 0xa0a0a0a0, 0xe0e0e0e0, 0x3b3b3b3b, 0x4d4d4d4d,
- 0xaeaeaeae, 0x2a2a2a2a, 0xf5f5f5f5, 0xb0b0b0b0,
- 0xc8c8c8c8, 0xebebebeb, 0xbbbbbbbb, 0x3c3c3c3c,
- 0x83838383, 0x53535353, 0x99999999, 0x61616161,
- 0x17171717, 0x2b2b2b2b, 0x4040404, 0x7e7e7e7e,
- 0xbabababa, 0x77777777, 0xd6d6d6d6, 0x26262626,
- 0xe1e1e1e1, 0x69696969, 0x14141414, 0x63636363,
- 0x55555555, 0x21212121, 0xc0c0c0c, 0x7d7d7d7d
-};
-#endif /* CPU_RISC */
-
-
-/* aes internals */
-
-extern debug_module_t mod_aes_icm;
-
-void
-aes_expand_encryption_key(const v128_t *key,
- aes_expanded_key_t expanded_key) {
- int i;
- gf2_8 rc;
-
- /* initialize round constant */
- rc = 1;
-
- expanded_key[0].v32[0] = key->v32[0];
- expanded_key[0].v32[1] = key->v32[1];
- expanded_key[0].v32[2] = key->v32[2];
- expanded_key[0].v32[3] = key->v32[3];
-
-#if 0
- debug_print(mod_aes_icm,
- "expanded key[0]: %s", v128_hex_string(&expanded_key[0]));
-#endif
-
- /* loop over round keys */
- for (i=1; i < 11; i++) {
-
- /* munge first word of round key */
- expanded_key[i].v8[0] = aes_sbox[expanded_key[i-1].v8[13]] ^ rc;
- expanded_key[i].v8[1] = aes_sbox[expanded_key[i-1].v8[14]];
- expanded_key[i].v8[2] = aes_sbox[expanded_key[i-1].v8[15]];
- expanded_key[i].v8[3] = aes_sbox[expanded_key[i-1].v8[12]];
-
- expanded_key[i].v32[0] ^= expanded_key[i-1].v32[0];
-
- /* set remaining 32 bit words to the exor of the one previous with
- * the one four words previous */
-
- expanded_key[i].v32[1] =
- expanded_key[i].v32[0] ^ expanded_key[i-1].v32[1];
-
- expanded_key[i].v32[2] =
- expanded_key[i].v32[1] ^ expanded_key[i-1].v32[2];
-
- expanded_key[i].v32[3] =
- expanded_key[i].v32[2] ^ expanded_key[i-1].v32[3];
-
-#if 0
- debug_print2(mod_aes_icm,
- "expanded key[%d]: %s", i,v128_hex_string(&expanded_key[i]));
-#endif
-
- /* modify round constant */
- rc = gf2_8_shift(rc);
-
- }
-}
-
-void
-aes_expand_decryption_key(const v128_t *key,
- aes_expanded_key_t expanded_key) {
- int i;
-
- aes_expand_encryption_key(key, expanded_key);
-
- /* invert the order of the round keys */
- for (i=0; i < 5; i++) {
- v128_t tmp;
- v128_copy(&tmp, &expanded_key[10-i]);
- v128_copy(&expanded_key[10-i], &expanded_key[i]);
- v128_copy(&expanded_key[i], &tmp);
- }
-
- /*
- * apply the inverse mixColumn transform to the round keys (except
- * for the first and the last)
- *
- * mixColumn is implemented by using the tables U0, U1, U2, U3,
- * followed by the T4 table (which cancels out the use of the sbox
- * in the U-tables)
- */
- for (i=1; i < 10; i++) {
-#ifdef CPU_RISC
- uint32_t tmp;
-
- tmp = expanded_key[i].v32[0];
- expanded_key[i].v32[0] =
- U0[T4[(tmp >> 24) ] & 0xff] ^
- U1[T4[(tmp >> 16) & 0xff] & 0xff] ^
- U2[T4[(tmp >> 8) & 0xff] & 0xff] ^
- U3[T4[(tmp) & 0xff] & 0xff];
-
- tmp = expanded_key[i].v32[1];
- expanded_key[i].v32[1] =
- U0[T4[(tmp >> 24) ] & 0xff] ^
- U1[T4[(tmp >> 16) & 0xff] & 0xff] ^
- U2[T4[(tmp >> 8) & 0xff] & 0xff] ^
- U3[T4[(tmp) & 0xff] & 0xff];
-
- tmp = expanded_key[i].v32[2];
- expanded_key[i].v32[2] =
- U0[T4[(tmp >> 24) ] & 0xff] ^
- U1[T4[(tmp >> 16) & 0xff] & 0xff] ^
- U2[T4[(tmp >> 8) & 0xff] & 0xff] ^
- U3[T4[(tmp) & 0xff] & 0xff];
-
- tmp = expanded_key[i].v32[3];
- expanded_key[i].v32[3] =
- U0[T4[(tmp >> 24) ] & 0xff] ^
- U1[T4[(tmp >> 16) & 0xff] & 0xff] ^
- U2[T4[(tmp >> 8) & 0xff] & 0xff] ^
- U3[T4[(tmp) & 0xff] & 0xff];
-#else /* assume CPU_CISC */
-
- uint32_t c0, c1, c2, c3;
-
- c0 = U0[aes_sbox[expanded_key[i].v8[0]]]
- ^ U1[aes_sbox[expanded_key[i].v8[1]]]
- ^ U2[aes_sbox[expanded_key[i].v8[2]]]
- ^ U3[aes_sbox[expanded_key[i].v8[3]]];
-
- c1 = U0[aes_sbox[expanded_key[i].v8[4]]]
- ^ U1[aes_sbox[expanded_key[i].v8[5]]]
- ^ U2[aes_sbox[expanded_key[i].v8[6]]]
- ^ U3[aes_sbox[expanded_key[i].v8[7]]];
-
- c2 = U0[aes_sbox[expanded_key[i].v8[8]]]
- ^ U1[aes_sbox[expanded_key[i].v8[9]]]
- ^ U2[aes_sbox[expanded_key[i].v8[10]]]
- ^ U3[aes_sbox[expanded_key[i].v8[11]]];
-
- c3 = U0[aes_sbox[expanded_key[i].v8[12]]]
- ^ U1[aes_sbox[expanded_key[i].v8[13]]]
- ^ U2[aes_sbox[expanded_key[i].v8[14]]]
- ^ U3[aes_sbox[expanded_key[i].v8[15]]];
-
- expanded_key[i].v32[0] = c0;
- expanded_key[i].v32[1] = c1;
- expanded_key[i].v32[2] = c2;
- expanded_key[i].v32[3] = c3;
-
-#endif
- }
-}
-
-#ifdef CPU_CISC
-
-
-static inline void
-aes_round(v128_t *state, const v128_t *round_key) {
- uint32_t column0, column1, column2, column3;
-
- /* compute the columns of the output square in terms of the octets
- of state, using the tables T0, T1, T2, T3 */
-
- column0 = T0[state->v8[0]] ^ T1[state->v8[5]]
- ^ T2[state->v8[10]] ^ T3[state->v8[15]];
-
- column1 = T0[state->v8[4]] ^ T1[state->v8[9]]
- ^ T2[state->v8[14]] ^ T3[state->v8[3]];
-
- column2 = T0[state->v8[8]] ^ T1[state->v8[13]]
- ^ T2[state->v8[2]] ^ T3[state->v8[7]];
-
- column3 = T0[state->v8[12]] ^ T1[state->v8[1]]
- ^ T2[state->v8[6]] ^ T3[state->v8[11]];
-
- state->v32[0] = column0 ^ round_key->v32[0];
- state->v32[1] = column1 ^ round_key->v32[1];
- state->v32[2] = column2 ^ round_key->v32[2];
- state->v32[3] = column3 ^ round_key->v32[3];
-
-}
-
-
-static inline void
-aes_inv_round(v128_t *state, const v128_t *round_key) {
- uint32_t column0, column1, column2, column3;
-
- /* compute the columns of the output square in terms of the octets
- of state, using the tables U0, U1, U2, U3 */
-
- column0 = U0[state->v8[0]] ^ U1[state->v8[13]]
- ^ U2[state->v8[10]] ^ U3[state->v8[7]];
-
- column1 = U0[state->v8[4]] ^ U1[state->v8[1]]
- ^ U2[state->v8[14]] ^ U3[state->v8[11]];
-
- column2 = U0[state->v8[8]] ^ U1[state->v8[5]]
- ^ U2[state->v8[2]] ^ U3[state->v8[15]];
-
- column3 = U0[state->v8[12]] ^ U1[state->v8[9]]
- ^ U2[state->v8[6]] ^ U3[state->v8[3]];
-
- state->v32[0] = column0 ^ round_key->v32[0];
- state->v32[1] = column1 ^ round_key->v32[1];
- state->v32[2] = column2 ^ round_key->v32[2];
- state->v32[3] = column3 ^ round_key->v32[3];
-
-}
-
-static inline void
-aes_final_round(v128_t *state, const v128_t *round_key) {
- uint8_t tmp;
-
- /* byte substitutions and row shifts */
- /* first row - no shift */
- state->v8[0] = aes_sbox[state->v8[0]];
- state->v8[4] = aes_sbox[state->v8[4]];
- state->v8[8] = aes_sbox[state->v8[8]];
- state->v8[12] = aes_sbox[state->v8[12]];
-
- /* second row - shift one left */
- tmp = aes_sbox[state->v8[1]];
- state->v8[1] = aes_sbox[state->v8[5]];
- state->v8[5] = aes_sbox[state->v8[9]];
- state->v8[9] = aes_sbox[state->v8[13]];
- state->v8[13] = tmp;
-
- /* third row - shift two left */
- tmp = aes_sbox[state->v8[10]];
- state->v8[10] = aes_sbox[state->v8[2]];
- state->v8[2] = tmp;
- tmp = aes_sbox[state->v8[14]];
- state->v8[14] = aes_sbox[state->v8[6]];
- state->v8[6] = tmp;
-
- /* fourth row - shift three left */
- tmp = aes_sbox[state->v8[15]];
- state->v8[15] = aes_sbox[state->v8[11]];
- state->v8[11] = aes_sbox[state->v8[7]];
- state->v8[7] = aes_sbox[state->v8[3]];
- state->v8[3] = tmp;
-
- v128_xor_eq(state, round_key);
-}
-
-static inline void
-aes_inv_final_round(v128_t *state, const v128_t *round_key) {
- uint8_t tmp;
-
- /* byte substitutions and row shifts */
- /* first row - no shift */
- state->v8[0] = aes_inv_sbox[state->v8[0]];
- state->v8[4] = aes_inv_sbox[state->v8[4]];
- state->v8[8] = aes_inv_sbox[state->v8[8]];
- state->v8[12] = aes_inv_sbox[state->v8[12]];
-
- /* second row - shift one right */
- tmp = aes_inv_sbox[state->v8[13]];
- state->v8[13] = aes_inv_sbox[state->v8[9]];
- state->v8[9] = aes_inv_sbox[state->v8[5]];
- state->v8[5] = aes_inv_sbox[state->v8[1]];
- state->v8[1] = tmp;
-
- /* third row - shift two right */
- tmp = aes_inv_sbox[state->v8[2]];
- state->v8[2] = aes_inv_sbox[state->v8[10]];
- state->v8[10] = tmp;
- tmp = aes_inv_sbox[state->v8[6]];
- state->v8[6] = aes_inv_sbox[state->v8[14]];
- state->v8[14] = tmp;
-
- /* fourth row - shift three right */
- tmp = aes_inv_sbox[state->v8[3]];
- state->v8[3] = aes_inv_sbox[state->v8[7]];
- state->v8[7] = aes_inv_sbox[state->v8[11]];
- state->v8[11] = aes_inv_sbox[state->v8[15]];
- state->v8[15] = tmp;
-
- v128_xor_eq(state, round_key);
-}
-
-
-#elif CPU_RISC
-
-static inline void
-aes_round(v128_t *state, const v128_t *round_key) {
- uint32_t column0, column1, column2, column3;
-
- /* compute the columns of the output square in terms of the octets
- of state, using the tables T0, T1, T2, T3 */
-#ifdef WORDS_BIGENDIAN
- column0 = T0[state->v32[0] >> 24] ^ T1[(state->v32[1] >> 16) & 0xff]
- ^ T2[(state->v32[2] >> 8) & 0xff] ^ T3[state->v32[3] & 0xff];
-
- column1 = T0[state->v32[1] >> 24] ^ T1[(state->v32[2] >> 16) & 0xff]
- ^ T2[(state->v32[3] >> 8) & 0xff] ^ T3[state->v32[0] & 0xff];
-
- column2 = T0[state->v32[2] >> 24] ^ T1[(state->v32[3] >> 16) & 0xff]
- ^ T2[(state->v32[0] >> 8) & 0xff] ^ T3[state->v32[1] & 0xff];
-
- column3 = T0[state->v32[3] >> 24] ^ T1[(state->v32[0] >> 16) & 0xff]
- ^ T2[(state->v32[1] >> 8) & 0xff] ^ T3[state->v32[2] & 0xff];
-#else
- column0 = T0[state->v32[0] & 0xff] ^ T1[(state->v32[1] >> 8) & 0xff]
- ^ T2[(state->v32[2] >> 16) & 0xff] ^ T3[state->v32[3] >> 24];
-
- column1 = T0[state->v32[1] & 0xff] ^ T1[(state->v32[2] >> 8) & 0xff]
- ^ T2[(state->v32[3] >> 16) & 0xff] ^ T3[state->v32[0] >> 24];
-
- column2 = T0[state->v32[2] & 0xff] ^ T1[(state->v32[3] >> 8) & 0xff]
- ^ T2[(state->v32[0] >> 16) & 0xff] ^ T3[state->v32[1] >> 24];
-
- column3 = T0[state->v32[3] & 0xff] ^ T1[(state->v32[0] >> 8) & 0xff]
- ^ T2[(state->v32[1] >> 16) & 0xff] ^ T3[state->v32[2] >> 24];
-#endif /* WORDS_BIGENDIAN */
-
- state->v32[0] = column0 ^ round_key->v32[0];
- state->v32[1] = column1 ^ round_key->v32[1];
- state->v32[2] = column2 ^ round_key->v32[2];
- state->v32[3] = column3 ^ round_key->v32[3];
-
-}
-
-static inline void
-aes_inv_round(v128_t *state, const v128_t *round_key) {
- uint32_t column0, column1, column2, column3;
-
- /* compute the columns of the output square in terms of the octets
- of state, using the tables U0, U1, U2, U3 */
-
-#ifdef WORDS_BIGENDIAN
- /* FIX! WRong indexes */
- column0 = U0[state->v32[0] >> 24] ^ U1[(state->v32[3] >> 16) & 0xff]
- ^ U2[(state->v32[2] >> 8) & 0xff] ^ U3[state->v32[1] & 0xff];
-
- column1 = U0[state->v32[1] >> 24] ^ U1[(state->v32[0] >> 16) & 0xff]
- ^ U2[(state->v32[3] >> 8) & 0xff] ^ U3[state->v32[2] & 0xff];
-
- column2 = U0[state->v32[2] >> 24] ^ U1[(state->v32[1] >> 16) & 0xff]
- ^ U2[(state->v32[0] >> 8) & 0xff] ^ U3[state->v32[3] & 0xff];
-
- column3 = U0[state->v32[3] >> 24] ^ U1[(state->v32[2] >> 16) & 0xff]
- ^ U2[(state->v32[1] >> 8) & 0xff] ^ U3[state->v32[0] & 0xff];
-#else
- column0 = U0[state->v32[0] & 0xff] ^ U1[(state->v32[1] >> 8) & 0xff]
- ^ U2[(state->v32[2] >> 16) & 0xff] ^ U3[state->v32[3] >> 24];
-
- column1 = U0[state->v32[1] & 0xff] ^ U1[(state->v32[2] >> 8) & 0xff]
- ^ U2[(state->v32[3] >> 16) & 0xff] ^ U3[state->v32[0] >> 24];
-
- column2 = U0[state->v32[2] & 0xff] ^ U1[(state->v32[3] >> 8) & 0xff]
- ^ U2[(state->v32[0] >> 16) & 0xff] ^ U3[state->v32[1] >> 24];
-
- column3 = U0[state->v32[3] & 0xff] ^ U1[(state->v32[0] >> 8) & 0xff]
- ^ U2[(state->v32[1] >> 16) & 0xff] ^ U3[state->v32[2] >> 24];
-#endif /* WORDS_BIGENDIAN */
-
- state->v32[0] = column0 ^ round_key->v32[0];
- state->v32[1] = column1 ^ round_key->v32[1];
- state->v32[2] = column2 ^ round_key->v32[2];
- state->v32[3] = column3 ^ round_key->v32[3];
-
-}
-
-static inline void
-aes_final_round(v128_t *state, const v128_t *round_key) {
- uint32_t tmp0, tmp1, tmp2, tmp3;
-
- tmp0 = (T4[(state->v32[0] >> 24)] & 0xff000000)
- ^ (T4[(state->v32[1] >> 16) & 0xff] & 0x00ff0000)
- ^ (T4[(state->v32[2] >> 8) & 0xff] & 0x0000ff00)
- ^ (T4[(state->v32[3] ) & 0xff] & 0x000000ff)
- ^ round_key->v32[0];
-
- tmp1 = (T4[(state->v32[1] >> 24)] & 0xff000000)
- ^ (T4[(state->v32[2] >> 16) & 0xff] & 0x00ff0000)
- ^ (T4[(state->v32[3] >> 8) & 0xff] & 0x0000ff00)
- ^ (T4[(state->v32[0] ) & 0xff] & 0x000000ff)
- ^ round_key->v32[1];
-
- tmp2 = (T4[(state->v32[2] >> 24)] & 0xff000000)
- ^ (T4[(state->v32[3] >> 16) & 0xff] & 0x00ff0000)
- ^ (T4[(state->v32[0] >> 8) & 0xff] & 0x0000ff00)
- ^ (T4[(state->v32[1] ) & 0xff] & 0x000000ff)
- ^ round_key->v32[2];
-
- tmp3 = (T4[(state->v32[3] >> 24)] & 0xff000000)
- ^ (T4[(state->v32[0] >> 16) & 0xff] & 0x00ff0000)
- ^ (T4[(state->v32[1] >> 8) & 0xff] & 0x0000ff00)
- ^ (T4[(state->v32[2] ) & 0xff] & 0x000000ff)
- ^ round_key->v32[3];
-
- state->v32[0] = tmp0;
- state->v32[1] = tmp1;
- state->v32[2] = tmp2;
- state->v32[3] = tmp3;
-
-}
-
-static inline void
-aes_inv_final_round(v128_t *state, const v128_t *round_key) {
- uint32_t tmp0, tmp1, tmp2, tmp3;
-
- tmp0 = (U4[(state->v32[0] >> 24)] & 0xff000000)
- ^ (U4[(state->v32[3] >> 16) & 0xff] & 0x00ff0000)
- ^ (U4[(state->v32[2] >> 8) & 0xff] & 0x0000ff00)
- ^ (U4[(state->v32[1] ) & 0xff] & 0x000000ff)
- ^ round_key->v32[0];
-
- tmp1 = (U4[(state->v32[1] >> 24)] & 0xff000000)
- ^ (U4[(state->v32[0] >> 16) & 0xff] & 0x00ff0000)
- ^ (U4[(state->v32[3] >> 8) & 0xff] & 0x0000ff00)
- ^ (U4[(state->v32[2] ) & 0xff] & 0x000000ff)
- ^ round_key->v32[1];
-
- tmp2 = (U4[(state->v32[2] >> 24)] & 0xff000000)
- ^ (U4[(state->v32[1] >> 16) & 0xff] & 0x00ff0000)
- ^ (U4[(state->v32[0] >> 8) & 0xff] & 0x0000ff00)
- ^ (U4[(state->v32[3] ) & 0xff] & 0x000000ff)
- ^ round_key->v32[2];
-
- tmp3 = (U4[(state->v32[3] >> 24)] & 0xff000000)
- ^ (U4[(state->v32[2] >> 16) & 0xff] & 0x00ff0000)
- ^ (U4[(state->v32[1] >> 8) & 0xff] & 0x0000ff00)
- ^ (U4[(state->v32[0] ) & 0xff] & 0x000000ff)
- ^ round_key->v32[3];
-
- state->v32[0] = tmp0;
- state->v32[1] = tmp1;
- state->v32[2] = tmp2;
- state->v32[3] = tmp3;
-
-}
-
-#elif CPU_16 /* assume 16-bit word size on processor */
-
-static inline void
-aes_round(v128_t *state, const v128_t *round_key) {
- uint32_t column0, column1, column2, column3;
- uint16_t c
- /* compute the columns of the output square in terms of the octets
- of state, using the tables T0, T1, T2, T3 */
-
- column0 = T0[state->v8[0]] ^ T1[state->v8[5]]
- ^ T2[state->v8[10]] ^ T3[state->v8[15]];
-
- column1 = T0[state->v8[4]] ^ T1[state->v8[9]]
- ^ T2[state->v8[14]] ^ T3[state->v8[3]];
-
- column2 = T0[state->v8[8]] ^ T1[state->v8[13]]
- ^ T2[state->v8[2]] ^ T3[state->v8[7]];
-
- column3 = T0[state->v8[12]] ^ T1[state->v8[1]]
- ^ T2[state->v8[6]] ^ T3[state->v8[11]];
-
- state->v32[0] = column0 ^ round_key->v32[0];
- state->v32[1] = column1 ^ round_key->v32[1];
- state->v32[2] = column2 ^ round_key->v32[2];
- state->v32[3] = column3 ^ round_key->v32[3];
-
-}
-
-
-static inline void
-aes_inv_round(v128_t *state, const v128_t *round_key) {
- uint32_t column0, column1, column2, column3;
-
- /* compute the columns of the output square in terms of the octets
- of state, using the tables U0, U1, U2, U3 */
-
- column0 = U0[state->v8[0]] ^ U1[state->v8[5]]
- ^ U2[state->v8[10]] ^ U3[state->v8[15]];
-
- column1 = U0[state->v8[4]] ^ U1[state->v8[9]]
- ^ U2[state->v8[14]] ^ U3[state->v8[3]];
-
- column2 = U0[state->v8[8]] ^ U1[state->v8[13]]
- ^ U2[state->v8[2]] ^ U3[state->v8[7]];
-
- column3 = U0[state->v8[12]] ^ U1[state->v8[1]]
- ^ U2[state->v8[6]] ^ U3[state->v8[11]];
-
- state->v32[0] = column0 ^ round_key->v32[0];
- state->v32[1] = column1 ^ round_key->v32[1];
- state->v32[2] = column2 ^ round_key->v32[2];
- state->v32[3] = column3 ^ round_key->v32[3];
-
-}
-
-static inline void
-aes_final_round(v128_t *state, const v128_t *round_key) {
- uint8_t tmp;
-
- /* byte substitutions and row shifts */
- /* first row - no shift */
- state->v8[0] = aes_sbox[state->v8[0]];
- state->v8[4] = aes_sbox[state->v8[4]];
- state->v8[8] = aes_sbox[state->v8[8]];
- state->v8[12] = aes_sbox[state->v8[12]];
-
- /* second row - shift one left */
- tmp = aes_sbox[state->v8[1]];
- state->v8[1] = aes_sbox[state->v8[5]];
- state->v8[5] = aes_sbox[state->v8[9]];
- state->v8[9] = aes_sbox[state->v8[13]];
- state->v8[13] = tmp;
-
- /* third row - shift two left */
- tmp = aes_sbox[state->v8[10]];
- state->v8[10] = aes_sbox[state->v8[2]];
- state->v8[2] = tmp;
- tmp = aes_sbox[state->v8[14]];
- state->v8[14] = aes_sbox[state->v8[6]];
- state->v8[6] = tmp;
-
- /* fourth row - shift three left */
- tmp = aes_sbox[state->v8[15]];
- state->v8[15] = aes_sbox[state->v8[11]];
- state->v8[11] = aes_sbox[state->v8[7]];
- state->v8[7] = aes_sbox[state->v8[3]];
- state->v8[3] = tmp;
-
- v128_xor_eq(state, round_key);
-}
-
-static inline void
-aes_inv_final_round(v128_t *state, const v128_t *round_key) {
- uint8_t tmp;
-
- /* byte substitutions and row shifts */
- /* first row - no shift */
- state->v8[0] = aes_inv_sbox[state->v8[0]];
- state->v8[4] = aes_inv_sbox[state->v8[4]];
- state->v8[8] = aes_inv_sbox[state->v8[8]];
- state->v8[12] = aes_inv_sbox[state->v8[12]];
-
- /* second row - shift one left */
- tmp = aes_inv_sbox[state->v8[1]];
- state->v8[1] = aes_inv_sbox[state->v8[5]];
- state->v8[5] = aes_inv_sbox[state->v8[9]];
- state->v8[9] = aes_inv_sbox[state->v8[13]];
- state->v8[13] = tmp;
-
- /* third row - shift two left */
- tmp = aes_inv_sbox[state->v8[10]];
- state->v8[10] = aes_inv_sbox[state->v8[2]];
- state->v8[2] = tmp;
- tmp = aes_inv_sbox[state->v8[14]];
- state->v8[14] = aes_inv_sbox[state->v8[6]];
- state->v8[6] = tmp;
-
- /* fourth row - shift three left */
- tmp = aes_inv_sbox[state->v8[15]];
- state->v8[15] = aes_inv_sbox[state->v8[11]];
- state->v8[11] = aes_inv_sbox[state->v8[7]];
- state->v8[7] = aes_inv_sbox[state->v8[3]];
- state->v8[3] = tmp;
-
- v128_xor_eq(state, round_key);
-}
-
-#endif /* CPU type */
-
-
-void
-aes_encrypt(v128_t *plaintext, const aes_expanded_key_t exp_key) {
-
- /* add in the subkey */
- v128_xor_eq(plaintext, exp_key + 0);
-
- /* now do nine rounds */
- aes_round(plaintext, exp_key + 1);
- aes_round(plaintext, exp_key + 2);
- aes_round(plaintext, exp_key + 3);
- aes_round(plaintext, exp_key + 4);
- aes_round(plaintext, exp_key + 5);
- aes_round(plaintext, exp_key + 6);
- aes_round(plaintext, exp_key + 7);
- aes_round(plaintext, exp_key + 8);
- aes_round(plaintext, exp_key + 9);
- /* the last round is different */
-
- aes_final_round(plaintext, exp_key + 10);
-}
-
-void
-aes_decrypt(v128_t *plaintext, const aes_expanded_key_t exp_key) {
-
- /* add in the subkey */
- v128_xor_eq(plaintext, exp_key + 0);
-
- /* now do nine rounds */
- aes_inv_round(plaintext, exp_key + 1);
- aes_inv_round(plaintext, exp_key + 2);
- aes_inv_round(plaintext, exp_key + 3);
- aes_inv_round(plaintext, exp_key + 4);
- aes_inv_round(plaintext, exp_key + 5);
- aes_inv_round(plaintext, exp_key + 6);
- aes_inv_round(plaintext, exp_key + 7);
- aes_inv_round(plaintext, exp_key + 8);
- aes_inv_round(plaintext, exp_key + 9);
- /* the last round is different */
- aes_inv_final_round(plaintext, exp_key + 10);
-}
diff --git a/crypto/cipher/aes_cbc.c b/crypto/cipher/aes_cbc.c
deleted file mode 100644
index 8fc6a32..0000000
--- a/crypto/cipher/aes_cbc.c
+++ /dev/null
@@ -1,444 +0,0 @@
-/*
- * aes_cbc.c
- *
- * AES Cipher Block Chaining Mode
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "aes_cbc.h"
-#include "alloc.h"
-
-debug_module_t mod_aes_cbc = {
- 0, /* debugging is off by default */
- "aes cbc" /* printable module name */
-};
-
-
-
-err_status_t
-aes_cbc_alloc(cipher_t **c, int key_len) {
- extern cipher_type_t aes_cbc;
- uint8_t *pointer;
- int tmp;
-
- debug_print(mod_aes_cbc,
- "allocating cipher with key length %d", key_len);
-
- if (key_len != 16)
- return err_status_bad_param;
-
- /* allocate memory a cipher of type aes_icm */
- tmp = (sizeof(aes_cbc_ctx_t) + sizeof(cipher_t));
- pointer = (uint8_t*)crypto_alloc(tmp);
- if (pointer == NULL)
- return err_status_alloc_fail;
-
- /* set pointers */
- *c = (cipher_t *)pointer;
- (*c)->type = &aes_cbc;
- (*c)->state = pointer + sizeof(cipher_t);
-
- /* increment ref_count */
- aes_cbc.ref_count++;
-
- /* set key size */
- (*c)->key_len = key_len;
-
- return err_status_ok;
-}
-
-err_status_t
-aes_cbc_dealloc(cipher_t *c) {
- extern cipher_type_t aes_cbc;
-
- /* zeroize entire state*/
- octet_string_set_to_zero((uint8_t *)c,
- sizeof(aes_cbc_ctx_t) + sizeof(cipher_t));
-
- /* free memory */
- crypto_free(c);
-
- /* decrement ref_count */
- aes_cbc.ref_count--;
-
- return err_status_ok;
-}
-
-err_status_t
-aes_cbc_context_init(aes_cbc_ctx_t *c, const uint8_t *key,
- cipher_direction_t dir) {
- v128_t tmp_key;
-
- /* set tmp_key (for alignment) */
- v128_copy_octet_string(&tmp_key, key);
-
- debug_print(mod_aes_cbc,
- "key: %s", v128_hex_string(&tmp_key));
-
- /* expand key for the appropriate direction */
- switch (dir) {
- case (direction_encrypt):
- aes_expand_encryption_key(&tmp_key, c->expanded_key);
- break;
- case (direction_decrypt):
- aes_expand_decryption_key(&tmp_key, c->expanded_key);
- break;
- default:
- return err_status_bad_param;
- }
-
-
- return err_status_ok;
-}
-
-
-err_status_t
-aes_cbc_set_iv(aes_cbc_ctx_t *c, void *iv) {
- int i;
-/* v128_t *input = iv; */
- uint8_t *input = (uint8_t*) iv;
-
- /* set state and 'previous' block to iv */
- for (i=0; i < 16; i++)
- c->previous.v8[i] = c->state.v8[i] = input[i];
-
- debug_print(mod_aes_cbc, "setting iv: %s", v128_hex_string(&c->state));
-
- return err_status_ok;
-}
-
-err_status_t
-aes_cbc_encrypt(aes_cbc_ctx_t *c,
- unsigned char *data,
- unsigned int *bytes_in_data) {
- int i;
- unsigned char *input = data; /* pointer to data being read */
- unsigned char *output = data; /* pointer to data being written */
- int bytes_to_encr = *bytes_in_data;
-
- /*
- * verify that we're 16-octet aligned
- */
- if (*bytes_in_data & 0xf)
- return err_status_bad_param;
-
- /*
- * note that we assume that the initialization vector has already
- * been set, e.g. by calling aes_cbc_set_iv()
- */
- debug_print(mod_aes_cbc, "iv: %s",
- v128_hex_string(&c->state));
-
- /*
- * loop over plaintext blocks, exoring state into plaintext then
- * encrypting and writing to output
- */
- while (bytes_to_encr > 0) {
-
- /* exor plaintext into state */
- for (i=0; i < 16; i++)
- c->state.v8[i] ^= *input++;
-
- debug_print(mod_aes_cbc, "inblock: %s",
- v128_hex_string(&c->state));
-
- aes_encrypt(&c->state, c->expanded_key);
-
- debug_print(mod_aes_cbc, "outblock: %s",
- v128_hex_string(&c->state));
-
- /* copy ciphertext to output */
- for (i=0; i < 16; i++)
- *output++ = c->state.v8[i];
-
- bytes_to_encr -= 16;
- }
-
- return err_status_ok;
-}
-
-err_status_t
-aes_cbc_decrypt(aes_cbc_ctx_t *c,
- unsigned char *data,
- unsigned int *bytes_in_data) {
- int i;
- v128_t state, previous;
- unsigned char *input = data; /* pointer to data being read */
- unsigned char *output = data; /* pointer to data being written */
- int bytes_to_encr = *bytes_in_data;
- uint8_t tmp;
-
- /*
- * verify that we're 16-octet aligned
- */
- if (*bytes_in_data & 0x0f)
- return err_status_bad_param;
-
- /* set 'previous' block to iv*/
- for (i=0; i < 16; i++) {
- previous.v8[i] = c->previous.v8[i];
- }
-
- debug_print(mod_aes_cbc, "iv: %s",
- v128_hex_string(&previous));
-
- /*
- * loop over ciphertext blocks, decrypting then exoring with state
- * then writing plaintext to output
- */
- while (bytes_to_encr > 0) {
-
- /* set state to ciphertext input block */
- for (i=0; i < 16; i++) {
- state.v8[i] = *input++;
- }
-
- debug_print(mod_aes_cbc, "inblock: %s",
- v128_hex_string(&state));
-
- /* decrypt state */
- aes_decrypt(&state, c->expanded_key);
-
- debug_print(mod_aes_cbc, "outblock: %s",
- v128_hex_string(&state));
-
- /*
- * exor previous ciphertext block out of plaintext, and write new
- * plaintext block to output, while copying old ciphertext block
- * to the 'previous' block
- */
- for (i=0; i < 16; i++) {
- tmp = *output;
- *output++ = state.v8[i] ^ previous.v8[i];
- previous.v8[i] = tmp;
- }
-
- bytes_to_encr -= 16;
- }
-
- return err_status_ok;
-}
-
-
-err_status_t
-aes_cbc_nist_encrypt(aes_cbc_ctx_t *c,
- unsigned char *data,
- unsigned int *bytes_in_data) {
- int i;
- unsigned char *pad_start;
- int num_pad_bytes;
- err_status_t status;
-
- /*
- * determine the number of padding bytes that we need to add -
- * this value is always between 1 and 16, inclusive.
- */
- num_pad_bytes = 16 - (*bytes_in_data & 0xf);
- pad_start = data;
- pad_start += *bytes_in_data;
- *pad_start++ = 0xa0;
- for (i=0; i < num_pad_bytes; i++)
- *pad_start++ = 0x00;
-
- /*
- * increment the data size
- */
- *bytes_in_data += num_pad_bytes;
-
- /*
- * now cbc encrypt the padded data
- */
- status = aes_cbc_encrypt(c, data, bytes_in_data);
- if (status)
- return status;
-
- return err_status_ok;
-}
-
-
-err_status_t
-aes_cbc_nist_decrypt(aes_cbc_ctx_t *c,
- unsigned char *data,
- unsigned int *bytes_in_data) {
- unsigned char *pad_end;
- int num_pad_bytes;
- err_status_t status;
-
- /*
- * cbc decrypt the padded data
- */
- status = aes_cbc_decrypt(c, data, bytes_in_data);
- if (status)
- return status;
-
- /*
- * determine the number of padding bytes in the decrypted plaintext
- * - this value is always between 1 and 16, inclusive.
- */
- num_pad_bytes = 1;
- pad_end = data + (*bytes_in_data - 1);
- while (*pad_end != 0xa0) { /* note: should check padding correctness */
- pad_end--;
- num_pad_bytes++;
- }
-
- /* decrement data size */
- *bytes_in_data -= num_pad_bytes;
-
- return err_status_ok;
-}
-
-
-char
-aes_cbc_description[] = "aes cipher block chaining (cbc) mode";
-
-/*
- * Test case 0 is derived from FIPS 197 Appendix A; it uses an
- * all-zero IV, so that the first block encryption matches the test
- * case in that appendix. This property provides a check of the base
- * AES encryption and decryption algorithms; if CBC fails on some
- * particular platform, then you should print out AES intermediate
- * data and compare with the detailed info provided in that appendix.
- *
- */
-
-
-uint8_t aes_cbc_test_case_0_key[16] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
-};
-
-uint8_t aes_cbc_test_case_0_plaintext[64] = {
- 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
- 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
-};
-
-uint8_t aes_cbc_test_case_0_ciphertext[80] = {
- 0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30,
- 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a,
- 0x03, 0x35, 0xed, 0x27, 0x67, 0xf2, 0x6d, 0xf1,
- 0x64, 0x83, 0x2e, 0x23, 0x44, 0x38, 0x70, 0x8b
-
-};
-
-uint8_t aes_cbc_test_case_0_iv[16] = {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-};
-
-
-cipher_test_case_t aes_cbc_test_case_0 = {
- 16, /* octets in key */
- aes_cbc_test_case_0_key, /* key */
- aes_cbc_test_case_0_iv, /* initialization vector */
- 16, /* octets in plaintext */
- aes_cbc_test_case_0_plaintext, /* plaintext */
- 32, /* octets in ciphertext */
- aes_cbc_test_case_0_ciphertext, /* ciphertext */
- NULL /* pointer to next testcase */
-};
-
-
-/*
- * this test case is taken directly from Appendix F.2 of NIST Special
- * Publication SP 800-38A
- */
-
-uint8_t aes_cbc_test_case_1_key[16] = {
- 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
- 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
-};
-
-uint8_t aes_cbc_test_case_1_plaintext[64] = {
- 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
- 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
- 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
- 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
- 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
- 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
- 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
- 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
-};
-
-uint8_t aes_cbc_test_case_1_ciphertext[80] = {
- 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46,
- 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d,
- 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee,
- 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2,
- 0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b,
- 0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16,
- 0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09,
- 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7,
- 0x39, 0x34, 0x07, 0x03, 0x36, 0xd0, 0x77, 0x99,
- 0xe0, 0xc4, 0x2f, 0xdd, 0xa8, 0xdf, 0x4c, 0xa3
-};
-
-uint8_t aes_cbc_test_case_1_iv[16] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
-};
-
-cipher_test_case_t aes_cbc_test_case_1 = {
- 16, /* octets in key */
- aes_cbc_test_case_1_key, /* key */
- aes_cbc_test_case_1_iv, /* initialization vector */
- 64, /* octets in plaintext */
- aes_cbc_test_case_1_plaintext, /* plaintext */
- 80, /* octets in ciphertext */
- aes_cbc_test_case_1_ciphertext, /* ciphertext */
- &aes_cbc_test_case_0 /* pointer to next testcase */
-};
-
-cipher_type_t aes_cbc = {
- (cipher_alloc_func_t) aes_cbc_alloc,
- (cipher_dealloc_func_t) aes_cbc_dealloc,
- (cipher_init_func_t) aes_cbc_context_init,
- (cipher_encrypt_func_t) aes_cbc_nist_encrypt,
- (cipher_decrypt_func_t) aes_cbc_nist_decrypt,
- (cipher_set_iv_func_t) aes_cbc_set_iv,
- (char *) aes_cbc_description,
- (int) 0, /* instance count */
- (cipher_test_case_t *) &aes_cbc_test_case_0,
- (debug_module_t *) &mod_aes_cbc
-};
-
-
diff --git a/crypto/cipher/aes_icm.c b/crypto/cipher/aes_icm.c
deleted file mode 100644
index 5a38dee..0000000
--- a/crypto/cipher/aes_icm.c
+++ /dev/null
@@ -1,512 +0,0 @@
-/*
- * aes_icm.c
- *
- * AES Integer Counter Mode
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#define ALIGN_32 0
-
-#include "aes_icm.h"
-#include "alloc.h"
-
-
-debug_module_t mod_aes_icm = {
- 0, /* debugging is off by default */
- "aes icm" /* printable module name */
-};
-
-/*
- * integer counter mode works as follows:
- *
- * 16 bits
- * <----->
- * +------+------+------+------+------+------+------+------+
- * | nonce | pakcet index | ctr |---+
- * +------+------+------+------+------+------+------+------+ |
- * |
- * +------+------+------+------+------+------+------+------+ v
- * | salt |000000|->(+)
- * +------+------+------+------+------+------+------+------+ |
- * |
- * +---------+
- * | encrypt |
- * +---------+
- * |
- * +------+------+------+------+------+------+------+------+ |
- * | keystream block |<--+
- * +------+------+------+------+------+------+------+------+
- *
- * All fields are big-endian
- *
- * ctr is the block counter, which increments from zero for
- * each packet (16 bits wide)
- *
- * packet index is distinct for each packet (48 bits wide)
- *
- * nonce can be distinct across many uses of the same key, or
- * can be a fixed value per key, or can be per-packet randomness
- * (64 bits)
- *
- */
-
-err_status_t
-aes_icm_alloc_ismacryp(cipher_t **c, int key_len, int forIsmacryp) {
- extern cipher_type_t aes_icm;
- uint8_t *pointer;
- int tmp;
-
- debug_print(mod_aes_icm,
- "allocating cipher with key length %d", key_len);
-
- /*
- * Ismacryp, for example, uses 16 byte key + 8 byte
- * salt so this function is called with key_len = 24.
- * The check for key_len = 30 does not apply. Our usage
- * of aes functions with key_len = values other than 30
- * has not broken anything. Don't know what would be the
- * effect of skipping this check for srtp in general.
- */
- if (!forIsmacryp && key_len != 30)
- return err_status_bad_param;
-
- /* allocate memory a cipher of type aes_icm */
- tmp = (sizeof(aes_icm_ctx_t) + sizeof(cipher_t));
- pointer = (uint8_t*)crypto_alloc(tmp);
- if (pointer == NULL)
- return err_status_alloc_fail;
-
- /* set pointers */
- *c = (cipher_t *)pointer;
- (*c)->type = &aes_icm;
- (*c)->state = pointer + sizeof(cipher_t);
-
- /* increment ref_count */
- aes_icm.ref_count++;
-
- /* set key size */
- (*c)->key_len = key_len;
-
- return err_status_ok;
-}
-
-err_status_t aes_icm_alloc(cipher_t **c, int key_len, int forIsmacryp) {
- return aes_icm_alloc_ismacryp(c, key_len, 0);
-}
-
-err_status_t
-aes_icm_dealloc(cipher_t *c) {
- extern cipher_type_t aes_icm;
-
- /* zeroize entire state*/
- octet_string_set_to_zero((uint8_t *)c,
- sizeof(aes_icm_ctx_t) + sizeof(cipher_t));
-
- /* free memory */
- crypto_free(c);
-
- /* decrement ref_count */
- aes_icm.ref_count--;
-
- return err_status_ok;
-}
-
-
-/*
- * aes_icm_context_init(...) initializes the aes_icm_context
- * using the value in key[].
- *
- * the key is the secret key
- *
- * the salt is unpredictable (but not necessarily secret) data which
- * randomizes the starting point in the keystream
- */
-
-err_status_t
-aes_icm_context_init(aes_icm_ctx_t *c, const uint8_t *key) {
- v128_t tmp_key;
- int i;
-
- /* set counter and initial values to 'offset' value */
- /* FIX!!! this assumes the salt is at key + 16, and thus that the */
- /* FIX!!! cipher key length is 16! */
- for (i = 0; i < 14; i++) {
- c->counter.v8[i] = key[16 + i];
- c->offset.v8[i] = key[16 + i];
- }
-
- /* force last two octets of the offset to zero (for srtp compatibility) */
- c->offset.v8[14] = c->offset.v8[15] = 0;
- c->counter.v8[14] = c->counter.v8[15] = 0;
-
- /* set tmp_key (for alignment) */
- v128_copy_octet_string(&tmp_key, key);
-
- debug_print(mod_aes_icm,
- "key: %s", v128_hex_string(&tmp_key));
- debug_print(mod_aes_icm,
- "offset: %s", v128_hex_string(&c->offset));
-
- /* expand key */
- aes_expand_encryption_key(&tmp_key, c->expanded_key);
-
- /* indicate that the keystream_buffer is empty */
- c->bytes_in_buffer = 0;
-
- return err_status_ok;
-}
-
-/*
- * aes_icm_set_octet(c, i) sets the counter of the context which it is
- * passed so that the next octet of keystream that will be generated
- * is the ith octet
- */
-
-err_status_t
-aes_icm_set_octet(aes_icm_ctx_t *c,
- uint64_t octet_num) {
-
-#ifdef NO_64BIT_MATH
- int tail_num = low32(octet_num) & 0x0f;
- /* 64-bit right-shift 4 */
- uint64_t block_num = make64(high32(octet_num) >> 4,
- ((high32(octet_num) & 0x0f)<<(32-4)) |
- (low32(octet_num) >> 4));
-#else
- int tail_num = (int)(octet_num % 16);
- uint64_t block_num = octet_num / 16;
-#endif
-
-
- /* set counter value */
- /* FIX - There's no way this is correct */
- c->counter.v64[0] = c->offset.v64[0];
-#ifdef NO_64BIT_MATH
- c->counter.v64[0] = make64(high32(c->offset.v64[0]) ^ high32(block_num),
- low32(c->offset.v64[0]) ^ low32(block_num));
-#else
- c->counter.v64[0] = c->offset.v64[0] ^ block_num;
-#endif
-
- debug_print(mod_aes_icm,
- "set_octet: %s", v128_hex_string(&c->counter));
-
- /* fill keystream buffer, if needed */
- if (tail_num) {
- v128_copy(&c->keystream_buffer, &c->counter);
- aes_encrypt(&c->keystream_buffer, c->expanded_key);
- c->bytes_in_buffer = sizeof(v128_t);
-
- debug_print(mod_aes_icm, "counter: %s",
- v128_hex_string(&c->counter));
- debug_print(mod_aes_icm, "ciphertext: %s",
- v128_hex_string(&c->keystream_buffer));
-
- /* indicate number of bytes in keystream_buffer */
- c->bytes_in_buffer = sizeof(v128_t) - tail_num;
-
- } else {
-
- /* indicate that keystream_buffer is empty */
- c->bytes_in_buffer = 0;
- }
-
- return err_status_ok;
-}
-
-/*
- * aes_icm_set_iv(c, iv) sets the counter value to the exor of iv with
- * the offset
- */
-
-err_status_t
-aes_icm_set_iv(aes_icm_ctx_t *c, void *iv) {
- v128_t *nonce = (v128_t *) iv;
-
- debug_print(mod_aes_icm,
- "setting iv: %s", v128_hex_string(nonce));
-
- v128_xor(&c->counter, &c->offset, nonce);
-
- debug_print(mod_aes_icm,
- "set_counter: %s", v128_hex_string(&c->counter));
-
- /* indicate that the keystream_buffer is empty */
- c->bytes_in_buffer = 0;
-
- return err_status_ok;
-}
-
-
-
-/*
- * aes_icm_advance(...) refills the keystream_buffer and
- * advances the block index of the sicm_context forward by one
- *
- * this is an internal, hopefully inlined function
- */
-
-static inline void
-aes_icm_advance_ismacryp(aes_icm_ctx_t *c, uint8_t forIsmacryp) {
- /* fill buffer with new keystream */
- v128_copy(&c->keystream_buffer, &c->counter);
- aes_encrypt(&c->keystream_buffer, c->expanded_key);
- c->bytes_in_buffer = sizeof(v128_t);
-
- debug_print(mod_aes_icm, "counter: %s",
- v128_hex_string(&c->counter));
- debug_print(mod_aes_icm, "ciphertext: %s",
- v128_hex_string(&c->keystream_buffer));
-
- /* clock counter forward */
-
- if (forIsmacryp) {
- uint32_t temp;
- //alex's clock counter forward
- temp = ntohl(c->counter.v32[3]);
- c->counter.v32[3] = htonl(++temp);
- } else {
- if (!++(c->counter.v8[15]))
- ++(c->counter.v8[14]);
- }
-}
-
-inline void aes_icm_advance(aes_icm_ctx_t *c) {
- aes_icm_advance_ismacryp(c, 0);
-}
-
-
-/*e
- * icm_encrypt deals with the following cases:
- *
- * bytes_to_encr < bytes_in_buffer
- * - add keystream into data
- *
- * bytes_to_encr > bytes_in_buffer
- * - add keystream into data until keystream_buffer is depleted
- * - loop over blocks, filling keystream_buffer and then
- * adding keystream into data
- * - fill buffer then add in remaining (< 16) bytes of keystream
- */
-
-err_status_t
-aes_icm_encrypt_ismacryp(aes_icm_ctx_t *c,
- unsigned char *buf, unsigned int *enc_len,
- int forIsmacryp) {
- unsigned int bytes_to_encr = *enc_len;
- unsigned int i;
- uint32_t *b;
-
- /* check that there's enough segment left but not for ismacryp*/
- if (!forIsmacryp && (bytes_to_encr + htons(c->counter.v16[7])) > 0xffff)
- return err_status_terminus;
-
- debug_print(mod_aes_icm, "block index: %d",
- htons(c->counter.v16[7]));
- if (bytes_to_encr <= (unsigned int)c->bytes_in_buffer) {
-
- /* deal with odd case of small bytes_to_encr */
- for (i = (sizeof(v128_t) - c->bytes_in_buffer);
- i < (sizeof(v128_t) - c->bytes_in_buffer + bytes_to_encr); i++)
- {
- *buf++ ^= c->keystream_buffer.v8[i];
- }
-
- c->bytes_in_buffer -= bytes_to_encr;
-
- /* return now to avoid the main loop */
- return err_status_ok;
-
- } else {
-
- /* encrypt bytes until the remaining data is 16-byte aligned */
- for (i=(sizeof(v128_t) - c->bytes_in_buffer); i < sizeof(v128_t); i++)
- *buf++ ^= c->keystream_buffer.v8[i];
-
- bytes_to_encr -= c->bytes_in_buffer;
- c->bytes_in_buffer = 0;
-
- }
-
- /* now loop over entire 16-byte blocks of keystream */
- for (i=0; i < (bytes_to_encr/sizeof(v128_t)); i++) {
-
- /* fill buffer with new keystream */
- aes_icm_advance_ismacryp(c, forIsmacryp);
-
- /*
- * add keystream into the data buffer (this would be a lot faster
- * if we could assume 32-bit alignment!)
- */
-
-#if ALIGN_32
- b = (uint32_t *)buf;
- *b++ ^= c->keystream_buffer.v32[0];
- *b++ ^= c->keystream_buffer.v32[1];
- *b++ ^= c->keystream_buffer.v32[2];
- *b++ ^= c->keystream_buffer.v32[3];
- buf = (uint8_t *)b;
-#else
- if ((((unsigned long) buf) & 0x03) != 0) {
- *buf++ ^= c->keystream_buffer.v8[0];
- *buf++ ^= c->keystream_buffer.v8[1];
- *buf++ ^= c->keystream_buffer.v8[2];
- *buf++ ^= c->keystream_buffer.v8[3];
- *buf++ ^= c->keystream_buffer.v8[4];
- *buf++ ^= c->keystream_buffer.v8[5];
- *buf++ ^= c->keystream_buffer.v8[6];
- *buf++ ^= c->keystream_buffer.v8[7];
- *buf++ ^= c->keystream_buffer.v8[8];
- *buf++ ^= c->keystream_buffer.v8[9];
- *buf++ ^= c->keystream_buffer.v8[10];
- *buf++ ^= c->keystream_buffer.v8[11];
- *buf++ ^= c->keystream_buffer.v8[12];
- *buf++ ^= c->keystream_buffer.v8[13];
- *buf++ ^= c->keystream_buffer.v8[14];
- *buf++ ^= c->keystream_buffer.v8[15];
- } else {
- b = (uint32_t *)buf;
- *b++ ^= c->keystream_buffer.v32[0];
- *b++ ^= c->keystream_buffer.v32[1];
- *b++ ^= c->keystream_buffer.v32[2];
- *b++ ^= c->keystream_buffer.v32[3];
- buf = (uint8_t *)b;
- }
-#endif /* #if ALIGN_32 */
-
- }
-
- /* if there is a tail end of the data, process it */
- if ((bytes_to_encr & 0xf) != 0) {
-
- /* fill buffer with new keystream */
- aes_icm_advance_ismacryp(c, forIsmacryp);
-
- for (i=0; i < (bytes_to_encr & 0xf); i++)
- *buf++ ^= c->keystream_buffer.v8[i];
-
- /* reset the keystream buffer size to right value */
- c->bytes_in_buffer = sizeof(v128_t) - i;
- } else {
-
- /* no tail, so just reset the keystream buffer size to zero */
- c->bytes_in_buffer = 0;
-
- }
-
- return err_status_ok;
-}
-
-err_status_t
-aes_icm_encrypt(aes_icm_ctx_t *c, unsigned char *buf, unsigned int *enc_len) {
- return aes_icm_encrypt_ismacryp(c, buf, enc_len, 0);
-}
-
-err_status_t
-aes_icm_output(aes_icm_ctx_t *c, uint8_t *buffer, int num_octets_to_output) {
- unsigned int len = num_octets_to_output;
-
- /* zeroize the buffer */
- octet_string_set_to_zero(buffer, num_octets_to_output);
-
- /* exor keystream into buffer */
- return aes_icm_encrypt(c, buffer, &len);
-}
-
-
-char
-aes_icm_description[] = "aes integer counter mode";
-
-uint8_t aes_icm_test_case_0_key[30] = {
- 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
- 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
- 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
- 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
-};
-
-uint8_t aes_icm_test_case_0_nonce[16] = {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-};
-
-uint8_t aes_icm_test_case_0_plaintext[32] = {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-};
-
-uint8_t aes_icm_test_case_0_ciphertext[32] = {
- 0xe0, 0x3e, 0xad, 0x09, 0x35, 0xc9, 0x5e, 0x80,
- 0xe1, 0x66, 0xb1, 0x6d, 0xd9, 0x2b, 0x4e, 0xb4,
- 0xd2, 0x35, 0x13, 0x16, 0x2b, 0x02, 0xd0, 0xf7,
- 0x2a, 0x43, 0xa2, 0xfe, 0x4a, 0x5f, 0x97, 0xab
-};
-
-cipher_test_case_t aes_icm_test_case_0 = {
- 30, /* octets in key */
- aes_icm_test_case_0_key, /* key */
- aes_icm_test_case_0_nonce, /* packet index */
- 32, /* octets in plaintext */
- aes_icm_test_case_0_plaintext, /* plaintext */
- 32, /* octets in ciphertext */
- aes_icm_test_case_0_ciphertext, /* ciphertext */
- NULL /* pointer to next testcase */
-};
-
-
-/*
- * note: the encrypt function is identical to the decrypt function
- */
-
-cipher_type_t aes_icm = {
- (cipher_alloc_func_t) aes_icm_alloc,
- (cipher_dealloc_func_t) aes_icm_dealloc,
- (cipher_init_func_t) aes_icm_context_init,
- (cipher_encrypt_func_t) aes_icm_encrypt,
- (cipher_decrypt_func_t) aes_icm_encrypt,
- (cipher_set_iv_func_t) aes_icm_set_iv,
- (char *) aes_icm_description,
- (int) 0, /* instance count */
- (cipher_test_case_t *) &aes_icm_test_case_0,
- (debug_module_t *) &mod_aes_icm
-};
diff --git a/crypto/cipher/cipher.c b/crypto/cipher/cipher.c
deleted file mode 100644
index 573c5e2..0000000
--- a/crypto/cipher/cipher.c
+++ /dev/null
@@ -1,407 +0,0 @@
-/*
- * cipher.c
- *
- * cipher meta-functions
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- *
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "cipher.h"
-#include "rand_source.h" /* used in invertibiltiy tests */
-#include "alloc.h" /* for crypto_alloc(), crypto_free() */
-
-debug_module_t mod_cipher = {
- 0, /* debugging is off by default */
- "cipher" /* printable module name */
-};
-
-err_status_t
-cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output) {
-
- /* zeroize the buffer */
- octet_string_set_to_zero(buffer, num_octets_to_output);
-
- /* exor keystream into buffer */
- return cipher_encrypt(c, buffer, (unsigned int *) &num_octets_to_output);
-}
-
-/* some bookkeeping functions */
-
-int
-cipher_get_key_length(const cipher_t *c) {
- return c->key_len;
-}
-
-/*
- * cipher_type_self_test(ct) tests a cipher of type ct against test cases
- * provided in an array of values of key, salt, xtd_seq_num_t,
- * plaintext, and ciphertext that is known to be good
- */
-
-#define SELF_TEST_BUF_OCTETS 128
-#define NUM_RAND_TESTS 128
-#define MAX_KEY_LEN 64
-
-err_status_t
-cipher_type_self_test(const cipher_type_t *ct) {
- const cipher_test_case_t *test_case = ct->test_data;
- cipher_t *c;
- err_status_t status;
- uint8_t buffer[SELF_TEST_BUF_OCTETS];
- uint8_t buffer2[SELF_TEST_BUF_OCTETS];
- unsigned int len;
- int i, j, case_num = 0;
-
- debug_print(mod_cipher, "running self-test for cipher %s",
- ct->description);
-
- /*
- * check to make sure that we have at least one test case, and
- * return an error if we don't - we need to be paranoid here
- */
- if (test_case == NULL)
- return err_status_cant_check;
-
- /*
- * loop over all test cases, perform known-answer tests of both the
- * encryption and decryption functions
- */
- while (test_case != NULL) {
-
- /* allocate cipher */
- status = cipher_type_alloc(ct, &c, test_case->key_length_octets);
- if (status)
- return status;
-
- /*
- * test the encrypt function
- */
- debug_print(mod_cipher, "testing encryption", NULL);
-
- /* initialize cipher */
- status = cipher_init(c, test_case->key, direction_encrypt);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- /* copy plaintext into test buffer */
- if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
- cipher_dealloc(c);
- return err_status_bad_param;
- }
- for (i=0; i < test_case->plaintext_length_octets; i++)
- buffer[i] = test_case->plaintext[i];
-
- debug_print(mod_cipher, "plaintext: %s",
- octet_string_hex_string(buffer,
- test_case->plaintext_length_octets));
-
- /* set the initialization vector */
- status = cipher_set_iv(c, test_case->idx);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- /* encrypt */
- len = test_case->plaintext_length_octets;
- status = cipher_encrypt(c, buffer, &len);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- debug_print(mod_cipher, "ciphertext: %s",
- octet_string_hex_string(buffer,
- test_case->ciphertext_length_octets));
-
- /* compare the resulting ciphertext with that in the test case */
- if (len != test_case->ciphertext_length_octets)
- return err_status_algo_fail;
- status = err_status_ok;
- for (i=0; i < test_case->ciphertext_length_octets; i++)
- if (buffer[i] != test_case->ciphertext[i]) {
- status = err_status_algo_fail;
- debug_print(mod_cipher, "test case %d failed", case_num);
- debug_print(mod_cipher, "(failure at byte %d)", i);
- break;
- }
- if (status) {
-
- debug_print(mod_cipher, "c computed: %s",
- octet_string_hex_string(buffer,
- 2*test_case->plaintext_length_octets));
- debug_print(mod_cipher, "c expected: %s",
- octet_string_hex_string(test_case->ciphertext,
- 2*test_case->plaintext_length_octets));
-
- cipher_dealloc(c);
- return err_status_algo_fail;
- }
-
- /*
- * test the decrypt function
- */
- debug_print(mod_cipher, "testing decryption", NULL);
-
- /* re-initialize cipher for decryption */
- status = cipher_init(c, test_case->key, direction_decrypt);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- /* copy ciphertext into test buffer */
- if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
- cipher_dealloc(c);
- return err_status_bad_param;
- }
- for (i=0; i < test_case->ciphertext_length_octets; i++)
- buffer[i] = test_case->ciphertext[i];
-
- debug_print(mod_cipher, "ciphertext: %s",
- octet_string_hex_string(buffer,
- test_case->plaintext_length_octets));
-
- /* set the initialization vector */
- status = cipher_set_iv(c, test_case->idx);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- /* decrypt */
- len = test_case->ciphertext_length_octets;
- status = cipher_decrypt(c, buffer, &len);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- debug_print(mod_cipher, "plaintext: %s",
- octet_string_hex_string(buffer,
- test_case->plaintext_length_octets));
-
- /* compare the resulting plaintext with that in the test case */
- if (len != test_case->plaintext_length_octets)
- return err_status_algo_fail;
- status = err_status_ok;
- for (i=0; i < test_case->plaintext_length_octets; i++)
- if (buffer[i] != test_case->plaintext[i]) {
- status = err_status_algo_fail;
- debug_print(mod_cipher, "test case %d failed", case_num);
- debug_print(mod_cipher, "(failure at byte %d)", i);
- }
- if (status) {
-
- debug_print(mod_cipher, "p computed: %s",
- octet_string_hex_string(buffer,
- 2*test_case->plaintext_length_octets));
- debug_print(mod_cipher, "p expected: %s",
- octet_string_hex_string(test_case->plaintext,
- 2*test_case->plaintext_length_octets));
-
- cipher_dealloc(c);
- return err_status_algo_fail;
- }
-
- /* deallocate the cipher */
- status = cipher_dealloc(c);
- if (status)
- return status;
-
- /*
- * the cipher passed the test case, so move on to the next test
- * case in the list; if NULL, we'l proceed to the next test
- */
- test_case = test_case->next_test_case;
- ++case_num;
- }
-
- /* now run some random invertibility tests */
-
- /* allocate cipher, using paramaters from the first test case */
- test_case = ct->test_data;
- status = cipher_type_alloc(ct, &c, test_case->key_length_octets);
- if (status)
- return status;
-
- rand_source_init();
-
- for (j=0; j < NUM_RAND_TESTS; j++) {
- unsigned length;
- int plaintext_len;
- uint8_t key[MAX_KEY_LEN];
- uint8_t iv[MAX_KEY_LEN];
-
- /* choose a length at random (leaving room for IV and padding) */
- length = rand() % (SELF_TEST_BUF_OCTETS - 64);
- debug_print(mod_cipher, "random plaintext length %d\n", length);
- status = rand_source_get_octet_string(buffer, length);
- if (status) return status;
-
- debug_print(mod_cipher, "plaintext: %s",
- octet_string_hex_string(buffer, length));
-
- /* copy plaintext into second buffer */
- for (i=0; (unsigned int)i < length; i++)
- buffer2[i] = buffer[i];
-
- /* choose a key at random */
- if (test_case->key_length_octets > MAX_KEY_LEN)
- return err_status_cant_check;
- status = rand_source_get_octet_string(key, test_case->key_length_octets);
- if (status) return status;
-
- /* chose a random initialization vector */
- status = rand_source_get_octet_string(iv, MAX_KEY_LEN);
- if (status) return status;
-
- /* initialize cipher */
- status = cipher_init(c, key, direction_encrypt);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- /* set initialization vector */
- status = cipher_set_iv(c, test_case->idx);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- /* encrypt buffer with cipher */
- plaintext_len = length;
- status = cipher_encrypt(c, buffer, &length);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
- debug_print(mod_cipher, "ciphertext: %s",
- octet_string_hex_string(buffer, length));
-
- /*
- * re-initialize cipher for decryption, re-set the iv, then
- * decrypt the ciphertext
- */
- status = cipher_init(c, key, direction_decrypt);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
- status = cipher_set_iv(c, test_case->idx);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
- status = cipher_decrypt(c, buffer, &length);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- debug_print(mod_cipher, "plaintext[2]: %s",
- octet_string_hex_string(buffer, length));
-
- /* compare the resulting plaintext with the original one */
- if (length != plaintext_len)
- return err_status_algo_fail;
- status = err_status_ok;
- for (i=0; i < plaintext_len; i++)
- if (buffer[i] != buffer2[i]) {
- status = err_status_algo_fail;
- debug_print(mod_cipher, "random test case %d failed", case_num);
- debug_print(mod_cipher, "(failure at byte %d)", i);
- }
- if (status) {
- cipher_dealloc(c);
- return err_status_algo_fail;
- }
-
- }
-
- return err_status_ok;
-}
-
-
-/*
- * cipher_bits_per_second(c, l, t) computes (an estimate of) the
- * number of bits that a cipher implementation can encrypt in a second
- *
- * c is a cipher (which MUST be allocated and initialized already), l
- * is the length in octets of the test data to be encrypted, and t is
- * the number of trials
- *
- * if an error is encountered, the value 0 is returned
- */
-
-uint64_t
-cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials) {
- int i;
- v128_t nonce;
- clock_t timer;
- unsigned char *enc_buf;
- unsigned int len = octets_in_buffer;
-
- enc_buf = (unsigned char*) crypto_alloc(octets_in_buffer);
- if (enc_buf == NULL)
- return 0; /* indicate bad parameters by returning null */
-
- /* time repeated trials */
- v128_set_to_zero(&nonce);
- timer = clock();
- for(i=0; i < num_trials; i++, nonce.v32[3] = i) {
- cipher_set_iv(c, &nonce);
- cipher_encrypt(c, enc_buf, &len);
- }
- timer = clock() - timer;
-
- crypto_free(enc_buf);
-
- if (timer == 0) {
- /* Too fast! */
- return 0;
- }
-
- return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
-}
diff --git a/crypto/cipher/null_cipher.c b/crypto/cipher/null_cipher.c
deleted file mode 100644
index 721f50c..0000000
--- a/crypto/cipher/null_cipher.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/*
- * null_cipher.c
- *
- * A null cipher implementation. This cipher leaves the plaintext
- * unchanged.
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "datatypes.h"
-#include "null_cipher.h"
-#include "alloc.h"
-
-/* the null_cipher uses the cipher debug module */
-
-extern debug_module_t mod_cipher;
-
-err_status_t
-null_cipher_alloc(cipher_t **c, int key_len) {
- extern cipher_type_t null_cipher;
- uint8_t *pointer;
-
- debug_print(mod_cipher,
- "allocating cipher with key length %d", key_len);
-
- /* allocate memory a cipher of type null_cipher */
- pointer = (uint8_t*)crypto_alloc(sizeof(null_cipher_ctx_t) + sizeof(cipher_t));
- if (pointer == NULL)
- return err_status_alloc_fail;
-
- /* set pointers */
- *c = (cipher_t *)pointer;
- (*c)->type = &null_cipher;
- (*c)->state = pointer + sizeof(cipher_t);
-
- /* set key size */
- (*c)->key_len = key_len;
-
- /* increment ref_count */
- null_cipher.ref_count++;
-
- return err_status_ok;
-
-}
-
-err_status_t
-null_cipher_dealloc(cipher_t *c) {
- extern cipher_type_t null_cipher;
-
- /* zeroize entire state*/
- octet_string_set_to_zero((uint8_t *)c,
- sizeof(null_cipher_ctx_t) + sizeof(cipher_t));
-
- /* free memory of type null_cipher */
- crypto_free(c);
-
- /* decrement reference count */
- null_cipher.ref_count--;
-
- return err_status_ok;
-
-}
-
-err_status_t
-null_cipher_init(null_cipher_ctx_t *ctx, const uint8_t *key) {
-
- debug_print(mod_cipher, "initializing null cipher", NULL);
-
- return err_status_ok;
-}
-
-err_status_t
-null_cipher_set_iv(null_cipher_ctx_t *c, void *iv) {
- return err_status_ok;
-}
-
-err_status_t
-null_cipher_encrypt(null_cipher_ctx_t *c,
- unsigned char *buf, unsigned int *bytes_to_encr) {
- return err_status_ok;
-}
-
-char
-null_cipher_description[] = "null cipher";
-
-cipher_test_case_t
-null_cipher_test_0 = {
- 0, /* octets in key */
- NULL, /* key */
- 0, /* packet index */
- 0, /* octets in plaintext */
- NULL, /* plaintext */
- 0, /* octets in plaintext */
- NULL, /* ciphertext */
- NULL /* pointer to next testcase */
-};
-
-
-/*
- * note: the decrypt function is idential to the encrypt function
- */
-
-cipher_type_t null_cipher = {
- (cipher_alloc_func_t) null_cipher_alloc,
- (cipher_dealloc_func_t) null_cipher_dealloc,
- (cipher_init_func_t) null_cipher_init,
- (cipher_encrypt_func_t) null_cipher_encrypt,
- (cipher_decrypt_func_t) null_cipher_encrypt,
- (cipher_set_iv_func_t) null_cipher_set_iv,
- (char *) null_cipher_description,
- (int) 0,
- (cipher_test_case_t *) &null_cipher_test_0,
- (debug_module_t *) NULL
-};
-
diff --git a/crypto/hash/auth.c b/crypto/hash/auth.c
deleted file mode 100644
index 8eb722d..0000000
--- a/crypto/hash/auth.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/*
- * auth.c
- *
- * some bookkeeping functions for authentication functions
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "auth.h"
-
-/* the debug module for authentiation */
-
-debug_module_t mod_auth = {
- 0, /* debugging is off by default */
- "auth func" /* printable name for module */
-};
-
-
-int
-auth_get_key_length(const auth_t *a) {
- return a->key_len;
-}
-
-int
-auth_get_tag_length(const auth_t *a) {
- return a->out_len;
-}
-
-int
-auth_get_prefix_length(const auth_t *a) {
- return a->prefix_len;
-}
-
-int
-auth_type_get_ref_count(const auth_type_t *at) {
- return at->ref_count;
-}
-
-/*
- * auth_type_self_test() tests an auth function of type ct against
- * test cases provided in an array of values of key, data, and tag
- * that is known to be good
- */
-
-/* should be big enough for most occasions */
-#define SELF_TEST_TAG_BUF_OCTETS 32
-
-err_status_t
-auth_type_self_test(const auth_type_t *at) {
- auth_test_case_t *test_case = at->test_data;
- auth_t *a;
- err_status_t status;
- uint8_t tag[SELF_TEST_TAG_BUF_OCTETS];
- int i, case_num = 0;
-
- debug_print(mod_auth, "running self-test for auth function %s",
- at->description);
-
- /*
- * check to make sure that we have at least one test case, and
- * return an error if we don't - we need to be paranoid here
- */
- if (test_case == NULL)
- return err_status_cant_check;
-
- /* loop over all test cases */
- while (test_case != NULL) {
-
- /* check test case parameters */
- if (test_case->tag_length_octets > SELF_TEST_TAG_BUF_OCTETS)
- return err_status_bad_param;
-
- /* allocate auth */
- status = auth_type_alloc(at, &a, test_case->key_length_octets,
- test_case->tag_length_octets);
- if (status)
- return status;
-
- /* initialize auth */
- status = auth_init(a, test_case->key);
- if (status) {
- auth_dealloc(a);
- return status;
- }
-
- /* zeroize tag then compute */
- octet_string_set_to_zero(tag, test_case->tag_length_octets);
- status = auth_compute(a, test_case->data,
- test_case->data_length_octets, tag);
- if (status) {
- auth_dealloc(a);
- return status;
- }
-
- debug_print(mod_auth, "key: %s",
- octet_string_hex_string(test_case->key,
- test_case->key_length_octets));
- debug_print(mod_auth, "data: %s",
- octet_string_hex_string(test_case->data,
- test_case->data_length_octets));
- debug_print(mod_auth, "tag computed: %s",
- octet_string_hex_string(tag, test_case->tag_length_octets));
- debug_print(mod_auth, "tag expected: %s",
- octet_string_hex_string(test_case->tag,
- test_case->tag_length_octets));
-
- /* check the result */
- status = err_status_ok;
- for (i=0; i < test_case->tag_length_octets; i++)
- if (tag[i] != test_case->tag[i]) {
- status = err_status_algo_fail;
- debug_print(mod_auth, "test case %d failed", case_num);
- debug_print(mod_auth, " (mismatch at octet %d)", i);
- }
- if (status) {
- auth_dealloc(a);
- return err_status_algo_fail;
- }
-
- /* deallocate the auth function */
- status = auth_dealloc(a);
- if (status)
- return status;
-
- /*
- * the auth function passed the test case, so move on to the next test
- * case in the list; if NULL, we'll quit and return an OK
- */
- test_case = test_case->next_test_case;
- ++case_num;
- }
-
- return err_status_ok;
-}
-
-
diff --git a/crypto/hash/hmac.c b/crypto/hash/hmac.c
deleted file mode 100644
index 4336cf0..0000000
--- a/crypto/hash/hmac.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/*
- * hmac.c
- *
- * implementation of hmac auth_type_t
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright(c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "hmac.h"
-#include "alloc.h"
-
-/* the debug module for authentiation */
-
-debug_module_t mod_hmac = {
- 0, /* debugging is off by default */
- "hmac sha-1" /* printable name for module */
-};
-
-
-err_status_t
-hmac_alloc(auth_t **a, int key_len, int out_len) {
- extern auth_type_t hmac;
- uint8_t *pointer;
-
- debug_print(mod_hmac, "allocating auth func with key length %d", key_len);
- debug_print(mod_hmac, " tag length %d", out_len);
-
- /*
- * check key length - note that we don't support keys larger
- * than 20 bytes yet
- */
- if (key_len > 20)
- return err_status_bad_param;
-
- /* check output length - should be less than 20 bytes */
- if (out_len > 20)
- return err_status_bad_param;
-
- /* allocate memory for auth and hmac_ctx_t structures */
- pointer = (uint8_t*)crypto_alloc(sizeof(hmac_ctx_t) + sizeof(auth_t));
- if (pointer == NULL)
- return err_status_alloc_fail;
-
- /* set pointers */
- *a = (auth_t *)pointer;
- (*a)->type = &hmac;
- (*a)->state = pointer + sizeof(auth_t);
- (*a)->out_len = out_len;
- (*a)->key_len = key_len;
- (*a)->prefix_len = 0;
-
- /* increment global count of all hmac uses */
- hmac.ref_count++;
-
- return err_status_ok;
-}
-
-err_status_t
-hmac_dealloc(auth_t *a) {
- extern auth_type_t hmac;
-
- /* zeroize entire state*/
- octet_string_set_to_zero((uint8_t *)a,
- sizeof(hmac_ctx_t) + sizeof(auth_t));
-
- /* free memory */
- crypto_free(a);
-
- /* decrement global count of all hmac uses */
- hmac.ref_count--;
-
- return err_status_ok;
-}
-
-err_status_t
-hmac_init(hmac_ctx_t *state, const uint8_t *key, int key_len) {
- int i;
- uint8_t ipad[64];
-
- /*
- * check key length - note that we don't support keys larger
- * than 20 bytes yet
- */
- if (key_len > 20)
- return err_status_bad_param;
-
- /*
- * set values of ipad and opad by exoring the key into the
- * appropriate constant values
- */
- for (i=0; i < key_len; i++) {
- ipad[i] = key[i] ^ 0x36;
- state->opad[i] = key[i] ^ 0x5c;
- }
- /* set the rest of ipad, opad to constant values */
- for ( ; i < 64; i++) {
- ipad[i] = 0x36;
- ((uint8_t *)state->opad)[i] = 0x5c;
- }
-
- debug_print(mod_hmac, "ipad: %s", octet_string_hex_string(ipad, 64));
-
- /* initialize sha1 context */
- sha1_init(&state->init_ctx);
-
- /* hash ipad ^ key */
- sha1_update(&state->init_ctx, ipad, 64);
- memcpy(&state->ctx, &state->init_ctx, sizeof(sha1_ctx_t));
-
- return err_status_ok;
-}
-
-err_status_t
-hmac_start(hmac_ctx_t *state) {
-
- memcpy(&state->ctx, &state->init_ctx, sizeof(sha1_ctx_t));
-
- return err_status_ok;
-}
-
-err_status_t
-hmac_update(hmac_ctx_t *state, const uint8_t *message, int msg_octets) {
-
- debug_print(mod_hmac, "input: %s",
- octet_string_hex_string(message, msg_octets));
-
- /* hash message into sha1 context */
- sha1_update(&state->ctx, message, msg_octets);
-
- return err_status_ok;
-}
-
-err_status_t
-hmac_compute(hmac_ctx_t *state, const void *message,
- int msg_octets, int tag_len, uint8_t *result) {
- uint32_t hash_value[5];
- uint32_t H[5];
- int i;
-
- /* check tag length, return error if we can't provide the value expected */
- if (tag_len > 20)
- return err_status_bad_param;
-
- /* hash message, copy output into H */
- hmac_update(state, (const uint8_t*)message, msg_octets);
- sha1_final(&state->ctx, H);
-
- /*
- * note that we don't need to debug_print() the input, since the
- * function hmac_update() already did that for us
- */
- debug_print(mod_hmac, "intermediate state: %s",
- octet_string_hex_string((uint8_t *)H, 20));
-
- /* re-initialize hash context */
- sha1_init(&state->ctx);
-
- /* hash opad ^ key */
- sha1_update(&state->ctx, (uint8_t *)state->opad, 64);
-
- /* hash the result of the inner hash */
- sha1_update(&state->ctx, (uint8_t *)H, 20);
-
- /* the result is returned in the array hash_value[] */
- sha1_final(&state->ctx, hash_value);
-
- /* copy hash_value to *result */
- for (i=0; i < tag_len; i++)
- result[i] = ((uint8_t *)hash_value)[i];
-
- debug_print(mod_hmac, "output: %s",
- octet_string_hex_string((uint8_t *)hash_value, tag_len));
-
- return err_status_ok;
-}
-
-
-/* begin test case 0 */
-
-uint8_t
-hmac_test_case_0_key[20] = {
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b
-};
-
-uint8_t
-hmac_test_case_0_data[8] = {
- 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 /* "Hi There" */
-};
-
-uint8_t
-hmac_test_case_0_tag[20] = {
- 0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64,
- 0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e,
- 0xf1, 0x46, 0xbe, 0x00
-};
-
-auth_test_case_t
-hmac_test_case_0 = {
- 20, /* octets in key */
- hmac_test_case_0_key, /* key */
- 8, /* octets in data */
- hmac_test_case_0_data, /* data */
- 20, /* octets in tag */
- hmac_test_case_0_tag, /* tag */
- NULL /* pointer to next testcase */
-};
-
-/* end test case 0 */
-
-char hmac_description[] = "hmac sha-1 authentication function";
-
-/*
- * auth_type_t hmac is the hmac metaobject
- */
-
-auth_type_t
-hmac = {
- (auth_alloc_func) hmac_alloc,
- (auth_dealloc_func) hmac_dealloc,
- (auth_init_func) hmac_init,
- (auth_compute_func) hmac_compute,
- (auth_update_func) hmac_update,
- (auth_start_func) hmac_start,
- (char *) hmac_description,
- (int) 0, /* instance count */
- (auth_test_case_t *) &hmac_test_case_0,
- (debug_module_t *) &mod_hmac
-};
-
diff --git a/crypto/hash/null_auth.c b/crypto/hash/null_auth.c
deleted file mode 100644
index d73f3f8..0000000
--- a/crypto/hash/null_auth.c
+++ /dev/null
@@ -1,159 +0,0 @@
-/*
- * null_auth.c
- *
- * implements the do-nothing auth algorithm
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- *
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "null_auth.h"
-#include "alloc.h"
-
-/* null_auth uses the auth debug module */
-
-extern debug_module_t mod_auth;
-
-err_status_t
-null_auth_alloc(auth_t **a, int key_len, int out_len) {
- extern auth_type_t null_auth;
- uint8_t *pointer;
-
- debug_print(mod_auth, "allocating auth func with key length %d", key_len);
- debug_print(mod_auth, " tag length %d", out_len);
-
- /* allocate memory for auth and null_auth_ctx_t structures */
- pointer = (uint8_t*)crypto_alloc(sizeof(null_auth_ctx_t) + sizeof(auth_t));
- if (pointer == NULL)
- return err_status_alloc_fail;
-
- /* set pointers */
- *a = (auth_t *)pointer;
- (*a)->type = &null_auth;
- (*a)->state = pointer + sizeof (auth_t);
- (*a)->out_len = out_len;
- (*a)->prefix_len = out_len;
- (*a)->key_len = key_len;
-
- /* increment global count of all null_auth uses */
- null_auth.ref_count++;
-
- return err_status_ok;
-}
-
-err_status_t
-null_auth_dealloc(auth_t *a) {
- extern auth_type_t null_auth;
-
- /* zeroize entire state*/
- octet_string_set_to_zero((uint8_t *)a,
- sizeof(null_auth_ctx_t) + sizeof(auth_t));
-
- /* free memory */
- crypto_free(a);
-
- /* decrement global count of all null_auth uses */
- null_auth.ref_count--;
-
- return err_status_ok;
-}
-
-err_status_t
-null_auth_init(null_auth_ctx_t *state, const uint8_t *key, int key_len) {
-
- /* accept any length of key, and do nothing */
-
- return err_status_ok;
-}
-
-err_status_t
-null_auth_compute(null_auth_ctx_t *state, uint8_t *message,
- int msg_octets, int tag_len, uint8_t *result) {
-
- return err_status_ok;
-}
-
-err_status_t
-null_auth_update(null_auth_ctx_t *state, uint8_t *message,
- int msg_octets) {
-
- return err_status_ok;
-}
-
-err_status_t
-null_auth_start(null_auth_ctx_t *state) {
- return err_status_ok;
-}
-
-/*
- * auth_type_t - defines description, test case, and null_auth
- * metaobject
- */
-
-/* begin test case 0 */
-
-auth_test_case_t
-null_auth_test_case_0 = {
- 0, /* octets in key */
- NULL, /* key */
- 0, /* octets in data */
- NULL, /* data */
- 0, /* octets in tag */
- NULL, /* tag */
- NULL /* pointer to next testcase */
-};
-
-/* end test case 0 */
-
-char null_auth_description[] = "null authentication function";
-
-auth_type_t
-null_auth = {
- (auth_alloc_func) null_auth_alloc,
- (auth_dealloc_func) null_auth_dealloc,
- (auth_init_func) null_auth_init,
- (auth_compute_func) null_auth_compute,
- (auth_update_func) null_auth_update,
- (auth_start_func) null_auth_start,
- (char *) null_auth_description,
- (int) 0, /* instance count */
- (auth_test_case_t *) &null_auth_test_case_0
-};
diff --git a/crypto/hash/sha1.c b/crypto/hash/sha1.c
deleted file mode 100644
index b9a8d10..0000000
--- a/crypto/hash/sha1.c
+++ /dev/null
@@ -1,405 +0,0 @@
-/*
- * sha1.c
- *
- * an implementation of the Secure Hash Algorithm v.1 (SHA-1),
- * specified in FIPS 180-1
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "sha1.h"
-
-debug_module_t mod_sha1 = {
- 0, /* debugging is off by default */
- "sha-1" /* printable module name */
-};
-
-/* SN == Rotate left N bits */
-#define S1(X) ((X << 1) | (X >> 31))
-#define S5(X) ((X << 5) | (X >> 27))
-#define S30(X) ((X << 30) | (X >> 2))
-
-#define f0(B,C,D) ((B & C) | (~B & D))
-#define f1(B,C,D) (B ^ C ^ D)
-#define f2(B,C,D) ((B & C) | (B & D) | (C & D))
-#define f3(B,C,D) (B ^ C ^ D)
-
-/*
- * nota bene: the variable K0 appears in the curses library, so we
- * give longer names to these variables to avoid spurious warnings
- * on systems that uses curses
- */
-
-uint32_t SHA_K0 = 0x5A827999; /* Kt for 0 <= t <= 19 */
-uint32_t SHA_K1 = 0x6ED9EBA1; /* Kt for 20 <= t <= 39 */
-uint32_t SHA_K2 = 0x8F1BBCDC; /* Kt for 40 <= t <= 59 */
-uint32_t SHA_K3 = 0xCA62C1D6; /* Kt for 60 <= t <= 79 */
-
-void
-sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) {
- sha1_ctx_t ctx;
-
- sha1_init(&ctx);
- sha1_update(&ctx, msg, octets_in_msg);
- sha1_final(&ctx, hash_value);
-
-}
-
-/*
- * sha1_core(M, H) computes the core compression function, where M is
- * the next part of the message (in network byte order) and H is the
- * intermediate state { H0, H1, ...} (in host byte order)
- *
- * this function does not do any of the padding required in the
- * complete SHA1 function
- *
- * this function is used in the SEAL 3.0 key setup routines
- * (crypto/cipher/seal.c)
- */
-
-void
-sha1_core(const uint32_t M[16], uint32_t hash_value[5]) {
- uint32_t H0;
- uint32_t H1;
- uint32_t H2;
- uint32_t H3;
- uint32_t H4;
- uint32_t W[80];
- uint32_t A, B, C, D, E, TEMP;
- int t;
-
- /* copy hash_value into H0, H1, H2, H3, H4 */
- H0 = hash_value[0];
- H1 = hash_value[1];
- H2 = hash_value[2];
- H3 = hash_value[3];
- H4 = hash_value[4];
-
- /* copy/xor message into array */
-
- W[0] = be32_to_cpu(M[0]);
- W[1] = be32_to_cpu(M[1]);
- W[2] = be32_to_cpu(M[2]);
- W[3] = be32_to_cpu(M[3]);
- W[4] = be32_to_cpu(M[4]);
- W[5] = be32_to_cpu(M[5]);
- W[6] = be32_to_cpu(M[6]);
- W[7] = be32_to_cpu(M[7]);
- W[8] = be32_to_cpu(M[8]);
- W[9] = be32_to_cpu(M[9]);
- W[10] = be32_to_cpu(M[10]);
- W[11] = be32_to_cpu(M[11]);
- W[12] = be32_to_cpu(M[12]);
- W[13] = be32_to_cpu(M[13]);
- W[14] = be32_to_cpu(M[14]);
- W[15] = be32_to_cpu(M[15]);
- TEMP = W[13] ^ W[8] ^ W[2] ^ W[0]; W[16] = S1(TEMP);
- TEMP = W[14] ^ W[9] ^ W[3] ^ W[1]; W[17] = S1(TEMP);
- TEMP = W[15] ^ W[10] ^ W[4] ^ W[2]; W[18] = S1(TEMP);
- TEMP = W[16] ^ W[11] ^ W[5] ^ W[3]; W[19] = S1(TEMP);
- TEMP = W[17] ^ W[12] ^ W[6] ^ W[4]; W[20] = S1(TEMP);
- TEMP = W[18] ^ W[13] ^ W[7] ^ W[5]; W[21] = S1(TEMP);
- TEMP = W[19] ^ W[14] ^ W[8] ^ W[6]; W[22] = S1(TEMP);
- TEMP = W[20] ^ W[15] ^ W[9] ^ W[7]; W[23] = S1(TEMP);
- TEMP = W[21] ^ W[16] ^ W[10] ^ W[8]; W[24] = S1(TEMP);
- TEMP = W[22] ^ W[17] ^ W[11] ^ W[9]; W[25] = S1(TEMP);
- TEMP = W[23] ^ W[18] ^ W[12] ^ W[10]; W[26] = S1(TEMP);
- TEMP = W[24] ^ W[19] ^ W[13] ^ W[11]; W[27] = S1(TEMP);
- TEMP = W[25] ^ W[20] ^ W[14] ^ W[12]; W[28] = S1(TEMP);
- TEMP = W[26] ^ W[21] ^ W[15] ^ W[13]; W[29] = S1(TEMP);
- TEMP = W[27] ^ W[22] ^ W[16] ^ W[14]; W[30] = S1(TEMP);
- TEMP = W[28] ^ W[23] ^ W[17] ^ W[15]; W[31] = S1(TEMP);
-
- /* process the remainder of the array */
- for (t=32; t < 80; t++) {
- TEMP = W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16];
- W[t] = S1(TEMP);
- }
-
- A = H0; B = H1; C = H2; D = H3; E = H4;
-
- for (t=0; t < 20; t++) {
- TEMP = S5(A) + f0(B,C,D) + E + W[t] + SHA_K0;
- E = D; D = C; C = S30(B); B = A; A = TEMP;
- }
- for ( ; t < 40; t++) {
- TEMP = S5(A) + f1(B,C,D) + E + W[t] + SHA_K1;
- E = D; D = C; C = S30(B); B = A; A = TEMP;
- }
- for ( ; t < 60; t++) {
- TEMP = S5(A) + f2(B,C,D) + E + W[t] + SHA_K2;
- E = D; D = C; C = S30(B); B = A; A = TEMP;
- }
- for ( ; t < 80; t++) {
- TEMP = S5(A) + f3(B,C,D) + E + W[t] + SHA_K3;
- E = D; D = C; C = S30(B); B = A; A = TEMP;
- }
-
- hash_value[0] = H0 + A;
- hash_value[1] = H1 + B;
- hash_value[2] = H2 + C;
- hash_value[3] = H3 + D;
- hash_value[4] = H4 + E;
-
- return;
-}
-
-void
-sha1_init(sha1_ctx_t *ctx) {
-
- /* initialize state vector */
- ctx->H[0] = 0x67452301;
- ctx->H[1] = 0xefcdab89;
- ctx->H[2] = 0x98badcfe;
- ctx->H[3] = 0x10325476;
- ctx->H[4] = 0xc3d2e1f0;
-
- /* indicate that message buffer is empty */
- ctx->octets_in_buffer = 0;
-
- /* reset message bit-count to zero */
- ctx->num_bits_in_msg = 0;
-
-}
-
-void
-sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) {
- int i;
- uint8_t *buf = (uint8_t *)ctx->M;
-
- /* update message bit-count */
- ctx->num_bits_in_msg += octets_in_msg * 8;
-
- /* loop over 16-word blocks of M */
- while (octets_in_msg > 0) {
-
- if (octets_in_msg + ctx->octets_in_buffer >= 64) {
-
- /*
- * copy words of M into msg buffer until that buffer is full,
- * converting them into host byte order as needed
- */
- octets_in_msg -= (64 - ctx->octets_in_buffer);
- for (i=ctx->octets_in_buffer; i < 64; i++)
- buf[i] = *msg++;
- ctx->octets_in_buffer = 0;
-
- /* process a whole block */
-
- debug_print(mod_sha1, "(update) running sha1_core()", NULL);
-
- sha1_core(ctx->M, ctx->H);
-
- } else {
-
- debug_print(mod_sha1, "(update) not running sha1_core()", NULL);
-
- for (i=ctx->octets_in_buffer;
- i < (ctx->octets_in_buffer + octets_in_msg); i++)
- buf[i] = *msg++;
- ctx->octets_in_buffer += octets_in_msg;
- octets_in_msg = 0;
- }
-
- }
-
-}
-
-/*
- * sha1_final(ctx, output) computes the result for ctx and copies it
- * into the twenty octets located at *output
- */
-
-void
-sha1_final(sha1_ctx_t *ctx, uint32_t *output) {
- uint32_t A, B, C, D, E, TEMP;
- uint32_t W[80];
- int i, t;
-
- /*
- * process the remaining octets_in_buffer, padding and terminating as
- * necessary
- */
- {
- int tail = ctx->octets_in_buffer % 4;
-
- /* copy/xor message into array */
- for (i=0; i < (ctx->octets_in_buffer+3)/4; i++)
- W[i] = be32_to_cpu(ctx->M[i]);
-
- /* set the high bit of the octet immediately following the message */
- switch (tail) {
- case (3):
- W[i-1] = (be32_to_cpu(ctx->M[i-1]) & 0xffffff00) | 0x80;
- W[i] = 0x0;
- break;
- case (2):
- W[i-1] = (be32_to_cpu(ctx->M[i-1]) & 0xffff0000) | 0x8000;
- W[i] = 0x0;
- break;
- case (1):
- W[i-1] = (be32_to_cpu(ctx->M[i-1]) & 0xff000000) | 0x800000;
- W[i] = 0x0;
- break;
- case (0):
- W[i] = 0x80000000;
- break;
- }
-
- /* zeroize remaining words */
- for (i++ ; i < 15; i++)
- W[i] = 0x0;
-
- /*
- * if there is room at the end of the word array, then set the
- * last word to the bit-length of the message; otherwise, set that
- * word to zero and then we need to do one more run of the
- * compression algo.
- */
- if (ctx->octets_in_buffer < 56)
- W[15] = ctx->num_bits_in_msg;
- else if (ctx->octets_in_buffer < 60)
- W[15] = 0x0;
-
- /* process the word array */
- for (t=16; t < 80; t++) {
- TEMP = W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16];
- W[t] = S1(TEMP);
- }
-
- A = ctx->H[0];
- B = ctx->H[1];
- C = ctx->H[2];
- D = ctx->H[3];
- E = ctx->H[4];
-
- for (t=0; t < 20; t++) {
- TEMP = S5(A) + f0(B,C,D) + E + W[t] + SHA_K0;
- E = D; D = C; C = S30(B); B = A; A = TEMP;
- }
- for ( ; t < 40; t++) {
- TEMP = S5(A) + f1(B,C,D) + E + W[t] + SHA_K1;
- E = D; D = C; C = S30(B); B = A; A = TEMP;
- }
- for ( ; t < 60; t++) {
- TEMP = S5(A) + f2(B,C,D) + E + W[t] + SHA_K2;
- E = D; D = C; C = S30(B); B = A; A = TEMP;
- }
- for ( ; t < 80; t++) {
- TEMP = S5(A) + f3(B,C,D) + E + W[t] + SHA_K3;
- E = D; D = C; C = S30(B); B = A; A = TEMP;
- }
-
- ctx->H[0] += A;
- ctx->H[1] += B;
- ctx->H[2] += C;
- ctx->H[3] += D;
- ctx->H[4] += E;
-
- }
-
- debug_print(mod_sha1, "(final) running sha1_core()", NULL);
-
- if (ctx->octets_in_buffer >= 56) {
-
- debug_print(mod_sha1, "(final) running sha1_core() again", NULL);
-
- /* we need to do one final run of the compression algo */
-
- /*
- * set initial part of word array to zeros, and set the
- * final part to the number of bits in the message
- */
- for (i=0; i < 15; i++)
- W[i] = 0x0;
- W[15] = ctx->num_bits_in_msg;
-
- /* process the word array */
- for (t=16; t < 80; t++) {
- TEMP = W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16];
- W[t] = S1(TEMP);
- }
-
- A = ctx->H[0];
- B = ctx->H[1];
- C = ctx->H[2];
- D = ctx->H[3];
- E = ctx->H[4];
-
- for (t=0; t < 20; t++) {
- TEMP = S5(A) + f0(B,C,D) + E + W[t] + SHA_K0;
- E = D; D = C; C = S30(B); B = A; A = TEMP;
- }
- for ( ; t < 40; t++) {
- TEMP = S5(A) + f1(B,C,D) + E + W[t] + SHA_K1;
- E = D; D = C; C = S30(B); B = A; A = TEMP;
- }
- for ( ; t < 60; t++) {
- TEMP = S5(A) + f2(B,C,D) + E + W[t] + SHA_K2;
- E = D; D = C; C = S30(B); B = A; A = TEMP;
- }
- for ( ; t < 80; t++) {
- TEMP = S5(A) + f3(B,C,D) + E + W[t] + SHA_K3;
- E = D; D = C; C = S30(B); B = A; A = TEMP;
- }
-
- ctx->H[0] += A;
- ctx->H[1] += B;
- ctx->H[2] += C;
- ctx->H[3] += D;
- ctx->H[4] += E;
- }
-
- /* copy result into output buffer */
- output[0] = be32_to_cpu(ctx->H[0]);
- output[1] = be32_to_cpu(ctx->H[1]);
- output[2] = be32_to_cpu(ctx->H[2]);
- output[3] = be32_to_cpu(ctx->H[3]);
- output[4] = be32_to_cpu(ctx->H[4]);
-
- /* indicate that message buffer in context is empty */
- ctx->octets_in_buffer = 0;
-
- return;
-}
-
-
-
diff --git a/crypto/include/aes.h b/crypto/include/aes.h
deleted file mode 100644
index d965280..0000000
--- a/crypto/include/aes.h
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * aes.h
- *
- * header file for the AES block cipher
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef _AES_H
-#define _AES_H
-
-#include "config.h"
-
-#include "datatypes.h"
-#include "gf2_8.h"
-
-/* aes internals */
-
-typedef v128_t aes_expanded_key_t[11];
-
-void
-aes_expand_encryption_key(const v128_t *key,
- aes_expanded_key_t expanded_key);
-
-void
-aes_expand_decryption_key(const v128_t *key,
- aes_expanded_key_t expanded_key);
-
-void
-aes_encrypt(v128_t *plaintext, const aes_expanded_key_t exp_key);
-
-void
-aes_decrypt(v128_t *plaintext, const aes_expanded_key_t exp_key);
-
-#if 0
-/*
- * internal functions
- */
-
-void
-aes_init_sbox(void);
-
-void
-aes_compute_tables(void);
-#endif
-
-#endif /* _AES_H */
diff --git a/crypto/include/aes_cbc.h b/crypto/include/aes_cbc.h
deleted file mode 100644
index 9fb6682..0000000
--- a/crypto/include/aes_cbc.h
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * aes_cbc.h
- *
- * Header for AES Cipher Blobk Chaining Mode.
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- *
- */
-
-#ifndef AES_CBC_H
-#define AES_CBC_H
-
-#include "aes.h"
-#include "cipher.h"
-
-typedef struct {
- v128_t state; /* cipher chaining state */
- v128_t previous; /* previous ciphertext block */
- aes_expanded_key_t expanded_key; /* the cipher key */
-} aes_cbc_ctx_t;
-
-err_status_t
-aes_cbc_set_key(aes_cbc_ctx_t *c,
- const unsigned char *key);
-
-err_status_t
-aes_cbc_encrypt(aes_cbc_ctx_t *c,
- unsigned char *buf,
- unsigned int *bytes_in_data);
-
-err_status_t
-aes_cbc_context_init(aes_cbc_ctx_t *c, const uint8_t *key,
- cipher_direction_t dir);
-
-err_status_t
-aes_cbc_set_iv(aes_cbc_ctx_t *c, void *iv);
-
-err_status_t
-aes_cbc_nist_encrypt(aes_cbc_ctx_t *c,
- unsigned char *data,
- unsigned int *bytes_in_data);
-
-err_status_t
-aes_cbc_nist_decrypt(aes_cbc_ctx_t *c,
- unsigned char *data,
- unsigned int *bytes_in_data);
-
-#endif /* AES_CBC_H */
-
diff --git a/crypto/include/aes_icm.h b/crypto/include/aes_icm.h
deleted file mode 100644
index 17a1ddb..0000000
--- a/crypto/include/aes_icm.h
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * aes_icm.h
- *
- * Header for AES Integer Counter Mode.
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- *
- */
-
-#ifndef AES_ICM_H
-#define AES_ICM_H
-
-#include "aes.h"
-#include "cipher.h"
-
-typedef struct {
- v128_t counter; /* holds the counter value */
- v128_t offset; /* initial offset value */
- v128_t keystream_buffer; /* buffers bytes of keystream */
- aes_expanded_key_t expanded_key; /* the cipher key */
- int bytes_in_buffer; /* number of unused bytes in buffer */
-} aes_icm_ctx_t;
-
-
-err_status_t
-aes_icm_context_init(aes_icm_ctx_t *c,
- const unsigned char *key);
-
-err_status_t
-aes_icm_set_iv(aes_icm_ctx_t *c, void *iv);
-
-err_status_t
-aes_icm_encrypt(aes_icm_ctx_t *c,
- unsigned char *buf, unsigned int *bytes_to_encr);
-
-err_status_t
-aes_icm_output(aes_icm_ctx_t *c,
- unsigned char *buf, int bytes_to_output);
-
-err_status_t
-aes_icm_dealloc(cipher_t *c);
-
-err_status_t
-aes_icm_encrypt_ismacryp(aes_icm_ctx_t *c,
- unsigned char *buf,
- unsigned int *enc_len,
- int forIsmacryp);
-
-err_status_t
-aes_icm_alloc_ismacryp(cipher_t **c,
- int key_len,
- int forIsmacryp);
-
-#endif /* AES_ICM_H */
-
diff --git a/crypto/include/alloc.h b/crypto/include/alloc.h
deleted file mode 100644
index 5980eed..0000000
--- a/crypto/include/alloc.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * alloc.h
- *
- * interface to memory allocation and deallocation, with optional debugging
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef CRYPTO_ALLOC_H
-#define CRYPTO_ALLOC_H
-
-#include "datatypes.h"
-
-void *
-crypto_alloc(size_t size);
-
-void
-crypto_free(void *ptr);
-
-#endif /* CRYPTO_ALLOC_H */
diff --git a/crypto/include/auth.h b/crypto/include/auth.h
deleted file mode 100644
index 295b5f6..0000000
--- a/crypto/include/auth.h
+++ /dev/null
@@ -1,159 +0,0 @@
-/*
- * auth.h
- *
- * common interface to authentication functions
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef AUTH_H
-#define AUTH_H
-
-#include "datatypes.h"
-#include "err.h" /* error codes */
-
-typedef struct auth_type_t *auth_type_pointer;
-typedef struct auth_t *auth_pointer_t;
-
-typedef err_status_t (*auth_alloc_func)
- (auth_pointer_t *ap, int key_len, int out_len);
-
-typedef err_status_t (*auth_init_func)
- (void *state, const uint8_t *key, int key_len);
-
-typedef err_status_t (*auth_dealloc_func)(auth_pointer_t ap);
-
-typedef err_status_t (*auth_compute_func)
- (void *state, uint8_t *buffer, int octets_to_auth,
- int tag_len, uint8_t *tag);
-
-typedef err_status_t (*auth_update_func)
- (void *state, uint8_t *buffer, int octets_to_auth);
-
-typedef err_status_t (*auth_start_func)(void *state);
-
-/* some syntactic sugar on these function types */
-
-#define auth_type_alloc(at, a, klen, outlen) \
- ((at)->alloc((a), (klen), (outlen)))
-
-#define auth_init(a, key) \
- (((a)->type)->init((a)->state, (key), ((a)->key_len)))
-
-#define auth_compute(a, buf, len, res) \
- (((a)->type)->compute((a)->state, (buf), (len), (a)->out_len, (res)))
-
-#define auth_update(a, buf, len) \
- (((a)->type)->update((a)->state, (buf), (len)))
-
-#define auth_start(a)(((a)->type)->start((a)->state))
-
-#define auth_dealloc(c) (((c)->type)->dealloc(c))
-
-/* functions to get information about a particular auth_t */
-
-int
-auth_get_key_length(const struct auth_t *a);
-
-int
-auth_get_tag_length(const struct auth_t *a);
-
-int
-auth_get_prefix_length(const struct auth_t *a);
-
-/*
- * auth_test_case_t is a (list of) key/message/tag values that are
- * known to be correct for a particular cipher. this data can be used
- * to test an implementation in an on-the-fly self test of the
- * correcness of the implementation. (see the auth_type_self_test()
- * function below)
- */
-
-typedef struct auth_test_case_t {
- int key_length_octets; /* octets in key */
- uint8_t *key; /* key */
- int data_length_octets; /* octets in data */
- uint8_t *data; /* data */
- int tag_length_octets; /* octets in tag */
- uint8_t *tag; /* tag */
- struct auth_test_case_t *next_test_case; /* pointer to next testcase */
-} auth_test_case_t;
-
-/* auth_type_t */
-
-typedef struct auth_type_t {
- auth_alloc_func alloc;
- auth_dealloc_func dealloc;
- auth_init_func init;
- auth_compute_func compute;
- auth_update_func update;
- auth_start_func start;
- char *description;
- int ref_count;
- auth_test_case_t *test_data;
- debug_module_t *debug;
-} auth_type_t;
-
-typedef struct auth_t {
- auth_type_t *type;
- void *state;
- int out_len; /* length of output tag in octets */
- int key_len; /* length of key in octets */
- int prefix_len; /* length of keystream prefix */
-} auth_t;
-
-/*
- * auth_type_self_test() tests an auth_type against test cases
- * provided in an array of values of key/message/tag that is known to
- * be good
- */
-
-err_status_t
-auth_type_self_test(const auth_type_t *at);
-
-/*
- * auth_type_get_ref_count(at) returns the reference count (the number
- * of instantiations) of the auth_type_t at
- */
-
-int
-auth_type_get_ref_count(const auth_type_t *at);
-
-#endif /* AUTH_H */
diff --git a/crypto/include/cipher.h b/crypto/include/cipher.h
deleted file mode 100644
index 96ee9dc..0000000
--- a/crypto/include/cipher.h
+++ /dev/null
@@ -1,218 +0,0 @@
-/*
- * cipher.h
- *
- * common interface to ciphers
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef CIPHER_H
-#define CIPHER_H
-
-#include "datatypes.h"
-#include "rdbx.h" /* for xtd_seq_num_t */
-#include "err.h" /* for error codes */
-
-
-/**
- * @brief cipher_direction_t defines a particular cipher operation.
- *
- * A cipher_direction_t is an enum that describes a particular cipher
- * operation, i.e. encryption or decryption. For some ciphers, this
- * distinction does not matter, but for others, it is essential.
- */
-
-typedef enum {
- direction_encrypt, /**< encryption (convert plaintext to ciphertext) */
- direction_decrypt, /**< decryption (convert ciphertext to plaintext) */
- direction_any /**< encryption or decryption */
-} cipher_direction_t;
-
-/*
- * the cipher_pointer and cipher_type_pointer definitions are needed
- * as cipher_t and cipher_type_t are not yet defined
- */
-
-typedef struct cipher_type_t *cipher_type_pointer_t;
-typedef struct cipher_t *cipher_pointer_t;
-
-/*
- * a cipher_alloc_func_t allocates (but does not initialize) a cipher_t
- */
-
-typedef err_status_t (*cipher_alloc_func_t)
- (cipher_pointer_t *cp, int key_len);
-
-/*
- * a cipher_init_func_t [re-]initializes a cipher_t with a given key
- * and direction (i.e., encrypt or decrypt)
- */
-
-typedef err_status_t (*cipher_init_func_t)
- (void *state, const uint8_t *key, cipher_direction_t dir);
-
-/* a cipher_dealloc_func_t de-allocates a cipher_t */
-
-typedef err_status_t (*cipher_dealloc_func_t)(cipher_pointer_t cp);
-
-/* a cipher_set_segment_func_t sets the segment index of a cipher_t */
-
-typedef err_status_t (*cipher_set_segment_func_t)
- (void *state, xtd_seq_num_t idx);
-
-/* a cipher_encrypt_func_t encrypts data in-place */
-
-typedef err_status_t (*cipher_encrypt_func_t)
- (void *state, uint8_t *buffer, unsigned int *octets_to_encrypt);
-
-/* a cipher_decrypt_func_t decrypts data in-place */
-
-typedef err_status_t (*cipher_decrypt_func_t)
- (void *state, uint8_t *buffer, unsigned int *octets_to_decrypt);
-
-/*
- * a cipher_set_nonce_seq_func_t function sets both the nonce
- * and the extended sequence number
- */
-
-typedef err_status_t (*cipher_set_iv_func_t)
- (cipher_pointer_t cp, void *iv);
-
-/*
- * cipher_test_case_t is a (list of) key, salt, xtd_seq_num_t,
- * plaintext, and ciphertext values that are known to be correct for a
- * particular cipher. this data can be used to test an implementation
- * in an on-the-fly self test of the correcness of the implementation.
- * (see the cipher_type_self_test() function below)
- */
-
-typedef struct cipher_test_case_t {
- int key_length_octets; /* octets in key */
- uint8_t *key; /* key */
- uint8_t *idx; /* packet index */
- int plaintext_length_octets; /* octets in plaintext */
- uint8_t *plaintext; /* plaintext */
- int ciphertext_length_octets; /* octets in plaintext */
- uint8_t *ciphertext; /* ciphertext */
- struct cipher_test_case_t *next_test_case; /* pointer to next testcase */
-} cipher_test_case_t;
-
-/* cipher_type_t defines the 'metadata' for a particular cipher type */
-
-typedef struct cipher_type_t {
- cipher_alloc_func_t alloc;
- cipher_dealloc_func_t dealloc;
- cipher_init_func_t init;
- cipher_encrypt_func_t encrypt;
- cipher_encrypt_func_t decrypt;
- cipher_set_iv_func_t set_iv;
- char *description;
- int ref_count;
- cipher_test_case_t *test_data;
- debug_module_t *debug;
-} cipher_type_t;
-
-/*
- * cipher_t defines an instantiation of a particular cipher, with fixed
- * key length, key and salt values
- */
-
-typedef struct cipher_t {
- cipher_type_t *type;
- void *state;
- int key_len;
-#ifdef FORCE_64BIT_ALIGN
- int pad;
-#endif
-} cipher_t;
-
-/* some syntactic sugar on these function types */
-
-#define cipher_type_alloc(ct, c, klen) ((ct)->alloc((c), (klen)))
-
-#define cipher_dealloc(c) (((c)->type)->dealloc(c))
-
-#define cipher_init(c, k, dir) (((c)->type)->init(((c)->state), (k), (dir)))
-
-#define cipher_encrypt(c, buf, len) \
- (((c)->type)->encrypt(((c)->state), (buf), (len)))
-
-#define cipher_decrypt(c, buf, len) \
- (((c)->type)->decrypt(((c)->state), (buf), (len)))
-
-#define cipher_set_iv(c, n) \
- ((c) ? (((c)->type)->set_iv(((cipher_pointer_t)(c)->state), (n))) : \
- err_status_no_such_op)
-
-err_status_t
-cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output);
-
-
-/* some bookkeeping functions */
-
-int
-cipher_get_key_length(const cipher_t *c);
-
-
-/*
- * cipher_type_self_test() tests a cipher against test cases provided in
- * an array of values of key/xtd_seq_num_t/plaintext/ciphertext
- * that is known to be good
- */
-
-err_status_t
-cipher_type_self_test(const cipher_type_t *ct);
-
-
-/*
- * cipher_bits_per_second(c, l, t) computes (and estimate of) the
- * number of bits that a cipher implementation can encrypt in a second
- *
- * c is a cipher (which MUST be allocated and initialized already), l
- * is the length in octets of the test data to be encrypted, and t is
- * the number of trials
- *
- * if an error is encountered, then the value 0 is returned
- */
-
-uint64_t
-cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials);
-
-#endif /* CIPHER_H */
diff --git a/crypto/include/config.h b/crypto/include/config.h
deleted file mode 100644
index 9c66dd1..0000000
--- a/crypto/include/config.h
+++ /dev/null
@@ -1,202 +0,0 @@
-/* crypto/include/config.h. Generated by configure. */
-/* config_in.h. Generated from configure.in by autoheader. */
-
-/* Define if building for a CISC machine (e.g. Intel). */
-#define CPU_CISC 1
-
-/* Define if building for a RISC machine (assume slow byte access). */
-/* #undef CPU_RISC */
-
-/* Path to random device */
-#define DEV_URANDOM "/dev/urandom"
-
-/* Define to compile in dynamic debugging system. */
-#define ENABLE_DEBUGGING 1
-
-/* Report errors to this file. */
-/* #undef ERR_REPORTING_FILE */
-
-/* Define to use logging to stdout. */
-#define ERR_REPORTING_STDOUT 1
-
-/* Define this to use ISMAcryp code. */
-/* #undef GENERIC_AESICM */
-
-/* Define to 1 if you have the <arpa/inet.h> header file. */
-#define HAVE_ARPA_INET_H 1
-
-/* Define to 1 if you have the <byteswap.h> header file. */
-#define HAVE_BYTESWAP_H 1
-
-/* Define to 1 if you have the `inet_aton' function. */
-#define HAVE_INET_ATON 1
-
-/* Define to 1 if the system has the type `int16_t'. */
-#define HAVE_INT16_T 1
-
-/* Define to 1 if the system has the type `int32_t'. */
-#define HAVE_INT32_T 1
-
-/* Define to 1 if the system has the type `int8_t'. */
-#define HAVE_INT8_T 1
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#define HAVE_INTTYPES_H 1
-
-/* Define to 1 if you have the `socket' library (-lsocket). */
-/* #undef HAVE_LIBSOCKET */
-
-/* Define to 1 if you have the <machine/types.h> header file. */
-/* #undef HAVE_MACHINE_TYPES_H */
-
-/* Define to 1 if you have the <memory.h> header file. */
-#define HAVE_MEMORY_H 1
-
-/* Define to 1 if you have the <netinet/in.h> header file. */
-#define HAVE_NETINET_IN_H 1
-
-/* Define to 1 if you have the `socket' function. */
-#define HAVE_SOCKET 1
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#define HAVE_STDINT_H 1
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#define HAVE_STDLIB_H 1
-
-/* Define to 1 if you have the <strings.h> header file. */
-#define HAVE_STRINGS_H 1
-
-/* Define to 1 if you have the <string.h> header file. */
-#define HAVE_STRING_H 1
-
-/* Define to 1 if you have the <syslog.h> header file. */
-#define HAVE_SYSLOG_H 1
-
-/* Define to 1 if you have the <sys/int_types.h> header file. */
-/* #undef HAVE_SYS_INT_TYPES_H */
-
-/* Define to 1 if you have the <sys/socket.h> header file. */
-#define HAVE_SYS_SOCKET_H 1
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#define HAVE_SYS_STAT_H 1
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#define HAVE_SYS_TYPES_H 1
-
-/* Define to 1 if you have the <sys/uio.h> header file. */
-#define HAVE_SYS_UIO_H 1
-
-/* Define to 1 if the system has the type `uint16_t'. */
-#define HAVE_UINT16_T 1
-
-/* Define to 1 if the system has the type `uint32_t'. */
-#define HAVE_UINT32_T 1
-
-/* Define to 1 if the system has the type `uint64_t'. */
-#define HAVE_UINT64_T 1
-
-/* Define to 1 if the system has the type `uint8_t'. */
-#define HAVE_UINT8_T 1
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#define HAVE_UNISTD_H 1
-
-/* Define to 1 if you have the `usleep' function. */
-#define HAVE_USLEEP 1
-
-/* Define to 1 if you have the <windows.h> header file. */
-/* #undef HAVE_WINDOWS_H */
-
-/* Define to 1 if you have the <winsock2.h> header file. */
-/* #undef HAVE_WINSOCK2_H */
-
-/* Define to use X86 inlined assembly code */
-/* #undef HAVE_X86 */
-
-/* Define to the address where bug reports for this package should be sent. */
-#define PACKAGE_BUGREPORT ""
-
-/* Define to the full name of this package. */
-#define PACKAGE_NAME ""
-
-/* Define to the full name and version of this package. */
-#define PACKAGE_STRING ""
-
-/* Define to the one symbol short name of this package. */
-#define PACKAGE_TARNAME ""
-
-/* Define to the version of this package. */
-#define PACKAGE_VERSION ""
-
-/* The size of a `unsigned long', as computed by sizeof. */
-#if defined(__GNUC__) && defined(__LP64__)
-#define SIZEOF_UNSIGNED_LONG 8
-#else
-#define SIZEOF_UNSIGNED_LONG 4
-#endif
-
-/* The size of a `unsigned long long', as computed by sizeof. */
-#define SIZEOF_UNSIGNED_LONG_LONG 8
-
-/* Define to use GDOI. */
-/* #undef SRTP_GDOI */
-
-/* Define to compile for kernel contexts. */
-/* #undef SRTP_KERNEL */
-
-/* Define to compile for Linux kernel context. */
-/* #undef SRTP_KERNEL_LINUX */
-
-/* Define to 1 if you have the ANSI C header files. */
-#define STDC_HEADERS 1
-
-/* Write errors to this file */
-/* #undef USE_ERR_REPORTING_FILE */
-
-/* Define to use syslog logging. */
-/* #undef USE_SYSLOG */
-
-/* Define to 1 if your processor stores words with the most significant byte
- first (like Motorola and SPARC, unlike Intel and VAX). */
-/* #undef WORDS_BIGENDIAN */
-
-/* Define to empty if `const' does not conform to ANSI C. */
-/* #undef const */
-
-/* Define to `__inline__' or `__inline' if that's what the C compiler
- calls it, or to nothing if 'inline' is not supported under any name. */
-#ifndef __cplusplus
-/* #undef inline */
-#endif
-
-/* Define to `unsigned' if <sys/types.h> does not define. */
-/* #undef size_t */
-
-/* Adjustments to build under MSVC. */
-#if defined(WIN32)
-#undef DEV_URANDOM
-#undef HAVE_BYTESWAP_H
-#undef HAVE_INT16_T
-#undef HAVE_INT32_T
-#undef HAVE_INT8_T
-#undef HAVE_INTTYPES_H
-#undef HAVE_UINT16_T
-#undef HAVE_UINT32_T
-#undef HAVE_UINT64_T
-#undef HAVE_UINT8_T
-#undef HAVE_NETINET_IN_H
-#define HAVE_WINSOCK2_H
-#undef HAVE_STDINT_H
-#ifndef __cplusplus
-#define inline
-#endif
-typedef short int16_t;
-#elif defined(IOS)
-#undef HAVE_BYTESWAP_H
-/* Adjustments to build on MacOS. */
-#elif defined(OSX)
-#undef DEV_URANDOM
-#undef HAVE_BYTESWAP_H
-#endif
diff --git a/crypto/include/crypto.h b/crypto/include/crypto.h
deleted file mode 100644
index 0e9667d..0000000
--- a/crypto/include/crypto.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * crypto.h
- *
- * API for libcrypto
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-#ifndef CRYPTO_H
-#define CRYPTO_H
-
-/**
- * @brief A cipher_type_id_t is an identifier for a particular cipher
- * type.
- *
- * A cipher_type_id_t is an integer that represents a particular
- * cipher type, e.g. the Advanced Encryption Standard (AES). A
- * NULL_CIPHER is avaliable; this cipher leaves the data unchanged,
- * and can be selected to indicate that no encryption is to take
- * place.
- *
- * @ingroup Ciphers
- */
-typedef uint32_t cipher_type_id_t;
-
-/**
- * @brief An auth_type_id_t is an identifier for a particular authentication
- * function.
- *
- * An auth_type_id_t is an integer that represents a particular
- * authentication function type, e.g. HMAC-SHA1. A NULL_AUTH is
- * avaliable; this authentication function performs no computation,
- * and can be selected to indicate that no authentication is to take
- * place.
- *
- * @ingroup Authentication
- */
-typedef uint32_t auth_type_id_t;
-
-#endif /* CRYPTO_H */
-
-
diff --git a/crypto/include/crypto_kernel.h b/crypto/include/crypto_kernel.h
deleted file mode 100644
index b8cd9be..0000000
--- a/crypto/include/crypto_kernel.h
+++ /dev/null
@@ -1,258 +0,0 @@
-/*
- * crypto_kernel.h
- *
- * header for the cryptographic kernel
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright(c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef CRYPTO_KERNEL
-#define CRYPTO_KERNEL
-
-#include "rand_source.h"
-#include "prng.h"
-#include "cipher.h"
-#include "auth.h"
-#include "cryptoalg.h"
-#include "stat.h"
-#include "err.h"
-#include "crypto_types.h"
-#include "key.h"
-#include "crypto.h"
-
-/*
- * crypto_kernel_state_t defines the possible states:
- *
- * insecure - not yet initialized
- * secure - initialized and passed self-tests
- */
-
-typedef enum {
- crypto_kernel_state_insecure,
- crypto_kernel_state_secure
-} crypto_kernel_state_t;
-
-/*
- * linked list of cipher types
- */
-
-typedef struct kernel_cipher_type {
- cipher_type_id_t id;
- cipher_type_t *cipher_type;
- struct kernel_cipher_type *next;
-} kernel_cipher_type_t;
-
-/*
- * linked list of auth types
- */
-
-typedef struct kernel_auth_type {
- auth_type_id_t id;
- auth_type_t *auth_type;
- struct kernel_auth_type *next;
-} kernel_auth_type_t;
-
-/*
- * linked list of debug modules
- */
-
-typedef struct kernel_debug_module {
- debug_module_t *mod;
- struct kernel_debug_module *next;
-} kernel_debug_module_t;
-
-
-/*
- * crypto_kernel_t is the data structure for the crypto kernel
- *
- * note that there is *exactly one* instance of this data type,
- * a global variable defined in crypto_kernel.c
- */
-
-typedef struct {
- crypto_kernel_state_t state; /* current state of kernel */
- kernel_cipher_type_t *cipher_type_list; /* list of all cipher types */
- kernel_auth_type_t *auth_type_list; /* list of all auth func types */
- kernel_debug_module_t *debug_module_list; /* list of all debug modules */
-} crypto_kernel_t;
-
-
-/*
- * crypto_kernel_t external api
- */
-
-
-/*
- * The function crypto_kernel_init() initialized the crypto kernel and
- * runs the self-test operations on the random number generators and
- * crypto algorithms. Possible return values are:
- *
- * err_status_ok initialization successful
- * <other> init failure
- *
- * If any value other than err_status_ok is returned, the
- * crypto_kernel MUST NOT be used.
- */
-
-err_status_t
-crypto_kernel_init(void);
-
-
-/*
- * The function crypto_kernel_shutdown() de-initializes the
- * crypto_kernel, zeroizes keys and other cryptographic material, and
- * deallocates any dynamically allocated memory. Possible return
- * values are:
- *
- * err_status_ok shutdown successful
- * <other> shutdown failure
- *
- */
-
-err_status_t
-crypto_kernel_shutdown(void);
-
-/*
- * The function crypto_kernel_stats() checks the the crypto_kernel,
- * running tests on the ciphers, auth funcs, and rng, and prints out a
- * status report. Possible return values are:
- *
- * err_status_ok all tests were passed
- * <other> a test failed
- *
- */
-
-err_status_t
-crypto_kernel_status(void);
-
-
-/*
- * crypto_kernel_list_debug_modules() outputs a list of debugging modules
- *
- */
-
-err_status_t
-crypto_kernel_list_debug_modules(void);
-
-/*
- * crypto_kernel_load_cipher_type()
- *
- */
-
-err_status_t
-crypto_kernel_load_cipher_type(cipher_type_t *ct, cipher_type_id_t id);
-
-err_status_t
-crypto_kernel_load_auth_type(auth_type_t *ct, auth_type_id_t id);
-
-err_status_t
-crypto_kernel_load_debug_module(debug_module_t *new_dm);
-
-/*
- * crypto_kernel_alloc_cipher(id, cp, key_len);
- *
- * allocates a cipher of type id at location *cp, with key length
- * key_len octets. Return values are:
- *
- * err_status_ok no problems
- * err_status_alloc_fail an allocation failure occured
- * err_status_fail couldn't find cipher with identifier 'id'
- */
-
-err_status_t
-crypto_kernel_alloc_cipher(cipher_type_id_t id,
- cipher_pointer_t *cp,
- int key_len);
-
-/*
- * crypto_kernel_alloc_auth(id, ap, key_len, tag_len);
- *
- * allocates an auth function of type id at location *ap, with key
- * length key_len octets and output tag length of tag_len. Return
- * values are:
- *
- * err_status_ok no problems
- * err_status_alloc_fail an allocation failure occured
- * err_status_fail couldn't find auth with identifier 'id'
- */
-
-err_status_t
-crypto_kernel_alloc_auth(auth_type_id_t id,
- auth_pointer_t *ap,
- int key_len,
- int tag_len);
-
-
-/*
- * crypto_kernel_set_debug_module(mod_name, v)
- *
- * sets dynamic debugging to the value v (0 for off, 1 for on) for the
- * debug module with the name mod_name
- *
- * returns err_status_ok on success, err_status_fail otherwise
- */
-
-err_status_t
-crypto_kernel_set_debug_module(char *mod_name, int v);
-
-/**
- * @brief writes a random octet string.
- *
- * The function call crypto_get_random(dest, len) writes len octets of
- * random data to the location to which dest points, and returns an
- * error code. This error code @b must be checked, and if a failure is
- * reported, the data in the buffer @b must @b not be used.
- *
- * @warning If the return code is not checked, then non-random
- * data may be in the buffer. This function will fail
- * unless it is called after crypto_kernel_init().
- *
- * @return
- * - err_status_ok if no problems occured.
- * - [other] a problem occured, and no assumptions should
- * be made about the contents of the destination
- * buffer.
- *
- * @ingroup SRTP
- */
-err_status_t
-crypto_get_random(unsigned char *buffer, unsigned int length);
-
-#endif /* CRYPTO_KERNEL */
diff --git a/crypto/include/crypto_math.h b/crypto/include/crypto_math.h
deleted file mode 100644
index 52f0837..0000000
--- a/crypto/include/crypto_math.h
+++ /dev/null
@@ -1,239 +0,0 @@
-/*
- * math.h
- *
- * crypto math operations and data types
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef MATH_H
-#define MATH_H
-
-#include "datatypes.h"
-
-unsigned char
-v32_weight(v32_t a);
-
-unsigned char
-v32_distance(v32_t x, v32_t y);
-
-unsigned int
-v32_dot_product(v32_t a, v32_t b);
-
-char *
-v16_bit_string(v16_t x);
-
-char *
-v32_bit_string(v32_t x);
-
-char *
-v64_bit_string(const v64_t *x);
-
-char *
-octet_hex_string(uint8_t x);
-
-char *
-v16_hex_string(v16_t x);
-
-char *
-v32_hex_string(v32_t x);
-
-char *
-v64_hex_string(const v64_t *x);
-
-int
-hex_char_to_nibble(uint8_t c);
-
-int
-is_hex_string(char *s);
-
-v16_t
-hex_string_to_v16(char *s);
-
-v32_t
-hex_string_to_v32(char *s);
-
-v64_t
-hex_string_to_v64(char *s);
-
-/* the matrix A[] is stored in column format, i.e., A[i] is
- the ith column of the matrix */
-
-uint8_t
-A_times_x_plus_b(uint8_t A[8], uint8_t x, uint8_t b);
-
-void
-v16_copy_octet_string(v16_t *x, const uint8_t s[2]);
-
-void
-v32_copy_octet_string(v32_t *x, const uint8_t s[4]);
-
-void
-v64_copy_octet_string(v64_t *x, const uint8_t s[8]);
-
-void
-v128_add(v128_t *z, v128_t *x, v128_t *y);
-
-int
-octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
-
-void
-octet_string_set_to_zero(uint8_t *s, int len);
-
-
-
-/*
- * the matrix A[] is stored in column format, i.e., A[i] is the ith
- * column of the matrix
-*/
-uint8_t
-A_times_x_plus_b(uint8_t A[8], uint8_t x, uint8_t b);
-
-
-#if 0
-#if WORDS_BIGENDIAN
-
-#define _v128_add(z, x, y) { \
- uint64_t tmp; \
- \
- tmp = x->v32[3] + y->v32[3]; \
- z->v32[3] = (uint32_t) tmp; \
- \
- tmp = x->v32[2] + y->v32[2] + (tmp >> 32); \
- z->v32[2] = (uint32_t) tmp; \
- \
- tmp = x->v32[1] + y->v32[1] + (tmp >> 32); \
- z->v32[1] = (uint32_t) tmp; \
- \
- tmp = x->v32[0] + y->v32[0] + (tmp >> 32); \
- z->v32[0] = (uint32_t) tmp; \
-}
-
-#else /* assume little endian architecture */
-
-#define _v128_add(z, x, y) { \
- uint64_t tmp; \
- \
- tmp = htonl(x->v32[3]) + htonl(y->v32[3]); \
- z->v32[3] = ntohl((uint32_t) tmp); \
- \
- tmp = htonl(x->v32[2]) + htonl(y->v32[2]) \
- + htonl(tmp >> 32); \
- z->v32[2] = ntohl((uint32_t) tmp); \
- \
- tmp = htonl(x->v32[1]) + htonl(y->v32[1]) \
- + htonl(tmp >> 32); \
- z->v32[1] = ntohl((uint32_t) tmp); \
- \
- tmp = htonl(x->v32[0]) + htonl(y->v32[0]) \
- + htonl(tmp >> 32); \
- z->v32[0] = ntohl((uint32_t) tmp); \
-}
-
-#endif /* WORDS_BIGENDIAN */
-#endif
-
-#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
-
-#define v128_set_to_zero(z) _v128_set_to_zero(z)
-#define v128_copy(z, x) _v128_copy(z, x)
-#define v128_xor(z, x, y) _v128_xor(z, x, y)
-#define v128_and(z, x, y) _v128_and(z, x, y)
-#define v128_or(z, x, y) _v128_or(z, x, y)
-#define v128_complement(x) _v128_complement(x)
-#define v128_is_eq(x, y) _v128_is_eq(x, y)
-#define v128_xor_eq(x, y) _v128_xor_eq(x, y)
-#define v128_get_bit(x, i) _v128_get_bit(x, i)
-#define v128_set_bit(x, i) _v128_set_bit(x, i)
-#define v128_clear_bit(x, i) _v128_clear_bit(x, i)
-#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y)
-
-#else
-
-void
-v128_set_to_zero(v128_t *x);
-
-int
-v128_is_eq(const v128_t *x, const v128_t *y);
-
-void
-v128_copy(v128_t *x, const v128_t *y);
-
-void
-v128_xor(v128_t *z, v128_t *x, v128_t *y);
-
-void
-v128_and(v128_t *z, v128_t *x, v128_t *y);
-
-void
-v128_or(v128_t *z, v128_t *x, v128_t *y);
-
-void
-v128_complement(v128_t *x);
-
-int
-v128_get_bit(const v128_t *x, int i);
-
-void
-v128_set_bit(v128_t *x, int i) ;
-
-void
-v128_clear_bit(v128_t *x, int i);
-
-void
-v128_set_bit_to(v128_t *x, int i, int y);
-
-#endif /* DATATYPES_USE_MACROS */
-
-/*
- * octet_string_is_eq(a,b, len) returns 1 if the length len strings a
- * and b are not equal, returns 0 otherwise
- */
-
-int
-octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
-
-void
-octet_string_set_to_zero(uint8_t *s, int len);
-
-
-#endif /* MATH_H */
-
-
-
diff --git a/crypto/include/crypto_types.h b/crypto/include/crypto_types.h
deleted file mode 100644
index 0ce50f4..0000000
--- a/crypto/include/crypto_types.h
+++ /dev/null
@@ -1,206 +0,0 @@
-/*
- * crypto_types.h
- *
- * constants for cipher types and auth func types
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright(c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef CRYPTO_TYPES_H
-#define CRYPTO_TYPES_H
-
-/**
- * @defgroup Algos Cryptographic Algorithms
- *
- *
- * This library provides several different cryptographic algorithms,
- * each of which can be selected by using the cipher_type_id_t and
- * auth_type_id_t. These algorithms are documented below.
- *
- * Authentication functions that use the Universal Security Transform
- * (UST) must be used in conjunction with a cipher other than the null
- * cipher. These functions require a per-message pseudorandom input
- * that is generated by the cipher.
- *
- * The identifiers STRONGHOLD_AUTH and STRONGHOLD_CIPHER identify the
- * strongest available authentication function and cipher,
- * respectively. They are resolved at compile time to the strongest
- * available algorithm. The stronghold algorithms can serve as did
- * the keep of a medieval fortification; they provide the strongest
- * defense (or the last refuge).
- *
- * @{
- */
-
-/**
- * @defgroup Ciphers Cipher Types
- *
- * @brief Each cipher type is identified by an unsigned integer. The
- * cipher types available in this edition of libSRTP are given
- * by the #defines below.
- *
- * A cipher_type_id_t is an identifier for a cipher_type; only values
- * given by the #defines above (or those present in the file
- * crypto_types.h) should be used.
- *
- * The identifier STRONGHOLD_CIPHER indicates the strongest available
- * cipher, allowing an application to choose the strongest available
- * algorithm without any advance knowledge about the avaliable
- * algorithms.
- *
- * @{
- */
-
-/**
- * @brief The null cipher performs no encryption.
- *
- * The NULL_CIPHER leaves its inputs unaltered, during both the
- * encryption and decryption operations. This cipher can be chosen
- * to indicate that no encryption is to be performed.
- */
-#define NULL_CIPHER 0
-
-/**
- * @brief AES-128 Integer Counter Mode (AES ICM)
- *
- * AES-128 ICM is the variant of counter mode that is used by Secure RTP.
- * This cipher uses a 16-octet key and a 30-octet offset (or salt) value.
- */
-#define AES_128_ICM 1
-
-/**
- * @brief SEAL 3.0
- *
- * SEAL is the Software-Optimized Encryption Algorithm of Coppersmith
- * and Rogaway. Nota bene: this cipher is IBM proprietary.
- */
-#define SEAL 2
-
-/**
- * @brief AES-128 Integer Counter Mode (AES ICM)
- *
- * AES-128 ICM is the variant of counter mode that is used by Secure RTP.
- * This cipher uses a 16-octet key and a 30-octet offset (or salt) value.
- */
-#define AES_128_CBC 3
-
-/**
- * @brief Strongest available cipher.
- *
- * This identifier resolves to the strongest cipher type available.
- */
-#define STRONGHOLD_CIPHER AES_128_ICM
-
-/**
- * @}
- */
-
-
-
-/**
- * @defgroup Authentication Authentication Function Types
- *
- * @brief Each authentication function type is identified by an
- * unsigned integer. The authentication function types available in
- * this edition of libSRTP are given by the #defines below.
- *
- * An auth_type_id_t is an identifier for an authentication function type;
- * only values given by the #defines above (or those present in the
- * file crypto_types.h) should be used.
- *
- * The identifier STRONGHOLD_AUTH indicates the strongest available
- * authentication function, allowing an application to choose the
- * strongest available algorithm without any advance knowledge about
- * the avaliable algorithms. The stronghold algorithms can serve as
- * did the keep of a medieval fortification; they provide the
- * strongest defense (or the last refuge).
- *
- * @{
- */
-
-/**
- * @brief The null authentication function performs no authentication.
- *
- * The NULL_AUTH function does nothing, and can be selected to indicate
- * that authentication should not be performed.
- */
-#define NULL_AUTH 0
-
-/**
- * @brief UST with TMMH Version 2
- *
- * UST_TMMHv2 implements the Truncated Multi-Modular Hash using
- * UST. This function must be used in conjunction with a cipher other
- * than the null cipher.
- * with a cipher.
- */
-#define UST_TMMHv2 1
-
-/**
- * @brief (UST) AES-128 XORMAC
- *
- * UST_AES_128_XMAC implements AES-128 XORMAC, using UST. Nota bene:
- * the XORMAC algorithm is IBM proprietary.
- */
-#define UST_AES_128_XMAC 2
-
-/**
- * @brief HMAC-SHA1
- *
- * HMAC_SHA1 implements the Hash-based MAC using the NIST Secure
- * Hash Algorithm version 1 (SHA1).
- */
-#define HMAC_SHA1 3
-
-/**
- * @brief Strongest available authentication function.
- *
- * This identifier resolves to the strongest available authentication
- * function.
- */
-#define STRONGHOLD_AUTH HMAC_SHA1
-
-/**
- * @}
- */
-/**
- * @}
- */
-
-#endif /* CRYPTO_TYPES_H */
diff --git a/crypto/include/cryptoalg.h b/crypto/include/cryptoalg.h
deleted file mode 100644
index d9f0441..0000000
--- a/crypto/include/cryptoalg.h
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * cryptoalg.h
- *
- * API for authenticated encryption crypto algorithms
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef CRYPTOALG_H
-#define CRYPTOALG_H
-
-#include "err.h"
-
-/**
- * @defgroup Crypto Cryptography
- *
- * Zed uses a simple interface to a cryptographic transform.
- *
- * @{
- */
-
-/**
- * @brief applies a crypto algorithm
- *
- * The function pointer cryptoalg_func_t points to a function that
- * implements a crypto transform, and provides a uniform API for
- * accessing crypto mechanisms.
- *
- * @param key location of secret key
- *
- * @param clear data to be authenticated but not encrypted
- *
- * @param clear_len length of data to be authenticated but not encrypted
- *
- * @param iv location to write the Initialization Vector (IV)
- *
- * @param protect location of the data to be encrypted and
- * authenticated (before the function call), and the ciphertext
- * and authentication tag (after the call)
- *
- * @param protected_len location of the length of the data to be
- * encrypted and authenticated (before the function call), and the
- * length of the ciphertext (after the call)
- *
- */
-
-typedef err_status_t (*cryptoalg_func_t)
- (void *key,
- const void *clear,
- unsigned clear_len,
- void *iv,
- void *protect,
- unsigned *protected_len);
-
-typedef
-err_status_t (*cryptoalg_inv_t)
- (void *key, /* location of secret key */
- const void *clear, /* data to be authenticated only */
- unsigned clear_len, /* length of data to be authenticated only */
- void *iv, /* location of iv */
- void *opaque, /* data to be decrypted and authenticated */
- unsigned *opaque_len /* location of the length of data to be
- * decrypted and authd (before and after)
- */
- );
-
-typedef struct cryptoalg_ctx_t {
- cryptoalg_func_t enc;
- cryptoalg_inv_t dec;
- unsigned key_len;
- unsigned iv_len;
- unsigned auth_tag_len;
- unsigned max_expansion;
-} cryptoalg_ctx_t;
-
-typedef cryptoalg_ctx_t *cryptoalg_t;
-
-#define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len)
-
-#define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len)
-
-#define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len)
-
-int
-cryptoalg_get_id(cryptoalg_t c);
-
-cryptoalg_t
-cryptoalg_find_by_id(int id);
-
-
-/**
- * @}
- */
-
-#endif /* CRYPTOALG_H */
-
-
diff --git a/crypto/include/datatypes.h b/crypto/include/datatypes.h
deleted file mode 100644
index f6ef3af..0000000
--- a/crypto/include/datatypes.h
+++ /dev/null
@@ -1,506 +0,0 @@
-/*
- * datatypes.h
- *
- * data types for bit vectors and finite fields
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef _DATATYPES_H
-#define _DATATYPES_H
-
-#include "integers.h" /* definitions of uint32_t, et cetera */
-#include "alloc.h"
-
-#include <stdarg.h>
-
-#ifndef SRTP_KERNEL
-# include <stdio.h>
-# include <string.h>
-# include <time.h>
-# ifdef HAVE_NETINET_IN_H
-# include <netinet/in.h>
-# elif defined HAVE_WINSOCK2_H
-# include <winsock2.h>
-# endif
-#endif
-
-
-/* if DATATYPES_USE_MACROS is defined, then little functions are macros */
-#define DATATYPES_USE_MACROS
-
-typedef union {
- uint8_t v8[2];
- uint16_t value;
-} v16_t;
-
-typedef union {
- uint8_t v8[4];
- uint16_t v16[2];
- uint32_t value;
-} v32_t;
-
-typedef union {
- uint8_t v8[8];
- uint16_t v16[4];
- uint32_t v32[2];
- uint64_t value;
-} v64_t;
-
-typedef union {
- uint8_t v8[16];
- uint16_t v16[8];
- uint32_t v32[4];
- uint64_t v64[2];
-} v128_t;
-
-
-
-/* some useful and simple math functions */
-
-#define pow_2(X) ( (unsigned int)1 << (X) ) /* 2^X */
-
-#define pow_minus_one(X) ( (X) ? -1 : 1 ) /* (-1)^X */
-
-
-/*
- * octet_get_weight(x) returns the hamming weight (number of bits equal to
- * one) in the octet x
- */
-
-int
-octet_get_weight(uint8_t octet);
-
-char *
-octet_bit_string(uint8_t x);
-
-#define MAX_PRINT_STRING_LEN 1024
-
-char *
-octet_string_hex_string(const void *str, int length);
-
-char *
-v128_bit_string(v128_t *x);
-
-char *
-v128_hex_string(v128_t *x);
-
-uint8_t
-nibble_to_hex_char(uint8_t nibble);
-
-char *
-char_to_hex_string(char *x, int num_char);
-
-uint8_t
-hex_string_to_octet(char *s);
-
-/*
- * hex_string_to_octet_string(raw, hex, len) converts the hexadecimal
- * string at *hex (of length len octets) to the equivalent raw data
- * and writes it to *raw.
- *
- * if a character in the hex string that is not a hexadeciaml digit
- * (0123456789abcdefABCDEF) is encountered, the function stops writing
- * data to *raw
- *
- * the number of hex digits copied (which is two times the number of
- * octets in *raw) is returned
- */
-
-int
-hex_string_to_octet_string(char *raw, char *hex, int len);
-
-v128_t
-hex_string_to_v128(char *s);
-
-void
-v128_copy_octet_string(v128_t *x, const uint8_t s[16]);
-
-void
-v128_left_shift(v128_t *x, int index);
-
-void
-v128_right_shift(v128_t *x, int index);
-
-/*
- * the following macros define the data manipulation functions
- *
- * If DATATYPES_USE_MACROS is defined, then these macros are used
- * directly (and function call overhead is avoided). Otherwise,
- * the macros are used through the functions defined in datatypes.c
- * (and the compiler provides better warnings).
- */
-
-#define _v128_set_to_zero(x) \
-( \
- (x)->v32[0] = 0, \
- (x)->v32[1] = 0, \
- (x)->v32[2] = 0, \
- (x)->v32[3] = 0 \
-)
-
-#define _v128_copy(x, y) \
-( \
- (x)->v32[0] = (y)->v32[0], \
- (x)->v32[1] = (y)->v32[1], \
- (x)->v32[2] = (y)->v32[2], \
- (x)->v32[3] = (y)->v32[3] \
-)
-
-#define _v128_xor(z, x, y) \
-( \
- (z)->v32[0] = (x)->v32[0] ^ (y)->v32[0], \
- (z)->v32[1] = (x)->v32[1] ^ (y)->v32[1], \
- (z)->v32[2] = (x)->v32[2] ^ (y)->v32[2], \
- (z)->v32[3] = (x)->v32[3] ^ (y)->v32[3] \
-)
-
-#define _v128_and(z, x, y) \
-( \
- (z)->v32[0] = (x)->v32[0] & (y)->v32[0], \
- (z)->v32[1] = (x)->v32[1] & (y)->v32[1], \
- (z)->v32[2] = (x)->v32[2] & (y)->v32[2], \
- (z)->v32[3] = (x)->v32[3] & (y)->v32[3] \
-)
-
-#define _v128_or(z, x, y) \
-( \
- (z)->v32[0] = (x)->v32[0] | (y)->v32[0], \
- (z)->v32[1] = (x)->v32[1] | (y)->v32[1], \
- (z)->v32[2] = (x)->v32[2] | (y)->v32[2], \
- (z)->v32[3] = (x)->v32[3] | (y)->v32[3] \
-)
-
-#define _v128_complement(x) \
-( \
- (x)->v32[0] = ~(x)->v32[0], \
- (x)->v32[1] = ~(x)->v32[1], \
- (x)->v32[2] = ~(x)->v32[2], \
- (x)->v32[3] = ~(x)->v32[3] \
-)
-
-/* ok for NO_64BIT_MATH if it can compare uint64_t's (even as structures) */
-#define _v128_is_eq(x, y) \
- (((x)->v64[0] == (y)->v64[0]) && ((x)->v64[1] == (y)->v64[1]))
-
-
-#ifdef NO_64BIT_MATH
-#define _v128_xor_eq(z, x) \
-( \
- (z)->v32[0] ^= (x)->v32[0], \
- (z)->v32[1] ^= (x)->v32[1], \
- (z)->v32[2] ^= (x)->v32[2], \
- (z)->v32[3] ^= (x)->v32[3] \
-)
-#else
-#define _v128_xor_eq(z, x) \
-( \
- (z)->v64[0] ^= (x)->v64[0], \
- (z)->v64[1] ^= (x)->v64[1] \
-)
-#endif
-
-/* NOTE! This assumes an odd ordering! */
-/* This will not be compatible directly with math on some processors */
-/* bit 0 is first 32-bit word, low order bit. in little-endian, that's
- the first byte of the first 32-bit word. In big-endian, that's
- the 3rd byte of the first 32-bit word */
-/* The get/set bit code is used by the replay code ONLY, and it doesn't
- really care which bit is which. AES does care which bit is which, but
- doesn't use the 128-bit get/set or 128-bit shifts */
-
-#define _v128_get_bit(x, bit) \
-( \
- ((((x)->v32[(bit) >> 5]) >> ((bit) & 31)) & 1) \
-)
-
-#define _v128_set_bit(x, bit) \
-( \
- (((x)->v32[(bit) >> 5]) |= ((uint32_t)1 << ((bit) & 31))) \
-)
-
-#define _v128_clear_bit(x, bit) \
-( \
- (((x)->v32[(bit) >> 5]) &= ~((uint32_t)1 << ((bit) & 31))) \
-)
-
-#define _v128_set_bit_to(x, bit, value) \
-( \
- (value) ? _v128_set_bit(x, bit) : \
- _v128_clear_bit(x, bit) \
-)
-
-
-#if 0
-/* nothing uses this */
-#ifdef WORDS_BIGENDIAN
-
-#define _v128_add(z, x, y) { \
- uint64_t tmp; \
- \
- tmp = x->v32[3] + y->v32[3]; \
- z->v32[3] = (uint32_t) tmp; \
- \
- tmp = x->v32[2] + y->v32[2] + (tmp >> 32); \
- z->v32[2] = (uint32_t) tmp; \
- \
- tmp = x->v32[1] + y->v32[1] + (tmp >> 32); \
- z->v32[1] = (uint32_t) tmp; \
- \
- tmp = x->v32[0] + y->v32[0] + (tmp >> 32); \
- z->v32[0] = (uint32_t) tmp; \
-}
-
-#else /* assume little endian architecture */
-
-#define _v128_add(z, x, y) { \
- uint64_t tmp; \
- \
- tmp = htonl(x->v32[3]) + htonl(y->v32[3]); \
- z->v32[3] = ntohl((uint32_t) tmp); \
- \
- tmp = htonl(x->v32[2]) + htonl(y->v32[2]) \
- + htonl(tmp >> 32); \
- z->v32[2] = ntohl((uint32_t) tmp); \
- \
- tmp = htonl(x->v32[1]) + htonl(y->v32[1]) \
- + htonl(tmp >> 32); \
- z->v32[1] = ntohl((uint32_t) tmp); \
- \
- tmp = htonl(x->v32[0]) + htonl(y->v32[0]) \
- + htonl(tmp >> 32); \
- z->v32[0] = ntohl((uint32_t) tmp); \
-}
-#endif /* WORDS_BIGENDIAN */
-#endif /* 0 */
-
-
-#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
-
-#define v128_set_to_zero(z) _v128_set_to_zero(z)
-#define v128_copy(z, x) _v128_copy(z, x)
-#define v128_xor(z, x, y) _v128_xor(z, x, y)
-#define v128_and(z, x, y) _v128_and(z, x, y)
-#define v128_or(z, x, y) _v128_or(z, x, y)
-#define v128_complement(x) _v128_complement(x)
-#define v128_is_eq(x, y) _v128_is_eq(x, y)
-#define v128_xor_eq(x, y) _v128_xor_eq(x, y)
-#define v128_get_bit(x, i) _v128_get_bit(x, i)
-#define v128_set_bit(x, i) _v128_set_bit(x, i)
-#define v128_clear_bit(x, i) _v128_clear_bit(x, i)
-#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y)
-
-#else
-
-void
-v128_set_to_zero(v128_t *x);
-
-int
-v128_is_eq(const v128_t *x, const v128_t *y);
-
-void
-v128_copy(v128_t *x, const v128_t *y);
-
-void
-v128_xor(v128_t *z, v128_t *x, v128_t *y);
-
-void
-v128_and(v128_t *z, v128_t *x, v128_t *y);
-
-void
-v128_or(v128_t *z, v128_t *x, v128_t *y);
-
-void
-v128_complement(v128_t *x);
-
-int
-v128_get_bit(const v128_t *x, int i);
-
-void
-v128_set_bit(v128_t *x, int i) ;
-
-void
-v128_clear_bit(v128_t *x, int i);
-
-void
-v128_set_bit_to(v128_t *x, int i, int y);
-
-#endif /* DATATYPES_USE_MACROS */
-
-/*
- * octet_string_is_eq(a,b, len) returns 1 if the length len strings a
- * and b are not equal, returns 0 otherwise
- */
-
-int
-octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
-
-void
-octet_string_set_to_zero(uint8_t *s, int len);
-
-
-#ifndef SRTP_KERNEL_LINUX
-
-/*
- * Convert big endian integers to CPU byte order.
- */
-#ifdef WORDS_BIGENDIAN
-/* Nothing to do. */
-# define be32_to_cpu(x) (x)
-# define be64_to_cpu(x) (x)
-#elif defined(HAVE_BYTESWAP_H)
-/* We have (hopefully) optimized versions in byteswap.h */
-# include <byteswap.h>
-# define be32_to_cpu(x) bswap_32((x))
-# define be64_to_cpu(x) bswap_64((x))
-#else
-
-#if defined(__GNUC__) && defined(HAVE_X86)
-/* Fall back. */
-static inline uint32_t be32_to_cpu(uint32_t v) {
- /* optimized for x86. */
- asm("bswap %0" : "=r" (v) : "0" (v));
- return v;
-}
-# else /* HAVE_X86 */
-# ifdef HAVE_NETINET_IN_H
-# include <netinet/in.h>
-# elif defined HAVE_WINSOCK2_H
-# include <winsock2.h>
-# endif
-# define be32_to_cpu(x) ntohl((x))
-# endif /* HAVE_X86 */
-
-static inline uint64_t be64_to_cpu(uint64_t v) {
-# ifdef NO_64BIT_MATH
- /* use the make64 functions to do 64-bit math */
- v = make64(htonl(low32(v)),htonl(high32(v)));
-# else
- /* use the native 64-bit math */
- v= (uint64_t)((be32_to_cpu((uint32_t)(v >> 32))) | (((uint64_t)be32_to_cpu((uint32_t)v)) << 32));
-# endif
- return v;
-}
-
-#endif /* ! SRTP_KERNEL_LINUX */
-
-#endif /* WORDS_BIGENDIAN */
-
-/*
- * functions manipulating bitvector_t
- *
- * A bitvector_t consists of an array of words and an integer
- * representing the number of significant bits stored in the array.
- * The bits are packed as follows: the least significant bit is that
- * of word[0], while the most significant bit is the nth most
- * significant bit of word[m], where length = bits_per_word * m + n.
- *
- */
-
-#define bits_per_word 32
-#define bytes_per_word 4
-
-typedef struct {
- uint32_t length;
- uint32_t *word;
-} bitvector_t;
-
-
-#define _bitvector_get_bit(v, bit_index) \
-( \
- ((((v)->word[((bit_index) >> 5)]) >> ((bit_index) & 31)) & 1) \
-)
-
-
-#define _bitvector_set_bit(v, bit_index) \
-( \
- (((v)->word[((bit_index) >> 5)] |= ((uint32_t)1 << ((bit_index) & 31)))) \
-)
-
-#define _bitvector_clear_bit(v, bit_index) \
-( \
- (((v)->word[((bit_index) >> 5)] &= ~((uint32_t)1 << ((bit_index) & 31)))) \
-)
-
-#define _bitvector_get_length(v) \
-( \
- ((v)->length) \
-)
-
-#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
-
-#define bitvector_get_bit(v, bit_index) _bitvector_get_bit(v, bit_index)
-#define bitvector_set_bit(v, bit_index) _bitvector_set_bit(v, bit_index)
-#define bitvector_clear_bit(v, bit_index) _bitvector_clear_bit(v, bit_index)
-#define bitvector_get_length(v) _bitvector_get_length(v)
-
-#else
-
-int
-bitvector_get_bit(const bitvector_t *v, int bit_index);
-
-void
-bitvector_set_bit(bitvector_t *v, int bit_index);
-
-void
-bitvector_clear_bit(bitvector_t *v, int bit_index);
-
-unsigned long
-bitvector_get_length(const bitvector_t *v);
-
-#endif
-
-int
-bitvector_alloc(bitvector_t *v, unsigned long length);
-
-void
-bitvector_dealloc(bitvector_t *v);
-
-void
-bitvector_set_to_zero(bitvector_t *x);
-
-void
-bitvector_left_shift(bitvector_t *x, int index);
-
-char *
-bitvector_bit_string(bitvector_t *x, char* buf, int len);
-
-#endif /* _DATATYPES_H */
diff --git a/crypto/include/err.h b/crypto/include/err.h
deleted file mode 100644
index 1a6e170..0000000
--- a/crypto/include/err.h
+++ /dev/null
@@ -1,174 +0,0 @@
-/*
- * err.h
- *
- * error status codes
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef ERR_H
-#define ERR_H
-
-#include "datatypes.h"
-
-/**
- * @defgroup Error Error Codes
- *
- * Error status codes are represented by the enumeration err_status_t.
- *
- * @{
- */
-
-
-/*
- * @brief err_status_t defines error codes.
- *
- * The enumeration err_status_t defines error codes. Note that the
- * value of err_status_ok is equal to zero, which can simplify error
- * checking somewhat.
- *
- */
-typedef enum {
- err_status_ok = 0, /**< nothing to report */
- err_status_fail = 1, /**< unspecified failure */
- err_status_bad_param = 2, /**< unsupported parameter */
- err_status_alloc_fail = 3, /**< couldn't allocate memory */
- err_status_dealloc_fail = 4, /**< couldn't deallocate properly */
- err_status_init_fail = 5, /**< couldn't initialize */
- err_status_terminus = 6, /**< can't process as much data as requested */
- err_status_auth_fail = 7, /**< authentication failure */
- err_status_cipher_fail = 8, /**< cipher failure */
- err_status_replay_fail = 9, /**< replay check failed (bad index) */
- err_status_replay_old = 10, /**< replay check failed (index too old) */
- err_status_algo_fail = 11, /**< algorithm failed test routine */
- err_status_no_such_op = 12, /**< unsupported operation */
- err_status_no_ctx = 13, /**< no appropriate context found */
- err_status_cant_check = 14, /**< unable to perform desired validation */
- err_status_key_expired = 15, /**< can't use key any more */
- err_status_socket_err = 16, /**< error in use of socket */
- err_status_signal_err = 17, /**< error in use POSIX signals */
- err_status_nonce_bad = 18, /**< nonce check failed */
- err_status_read_fail = 19, /**< couldn't read data */
- err_status_write_fail = 20, /**< couldn't write data */
- err_status_parse_err = 21, /**< error pasring data */
- err_status_encode_err = 22, /**< error encoding data */
- err_status_semaphore_err = 23,/**< error while using semaphores */
- err_status_pfkey_err = 24 /**< error while using pfkey */
-} err_status_t;
-
-/**
- * @}
- */
-
-typedef enum {
- err_level_emergency = 0,
- err_level_alert,
- err_level_critical,
- err_level_error,
- err_level_warning,
- err_level_notice,
- err_level_info,
- err_level_debug,
- err_level_none
-} err_reporting_level_t;
-
-/*
- * err_reporting_init prepares the error system. If
- * ERR_REPORTING_SYSLOG is defined, it will open syslog.
- *
- * The ident argument is a string that will be prepended to
- * all syslog messages. It is conventionally argv[0].
- */
-
-err_status_t
-err_reporting_init(char *ident);
-
-#ifdef SRTP_KERNEL_LINUX
-extern err_reporting_level_t err_level;
-#else
-
-/*
- * keydaemon_report_error reports a 'printf' formatted error
- * string, followed by a an arg list. The priority argument
- * is equivalent to that defined for syslog.
- *
- * Errors will be reported to ERR_REPORTING_FILE, if defined, and to
- * syslog, if ERR_REPORTING_SYSLOG is defined.
- *
- */
-
-void
-err_report(int priority, char *format, ...);
-#endif /* ! SRTP_KERNEL_LINUX */
-
-
-/*
- * debug_module_t defines a debug module
- */
-
-typedef struct {
- int on; /* 1 if debugging is on, 0 if it is off */
- char *name; /* printable name for debug module */
-} debug_module_t;
-
-#ifdef ENABLE_DEBUGGING
-
-#define debug_on(mod) (mod).on = 1
-
-#define debug_off(mod) (mod).on = 0
-
-/* use err_report() to report debug message */
-#define debug_print(mod, format, arg) \
- if (mod.on) err_report(err_level_debug, ("%s: " format "\n"), mod.name, arg)
-#define debug_print2(mod, format, arg1,arg2) \
- if (mod.on) err_report(err_level_debug, ("%s: " format "\n"), mod.name, arg1,arg2)
-
-#else
-
-/* define macros to do nothing */
-#define debug_print(mod, format, arg)
-
-#define debug_on(mod)
-
-#define debug_off(mod)
-
-#endif
-
-#endif /* ERR_H */
diff --git a/crypto/include/gf2_8.h b/crypto/include/gf2_8.h
deleted file mode 100644
index 098d37c..0000000
--- a/crypto/include/gf2_8.h
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * gf2_8.h
- *
- * GF(256) implementation
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef GF2_8_H
-#define GF2_8_H
-
-#include "datatypes.h" /* for uint8_t definition */
-
-typedef uint8_t gf2_8;
-
-#define gf2_8_field_polynomial 0x1B
-
-/*
- * gf2_8_shift(x) returns
- */
-
-/*
- * gf2_8_shift(z) returns the result of the GF(2^8) 'multiply by x'
- * operation, using the field representation from AES; that is, the
- * next gf2_8 value in the cyclic representation of that field. The
- * value z should be an uint8_t.
- */
-
-#define gf2_8_shift(z) (((z) & 128) ? \
- (((z) << 1) ^ gf2_8_field_polynomial) : ((z) << 1))
-
-gf2_8
-gf2_8_compute_inverse(gf2_8 x);
-
-void
-test_gf2_8(void);
-
-gf2_8
-gf2_8_multiply(gf2_8 x, gf2_8 y);
-
-#endif /* GF2_8_H */
diff --git a/crypto/include/hmac.h b/crypto/include/hmac.h
deleted file mode 100644
index 262c0e2..0000000
--- a/crypto/include/hmac.h
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * hmac.h
- *
- * interface to hmac auth_type_t
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- *
- */
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef HMAC_H
-#define HMAC_H
-
-#include "auth.h"
-#include "sha1.h"
-
-typedef struct {
- uint8_t opad[64];
- sha1_ctx_t ctx;
- sha1_ctx_t init_ctx;
-} hmac_ctx_t;
-
-err_status_t
-hmac_alloc(auth_t **a, int key_len, int out_len);
-
-err_status_t
-hmac_dealloc(auth_t *a);
-
-err_status_t
-hmac_init(hmac_ctx_t *state, const uint8_t *key, int key_len);
-
-err_status_t
-hmac_start(hmac_ctx_t *state);
-
-err_status_t
-hmac_update(hmac_ctx_t *state, const uint8_t *message, int msg_octets);
-
-err_status_t
-hmac_compute(hmac_ctx_t *state, const void *message,
- int msg_octets, int tag_len, uint8_t *result);
-
-
-#endif /* HMAC_H */
diff --git a/crypto/include/integers.h b/crypto/include/integers.h
deleted file mode 100644
index 3515d13..0000000
--- a/crypto/include/integers.h
+++ /dev/null
@@ -1,146 +0,0 @@
-/*
- * integers.h
- *
- * defines integer types (or refers to their definitions)
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef INTEGERS_H
-#define INTEGERS_H
-
-#include "config.h" /* configuration file, using autoconf */
-
-#ifdef SRTP_KERNEL
-
-#include "kernel_compat.h"
-
-#else /* SRTP_KERNEL */
-
-/* use standard integer definitions, if they're available */
-#ifdef HAVE_STDLIB_H
-# include <stdlib.h>
-#endif
-#ifdef HAVE_STDINT_H
-# include <stdint.h>
-#endif
-#ifdef HAVE_INTTYPES_H
-# include <inttypes.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_INT_TYPES_H
-# include <sys/int_types.h> /* this exists on Sun OS */
-#endif
-#ifdef HAVE_MACHINE_TYPES_H
-# include <machine/types.h>
-#endif
-
-/* Can we do 64 bit integers? */
-#ifndef HAVE_UINT64_T
-# if SIZEOF_UNSIGNED_LONG == 8
-typedef unsigned long uint64_t;
-# elif SIZEOF_UNSIGNED_LONG_LONG == 8
-typedef unsigned long long uint64_t;
-# else
-# define NO_64BIT_MATH 1
-# endif
-#endif
-
-/* Reasonable defaults for 32 bit machines - you may need to
- * edit these definitions for your own machine. */
-#ifndef HAVE_UINT8_T
-typedef unsigned char uint8_t;
-#endif
-#ifndef HAVE_UINT16_T
-typedef unsigned short int uint16_t;
-#endif
-#ifndef HAVE_UINT32_T
-typedef unsigned int uint32_t;
-#endif
-
-#ifdef NO_64BIT_MATH
-typedef double uint64_t;
-/* assert that sizeof(double) == 8 */
-extern uint64_t make64(uint32_t high, uint32_t low);
-extern uint32_t high32(uint64_t value);
-extern uint32_t low32(uint64_t value);
-#endif
-
-#endif /* SRTP_KERNEL */
-
-/* These macros are to load and store 32-bit values from un-aligned
- addresses. This is required for processors that do not allow unaligned
- loads. */
-#ifdef ALIGNMENT_32BIT_REQUIRED
-/* Note that if it's in a variable, you can memcpy it */
-#ifdef WORDS_BIGENDIAN
-#define PUT_32(addr,value) \
- { \
- ((unsigned char *) (addr))[0] = (value >> 24); \
- ((unsigned char *) (addr))[1] = (value >> 16) & 0xff; \
- ((unsigned char *) (addr))[2] = (value >> 8) & 0xff; \
- ((unsigned char *) (addr))[3] = (value) & 0xff; \
- }
-#define GET_32(addr) ((((unsigned char *) (addr))[0] << 24) | \
- (((unsigned char *) (addr))[1] << 16) | \
- (((unsigned char *) (addr))[2] << 8) | \
- (((unsigned char *) (addr))[3]))
-#else
-#define PUT_32(addr,value) \
- { \
- ((unsigned char *) (addr))[3] = (value >> 24); \
- ((unsigned char *) (addr))[2] = (value >> 16) & 0xff; \
- ((unsigned char *) (addr))[1] = (value >> 8) & 0xff; \
- ((unsigned char *) (addr))[0] = (value) & 0xff; \
- }
-#define GET_32(addr) ((((unsigned char *) (addr))[3] << 24) | \
- (((unsigned char *) (addr))[2] << 16) | \
- (((unsigned char *) (addr))[1] << 8) | \
- (((unsigned char *) (addr))[0]))
-#endif // WORDS_BIGENDIAN
-#else
-#define PUT_32(addr,value) *(((uint32_t *) (addr)) = (value)
-#define GET_32(addr) (*(((uint32_t *) (addr)))
-#endif
-
-#endif /* INTEGERS_H */
diff --git a/crypto/include/kernel_compat.h b/crypto/include/kernel_compat.h
deleted file mode 100644
index 59d1898..0000000
--- a/crypto/include/kernel_compat.h
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * kernel_compat.h
- *
- * Compatibility stuff for building in kernel context where standard
- * C headers and library are not available.
- *
- * Marcus Sundberg
- * Ingate Systems AB
- */
-/*
- *
- * Copyright(c) 2005 Ingate Systems AB
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the author(s) nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef KERNEL_COMPAT_H
-#define KERNEL_COMPAT_H
-
-#ifdef SRTP_KERNEL_LINUX
-
-#include <linux/kernel.h>
-#include <linux/slab.h>
-#include <linux/sched.h>
-#include <linux/random.h>
-#include <linux/byteorder/generic.h>
-
-
-#define err_report(priority, ...) \
- do {\
- if (priority <= err_level) {\
- printk(__VA_ARGS__);\
- }\
- }while(0)
-
-#define clock() (jiffies)
-#define time(x) (jiffies)
-
-/* rand() implementation. */
-#define RAND_MAX 32767
-
-static inline int rand(void)
-{
- uint32_t temp;
- get_random_bytes(&temp, sizeof(temp));
- return temp % (RAND_MAX+1);
-}
-
-/* stdio/stdlib implementation. */
-#define printf(...) printk(__VA_ARGS__)
-#define exit(n) panic("%s:%d: exit(%d)\n", __FILE__, __LINE__, (n))
-
-#endif /* SRTP_KERNEL_LINUX */
-
-#endif /* KERNEL_COMPAT_H */
diff --git a/crypto/include/key.h b/crypto/include/key.h
deleted file mode 100644
index e7e0744..0000000
--- a/crypto/include/key.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * key.h
- *
- * key usage limits enforcement
- *
- * David A. Mcgrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef KEY_H
-#define KEY_H
-
-#include "rdbx.h" /* for xtd_seq_num_t */
-#include "err.h"
-
-typedef struct key_limit_ctx_t *key_limit_t;
-
-typedef enum {
- key_event_normal,
- key_event_soft_limit,
- key_event_hard_limit
-} key_event_t;
-
-err_status_t
-key_limit_set(key_limit_t key, const xtd_seq_num_t s);
-
-err_status_t
-key_limit_clone(key_limit_t original, key_limit_t *new_key);
-
-err_status_t
-key_limit_check(const key_limit_t key);
-
-key_event_t
-key_limit_update(key_limit_t key);
-
-typedef enum {
- key_state_normal,
- key_state_past_soft_limit,
- key_state_expired
-} key_state_t;
-
-typedef struct key_limit_ctx_t {
- xtd_seq_num_t num_left;
- key_state_t state;
-} key_limit_ctx_t;
-
-#endif /* KEY_H */
diff --git a/crypto/include/null_auth.h b/crypto/include/null_auth.h
deleted file mode 100644
index 44f9a4a..0000000
--- a/crypto/include/null_auth.h
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * null-auth.h
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- *
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef NULL_AUTH_H
-#define NULL_AUTH_H
-
-#include "auth.h"
-
-typedef struct {
- char foo;
-} null_auth_ctx_t;
-
-err_status_t
-null_auth_alloc(auth_t **a, int key_len, int out_len);
-
-err_status_t
-null_auth_dealloc(auth_t *a);
-
-err_status_t
-null_auth_init(null_auth_ctx_t *state, const uint8_t *key, int key_len);
-
-err_status_t
-null_auth_compute (null_auth_ctx_t *state, uint8_t *message,
- int msg_octets, int tag_len, uint8_t *result);
-
-
-#endif /* NULL_AUTH_H */
diff --git a/crypto/include/null_cipher.h b/crypto/include/null_cipher.h
deleted file mode 100644
index 7d6bbdd..0000000
--- a/crypto/include/null_cipher.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * null-cipher.h
- *
- * header file for the null cipher
- *
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef NULL_CIPHER_H
-#define NULL_CIPHER_H
-
-#include "datatypes.h"
-#include "cipher.h"
-
-typedef struct {
- char foo ;/* empty, for now */
-} null_cipher_ctx_t;
-
-
-/*
- * none of these functions do anything (though future versions may keep
- * track of bytes encrypted, number of instances, and/or other info).
- */
-
-err_status_t
-null_cipher_init(null_cipher_ctx_t *c, const uint8_t *key);
-
-err_status_t
-null_cipher_set_segment(null_cipher_ctx_t *c,
- unsigned long index);
-
-err_status_t
-null_cipher_encrypt(null_cipher_ctx_t *c,
- unsigned char *buf, unsigned int *bytes_to_encr);
-
-
-err_status_t
-null_cipher_encrypt_aligned(null_cipher_ctx_t *c,
- unsigned char *buf, int bytes_to_encr);
-
-#endif /* NULL_CIPHER_H */
diff --git a/crypto/include/prng.h b/crypto/include/prng.h
deleted file mode 100644
index fb96b5e..0000000
--- a/crypto/include/prng.h
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * prng.h
- *
- * pseudorandom source
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-#ifndef PRNG_H
-#define PRNG_H
-
-#include "rand_source.h" /* for rand_source_func_t definition */
-#include "aes.h" /* for aes */
-#include "aes_icm.h" /* for aes ctr */
-
-#define MAX_PRNG_OUT_LEN 0xffffffffU
-
-/*
- * x917_prng is an ANSI X9.17-like AES-based PRNG
- */
-
-typedef struct {
- v128_t state; /* state data */
- aes_expanded_key_t key; /* secret key */
- uint32_t octet_count; /* number of octets output since last init */
- rand_source_func_t rand; /* random source for re-initialization */
-} x917_prng_t;
-
-err_status_t
-x917_prng_init(rand_source_func_t random_source);
-
-err_status_t
-x917_prng_get_octet_string(uint8_t *dest, uint32_t len);
-
-
-/*
- * ctr_prng is an AES-CTR based PRNG
- */
-
-typedef struct {
- uint32_t octet_count; /* number of octets output since last init */
- aes_icm_ctx_t state; /* state data */
- rand_source_func_t rand; /* random source for re-initialization */
-} ctr_prng_t;
-
-err_status_t
-ctr_prng_init(rand_source_func_t random_source);
-
-err_status_t
-ctr_prng_get_octet_string(void *dest, uint32_t len);
-
-
-#endif
diff --git a/crypto/include/rand_source.h b/crypto/include/rand_source.h
deleted file mode 100644
index b4c2110..0000000
--- a/crypto/include/rand_source.h
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * rand_source.h
- *
- * implements a random source based on /dev/random
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright(c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef RAND_SOURCE
-#define RAND_SOURCE
-
-#include "err.h"
-#include "datatypes.h"
-
-err_status_t
-rand_source_init(void);
-
-/*
- * rand_source_get_octet_string() writes a random octet string.
- *
- * The function call rand_source_get_octet_string(dest, len) writes
- * len octets of random data to the location to which dest points,
- * and returns an error code. This error code should be checked,
- * and if a failure is reported, the data in the buffer MUST NOT
- * be used.
- *
- * warning: If the return code is not checked, then non-random
- * data may inadvertently be used.
- *
- * returns:
- * - err_status_ok if no problems occured.
- * - [other] a problem occured, and no assumptions should
- * be made about the contents of the destination
- * buffer.
- */
-
-err_status_t
-rand_source_get_octet_string(void *dest, uint32_t length);
-
-err_status_t
-rand_source_deinit(void);
-
-/*
- * function prototype for a random source function
- *
- * A rand_source_func_t writes num_octets at the location indicated by
- * dest and returns err_status_ok. Any other return value indicates
- * failure.
- */
-
-typedef err_status_t (*rand_source_func_t)
- (void *dest, uint32_t num_octets);
-
-#endif /* RAND_SOURCE */
diff --git a/crypto/include/rdb.h b/crypto/include/rdb.h
deleted file mode 100644
index 5a26c5e..0000000
--- a/crypto/include/rdb.h
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
- * replay-database.h
- *
- * interface for a replay database for packet security
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-
-#ifndef REPLAY_DB_H
-#define REPLAY_DB_H
-
-#include "integers.h" /* for uint32_t */
-#include "datatypes.h" /* for v128_t */
-#include "err.h" /* for err_status_t */
-
-/*
- * if the ith least significant bit is one, then the packet index
- * window_end-i is in the database
- */
-
-typedef struct {
- uint32_t window_start; /* packet index of the first bit in bitmask */
- v128_t bitmask;
-} rdb_t;
-
-#define rdb_bits_in_bitmask (8*sizeof(v128_t))
-
-/*
- * rdb init
- *
- * initalizes rdb
- *
- * returns err_status_ok on success, err_status_t_fail otherwise
- */
-
-err_status_t
-rdb_init(rdb_t *rdb);
-
-
-/*
- * rdb_check
- *
- * checks to see if index appears in rdb
- *
- * returns err_status_fail if the index already appears in rdb,
- * returns err_status_ok otherwise
- */
-
-err_status_t
-rdb_check(const rdb_t *rdb, uint32_t index);
-
-/*
- * rdb_add_index
- *
- * adds index to rdb_t (and does *not* check if index appears in db)
- *
- * returns err_status_ok on success, err_status_fail otherwise
- *
- */
-
-err_status_t
-rdb_add_index(rdb_t *rdb, uint32_t index);
-
-/*
- * the functions rdb_increment() and rdb_get_value() are for use by
- * senders, not receivers - DO NOT use these functions on the same
- * rdb_t upon which rdb_add_index is used!
- */
-
-
-/*
- * rdb_increment(db) increments the sequence number in db, if it is
- * not too high
- *
- * return values:
- *
- * err_status_ok no problem
- * err_status_key_expired sequence number too high
- *
- */
-err_status_t
-rdb_increment(rdb_t *rdb);
-
-/*
- * rdb_get_value(db) returns the current sequence number of db
- */
-
-uint32_t
-rdb_get_value(const rdb_t *rdb);
-
-
-#endif /* REPLAY_DB_H */
diff --git a/crypto/include/rdbx.h b/crypto/include/rdbx.h
deleted file mode 100644
index 1e581d1..0000000
--- a/crypto/include/rdbx.h
+++ /dev/null
@@ -1,186 +0,0 @@
-/*
- * rdbx.h
- *
- * replay database with extended packet indices, using a rollover counter
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- *
- */
-
-#ifndef RDBX_H
-#define RDBX_H
-
-#include "datatypes.h"
-#include "err.h"
-
-/* #define ROC_TEST */
-
-#ifndef ROC_TEST
-
-typedef uint16_t sequence_number_t; /* 16 bit sequence number */
-typedef uint32_t rollover_counter_t; /* 32 bit rollover counter */
-
-#else /* use small seq_num and roc datatypes for testing purposes */
-
-typedef unsigned char sequence_number_t; /* 8 bit sequence number */
-typedef uint16_t rollover_counter_t; /* 16 bit rollover counter */
-
-#endif
-
-#define seq_num_median (1 << (8*sizeof(sequence_number_t) - 1))
-#define seq_num_max (1 << (8*sizeof(sequence_number_t)))
-
-/*
- * An xtd_seq_num_t is a 64-bit unsigned integer used as an 'extended'
- * sequence number.
- */
-
-typedef uint64_t xtd_seq_num_t;
-
-
-/*
- * An rdbx_t is a replay database with extended range; it uses an
- * xtd_seq_num_t and a bitmask of recently received indices.
- */
-
-typedef struct {
- xtd_seq_num_t index;
- bitvector_t bitmask;
-} rdbx_t;
-
-
-/*
- * rdbx_init(rdbx_ptr, ws)
- *
- * initializes the rdbx pointed to by its argument with the window size ws,
- * setting the rollover counter and sequence number to zero
- */
-
-err_status_t
-rdbx_init(rdbx_t *rdbx, unsigned long ws);
-
-
-/*
- * rdbx_uninit(rdbx_ptr)
- *
- * frees memory associated with the rdbx
- */
-
-err_status_t
-rdbx_uninit(rdbx_t *rdbx);
-
-
-/*
- * rdbx_estimate_index(rdbx, guess, s)
- *
- * given an rdbx and a sequence number s (from a newly arrived packet),
- * sets the contents of *guess to contain the best guess of the packet
- * index to which s corresponds, and returns the difference between
- * *guess and the locally stored synch info
- */
-
-int
-rdbx_estimate_index(const rdbx_t *rdbx,
- xtd_seq_num_t *guess,
- sequence_number_t s);
-
-/*
- * rdbx_check(rdbx, delta);
- *
- * rdbx_check(&r, delta) checks to see if the xtd_seq_num_t
- * which is at rdbx->window_start + delta is in the rdb
- *
- */
-
-err_status_t
-rdbx_check(const rdbx_t *rdbx, int difference);
-
-/*
- * replay_add_index(rdbx, delta)
- *
- * adds the xtd_seq_num_t at rdbx->window_start + delta to replay_db
- * (and does *not* check if that xtd_seq_num_t appears in db)
- *
- * this function should be called *only* after replay_check has
- * indicated that the index does not appear in the rdbx, and a mutex
- * should protect the rdbx between these calls if necessary.
- */
-
-err_status_t
-rdbx_add_index(rdbx_t *rdbx, int delta);
-
-
-/*
- * rdbx_set_roc(rdbx, roc) initalizes the rdbx_t at the location rdbx
- * to have the rollover counter value roc. If that value is less than
- * the current rollover counter value, then the function returns
- * err_status_replay_old; otherwise, err_status_ok is returned.
- *
- */
-
-err_status_t
-rdbx_set_roc(rdbx_t *rdbx, uint32_t roc);
-
-/*
- * rdbx_get_roc(rdbx) returns the value of the rollover counter for
- * the rdbx_t pointed to by rdbx
- *
- */
-
-xtd_seq_num_t
-rdbx_get_packet_index(const rdbx_t *rdbx);
-
-/*
- * xtd_seq_num_t functions - these are *internal* functions of rdbx, and
- * shouldn't be used to manipulate rdbx internal values. use the rdbx
- * api instead!
- */
-
-/*
- * rdbx_get_ws(rdbx_ptr)
- *
- * gets the window size which was used to initialize the rdbx
- */
-
-unsigned long
-rdbx_get_window_size(const rdbx_t *rdbx);
-
-
-/* index_init(&pi) initializes a packet index pi (sets it to zero) */
-
-void
-index_init(xtd_seq_num_t *pi);
-
-/* index_advance(&pi, s) advances a xtd_seq_num_t forward by s */
-
-void
-index_advance(xtd_seq_num_t *pi, sequence_number_t s);
-
-
-/*
- * index_guess(local, guess, s)
- *
- * given a xtd_seq_num_t local (which represents the highest
- * known-to-be-good index) and a sequence number s (from a newly
- * arrived packet), sets the contents of *guess to contain the best
- * guess of the packet index to which s corresponds, and returns the
- * difference between *guess and *local
- */
-
-int
-index_guess(const xtd_seq_num_t *local,
- xtd_seq_num_t *guess,
- sequence_number_t s);
-
-
-#endif /* RDBX_H */
-
-
-
-
-
-
-
-
-
diff --git a/crypto/include/sha1.h b/crypto/include/sha1.h
deleted file mode 100644
index e3af4d4..0000000
--- a/crypto/include/sha1.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- * sha1.h
- *
- * interface to the Secure Hash Algorithm v.1 (SHA-1), specified in
- * FIPS 180-1
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef SHA1_H
-#define SHA1_H
-
-#include "err.h"
-#include "datatypes.h"
-
-typedef struct {
- uint32_t H[5]; /* state vector */
- uint32_t M[16]; /* message buffer */
- int octets_in_buffer; /* octets of message in buffer */
- uint32_t num_bits_in_msg; /* total number of bits in message */
-} sha1_ctx_t;
-
-/*
- * sha1(&ctx, msg, len, output) hashes the len octets starting at msg
- * into the SHA1 context, then writes the result to the 20 octets at
- * output
- *
- */
-
-void
-sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]);
-
-/*
- * sha1_init(&ctx) initializes the SHA1 context ctx
- *
- * sha1_update(&ctx, msg, len) hashes the len octets starting at msg
- * into the SHA1 context
- *
- * sha1_final(&ctx, output) performs the final processing of the SHA1
- * context and writes the result to the 20 octets at output
- *
- */
-
-void
-sha1_init(sha1_ctx_t *ctx);
-
-void
-sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg);
-
-void
-sha1_final(sha1_ctx_t *ctx, uint32_t output[5]);
-
-/*
- * The sha1_core function is INTERNAL to SHA-1, but it is declared
- * here because it is also used by the cipher SEAL 3.0 in its key
- * setup algorithm.
- */
-
-/*
- * sha1_core(M, H) computes the core sha1 compression function, where M is
- * the next part of the message and H is the intermediate state {H0,
- * H1, ...}
- *
- * this function does not do any of the padding required in the
- * complete sha1 function
- */
-
-void
-sha1_core(const uint32_t M[16], uint32_t hash_value[5]);
-
-#endif /* SHA1_H */
diff --git a/crypto/include/stat.h b/crypto/include/stat.h
deleted file mode 100644
index e28b131..0000000
--- a/crypto/include/stat.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * stats.h
- *
- * interface to statistical test functions
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright(c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef STAT_H
-#define STAT_H
-
-#include "datatypes.h" /* for uint8_t */
-#include "err.h" /* for err_status_t */
-#include "rand_source.h" /* for rand_source_func_t definition */
-
-err_status_t
-stat_test_monobit(uint8_t *data);
-
-err_status_t
-stat_test_poker(uint8_t *data);
-
-err_status_t
-stat_test_runs(uint8_t *data);
-
-err_status_t
-stat_test_rand_source(rand_source_func_t rs);
-
-err_status_t
-stat_test_rand_source_with_repetition(rand_source_func_t source, unsigned num_trials);
-
-#endif /* STAT_H */
diff --git a/crypto/include/xfm.h b/crypto/include/xfm.h
deleted file mode 100644
index 5837149..0000000
--- a/crypto/include/xfm.h
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * xfm.h
- *
- * interface for abstract crypto transform
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-#ifndef XFM_H
-#define XFM_H
-
-#include "crypto_kernel.h"
-#include "err.h"
-
-/**
- * @defgroup Crypto Cryptography
- *
- * A simple interface to an abstract cryptographic transform that
- * provides both confidentiality and message authentication.
- *
- * @{
- */
-
-/**
- * @brief applies a crypto transform
- *
- * The function pointer xfm_func_t points to a function that
- * implements a crypto transform, and provides a uniform API for
- * accessing crypto mechanisms.
- *
- * @param key location of secret key
- *
- * @param clear data to be authenticated only
- *
- * @param clear_len length of data to be authenticated only
- *
- * @param iv location to write the Initialization Vector (IV)
- *
- * @param protect location of the data to be encrypted and
- * authenticated (before the function call), and the ciphertext
- * and authentication tag (after the call)
- *
- * @param protected_len location of the length of the data to be
- * encrypted and authenticated (before the function call), and the
- * length of the ciphertext (after the call)
- *
- * @param auth_tag location to write auth tag
- */
-
-typedef err_status_t (*xfm_func_t)
- (void *key,
- void *clear,
- unsigned clear_len,
- void *iv,
- void *protect,
- unsigned *protected_len,
- void *auth_tag
- );
-
-typedef
-err_status_t (*xfm_inv_t)
- (void *key, /* location of secret key */
- void *clear, /* data to be authenticated only */
- unsigned clear_len, /* length of data to be authenticated only */
- void *iv, /* location of iv */
- void *opaque, /* data to be decrypted and authenticated */
- unsigned *opaque_len, /* location of the length of data to be
- * decrypted and authd (before and after)
- */
- void *auth_tag /* location of auth tag */
- );
-
-typedef struct xfm_ctx_t {
- xfm_func_t func;
- xfm_inv_t inv;
- unsigned key_len;
- unsigned iv_len;
- unsigned auth_tag_len;
-} xfm_ctx_t;
-
-typedef xfm_ctx_t *xfm_t;
-
-#define xfm_get_key_len(xfm) ((xfm)->key_len)
-
-#define xfm_get_iv_len(xfm) ((xfm)->iv_len)
-
-#define xfm_get_auth_tag_len(xfm) ((xfm)->auth_tag_len)
-
-
-/* cryptoalgo - 5/28 */
-
-typedef err_status_t (*cryptoalg_func_t)
- (void *key,
- void *clear,
- unsigned clear_len,
- void *iv,
- void *opaque,
- unsigned *opaque_len
- );
-
-typedef
-err_status_t (*cryptoalg_inv_t)
- (void *key, /* location of secret key */
- void *clear, /* data to be authenticated only */
- unsigned clear_len, /* length of data to be authenticated only */
- void *iv, /* location of iv */
- void *opaque, /* data to be decrypted and authenticated */
- unsigned *opaque_len /* location of the length of data to be
- * decrypted and authd (before and after)
- */
- );
-
-typedef struct cryptoalg_ctx_t {
- cryptoalg_func_t enc;
- cryptoalg_inv_t dec;
- unsigned key_len;
- unsigned iv_len;
- unsigned auth_tag_len;
- unsigned max_expansion;
-} cryptoalg_ctx_t;
-
-typedef cryptoalg_ctx_t *cryptoalg_t;
-
-#define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len)
-
-#define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len)
-
-#define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len)
-
-
-
-/**
- * @}
- */
-
-#endif /* XFM_H */
-
-
diff --git a/crypto/kernel/alloc.c b/crypto/kernel/alloc.c
deleted file mode 100644
index 5dd0947..0000000
--- a/crypto/kernel/alloc.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/*
- * alloc.c
- *
- * memory allocation and deallocation
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "alloc.h"
-#include "crypto_kernel.h"
-
-/* the debug module for memory allocation */
-
-debug_module_t mod_alloc = {
- 0, /* debugging is off by default */
- "alloc" /* printable name for module */
-};
-
-/*
- * Nota bene: the debugging statements for crypto_alloc() and
- * crypto_free() have identical prefixes, which include the addresses
- * of the memory locations on which they are operating. This fact can
- * be used to locate memory leaks, by turning on memory debugging,
- * grepping for 'alloc', then matching alloc and free calls by
- * address.
- */
-
-#ifdef SRTP_KERNEL_LINUX
-
-#include <linux/interrupt.h>
-
-void *
-crypto_alloc(size_t size) {
- void *ptr;
-
- ptr = kmalloc(size, in_interrupt() ? GFP_ATOMIC : GFP_KERNEL);
-
- if (ptr) {
- debug_print(mod_alloc, "(location: %p) allocated", ptr);
- } else
- debug_print(mod_alloc, "allocation failed (asked for %d bytes)\n", size);
-
- return ptr;
-}
-
-void
-crypto_free(void *ptr) {
-
- debug_print(mod_alloc, "(location: %p) freed", ptr);
-
- kfree(ptr);
-}
-
-
-#elif defined(HAVE_STDLIB_H)
-
-void *
-crypto_alloc(size_t size) {
- void *ptr;
-
- ptr = malloc(size);
-
- if (ptr) {
- debug_print(mod_alloc, "(location: %p) allocated", ptr);
- } else
- debug_print(mod_alloc, "allocation failed (asked for %d bytes)\n", size);
-
- return ptr;
-}
-
-void
-crypto_free(void *ptr) {
-
- debug_print(mod_alloc, "(location: %p) freed", ptr);
-
- free(ptr);
-}
-
-#else /* we need to define our own memory allocation routines */
-
-#error no memory allocation defined yet
-
-#endif
diff --git a/crypto/kernel/crypto_kernel.c b/crypto/kernel/crypto_kernel.c
deleted file mode 100644
index 230dda6..0000000
--- a/crypto/kernel/crypto_kernel.c
+++ /dev/null
@@ -1,523 +0,0 @@
-/*
- * crypto_kernel.c
- *
- * header for the cryptographic kernel
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright(c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "alloc.h"
-
-#include "crypto_kernel.h"
-
-/* the debug module for the crypto_kernel */
-
-debug_module_t mod_crypto_kernel = {
- 0, /* debugging is off by default */
- "crypto kernel" /* printable name for module */
-};
-
-/*
- * other debug modules that can be included in the kernel
- */
-
-extern debug_module_t mod_auth;
-extern debug_module_t mod_cipher;
-extern debug_module_t mod_stat;
-extern debug_module_t mod_alloc;
-
-/*
- * cipher types that can be included in the kernel
- */
-
-extern cipher_type_t null_cipher;
-extern cipher_type_t aes_icm;
-extern cipher_type_t aes_cbc;
-
-
-/*
- * auth func types that can be included in the kernel
- */
-
-extern auth_type_t null_auth;
-extern auth_type_t hmac;
-
-/* crypto_kernel is a global variable, the only one of its datatype */
-
-crypto_kernel_t
-crypto_kernel = {
- crypto_kernel_state_insecure, /* start off in insecure state */
- NULL, /* no cipher types yet */
- NULL, /* no auth types yet */
- NULL /* no debug modules yet */
-};
-
-#define MAX_RNG_TRIALS 25
-
-err_status_t
-crypto_kernel_init() {
- err_status_t status;
-
- /* check the security state */
- if (crypto_kernel.state == crypto_kernel_state_secure) {
-
- /*
- * we're already in the secure state, but we've been asked to
- * re-initialize, so we just re-run the self-tests and then return
- */
- return crypto_kernel_status();
- }
-
- /* initialize error reporting system */
- status = err_reporting_init("crypto");
- if (status)
- return status;
-
- /* load debug modules */
- status = crypto_kernel_load_debug_module(&mod_crypto_kernel);
- if (status)
- return status;
- status = crypto_kernel_load_debug_module(&mod_auth);
- if (status)
- return status;
- status = crypto_kernel_load_debug_module(&mod_cipher);
- if (status)
- return status;
- status = crypto_kernel_load_debug_module(&mod_stat);
- if (status)
- return status;
- status = crypto_kernel_load_debug_module(&mod_alloc);
- if (status)
- return status;
-
- /* initialize random number generator */
- status = rand_source_init();
- if (status)
- return status;
-
- /* run FIPS-140 statistical tests on rand_source */
- status = stat_test_rand_source_with_repetition(rand_source_get_octet_string, MAX_RNG_TRIALS);
- if (status)
- return status;
-
- /* initialize pseudorandom number generator */
- status = ctr_prng_init(rand_source_get_octet_string);
- if (status)
- return status;
-
- /* run FIPS-140 statistical tests on ctr_prng */
- status = stat_test_rand_source_with_repetition(ctr_prng_get_octet_string, MAX_RNG_TRIALS);
- if (status)
- return status;
-
- /* load cipher types */
- status = crypto_kernel_load_cipher_type(&null_cipher, NULL_CIPHER);
- if (status)
- return status;
- status = crypto_kernel_load_cipher_type(&aes_icm, AES_128_ICM);
- if (status)
- return status;
- status = crypto_kernel_load_cipher_type(&aes_cbc, AES_128_CBC);
- if (status)
- return status;
-
- /* load auth func types */
- status = crypto_kernel_load_auth_type(&null_auth, NULL_AUTH);
- if (status)
- return status;
- status = crypto_kernel_load_auth_type(&hmac, HMAC_SHA1);
- if (status)
- return status;
-
- /* change state to secure */
- crypto_kernel.state = crypto_kernel_state_secure;
-
- return err_status_ok;
-}
-
-err_status_t
-crypto_kernel_status() {
- err_status_t status;
- kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list;
- kernel_auth_type_t *atype = crypto_kernel.auth_type_list;
- kernel_debug_module_t *dm = crypto_kernel.debug_module_list;
-
- /* run FIPS-140 statistical tests on rand_source */
- printf("testing rand_source...");
- status = stat_test_rand_source_with_repetition(rand_source_get_octet_string, MAX_RNG_TRIALS);
- if (status) {
- printf("failed\n");
- crypto_kernel.state = crypto_kernel_state_insecure;
- return status;
- }
- printf("passed\n");
-
- /* for each cipher type, describe and test */
- while(ctype != NULL) {
- printf("cipher: %s\n", ctype->cipher_type->description);
- printf(" instance count: %d\n", ctype->cipher_type->ref_count);
- printf(" self-test: ");
- status = cipher_type_self_test(ctype->cipher_type);
- if (status) {
- printf("failed with error code %d\n", status);
- exit(status);
- }
- printf("passed\n");
- ctype = ctype->next;
- }
-
- /* for each auth type, describe and test */
- while(atype != NULL) {
- printf("auth func: %s\n", atype->auth_type->description);
- printf(" instance count: %d\n", atype->auth_type->ref_count);
- printf(" self-test: ");
- status = auth_type_self_test(atype->auth_type);
- if (status) {
- printf("failed with error code %d\n", status);
- exit(status);
- }
- printf("passed\n");
- atype = atype->next;
- }
-
- /* describe each debug module */
- printf("debug modules loaded:\n");
- while (dm != NULL) {
- printf(" %s ", dm->mod->name);
- if (dm->mod->on)
- printf("(on)\n");
- else
- printf("(off)\n");
- dm = dm->next;
- }
-
- return err_status_ok;
-}
-
-err_status_t
-crypto_kernel_list_debug_modules() {
- kernel_debug_module_t *dm = crypto_kernel.debug_module_list;
-
- /* describe each debug module */
- printf("debug modules loaded:\n");
- while (dm != NULL) {
- printf(" %s ", dm->mod->name);
- if (dm->mod->on)
- printf("(on)\n");
- else
- printf("(off)\n");
- dm = dm->next;
- }
-
- return err_status_ok;
-}
-
-err_status_t
-crypto_kernel_shutdown() {
- err_status_t status;
-
- /*
- * free dynamic memory used in crypto_kernel at present
- */
-
- /* walk down cipher type list, freeing memory */
- while (crypto_kernel.cipher_type_list != NULL) {
- kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list;
- crypto_kernel.cipher_type_list = ctype->next;
- debug_print(mod_crypto_kernel,
- "freeing memory for cipher %s",
- ctype->cipher_type->description);
- crypto_free(ctype);
- }
-
- /* walk down authetication module list, freeing memory */
- while (crypto_kernel.auth_type_list != NULL) {
- kernel_auth_type_t *atype = crypto_kernel.auth_type_list;
- crypto_kernel.auth_type_list = atype->next;
- debug_print(mod_crypto_kernel,
- "freeing memory for authentication %s",
- atype->auth_type->description);
- crypto_free(atype);
- }
-
- /* walk down debug module list, freeing memory */
- while (crypto_kernel.debug_module_list != NULL) {
- kernel_debug_module_t *kdm = crypto_kernel.debug_module_list;
- crypto_kernel.debug_module_list = kdm->next;
- debug_print(mod_crypto_kernel,
- "freeing memory for debug module %s",
- kdm->mod->name);
- crypto_free(kdm);
- }
-
- /* de-initialize random number generator */ status = rand_source_deinit();
- if (status)
- return status;
-
- /* return to insecure state */
- crypto_kernel.state = crypto_kernel_state_insecure;
-
- return err_status_ok;
-}
-
-err_status_t
-crypto_kernel_load_cipher_type(cipher_type_t *new_ct, cipher_type_id_t id) {
- kernel_cipher_type_t *ctype, *new_ctype;
- err_status_t status;
-
- /* defensive coding */
- if (new_ct == NULL)
- return err_status_bad_param;
-
- /* check cipher type by running self-test */
- status = cipher_type_self_test(new_ct);
- if (status) {
- return status;
- }
-
- /* walk down list, checking if this type is in the list already */
- ctype = crypto_kernel.cipher_type_list;
- while (ctype != NULL) {
- if ((new_ct == ctype->cipher_type) || (id == ctype->id))
- return err_status_bad_param;
- ctype = ctype->next;
- }
-
- /* put new_ct at the head of the list */
- /* allocate memory */
- new_ctype = (kernel_cipher_type_t *) crypto_alloc(sizeof(kernel_cipher_type_t));
- if (new_ctype == NULL)
- return err_status_alloc_fail;
-
- /* set fields */
- new_ctype->cipher_type = new_ct;
- new_ctype->id = id;
- new_ctype->next = crypto_kernel.cipher_type_list;
-
- /* set head of list to new cipher type */
- crypto_kernel.cipher_type_list = new_ctype;
-
- /* load debug module, if there is one present */
- if (new_ct->debug != NULL)
- crypto_kernel_load_debug_module(new_ct->debug);
- /* we could check for errors here */
-
- return err_status_ok;
-}
-
-err_status_t
-crypto_kernel_load_auth_type(auth_type_t *new_at, auth_type_id_t id) {
- kernel_auth_type_t *atype, *new_atype;
- err_status_t status;
-
- /* defensive coding */
- if (new_at == NULL)
- return err_status_bad_param;
-
- /* check auth type by running self-test */
- status = auth_type_self_test(new_at);
- if (status) {
- return status;
- }
-
- /* walk down list, checking if this type is in the list already */
- atype = crypto_kernel.auth_type_list;
- while (atype != NULL) {
- if ((new_at == atype->auth_type) || (id == atype->id))
- return err_status_bad_param;
- atype = atype->next;
- }
-
- /* put new_at at the head of the list */
- /* allocate memory */
- new_atype = (kernel_auth_type_t *)crypto_alloc(sizeof(kernel_auth_type_t));
- if (new_atype == NULL)
- return err_status_alloc_fail;
-
- /* set fields */
- new_atype->auth_type = new_at;
- new_atype->id = id;
- new_atype->next = crypto_kernel.auth_type_list;
-
- /* set head of list to new auth type */
- crypto_kernel.auth_type_list = new_atype;
-
- /* load debug module, if there is one present */
- if (new_at->debug != NULL)
- crypto_kernel_load_debug_module(new_at->debug);
- /* we could check for errors here */
-
- return err_status_ok;
-
-}
-
-
-cipher_type_t *
-crypto_kernel_get_cipher_type(cipher_type_id_t id) {
- kernel_cipher_type_t *ctype;
-
- /* walk down list, looking for id */
- ctype = crypto_kernel.cipher_type_list;
- while (ctype != NULL) {
- if (id == ctype->id)
- return ctype->cipher_type;
- ctype = ctype->next;
- }
-
- /* haven't found the right one, indicate failure by returning NULL */
- return NULL;
-}
-
-
-err_status_t
-crypto_kernel_alloc_cipher(cipher_type_id_t id,
- cipher_pointer_t *cp,
- int key_len) {
- cipher_type_t *ct;
-
- /*
- * if the crypto_kernel is not yet initialized, we refuse to allocate
- * any ciphers - this is a bit extra-paranoid
- */
- if (crypto_kernel.state != crypto_kernel_state_secure)
- return err_status_init_fail;
-
- ct = crypto_kernel_get_cipher_type(id);
- if (!ct)
- return err_status_fail;
-
- return ((ct)->alloc(cp, key_len));
-}
-
-
-
-auth_type_t *
-crypto_kernel_get_auth_type(auth_type_id_t id) {
- kernel_auth_type_t *atype;
-
- /* walk down list, looking for id */
- atype = crypto_kernel.auth_type_list;
- while (atype != NULL) {
- if (id == atype->id)
- return atype->auth_type;
- atype = atype->next;
- }
-
- /* haven't found the right one, indicate failure by returning NULL */
- return NULL;
-}
-
-err_status_t
-crypto_kernel_alloc_auth(auth_type_id_t id,
- auth_pointer_t *ap,
- int key_len,
- int tag_len) {
- auth_type_t *at;
-
- /*
- * if the crypto_kernel is not yet initialized, we refuse to allocate
- * any auth functions - this is a bit extra-paranoid
- */
- if (crypto_kernel.state != crypto_kernel_state_secure)
- return err_status_init_fail;
-
- at = crypto_kernel_get_auth_type(id);
- if (!at)
- return err_status_fail;
-
- return ((at)->alloc(ap, key_len, tag_len));
-}
-
-err_status_t
-crypto_kernel_load_debug_module(debug_module_t *new_dm) {
- kernel_debug_module_t *kdm, *new;
-
- /* defensive coding */
- if (new_dm == NULL)
- return err_status_bad_param;
-
- /* walk down list, checking if this type is in the list already */
- kdm = crypto_kernel.debug_module_list;
- while (kdm != NULL) {
- if (strncmp(new_dm->name, kdm->mod->name, 64) == 0)
- return err_status_bad_param;
- kdm = kdm->next;
- }
-
- /* put new_dm at the head of the list */
- /* allocate memory */
- new = (kernel_debug_module_t *)crypto_alloc(sizeof(kernel_debug_module_t));
- if (new == NULL)
- return err_status_alloc_fail;
-
- /* set fields */
- new->mod = new_dm;
- new->next = crypto_kernel.debug_module_list;
-
- /* set head of list to new cipher type */
- crypto_kernel.debug_module_list = new;
-
- return err_status_ok;
-}
-
-err_status_t
-crypto_kernel_set_debug_module(char *name, int on) {
- kernel_debug_module_t *kdm;
-
- /* walk down list, checking if this type is in the list already */
- kdm = crypto_kernel.debug_module_list;
- while (kdm != NULL) {
- if (strncmp(name, kdm->mod->name, 64) == 0) {
- kdm->mod->on = on;
- return err_status_ok;
- }
- kdm = kdm->next;
- }
-
- return err_status_fail;
-}
-
-err_status_t
-crypto_get_random(unsigned char *buffer, unsigned int length) {
- if (crypto_kernel.state == crypto_kernel_state_secure)
- return ctr_prng_get_octet_string(buffer, length);
- else
- return err_status_fail;
-}
diff --git a/crypto/kernel/err.c b/crypto/kernel/err.c
deleted file mode 100644
index 4a3a858..0000000
--- a/crypto/kernel/err.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
- * err.c
- *
- * error status reporting functions
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright(c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "err.h"
-
-#ifdef ERR_REPORTING_SYSLOG
-# ifdef HAVE_SYSLOG_H
-# include <syslog.h>
-# endif
-#endif
-
-
-/* err_level reflects the level of errors that are reported */
-
-err_reporting_level_t err_level = err_level_none;
-
-#ifdef SRTP_KERNEL_LINUX
-err_status_t
-err_reporting_init(char *ident) {
-
- return err_status_ok;
-}
-
-#else /* SRTP_KERNEL_LINUX */
-
-/* err_file is the FILE to which errors are reported */
-
-static FILE *err_file = NULL;
-
-err_status_t
-err_reporting_init(char *ident) {
-#ifdef ERR_REPORTING_SYSLOG
- openlog(ident, LOG_PID, LOG_AUTHPRIV);
-#endif
-
- /*
- * Believe it or not, openlog doesn't return an error on failure.
- * But then, neither does the syslog() call...
- */
-
-#ifdef ERR_REPORTING_STDOUT
- err_file = stdout;
-#elif defined(USE_ERR_REPORTING_FILE)
- /* open file for error reporting */
- err_file = fopen(ERR_REPORTING_FILE, "w");
- if (err_file == NULL)
- return err_status_init_fail;
-#endif
-
- return err_status_ok;
-}
-
-void
-err_report(int priority, char *format, ...) {
- va_list args;
-
- if (priority <= err_level) {
-
- va_start(args, format);
- if (err_file != NULL) {
- vfprintf(err_file, format, args);
- /* fprintf(err_file, "\n"); */
- }
-#ifdef ERR_REPORTING_SYSLOG
- if (1) { /* FIXME: Make this a runtime option. */
- int syslogpri;
-
- switch (priority) {
- case err_level_emergency:
- syslogpri = LOG_EMERG;
- break;
- case err_level_alert:
- syslogpri = LOG_ALERT;
- break;
- case err_level_critical:
- syslogpri = LOG_CRIT;
- break;
- case err_level_error:
- syslogpri = LOG_ERR;
- break;
- case err_level_warning:
- syslogpri = LOG_WARNING;
- break;
- case err_level_notice:
- syslogpri = LOG_NOTICE;
- break;
- case err_level_info:
- syslogpri = LOG_INFO;
- break;
- case err_level_debug:
- case err_level_none:
- default:
- syslogpri = LOG_DEBUG;
- break;
- }
-
- vsyslog(syslogpri, format, args);
-#endif
- va_end(args);
- }
-}
-#endif /* SRTP_KERNEL_LINUX */
-
-void
-err_reporting_set_level(err_reporting_level_t lvl) {
- err_level = lvl;
-}
diff --git a/crypto/kernel/key.c b/crypto/kernel/key.c
deleted file mode 100644
index 9f63b22..0000000
--- a/crypto/kernel/key.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * key.c
- *
- * key usage limits enforcement
- *
- * David A. Mcgrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "key.h"
-
-#define soft_limit 0x10000
-
-err_status_t
-key_limit_set(key_limit_t key, const xtd_seq_num_t s) {
-#ifdef NO_64BIT_MATH
- if (high32(s) == 0 && low32(s) < soft_limit)
- return err_status_bad_param;
-#else
- if (s < soft_limit)
- return err_status_bad_param;
-#endif
- key->num_left = s;
- key->state = key_state_normal;
- return err_status_ok;
-}
-
-err_status_t
-key_limit_clone(key_limit_t original, key_limit_t *new_key) {
- if (original == NULL)
- return err_status_bad_param;
- *new_key = original;
- return err_status_ok;
-}
-
-err_status_t
-key_limit_check(const key_limit_t key) {
- if (key->state == key_state_expired)
- return err_status_key_expired;
- return err_status_ok;
-}
-
-key_event_t
-key_limit_update(key_limit_t key) {
-#ifdef NO_64BIT_MATH
- if (low32(key->num_left) == 0)
- {
- // carry
- key->num_left = make64(high32(key->num_left)-1,low32(key->num_left) - 1);
- }
- else
- {
- // no carry
- key->num_left = make64(high32(key->num_left),low32(key->num_left) - 1);
- }
- if (high32(key->num_left) != 0 || low32(key->num_left) >= soft_limit) {
- return key_event_normal; /* we're above the soft limit */
- }
-#else
- key->num_left--;
- if (key->num_left >= soft_limit) {
- return key_event_normal; /* we're above the soft limit */
- }
-#endif
- if (key->state == key_state_normal) {
- /* we just passed the soft limit, so change the state */
- key->state = key_state_past_soft_limit;
- }
-#ifdef NO_64BIT_MATH
- if (low32(key->num_left) == 0 && high32(key->num_left == 0))
-#else
- if (key->num_left < 1)
-#endif
- { /* we just hit the hard limit */
- key->state = key_state_expired;
- return key_event_hard_limit;
- }
- return key_event_soft_limit;
-}
-
diff --git a/crypto/math/datatypes.c b/crypto/math/datatypes.c
deleted file mode 100644
index 65446c3..0000000
--- a/crypto/math/datatypes.c
+++ /dev/null
@@ -1,718 +0,0 @@
-/*
- * datatypes.c
- *
- * data types for finite fields and functions for input, output, and
- * manipulation
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "datatypes.h"
-
-int
-octet_weight[256] = {
- 0, 1, 1, 2, 1, 2, 2, 3,
- 1, 2, 2, 3, 2, 3, 3, 4,
- 1, 2, 2, 3, 2, 3, 3, 4,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 1, 2, 2, 3, 2, 3, 3, 4,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 1, 2, 2, 3, 2, 3, 3, 4,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 4, 5, 5, 6, 5, 6, 6, 7,
- 1, 2, 2, 3, 2, 3, 3, 4,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 4, 5, 5, 6, 5, 6, 6, 7,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 4, 5, 5, 6, 5, 6, 6, 7,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 4, 5, 5, 6, 5, 6, 6, 7,
- 4, 5, 5, 6, 5, 6, 6, 7,
- 5, 6, 6, 7, 6, 7, 7, 8
-};
-
-int
-octet_get_weight(uint8_t octet) {
- extern int octet_weight[256];
-
- return octet_weight[octet];
-}
-
-/*
- * bit_string is a buffer that is used to hold output strings, e.g.
- * for printing.
- */
-
-/* the value MAX_PRINT_STRING_LEN is defined in datatypes.h */
-
-char bit_string[MAX_PRINT_STRING_LEN];
-
-uint8_t
-nibble_to_hex_char(uint8_t nibble) {
- char buf[16] = {'0', '1', '2', '3', '4', '5', '6', '7',
- '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
- return buf[nibble & 0xF];
-}
-
-char *
-octet_string_hex_string(const void *s, int length) {
- const uint8_t *str = (const uint8_t *)s;
- int i;
-
- /* double length, since one octet takes two hex characters */
- length *= 2;
-
- /* truncate string if it would be too long */
- if (length > MAX_PRINT_STRING_LEN)
- length = MAX_PRINT_STRING_LEN-1;
-
- for (i=0; i < length; i+=2) {
- bit_string[i] = nibble_to_hex_char(*str >> 4);
- bit_string[i+1] = nibble_to_hex_char(*str++ & 0xF);
- }
- bit_string[i] = 0; /* null terminate string */
- return bit_string;
-}
-
-inline int
-hex_char_to_nibble(uint8_t c) {
- switch(c) {
- case ('0'): return 0x0;
- case ('1'): return 0x1;
- case ('2'): return 0x2;
- case ('3'): return 0x3;
- case ('4'): return 0x4;
- case ('5'): return 0x5;
- case ('6'): return 0x6;
- case ('7'): return 0x7;
- case ('8'): return 0x8;
- case ('9'): return 0x9;
- case ('a'): return 0xa;
- case ('A'): return 0xa;
- case ('b'): return 0xb;
- case ('B'): return 0xb;
- case ('c'): return 0xc;
- case ('C'): return 0xc;
- case ('d'): return 0xd;
- case ('D'): return 0xd;
- case ('e'): return 0xe;
- case ('E'): return 0xe;
- case ('f'): return 0xf;
- case ('F'): return 0xf;
- default: return -1; /* this flags an error */
- }
- /* NOTREACHED */
- return -1; /* this keeps compilers from complaining */
-}
-
-int
-is_hex_string(char *s) {
- while(*s != 0)
- if (hex_char_to_nibble(*s++) == -1)
- return 0;
- return 1;
-}
-
-/*
- * hex_string_to_octet_string converts a hexadecimal string
- * of length 2 * len to a raw octet string of length len
- */
-
-int
-hex_string_to_octet_string(char *raw, char *hex, int len) {
- uint8_t x;
- int tmp;
- int hex_len;
-
- hex_len = 0;
- while (hex_len < len) {
- tmp = hex_char_to_nibble(hex[0]);
- if (tmp == -1)
- return hex_len;
- x = (tmp << 4);
- hex_len++;
- tmp = hex_char_to_nibble(hex[1]);
- if (tmp == -1)
- return hex_len;
- x |= (tmp & 0xff);
- hex_len++;
- *raw++ = x;
- hex += 2;
- }
- return hex_len;
-}
-
-char *
-v128_hex_string(v128_t *x) {
- int i, j;
-
- for (i=j=0; i < 16; i++) {
- bit_string[j++] = nibble_to_hex_char(x->v8[i] >> 4);
- bit_string[j++] = nibble_to_hex_char(x->v8[i] & 0xF);
- }
-
- bit_string[j] = 0; /* null terminate string */
- return bit_string;
-}
-
-char *
-v128_bit_string(v128_t *x) {
- int j, index;
- uint32_t mask;
-
- for (j=index=0; j < 4; j++) {
- for (mask=0x80000000; mask > 0; mask >>= 1) {
- if (x->v32[j] & mask)
- bit_string[index] = '1';
- else
- bit_string[index] = '0';
- ++index;
- }
- }
- bit_string[128] = 0; /* null terminate string */
-
- return bit_string;
-}
-
-void
-v128_copy_octet_string(v128_t *x, const uint8_t s[16]) {
-#ifdef ALIGNMENT_32BIT_REQUIRED
- if ((((uint32_t) &s[0]) & 0x3) != 0)
-#endif
- {
- x->v8[0] = s[0];
- x->v8[1] = s[1];
- x->v8[2] = s[2];
- x->v8[3] = s[3];
- x->v8[4] = s[4];
- x->v8[5] = s[5];
- x->v8[6] = s[6];
- x->v8[7] = s[7];
- x->v8[8] = s[8];
- x->v8[9] = s[9];
- x->v8[10] = s[10];
- x->v8[11] = s[11];
- x->v8[12] = s[12];
- x->v8[13] = s[13];
- x->v8[14] = s[14];
- x->v8[15] = s[15];
- }
-#ifdef ALIGNMENT_32BIT_REQUIRED
- else
- {
- v128_t *v = (v128_t *) &s[0];
-
- v128_copy(x,v);
- }
-#endif
-}
-
-#ifndef DATATYPES_USE_MACROS /* little functions are not macros */
-
-void
-v128_set_to_zero(v128_t *x) {
- _v128_set_to_zero(x);
-}
-
-void
-v128_copy(v128_t *x, const v128_t *y) {
- _v128_copy(x, y);
-}
-
-void
-v128_xor(v128_t *z, v128_t *x, v128_t *y) {
- _v128_xor(z, x, y);
-}
-
-void
-v128_and(v128_t *z, v128_t *x, v128_t *y) {
- _v128_and(z, x, y);
-}
-
-void
-v128_or(v128_t *z, v128_t *x, v128_t *y) {
- _v128_or(z, x, y);
-}
-
-void
-v128_complement(v128_t *x) {
- _v128_complement(x);
-}
-
-int
-v128_is_eq(const v128_t *x, const v128_t *y) {
- return _v128_is_eq(x, y);
-}
-
-int
-v128_xor_eq(v128_t *x, const v128_t *y) {
- return _v128_xor_eq(x, y);
-}
-
-int
-v128_get_bit(const v128_t *x, int i) {
- return _v128_get_bit(x, i);
-}
-
-void
-v128_set_bit(v128_t *x, int i) {
- _v128_set_bit(x, i);
-}
-
-void
-v128_clear_bit(v128_t *x, int i){
- _v128_clear_bit(x, i);
-}
-
-void
-v128_set_bit_to(v128_t *x, int i, int y){
- _v128_set_bit_to(x, i, y);
-}
-
-
-#endif /* DATATYPES_USE_MACROS */
-
-void
-v128_right_shift(v128_t *x, int index) {
- const int base_index = index >> 5;
- const int bit_index = index & 31;
- int i, from;
- uint32_t b;
-
- if (index > 127) {
- v128_set_to_zero(x);
- return;
- }
-
- if (bit_index == 0) {
-
- /* copy each word from left size to right side */
- x->v32[4-1] = x->v32[4-1-base_index];
- for (i=4-1; i > base_index; i--)
- x->v32[i-1] = x->v32[i-1-base_index];
-
- } else {
-
- /* set each word to the "or" of the two bit-shifted words */
- for (i = 4; i > base_index; i--) {
- from = i-1 - base_index;
- b = x->v32[from] << bit_index;
- if (from > 0)
- b |= x->v32[from-1] >> (32-bit_index);
- x->v32[i-1] = b;
- }
-
- }
-
- /* now wrap up the final portion */
- for (i=0; i < base_index; i++)
- x->v32[i] = 0;
-
-}
-
-void
-v128_left_shift(v128_t *x, int index) {
- int i;
- const int base_index = index >> 5;
- const int bit_index = index & 31;
-
- if (index > 127) {
- v128_set_to_zero(x);
- return;
- }
-
- if (bit_index == 0) {
- for (i=0; i < 4 - base_index; i++)
- x->v32[i] = x->v32[i+base_index];
- } else {
- for (i=0; i < 4 - base_index - 1; i++)
- x->v32[i] = (x->v32[i+base_index] >> bit_index) ^
- (x->v32[i+base_index+1] << (32 - bit_index));
- x->v32[4 - base_index-1] = x->v32[4-1] >> bit_index;
- }
-
- /* now wrap up the final portion */
- for (i = 4 - base_index; i < 4; i++)
- x->v32[i] = 0;
-
-}
-
-/* functions manipulating bitvector_t */
-
-#ifndef DATATYPES_USE_MACROS /* little functions are not macros */
-
-int
-bitvector_get_bit(const bitvector_t *v, int bit_index)
-{
- return _bitvector_get_bit(v, bit_index);
-}
-
-void
-bitvector_set_bit(bitvector_t *v, int bit_index)
-{
- _bitvector_set_bit(v, bit_index);
-}
-
-void
-bitvector_clear_bit(bitvector_t *v, int bit_index)
-{
- _bitvector_clear_bit(v, bit_index);
-}
-
-
-#endif /* DATATYPES_USE_MACROS */
-
-int
-bitvector_alloc(bitvector_t *v, unsigned long length) {
- unsigned long l;
-
- /* Round length up to a multiple of bits_per_word */
- length = (length + bits_per_word - 1) & ~(unsigned long)((bits_per_word - 1));
-
- l = length / bits_per_word * bytes_per_word;
-
- /* allocate memory, then set parameters */
- if (l == 0)
- v->word = NULL;
- else {
- v->word = (uint32_t*)crypto_alloc(l);
- if (v->word == NULL) {
- v->word = NULL;
- v->length = 0;
- return -1;
- }
- }
- v->length = length;
-
- /* initialize bitvector to zero */
- bitvector_set_to_zero(v);
-
- return 0;
-}
-
-
-void
-bitvector_dealloc(bitvector_t *v) {
- if (v->word != NULL)
- crypto_free(v->word);
- v->word = NULL;
- v->length = 0;
-}
-
-void
-bitvector_set_to_zero(bitvector_t *x)
-{
- /* C99 guarantees that memset(0) will set the value 0 for uint32_t */
- memset(x->word, 0, x->length >> 3);
-}
-
-char *
-bitvector_bit_string(bitvector_t *x, char* buf, int len) {
- int j, index;
- uint32_t mask;
-
- for (j=index=0; j < (int)(x->length>>5) && index < len-1; j++) {
- for (mask=0x80000000; mask > 0; mask >>= 1) {
- if (x->word[j] & mask)
- buf[index] = '1';
- else
- buf[index] = '0';
- ++index;
- if (index >= len-1)
- break;
- }
- }
- buf[index] = 0; /* null terminate string */
-
- return buf;
-}
-
-void
-bitvector_left_shift(bitvector_t *x, int index) {
- int i;
- const int base_index = index >> 5;
- const int bit_index = index & 31;
- const int word_length = x->length >> 5;
-
- if (index >= (int)x->length) {
- bitvector_set_to_zero(x);
- return;
- }
-
- if (bit_index == 0) {
- for (i=0; i < word_length - base_index; i++)
- x->word[i] = x->word[i+base_index];
- } else {
- for (i=0; i < word_length - base_index - 1; i++)
- x->word[i] = (x->word[i+base_index] >> bit_index) ^
- (x->word[i+base_index+1] << (32 - bit_index));
- x->word[word_length - base_index-1] = x->word[word_length-1] >> bit_index;
- }
-
- /* now wrap up the final portion */
- for (i = word_length - base_index; i < word_length; i++)
- x->word[i] = 0;
-
-}
-
-
-int
-octet_string_is_eq(uint8_t *a, uint8_t *b, int len) {
- uint8_t *end = b + len;
- while (b < end)
- if (*a++ != *b++)
- return 1;
- return 0;
-}
-
-void
-octet_string_set_to_zero(uint8_t *s, int len) {
- uint8_t *end = s + len;
-
- do {
- *s = 0;
- } while (++s < end);
-
-}
-
-
-/*
- * From RFC 1521: The Base64 Alphabet
- *
- * Value Encoding Value Encoding Value Encoding Value Encoding
- * 0 A 17 R 34 i 51 z
- * 1 B 18 S 35 j 52 0
- * 2 C 19 T 36 k 53 1
- * 3 D 20 U 37 l 54 2
- * 4 E 21 V 38 m 55 3
- * 5 F 22 W 39 n 56 4
- * 6 G 23 X 40 o 57 5
- * 7 H 24 Y 41 p 58 6
- * 8 I 25 Z 42 q 59 7
- * 9 J 26 a 43 r 60 8
- * 10 K 27 b 44 s 61 9
- * 11 L 28 c 45 t 62 +
- * 12 M 29 d 46 u 63 /
- * 13 N 30 e 47 v
- * 14 O 31 f 48 w (pad) =
- * 15 P 32 g 49 x
- * 16 Q 33 h 50 y
- */
-
-int
-base64_char_to_sextet(uint8_t c) {
- switch(c) {
- case 'A':
- return 0;
- case 'B':
- return 1;
- case 'C':
- return 2;
- case 'D':
- return 3;
- case 'E':
- return 4;
- case 'F':
- return 5;
- case 'G':
- return 6;
- case 'H':
- return 7;
- case 'I':
- return 8;
- case 'J':
- return 9;
- case 'K':
- return 10;
- case 'L':
- return 11;
- case 'M':
- return 12;
- case 'N':
- return 13;
- case 'O':
- return 14;
- case 'P':
- return 15;
- case 'Q':
- return 16;
- case 'R':
- return 17;
- case 'S':
- return 18;
- case 'T':
- return 19;
- case 'U':
- return 20;
- case 'V':
- return 21;
- case 'W':
- return 22;
- case 'X':
- return 23;
- case 'Y':
- return 24;
- case 'Z':
- return 25;
- case 'a':
- return 26;
- case 'b':
- return 27;
- case 'c':
- return 28;
- case 'd':
- return 29;
- case 'e':
- return 30;
- case 'f':
- return 31;
- case 'g':
- return 32;
- case 'h':
- return 33;
- case 'i':
- return 34;
- case 'j':
- return 35;
- case 'k':
- return 36;
- case 'l':
- return 37;
- case 'm':
- return 38;
- case 'n':
- return 39;
- case 'o':
- return 40;
- case 'p':
- return 41;
- case 'q':
- return 42;
- case 'r':
- return 43;
- case 's':
- return 44;
- case 't':
- return 45;
- case 'u':
- return 46;
- case 'v':
- return 47;
- case 'w':
- return 48;
- case 'x':
- return 49;
- case 'y':
- return 50;
- case 'z':
- return 51;
- case '0':
- return 52;
- case '1':
- return 53;
- case '2':
- return 54;
- case '3':
- return 55;
- case '4':
- return 56;
- case '5':
- return 57;
- case '6':
- return 58;
- case '7':
- return 59;
- case '8':
- return 60;
- case '9':
- return 61;
- case '+':
- return 62;
- case '/':
- return 63;
- case '=':
- return 64;
- default:
- break;
- }
- return -1;
-}
-
-/*
- * base64_string_to_octet_string converts a hexadecimal string
- * of length 2 * len to a raw octet string of length len
- */
-
-int
-base64_string_to_octet_string(char *raw, char *base64, int len) {
- uint8_t x;
- int tmp;
- int base64_len;
-
- base64_len = 0;
- while (base64_len < len) {
- tmp = base64_char_to_sextet(base64[0]);
- if (tmp == -1)
- return base64_len;
- x = (tmp << 6);
- base64_len++;
- tmp = base64_char_to_sextet(base64[1]);
- if (tmp == -1)
- return base64_len;
- x |= (tmp & 0xffff);
- base64_len++;
- *raw++ = x;
- base64 += 2;
- }
- return base64_len;
-}
diff --git a/crypto/math/gf2_8.c b/crypto/math/gf2_8.c
deleted file mode 100644
index 8a112ba..0000000
--- a/crypto/math/gf2_8.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * gf2_8.c
- *
- * GF(256) finite field implementation, with the representation used
- * in the AES cipher.
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "datatypes.h"
-#include "gf2_8.h"
-
-/* gf2_8_shift() moved to gf2_8.h as an inline function */
-
-inline gf2_8
-gf2_8_multiply(gf2_8 x, gf2_8 y) {
- gf2_8 z = 0;
-
- if (y & 1) z ^= x; x = gf2_8_shift(x);
- if (y & 2) z ^= x; x = gf2_8_shift(x);
- if (y & 4) z ^= x; x = gf2_8_shift(x);
- if (y & 8) z ^= x; x = gf2_8_shift(x);
- if (y & 16) z ^= x; x = gf2_8_shift(x);
- if (y & 32) z ^= x; x = gf2_8_shift(x);
- if (y & 64) z ^= x; x = gf2_8_shift(x);
- if (y & 128) z ^= x;
-
- return z;
-}
-
-
-/* this should use the euclidean algorithm */
-
-gf2_8
-gf2_8_compute_inverse(gf2_8 x) {
- unsigned int i;
-
- if (x == 0) return 0; /* zero is a special case */
- for (i=0; i < 256; i++)
- if (gf2_8_multiply((gf2_8) i, x) == 1)
- return (gf2_8) i;
-
- return 0;
-}
-
diff --git a/crypto/math/math.c b/crypto/math/math.c
deleted file mode 100644
index 31cc3d3..0000000
--- a/crypto/math/math.c
+++ /dev/null
@@ -1,802 +0,0 @@
-/*
- * math.c
- *
- * crypto math operations and data types
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "crypto_math.h"
-
-int
-octet_weight[256] = {
- 0, 1, 1, 2, 1, 2, 2, 3,
- 1, 2, 2, 3, 2, 3, 3, 4,
- 1, 2, 2, 3, 2, 3, 3, 4,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 1, 2, 2, 3, 2, 3, 3, 4,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 1, 2, 2, 3, 2, 3, 3, 4,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 4, 5, 5, 6, 5, 6, 6, 7,
- 1, 2, 2, 3, 2, 3, 3, 4,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 4, 5, 5, 6, 5, 6, 6, 7,
- 2, 3, 3, 4, 3, 4, 4, 5,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 4, 5, 5, 6, 5, 6, 6, 7,
- 3, 4, 4, 5, 4, 5, 5, 6,
- 4, 5, 5, 6, 5, 6, 6, 7,
- 4, 5, 5, 6, 5, 6, 6, 7,
- 5, 6, 6, 7, 6, 7, 7, 8
-};
-
-int
-low_bit[256] = {
- -1, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 4, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 5, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 4, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 6, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 4, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 5, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 4, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 7, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 4, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 5, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 4, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 6, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 4, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 5, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0,
- 4, 0, 1, 0, 2, 0, 1, 0,
- 3, 0, 1, 0, 2, 0, 1, 0
-};
-
-
-int
-high_bit[256] = {
- -1, 0, 1, 1, 2, 2, 2, 2,
- 3, 3, 3, 3, 3, 3, 3, 3,
- 4, 4, 4, 4, 4, 4, 4, 4,
- 4, 4, 4, 4, 4, 4, 4, 4,
- 5, 5, 5, 5, 5, 5, 5, 5,
- 5, 5, 5, 5, 5, 5, 5, 5,
- 5, 5, 5, 5, 5, 5, 5, 5,
- 5, 5, 5, 5, 5, 5, 5, 5,
- 6, 6, 6, 6, 6, 6, 6, 6,
- 6, 6, 6, 6, 6, 6, 6, 6,
- 6, 6, 6, 6, 6, 6, 6, 6,
- 6, 6, 6, 6, 6, 6, 6, 6,
- 6, 6, 6, 6, 6, 6, 6, 6,
- 6, 6, 6, 6, 6, 6, 6, 6,
- 6, 6, 6, 6, 6, 6, 6, 6,
- 6, 6, 6, 6, 6, 6, 6, 6,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7
-};
-
-int
-octet_get_weight(uint8_t octet) {
- extern int octet_weight[256];
-
- return octet_weight[octet];
-}
-
-unsigned char
-v32_weight(v32_t a) {
- unsigned int wt = 0;
-
- wt += octet_weight[a.v8[0]]; /* note: endian-ness makes no difference */
- wt += octet_weight[a.v8[1]];
- wt += octet_weight[a.v8[2]];
- wt += octet_weight[a.v8[3]];
-
- return wt;
-}
-
-inline unsigned char
-v32_distance(v32_t x, v32_t y) {
- x.value ^= y.value;
- return v32_weight(x);
-}
-
-unsigned int
-v32_dot_product(v32_t a, v32_t b) {
- a.value &= b.value;
- return v32_weight(a) & 1;
-}
-
-/*
- * _bit_string returns a NULL-terminated character string suitable for
- * printing
- */
-
-#define MAX_STRING_LENGTH 1024
-
-char bit_string[MAX_STRING_LENGTH];
-
-char *
-octet_bit_string(uint8_t x) {
- int mask, index;
-
- for (mask = 1, index = 0; mask < 256; mask <<= 1)
- if ((x & mask) == 0)
- bit_string[index++] = '0';
- else
- bit_string[index++] = '1';
-
- bit_string[index++] = 0; /* NULL terminate string */
-
- return bit_string;
-}
-
-char *
-v16_bit_string(v16_t x) {
- int i, mask, index;
-
- for (i = index = 0; i < 2; i++) {
- for (mask = 1; mask < 256; mask <<= 1)
- if ((x.v8[i] & mask) == 0)
- bit_string[index++] = '0';
- else
- bit_string[index++] = '1';
- }
- bit_string[index++] = 0; /* NULL terminate string */
- return bit_string;
-}
-
-char *
-v32_bit_string(v32_t x) {
- int i, mask, index;
-
- for (i = index = 0; i < 4; i++) {
- for (mask = 128; mask > 0; mask >>= 1)
- if ((x.v8[i] & mask) == 0)
- bit_string[index++] = '0';
- else
- bit_string[index++] = '1';
- }
- bit_string[index++] = 0; /* NULL terminate string */
- return bit_string;
-}
-
-char *
-v64_bit_string(const v64_t *x) {
- int i, mask, index;
-
- for (i = index = 0; i < 8; i++) {
- for (mask = 1; mask < 256; mask <<= 1)
- if ((x->v8[i] & mask) == 0)
- bit_string[index++] = '0';
- else
- bit_string[index++] = '1';
- }
- bit_string[index++] = 0; /* NULL terminate string */
- return bit_string;
-}
-
-char *
-v128_bit_string(v128_t *x) {
- int j, index;
- uint32_t mask;
-
- for (j=index=0; j < 4; j++) {
- for (mask=0x80000000; mask > 0; mask >>= 1) {
- if (x->v32[j] & mask)
- bit_string[index] = '1';
- else
- bit_string[index] = '0';
- ++index;
- }
- }
- bit_string[128] = 0; /* null terminate string */
-
- return bit_string;
-}
-
-uint8_t
-nibble_to_hex_char(uint8_t nibble) {
- char buf[16] = {'0', '1', '2', '3', '4', '5', '6', '7',
- '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
- return buf[nibble & 0xF];
-}
-
-char *
-octet_hex_string(uint8_t x) {
-
- bit_string[0] = nibble_to_hex_char(x >> 4);
- bit_string[1] = nibble_to_hex_char(x & 0xF);
-
- bit_string[2] = 0; /* null terminate string */
- return bit_string;
-}
-
-char *
-octet_string_hex_string(const void *str, int length) {
- const uint8_t *s = str;
- int i;
-
- /* double length, since one octet takes two hex characters */
- length *= 2;
-
- /* truncate string if it would be too long */
- if (length > MAX_STRING_LENGTH)
- length = MAX_STRING_LENGTH-1;
-
- for (i=0; i < length; i+=2) {
- bit_string[i] = nibble_to_hex_char(*s >> 4);
- bit_string[i+1] = nibble_to_hex_char(*s++ & 0xF);
- }
- bit_string[i] = 0; /* null terminate string */
- return bit_string;
-}
-
-char *
-v16_hex_string(v16_t x) {
- int i, j;
-
- for (i=j=0; i < 2; i++) {
- bit_string[j++] = nibble_to_hex_char(x.v8[i] >> 4);
- bit_string[j++] = nibble_to_hex_char(x.v8[i] & 0xF);
- }
-
- bit_string[j] = 0; /* null terminate string */
- return bit_string;
-}
-
-char *
-v32_hex_string(v32_t x) {
- int i, j;
-
- for (i=j=0; i < 4; i++) {
- bit_string[j++] = nibble_to_hex_char(x.v8[i] >> 4);
- bit_string[j++] = nibble_to_hex_char(x.v8[i] & 0xF);
- }
-
- bit_string[j] = 0; /* null terminate string */
- return bit_string;
-}
-
-char *
-v64_hex_string(const v64_t *x) {
- int i, j;
-
- for (i=j=0; i < 8; i++) {
- bit_string[j++] = nibble_to_hex_char(x->v8[i] >> 4);
- bit_string[j++] = nibble_to_hex_char(x->v8[i] & 0xF);
- }
-
- bit_string[j] = 0; /* null terminate string */
- return bit_string;
-}
-
-char *
-v128_hex_string(v128_t *x) {
- int i, j;
-
- for (i=j=0; i < 16; i++) {
- bit_string[j++] = nibble_to_hex_char(x->v8[i] >> 4);
- bit_string[j++] = nibble_to_hex_char(x->v8[i] & 0xF);
- }
-
- bit_string[j] = 0; /* null terminate string */
- return bit_string;
-}
-
-char *
-char_to_hex_string(char *x, int num_char) {
- int i, j;
-
- if (num_char >= 16)
- num_char = 16;
- for (i=j=0; i < num_char; i++) {
- bit_string[j++] = nibble_to_hex_char(x[i] >> 4);
- bit_string[j++] = nibble_to_hex_char(x[i] & 0xF);
- }
-
- bit_string[j] = 0; /* null terminate string */
- return bit_string;
-}
-
-int
-hex_char_to_nibble(uint8_t c) {
- switch(c) {
- case ('0'): return 0x0;
- case ('1'): return 0x1;
- case ('2'): return 0x2;
- case ('3'): return 0x3;
- case ('4'): return 0x4;
- case ('5'): return 0x5;
- case ('6'): return 0x6;
- case ('7'): return 0x7;
- case ('8'): return 0x8;
- case ('9'): return 0x9;
- case ('a'): return 0xa;
- case ('A'): return 0xa;
- case ('b'): return 0xb;
- case ('B'): return 0xb;
- case ('c'): return 0xc;
- case ('C'): return 0xc;
- case ('d'): return 0xd;
- case ('D'): return 0xd;
- case ('e'): return 0xe;
- case ('E'): return 0xe;
- case ('f'): return 0xf;
- case ('F'): return 0xf;
- default: return -1; /* this flags an error */
- }
- /* NOTREACHED */
- return -1; /* this keeps compilers from complaining */
-}
-
-int
-is_hex_string(char *s) {
- while(*s != 0)
- if (hex_char_to_nibble(*s++) == -1)
- return 0;
- return 1;
-}
-
-uint8_t
-hex_string_to_octet(char *s) {
- uint8_t x;
-
- x = (hex_char_to_nibble(s[0]) << 4)
- | hex_char_to_nibble(s[1] & 0xFF);
-
- return x;
-}
-
-/*
- * hex_string_to_octet_string converts a hexadecimal string
- * of length 2 * len to a raw octet string of length len
- */
-
-int
-hex_string_to_octet_string(char *raw, char *hex, int len) {
- uint8_t x;
- int tmp;
- int hex_len;
-
- hex_len = 0;
- while (hex_len < len) {
- tmp = hex_char_to_nibble(hex[0]);
- if (tmp == -1)
- return hex_len;
- x = (tmp << 4);
- hex_len++;
- tmp = hex_char_to_nibble(hex[1]);
- if (tmp == -1)
- return hex_len;
- x |= (tmp & 0xff);
- hex_len++;
- *raw++ = x;
- hex += 2;
- }
- return hex_len;
-}
-
-v16_t
-hex_string_to_v16(char *s) {
- v16_t x;
- int i, j;
-
- for (i=j=0; i < 4; i += 2, j++) {
- x.v8[j] = (hex_char_to_nibble(s[i]) << 4)
- | hex_char_to_nibble(s[i+1] & 0xFF);
- }
- return x;
-}
-
-v32_t
-hex_string_to_v32(char *s) {
- v32_t x;
- int i, j;
-
- for (i=j=0; i < 8; i += 2, j++) {
- x.v8[j] = (hex_char_to_nibble(s[i]) << 4)
- | hex_char_to_nibble(s[i+1] & 0xFF);
- }
- return x;
-}
-
-v64_t
-hex_string_to_v64(char *s) {
- v64_t x;
- int i, j;
-
- for (i=j=0; i < 16; i += 2, j++) {
- x.v8[j] = (hex_char_to_nibble(s[i]) << 4)
- | hex_char_to_nibble(s[i+1] & 0xFF);
- }
- return x;
-}
-
-v128_t
-hex_string_to_v128(char *s) {
- v128_t x;
- int i, j;
-
- for (i=j=0; i < 32; i += 2, j++) {
- x.v8[j] = (hex_char_to_nibble(s[i]) << 4)
- | hex_char_to_nibble(s[i+1] & 0xFF);
- }
- return x;
-}
-
-
-
-/*
- * the matrix A[] is stored in column format, i.e., A[i] is the ith
- * column of the matrix
- */
-
-uint8_t
-A_times_x_plus_b(uint8_t A[8], uint8_t x, uint8_t b) {
- int index = 0;
- unsigned mask;
-
- for (mask=1; mask < 256; mask *= 2) {
- if (x & mask)
- b^= A[index];
- ++index;
- }
-
- return b;
-}
-
-inline void
-v16_copy_octet_string(v16_t *x, const uint8_t s[2]) {
- x->v8[0] = s[0];
- x->v8[1] = s[1];
-}
-
-inline void
-v32_copy_octet_string(v32_t *x, const uint8_t s[4]) {
- x->v8[0] = s[0];
- x->v8[1] = s[1];
- x->v8[2] = s[2];
- x->v8[3] = s[3];
-}
-
-inline void
-v64_copy_octet_string(v64_t *x, const uint8_t s[8]) {
- x->v8[0] = s[0];
- x->v8[1] = s[1];
- x->v8[2] = s[2];
- x->v8[3] = s[3];
- x->v8[4] = s[4];
- x->v8[5] = s[5];
- x->v8[6] = s[6];
- x->v8[7] = s[7];
-}
-
-void
-v128_copy_octet_string(v128_t *x, const uint8_t s[16]) {
- x->v8[0] = s[0];
- x->v8[1] = s[1];
- x->v8[2] = s[2];
- x->v8[3] = s[3];
- x->v8[4] = s[4];
- x->v8[5] = s[5];
- x->v8[6] = s[6];
- x->v8[7] = s[7];
- x->v8[8] = s[8];
- x->v8[9] = s[9];
- x->v8[10] = s[10];
- x->v8[11] = s[11];
- x->v8[12] = s[12];
- x->v8[13] = s[13];
- x->v8[14] = s[14];
- x->v8[15] = s[15];
-
-}
-
-#ifndef DATATYPES_USE_MACROS /* little functions are not macros */
-
-void
-v128_set_to_zero(v128_t *x) {
- _v128_set_to_zero(x);
-}
-
-void
-v128_copy(v128_t *x, const v128_t *y) {
- _v128_copy(x, y);
-}
-
-void
-v128_xor(v128_t *z, v128_t *x, v128_t *y) {
- _v128_xor(z, x, y);
-}
-
-void
-v128_and(v128_t *z, v128_t *x, v128_t *y) {
- _v128_and(z, x, y);
-}
-
-void
-v128_or(v128_t *z, v128_t *x, v128_t *y) {
- _v128_or(z, x, y);
-}
-
-void
-v128_complement(v128_t *x) {
- _v128_complement(x);
-}
-
-int
-v128_is_eq(const v128_t *x, const v128_t *y) {
- return _v128_is_eq(x, y);
-}
-
-int
-v128_get_bit(const v128_t *x, int i) {
- return _v128_get_bit(x, i);
-}
-
-void
-v128_set_bit(v128_t *x, int i) {
- _v128_set_bit(x, i);
-}
-
-void
-v128_clear_bit(v128_t *x, int i){
- _v128_clear_bit(x, i);
-}
-
-void
-v128_set_bit_to(v128_t *x, int i, int y){
- _v128_set_bit_to(x, i, y);
-}
-
-
-#endif /* DATATYPES_USE_MACROS */
-
-
-inline void
-v128_left_shift2(v128_t *x, int num_bits) {
- int i;
- int word_shift = num_bits >> 5;
- int bit_shift = num_bits & 31;
-
- for (i=0; i < (4-word_shift); i++) {
- x->v32[i] = x->v32[i+word_shift] << bit_shift;
- }
-
- for ( ; i < word_shift; i++) {
- x->v32[i] = 0;
- }
-
-}
-
-void
-v128_right_shift(v128_t *x, int index) {
- const int base_index = index >> 5;
- const int bit_index = index & 31;
- int i, from;
- uint32_t b;
-
- if (index > 127) {
- v128_set_to_zero(x);
- return;
- }
-
- if (bit_index == 0) {
-
- /* copy each word from left size to right side */
- x->v32[4-1] = x->v32[4-1-base_index];
- for (i=4-1; i > base_index; i--)
- x->v32[i-1] = x->v32[i-1-base_index];
-
- } else {
-
- /* set each word to the "or" of the two bit-shifted words */
- for (i = 4; i > base_index; i--) {
- from = i-1 - base_index;
- b = x->v32[from] << bit_index;
- if (from > 0)
- b |= x->v32[from-1] >> (32-bit_index);
- x->v32[i-1] = b;
- }
-
- }
-
- /* now wrap up the final portion */
- for (i=0; i < base_index; i++)
- x->v32[i] = 0;
-
-}
-
-void
-v128_left_shift(v128_t *x, int index) {
- int i;
- const int base_index = index >> 5;
- const int bit_index = index & 31;
-
- if (index > 127) {
- v128_set_to_zero(x);
- return;
- }
-
- if (bit_index == 0) {
- for (i=0; i < 4 - base_index; i++)
- x->v32[i] = x->v32[i+base_index];
- } else {
- for (i=0; i < 4 - base_index - 1; i++)
- x->v32[i] = (x->v32[i+base_index] << bit_index) ^
- (x->v32[i+base_index+1] >> (32 - bit_index));
- x->v32[4 - base_index-1] = x->v32[4-1] << bit_index;
- }
-
- /* now wrap up the final portion */
- for (i = 4 - base_index; i < 4; i++)
- x->v32[i] = 0;
-
-}
-
-
-#if 0
-void
-v128_add(v128_t *z, v128_t *x, v128_t *y) {
- /* integer addition modulo 2^128 */
-
-#ifdef WORDS_BIGENDIAN
- uint64_t tmp;
-
- tmp = x->v32[3] + y->v32[3];
- z->v32[3] = (uint32_t) tmp;
-
- tmp = x->v32[2] + y->v32[2] + (tmp >> 32);
- z->v32[2] = (uint32_t) tmp;
-
- tmp = x->v32[1] + y->v32[1] + (tmp >> 32);
- z->v32[1] = (uint32_t) tmp;
-
- tmp = x->v32[0] + y->v32[0] + (tmp >> 32);
- z->v32[0] = (uint32_t) tmp;
-
-#else /* assume little endian architecture */
- uint64_t tmp;
-
- tmp = htonl(x->v32[3]) + htonl(y->v32[3]);
- z->v32[3] = ntohl((uint32_t) tmp);
-
- tmp = htonl(x->v32[2]) + htonl(y->v32[2]) + htonl(tmp >> 32);
- z->v32[2] = ntohl((uint32_t) tmp);
-
- tmp = htonl(x->v32[1]) + htonl(y->v32[1]) + htonl(tmp >> 32);
- z->v32[1] = ntohl((uint32_t) tmp);
-
- tmp = htonl(x->v32[0]) + htonl(y->v32[0]) + htonl(tmp >> 32);
- z->v32[0] = ntohl((uint32_t) tmp);
-
-#endif /* WORDS_BIGENDIAN */
-
-}
-#endif
-
-int
-octet_string_is_eq(uint8_t *a, uint8_t *b, int len) {
- uint8_t *end = b + len;
- while (b < end)
- if (*a++ != *b++)
- return 1;
- return 0;
-}
-
-void
-octet_string_set_to_zero(uint8_t *s, int len) {
- uint8_t *end = s + len;
-
- do {
- *s = 0;
- } while (++s < end);
-
-}
-
-
-/* functions below not yet tested! */
-
-int
-v32_low_bit(v32_t *w) {
- int value;
-
- value = low_bit[w->v8[0]];
- if (value != -1)
- return value;
- value = low_bit[w->v8[1]];
- if (value != -1)
- return value + 8;
- value = low_bit[w->v8[2]];
- if (value != -1)
- return value + 16;
- value = low_bit[w->v8[3]];
- if (value == -1)
- return -1;
- return value + 24;
-}
-
-/* high_bit not done yet */
-
-
-
-
-
diff --git a/crypto/math/stat.c b/crypto/math/stat.c
deleted file mode 100644
index 5e46c20..0000000
--- a/crypto/math/stat.c
+++ /dev/null
@@ -1,367 +0,0 @@
-/*
- * stats.c
- *
- * statistical tests for randomness (FIPS 140-2, Section 4.9)
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-#include "stat.h"
-
-debug_module_t mod_stat = {
- 0, /* debugging is off by default */
- (char *)"stat test" /* printable module name */
-};
-
-/*
- * each test assumes that 20,000 bits (2500 octets) of data is
- * provided as input
- */
-
-#define STAT_TEST_DATA_LEN 2500
-
-err_status_t
-stat_test_monobit(uint8_t *data) {
- uint8_t *data_end = data + STAT_TEST_DATA_LEN;
- uint16_t ones_count;
-
- ones_count = 0;
- while (data < data_end) {
- ones_count += octet_get_weight(*data);
- data++;
- }
-
- debug_print(mod_stat, "bit count: %d", ones_count);
-
- if ((ones_count < 9725) || (ones_count > 10275))
- return err_status_algo_fail;
-
- return err_status_ok;
-}
-
-err_status_t
-stat_test_poker(uint8_t *data) {
- int i;
- uint8_t *data_end = data + STAT_TEST_DATA_LEN;
- double poker;
- uint16_t f[16] = {
- 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0
- };
-
- while (data < data_end) {
- f[*data & 0x0f]++; /* increment freq. count for low nibble */
- f[(*data) >> 4]++; /* increment freq. count for high nibble */
- data++;
- }
-
- poker = 0.0;
- for (i=0; i < 16; i++)
- poker += (double) f[i] * f[i];
-
- poker *= (16.0 / 5000.0);
- poker -= 5000.0;
-
- debug_print(mod_stat, "poker test: %f\n", poker);
-
- if ((poker < 2.16) || (poker > 46.17))
- return err_status_algo_fail;
-
- return err_status_ok;
-}
-
-
-/*
- * runs[i] holds the number of runs of size (i-1)
- */
-
-err_status_t
-stat_test_runs(uint8_t *data) {
- uint8_t *data_end = data + STAT_TEST_DATA_LEN;
- uint16_t runs[6] = { 0, 0, 0, 0, 0, 0 };
- uint16_t gaps[6] = { 0, 0, 0, 0, 0, 0 };
- uint16_t lo_value[6] = { 2315, 1114, 527, 240, 103, 103 };
- uint16_t hi_value[6] = { 2685, 1386, 723, 384, 209, 209 };
- int state = 0;
- uint16_t mask;
- int i;
-
- /*
- * the state variable holds the number of bits in the
- * current run (or gap, if negative)
- */
-
- while (data < data_end) {
-
- /* loop over the bits of this byte */
- for (mask = 1; mask < 256; mask <<= 1) {
- if (*data & mask) {
-
- /* next bit is a one */
- if (state > 0) {
-
- /* prefix is a run, so increment the run-count */
- state++;
-
- /* check for long runs */
- if (state > 25) {
- debug_print(mod_stat, ">25 runs: %d", state);
- return err_status_algo_fail;
- }
-
- } else if (state < 0) {
-
- /* prefix is a gap */
- if (state < -25) {
- debug_print(mod_stat, ">25 gaps: %d", state);
- return err_status_algo_fail; /* long-runs test failed */
- }
- if (state < -6) {
- state = -6; /* group together gaps > 5 */
- }
- gaps[-1-state]++; /* increment gap count */
- state = 1; /* set state at one set bit */
- } else {
-
- /* state is zero; this happens only at initialization */
- state = 1;
- }
- } else {
-
- /* next bit is a zero */
- if (state > 0) {
-
- /* prefix is a run */
- if (state > 25) {
- debug_print(mod_stat, ">25 runs (2): %d", state);
- return err_status_algo_fail; /* long-runs test failed */
- }
- if (state > 6) {
- state = 6; /* group together runs > 5 */
- }
- runs[state-1]++; /* increment run count */
- state = -1; /* set state at one zero bit */
- } else if (state < 0) {
-
- /* prefix is a gap, so increment gap-count (decrement state) */
- state--;
-
- /* check for long gaps */
- if (state < -25) {
- debug_print(mod_stat, ">25 gaps (2): %d", state);
- return err_status_algo_fail;
- }
-
- } else {
-
- /* state is zero; this happens only at initialization */
- state = -1;
- }
- }
- }
-
- /* move along to next octet */
- data++;
- }
-
- if (mod_stat.on) {
- debug_print(mod_stat, "runs test", NULL);
- for (i=0; i < 6; i++)
- debug_print(mod_stat, " runs[]: %d", runs[i]);
- for (i=0; i < 6; i++)
- debug_print(mod_stat, " gaps[]: %d", gaps[i]);
- }
-
- /* check run and gap counts against the fixed limits */
- for (i=0; i < 6; i++)
- if ( (runs[i] < lo_value[i] ) || (runs[i] > hi_value[i])
- || (gaps[i] < lo_value[i] ) || (gaps[i] > hi_value[i]))
- return err_status_algo_fail;
-
-
- return err_status_ok;
-}
-
-
-/*
- * the function stat_test_rand_source applys the FIPS-140-2 statistical
- * tests to the random source defined by rs
- *
- */
-
-#define RAND_SRC_BUF_OCTETS 50 /* this value MUST divide 2500! */
-
-err_status_t
-stat_test_rand_source(rand_source_func_t get_rand_bytes) {
- int i;
- double poker;
- uint8_t *data, *data_end;
- uint16_t f[16] = {
- 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0
- };
- uint8_t buffer[RAND_SRC_BUF_OCTETS];
- err_status_t status;
- int ones_count = 0;
- uint16_t runs[6] = { 0, 0, 0, 0, 0, 0 };
- uint16_t gaps[6] = { 0, 0, 0, 0, 0, 0 };
- uint16_t lo_value[6] = { 2315, 1114, 527, 240, 103, 103 };
- uint16_t hi_value[6] = { 2685, 1386, 723, 384, 209, 209 };
- int state = 0;
- uint16_t mask;
-
- /* counters for monobit, poker, and runs tests are initialized above */
-
- /* main loop: fill buffer, update counters for stat tests */
- for (i=0; i < 2500; i+=RAND_SRC_BUF_OCTETS) {
-
- /* fill data buffer */
- status = get_rand_bytes(buffer, RAND_SRC_BUF_OCTETS);
- if (status) {
- debug_print(mod_stat, "couldn't get rand bytes: %d",status);
- return status;
- }
-
-#if 0
- debug_print(mod_stat, "%s",
- octet_string_hex_string(buffer, RAND_SRC_BUF_OCTETS));
-#endif
-
- data = buffer;
- data_end = data + RAND_SRC_BUF_OCTETS;
- while (data < data_end) {
-
- /* update monobit test counter */
- ones_count += octet_get_weight(*data);
-
- /* update poker test counters */
- f[*data & 0x0f]++; /* increment freq. count for low nibble */
- f[(*data) >> 4]++; /* increment freq. count for high nibble */
-
- /* update runs test counters */
- /* loop over the bits of this byte */
- for (mask = 1; mask < 256; mask <<= 1) {
- if (*data & mask) {
-
- /* next bit is a one */
- if (state > 0) {
-
- /* prefix is a run, so increment the run-count */
- state++;
-
- /* check for long runs */
- if (state > 25) {
- debug_print(mod_stat, ">25 runs (3): %d", state);
- return err_status_algo_fail;
- }
-
- } else if (state < 0) {
-
- /* prefix is a gap */
- if (state < -25) {
- debug_print(mod_stat, ">25 gaps (3): %d", state);
- return err_status_algo_fail; /* long-runs test failed */
- }
- if (state < -6) {
- state = -6; /* group together gaps > 5 */
- }
- gaps[-1-state]++; /* increment gap count */
- state = 1; /* set state at one set bit */
- } else {
-
- /* state is zero; this happens only at initialization */
- state = 1;
- }
- } else {
-
- /* next bit is a zero */
- if (state > 0) {
-
- /* prefix is a run */
- if (state > 25) {
- debug_print(mod_stat, ">25 runs (4): %d", state);
- return err_status_algo_fail; /* long-runs test failed */
- }
- if (state > 6) {
- state = 6; /* group together runs > 5 */
- }
- runs[state-1]++; /* increment run count */
- state = -1; /* set state at one zero bit */
- } else if (state < 0) {
-
- /* prefix is a gap, so increment gap-count (decrement state) */
- state--;
-
- /* check for long gaps */
- if (state < -25) {
- debug_print(mod_stat, ">25 gaps (4): %d", state);
- return err_status_algo_fail;
- }
-
- } else {
-
- /* state is zero; this happens only at initialization */
- state = -1;
- }
- }
- }
-
- /* advance data pointer */
- data++;
- }
- }
-
- /* check to see if test data is within bounds */
-
- /* check monobit test data */
-
- debug_print(mod_stat, "stat: bit count: %d", ones_count);
-
- if ((ones_count < 9725) || (ones_count > 10275)) {
- debug_print(mod_stat, "stat: failed monobit test %d", ones_count);
- return err_status_algo_fail;
- }
-
- /* check poker test data */
- poker = 0.0;
- for (i=0; i < 16; i++)
- poker += (double) f[i] * f[i];
-
- poker *= (16.0 / 5000.0);
- poker -= 5000.0;
-
- debug_print(mod_stat, "stat: poker test: %f", poker);
-
- if ((poker < 2.16) || (poker > 46.17)) {
- debug_print(mod_stat, "stat: failed poker test", NULL);
- return err_status_algo_fail;
- }
-
- /* check run and gap counts against the fixed limits */
- for (i=0; i < 6; i++)
- if ((runs[i] < lo_value[i] ) || (runs[i] > hi_value[i])
- || (gaps[i] < lo_value[i] ) || (gaps[i] > hi_value[i])) {
- debug_print(mod_stat, "stat: failed run/gap test", NULL);
- return err_status_algo_fail;
- }
-
- debug_print(mod_stat, "passed random stat test", NULL);
- return err_status_ok;
-}
-
-err_status_t
-stat_test_rand_source_with_repetition(rand_source_func_t source, unsigned num_trials) {
- unsigned int i;
- err_status_t err = err_status_algo_fail;
-
- for (i=0; i < num_trials; i++) {
- err = stat_test_rand_source(source);
- if (err == err_status_ok) {
- return err_status_ok;
- }
- debug_print(mod_stat, "failed stat test (try number %d)\n", i);
- }
-
- return err;
-}
diff --git a/crypto/replay/rdb.c b/crypto/replay/rdb.c
deleted file mode 100644
index 215f2ab..0000000
--- a/crypto/replay/rdb.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
- * rdb.c
- *
- * Implements a replay database for packet security
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "rdb.h"
-
-
-/*
- * this implementation of a replay database works as follows:
- *
- * window_start is the index of the first packet in the window
- * bitmask a bit-buffer, containing the most recently entered
- * index as the leftmost bit
- *
- */
-
-/* rdb_init initalizes rdb */
-
-err_status_t
-rdb_init(rdb_t *rdb) {
- v128_set_to_zero(&rdb->bitmask);
- rdb->window_start = 0;
- return err_status_ok;
-}
-
-/*
- * rdb_check checks to see if index appears in rdb
- */
-
-err_status_t
-rdb_check(const rdb_t *rdb, uint32_t index) {
-
- /* if the index appears after (or at very end of) the window, its good */
- if (index >= rdb->window_start + rdb_bits_in_bitmask)
- return err_status_ok;
-
- /* if the index appears before the window, its bad */
- if (index < rdb->window_start)
- return err_status_replay_old;
-
- /* otherwise, the index appears within the window, so check the bitmask */
- if (v128_get_bit(&rdb->bitmask, (index - rdb->window_start)) == 1)
- return err_status_replay_fail;
-
- /* otherwise, the index is okay */
- return err_status_ok;
-}
-
-/*
- * rdb_add_index adds index to rdb_t (and does *not* check if
- * index appears in db)
- *
- * this function should be called only after rdb_check has
- * indicated that the index does not appear in the rdb, e.g., a mutex
- * should protect the rdb between these calls
- */
-
-err_status_t
-rdb_add_index(rdb_t *rdb, uint32_t index) {
- int delta;
-
- /* here we *assume* that index > rdb->window_start */
-
- delta = (index - rdb->window_start);
- if (delta < rdb_bits_in_bitmask) {
-
- /* if the index is within the window, set the appropriate bit */
- v128_set_bit(&rdb->bitmask, delta);
-
- } else {
-
- delta -= rdb_bits_in_bitmask - 1;
-
- /* shift the window forward by delta bits*/
- v128_left_shift(&rdb->bitmask, delta);
- v128_set_bit(&rdb->bitmask, rdb_bits_in_bitmask - 1);
- rdb->window_start += delta;
-
- }
-
- return err_status_ok;
-}
-
-err_status_t
-rdb_increment(rdb_t *rdb) {
-
- if (rdb->window_start++ > 0x7fffffff)
- return err_status_key_expired;
- return err_status_ok;
-}
-
-uint32_t
-rdb_get_value(const rdb_t *rdb) {
- return rdb->window_start;
-}
diff --git a/crypto/replay/rdbx.c b/crypto/replay/rdbx.c
deleted file mode 100644
index 633d0ba..0000000
--- a/crypto/replay/rdbx.c
+++ /dev/null
@@ -1,361 +0,0 @@
-/*
- * rdbx.c
- *
- * a replay database with extended range, using a rollover counter
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "rdbx.h"
-
-
-/*
- * from draft-ietf-avt-srtp-00.txt:
- *
- * A receiver reconstructs the index i of a packet with sequence
- * number s using the estimate
- *
- * i = 65,536 * t + s,
- *
- * where t is chosen from the set { r-1, r, r+1 } such that i is
- * closest to the value 65,536 * r + s_l. If the value r+1 is used,
- * then the rollover counter r in the cryptographic context is
- * incremented by one (if the packet containing s is authentic).
- */
-
-
-
-/*
- * rdbx implementation notes
- *
- * A xtd_seq_num_t is essentially a sequence number for which some of
- * the data on the wire are implicit. It logically consists of a
- * rollover counter and a sequence number; the sequence number is the
- * explicit part, and the rollover counter is the implicit part.
- *
- * Upon receiving a sequence_number (e.g. in a newly received SRTP
- * packet), the complete xtd_seq_num_t can be estimated by using a
- * local xtd_seq_num_t as a basis. This is done using the function
- * index_guess(&local, &guess, seq_from_packet). This function
- * returns the difference of the guess and the local value. The local
- * xtd_seq_num_t can be moved forward to the guess using the function
- * index_advance(&guess, delta), where delta is the difference.
- *
- *
- * A rdbx_t consists of a xtd_seq_num_t and a bitmask. The index is highest
- * sequence number that has been received, and the bitmask indicates
- * which of the recent indicies have been received as well. The
- * highest bit in the bitmask corresponds to the index in the bitmask.
- */
-
-
-void
-index_init(xtd_seq_num_t *pi) {
-#ifdef NO_64BIT_MATH
- *pi = make64(0,0);
-#else
- *pi = 0;
-#endif
-}
-
-void
-index_advance(xtd_seq_num_t *pi, sequence_number_t s) {
-#ifdef NO_64BIT_MATH
- /* a > ~b means a+b will generate a carry */
- /* s is uint16 here */
- *pi = make64(high32(*pi) + (s > ~low32(*pi) ? 1 : 0),low32(*pi) + s);
-#else
- *pi += s;
-#endif
-}
-
-
-/*
- * index_guess(local, guess, s)
- *
- * given a xtd_seq_num_t local (which represents the last
- * known-to-be-good received xtd_seq_num_t) and a sequence number s
- * (from a newly arrived packet), sets the contents of *guess to
- * contain the best guess of the packet index to which s corresponds,
- * and returns the difference between *guess and *local
- *
- * nota bene - the output is a signed integer, DON'T cast it to a
- * unsigned integer!
- */
-
-int
-index_guess(const xtd_seq_num_t *local,
- xtd_seq_num_t *guess,
- sequence_number_t s) {
-#ifdef NO_64BIT_MATH
- uint32_t local_roc = ((high32(*local) << 16) |
- (low32(*local) >> 16));
- uint16_t local_seq = (uint16_t) (low32(*local));
-#else
- uint32_t local_roc = (uint32_t)(*local >> 16);
- uint16_t local_seq = (uint16_t) *local;
-#endif
-#ifdef NO_64BIT_MATH
- uint32_t guess_roc = ((high32(*guess) << 16) |
- (low32(*guess) >> 16));
- uint16_t guess_seq = (uint16_t) (low32(*guess));
-#else
- uint32_t guess_roc = (uint32_t)(*guess >> 16);
- uint16_t guess_seq = (uint16_t) *guess;
-#endif
- int difference;
-
- if (local_seq < seq_num_median) {
- if (s - local_seq > seq_num_median) {
- guess_roc = local_roc - 1;
- // The return value is the relative difference from local_seq to s.
- // The original value is negation of its purpose. According to document
- // http://www.ietf.org/rfc/rfc3711.txt, when this condition is true, the
- // resulting new index should be (local_roc-1, s). But original logic
- // will end up positive difference and rdbx_check would pass. Hence after
- // rdbx_add_index would make local index to be the wrong value because
- // local index should not be updated in this case. For example, when
- // local index is (1, 100) and next sequence is 65530, the wrong updated
- // index would be (1, 205).
- difference = s - local_seq - seq_num_max;
- } else {
- guess_roc = local_roc;
- difference = s - local_seq;
- }
- } else {
- if (local_seq - seq_num_median > s) {
- guess_roc = local_roc+1;
- difference = seq_num_max - local_seq + s;
- } else {
- difference = s - local_seq;
- guess_roc = local_roc;
- }
- }
- guess_seq = s;
-
- /* Note: guess_roc is 32 bits, so this generates a 48-bit result! */
-#ifdef NO_64BIT_MATH
- *guess = make64(guess_roc >> 16,
- (guess_roc << 16) | guess_seq);
-#else
- *guess = (((uint64_t) guess_roc) << 16) | guess_seq;
-#endif
-
- return difference;
-}
-
-/*
- * rdbx
- *
- */
-
-
-/*
- * rdbx_init(&r, ws) initializes the rdbx_t pointed to by r with window size ws
- */
-
-err_status_t
-rdbx_init(rdbx_t *rdbx, unsigned long ws) {
- if (ws == 0)
- return err_status_bad_param;
-
- if (bitvector_alloc(&rdbx->bitmask, ws) != 0)
- return err_status_alloc_fail;
-
- index_init(&rdbx->index);
-
- return err_status_ok;
-}
-
-/*
- * rdbx_uninit(&r) uninitializes the rdbx_t pointed to by r
- */
-
-err_status_t
-rdbx_uninit(rdbx_t *rdbx) {
- bitvector_dealloc(&rdbx->bitmask);
-
- return err_status_ok;
-}
-
-/*
- * rdbx_set_roc(rdbx, roc) initalizes the rdbx_t at the location rdbx
- * to have the rollover counter value roc. If that value is less than
- * the current rollover counter value, then the function returns
- * err_status_replay_old; otherwise, err_status_ok is returned.
- *
- */
-
-err_status_t
-rdbx_set_roc(rdbx_t *rdbx, uint32_t roc) {
- bitvector_set_to_zero(&rdbx->bitmask);
-
-#ifdef NO_64BIT_MATH
- #error not yet implemented
-#else
-
- /* make sure that we're not moving backwards */
- if (roc < (rdbx->index >> 16))
- return err_status_replay_old;
-
- rdbx->index &= 0xffff; /* retain lowest 16 bits */
- rdbx->index |= ((uint64_t)roc) << 16; /* set ROC */
-#endif
-
- return err_status_ok;
-}
-
-/*
- * rdbx_get_packet_index(rdbx) returns the value of the packet index
- * for the rdbx_t pointed to by rdbx
- *
- */
-
-xtd_seq_num_t
-rdbx_get_packet_index(const rdbx_t *rdbx) {
- return rdbx->index;
-}
-
-/*
- * rdbx_get_window_size(rdbx) returns the value of the window size
- * for the rdbx_t pointed to by rdbx
- *
- */
-
-unsigned long
-rdbx_get_window_size(const rdbx_t *rdbx) {
- return bitvector_get_length(&rdbx->bitmask);
-}
-
-/*
- * rdbx_check(&r, delta) checks to see if the xtd_seq_num_t
- * which is at rdbx->index + delta is in the rdb
- */
-
-err_status_t
-rdbx_check(const rdbx_t *rdbx, int delta) {
-
- if (delta > 0) { /* if delta is positive, it's good */
- return err_status_ok;
- } else if ((int)(bitvector_get_length(&rdbx->bitmask) - 1) + delta < 0) {
- /* if delta is lower than the bitmask, it's bad */
- return err_status_replay_old;
- } else if (bitvector_get_bit(&rdbx->bitmask,
- (int)(bitvector_get_length(&rdbx->bitmask) - 1) + delta) == 1) {
- /* delta is within the window, so check the bitmask */
- return err_status_replay_fail;
- }
- /* otherwise, the index is okay */
-
- return err_status_ok;
-}
-
-/*
- * rdbx_add_index adds the xtd_seq_num_t at rdbx->window_start + d to
- * replay_db (and does *not* check if that xtd_seq_num_t appears in db)
- *
- * this function should be called only after replay_check has
- * indicated that the index does not appear in the rdbx, e.g., a mutex
- * should protect the rdbx between these calls if need be
- */
-
-err_status_t
-rdbx_add_index(rdbx_t *rdbx, int delta) {
-
- if (delta > 0) {
- /* shift forward by delta */
- index_advance(&rdbx->index, delta);
- bitvector_left_shift(&rdbx->bitmask, delta);
- bitvector_set_bit(&rdbx->bitmask, bitvector_get_length(&rdbx->bitmask) - 1);
- } else {
- /* delta is in window, so flip bit in bitmask */
- bitvector_set_bit(&rdbx->bitmask, -delta);
- }
-
- /* note that we need not consider the case that delta == 0 */
-
- return err_status_ok;
-}
-
-
-
-/*
- * rdbx_estimate_index(rdbx, guess, s)
- *
- * given an rdbx and a sequence number s (from a newly arrived packet),
- * sets the contents of *guess to contain the best guess of the packet
- * index to which s corresponds, and returns the difference between
- * *guess and the locally stored synch info
- */
-
-int
-rdbx_estimate_index(const rdbx_t *rdbx,
- xtd_seq_num_t *guess,
- sequence_number_t s) {
-
- /*
- * if the sequence number and rollover counter in the rdbx are
- * non-zero, then use the index_guess(...) function, otherwise, just
- * set the rollover counter to zero (since the index_guess(...)
- * function might incorrectly guess that the rollover counter is
- * 0xffffffff)
- */
-
-#ifdef NO_64BIT_MATH
- /* seq_num_median = 0x8000 */
- if (high32(rdbx->index) > 0 ||
- low32(rdbx->index) > seq_num_median)
-#else
- if (rdbx->index > seq_num_median)
-#endif
- return index_guess(&rdbx->index, guess, s);
-
-#ifdef NO_64BIT_MATH
- *guess = make64(0,(uint32_t) s);
-#else
- *guess = s;
-#endif
-
-#ifdef NO_64BIT_MATH
- return s - (uint16_t) low32(rdbx->index);
-#else
- return s - (uint16_t) rdbx->index;
-#endif
-}
diff --git a/crypto/replay/ut_sim.c b/crypto/replay/ut_sim.c
deleted file mode 100644
index 43c411e..0000000
--- a/crypto/replay/ut_sim.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * ut_sim.c
- *
- * an unreliable transport simulator
- * (for testing replay databases and suchlike)
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "ut_sim.h"
-
-
-int
-ut_compar(const void *a, const void *b) {
- return rand() > (RAND_MAX/2) ? -1 : 1;
-}
-
-void
-ut_init(ut_connection *utc) {
- int i;
- utc->index = 0;
-
- for (i=0; i < UT_BUF; i++)
- utc->buffer[i] = i;
-
- qsort(utc->buffer, UT_BUF, sizeof(uint32_t), ut_compar);
-
- utc->index = UT_BUF - 1;
-}
-
-uint32_t
-ut_next_index(ut_connection *utc) {
- uint32_t tmp;
-
- tmp = utc->buffer[0];
- utc->index++;
- utc->buffer[0] = utc->index;
-
- qsort(utc->buffer, UT_BUF, sizeof(uint32_t), ut_compar);
-
- return tmp;
-}
-
-
-
-#ifdef UT_TEST
-
-#include <stdio.h>
-
-int
-main() {
- uint32_t i, irecvd, idiff;
- ut_connection utc;
-
- ut_init(&utc);
-
- for (i=0; i < 1000; i++) {
- irecvd = ut_next_index(&utc);
- idiff = i - irecvd;
- printf("%lu\t%lu\t%d\n", i, irecvd, idiff);
- }
-
- return 0;
-}
-
-
-#endif
diff --git a/crypto/rng/ctr_prng.c b/crypto/rng/ctr_prng.c
deleted file mode 100644
index ab76df3..0000000
--- a/crypto/rng/ctr_prng.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- * ctr_prng.c
- *
- * counter mode based pseudorandom source
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright(c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "prng.h"
-
-/* single, global prng structure */
-
-ctr_prng_t ctr_prng;
-
-err_status_t
-ctr_prng_init(rand_source_func_t random_source) {
- uint8_t tmp_key[32];
- err_status_t status;
-
- /* initialize output count to zero */
- ctr_prng.octet_count = 0;
-
- /* set random source */
- ctr_prng.rand = random_source;
-
- /* initialize secret key from random source */
- status = random_source(tmp_key, 32);
- if (status)
- return status;
-
- /* initialize aes ctr context with random key */
- status = aes_icm_context_init(&ctr_prng.state, tmp_key);
- if (status)
- return status;
-
- return err_status_ok;
-}
-
-err_status_t
-ctr_prng_get_octet_string(void *dest, uint32_t len) {
- err_status_t status;
-
- /*
- * if we need to re-initialize the prng, do so now
- *
- * avoid 32-bit overflows by subtracting instead of adding
- */
- if (ctr_prng.octet_count > MAX_PRNG_OUT_LEN - len) {
- status = ctr_prng_init(ctr_prng.rand);
- if (status)
- return status;
- }
- ctr_prng.octet_count += len;
-
- /*
- * write prng output
- */
- status = aes_icm_output(&ctr_prng.state, (uint8_t*)dest, len);
- if (status)
- return status;
-
- return err_status_ok;
-}
-
-err_status_t
-ctr_prng_deinit(void) {
-
- /* nothing */
-
- return err_status_ok;
-}
diff --git a/crypto/rng/prng.c b/crypto/rng/prng.c
deleted file mode 100644
index 69350a4..0000000
--- a/crypto/rng/prng.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/*
- * prng.c
- *
- * pseudorandom source
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright(c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "prng.h"
-
-/* single, global prng structure */
-
-x917_prng_t x917_prng;
-
-err_status_t
-x917_prng_init(rand_source_func_t random_source) {
- v128_t tmp_key;
- err_status_t status;
-
- /* initialize output count to zero */
- x917_prng.octet_count = 0;
-
- /* set random source */
- x917_prng.rand = random_source;
-
- /* initialize secret key from random source */
- status = random_source((uint8_t *)&tmp_key, 16);
- if (status)
- return status;
-
- /* expand aes key */
- aes_expand_encryption_key(&tmp_key, x917_prng.key);
-
- /* initialize prng state from random source */
- status = x917_prng.rand((uint8_t *)&x917_prng.state, 16);
- if (status)
- return status;
-
- return err_status_ok;
-}
-
-err_status_t
-x917_prng_get_octet_string(uint8_t *dest, uint32_t len) {
- uint32_t t;
- v128_t buffer;
- uint32_t i, tail_len;
- err_status_t status;
-
- /*
- * if we need to re-initialize the prng, do so now
- *
- * avoid overflows by subtracting instead of adding
- */
- if (x917_prng.octet_count > MAX_PRNG_OUT_LEN - len) {
- status = x917_prng_init(x917_prng.rand);
- if (status)
- return status;
- }
- x917_prng.octet_count += len;
-
- /* find out the time */
- t = (uint32_t)time(NULL);
-
- /* loop until we have output enough data */
- for (i=0; i < len/16; i++) {
-
- /* exor time into state */
- x917_prng.state.v32[0] ^= t;
-
- /* copy state into buffer */
- v128_copy(&buffer, &x917_prng.state);
-
- /* apply aes to buffer */
- aes_encrypt(&buffer, x917_prng.key);
-
- /* write data to output */
- *dest++ = buffer.v8[0];
- *dest++ = buffer.v8[1];
- *dest++ = buffer.v8[2];
- *dest++ = buffer.v8[3];
- *dest++ = buffer.v8[4];
- *dest++ = buffer.v8[5];
- *dest++ = buffer.v8[6];
- *dest++ = buffer.v8[7];
- *dest++ = buffer.v8[8];
- *dest++ = buffer.v8[9];
- *dest++ = buffer.v8[10];
- *dest++ = buffer.v8[11];
- *dest++ = buffer.v8[12];
- *dest++ = buffer.v8[13];
- *dest++ = buffer.v8[14];
- *dest++ = buffer.v8[15];
-
- /* exor time into buffer */
- buffer.v32[0] ^= t;
-
- /* encrypt buffer */
- aes_encrypt(&buffer, x917_prng.key);
-
- /* copy buffer into state */
- v128_copy(&x917_prng.state, &buffer);
-
- }
-
- /* if we need to output any more octets, we'll do so now */
- tail_len = len % 16;
- if (tail_len) {
-
- /* exor time into state */
- x917_prng.state.v32[0] ^= t;
-
- /* copy value into buffer */
- v128_copy(&buffer, &x917_prng.state);
-
- /* apply aes to buffer */
- aes_encrypt(&buffer, x917_prng.key);
-
- /* write data to output */
- for (i=0; i < tail_len; i++) {
- *dest++ = buffer.v8[i];
- }
-
- /* now update the state one more time */
-
- /* exor time into buffer */
- buffer.v32[0] ^= t;
-
- /* encrypt buffer */
- aes_encrypt(&buffer, x917_prng.key);
-
- /* copy buffer into state */
- v128_copy(&x917_prng.state, &buffer);
-
- }
-
- return err_status_ok;
-}
-
-err_status_t
-x917_prng_deinit(void) {
-
- return err_status_ok;
-}
diff --git a/crypto/rng/rand_linux_kernel.c b/crypto/rng/rand_linux_kernel.c
deleted file mode 100644
index c51978e..0000000
--- a/crypto/rng/rand_linux_kernel.c
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * rand_linux_kernel.c
- *
- * implements a random source using Linux kernel functions
- *
- * Marcus Sundberg
- * Ingate Systems AB
- */
-/*
- *
- * Copyright(c) 2005 Ingate Systems AB
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the author(s) nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "config.h"
-#include "rand_source.h"
-
-
-err_status_t
-rand_source_init(void) {
- return err_status_ok;
-}
-
-err_status_t
-rand_source_get_octet_string(void *dest, uint32_t len) {
-
- get_random_bytes(dest, len);
-
- return err_status_ok;
-}
-
-err_status_t
-rand_source_deinit(void) {
- return err_status_ok;
-}
diff --git a/crypto/rng/rand_source.c b/crypto/rng/rand_source.c
deleted file mode 100644
index 6f844c5..0000000
--- a/crypto/rng/rand_source.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- * rand_source.c
- *
- * implements a random source based on /dev/random
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright(c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "config.h"
-
-#ifdef DEV_URANDOM
-# include <fcntl.h> /* for open() */
-# include <unistd.h> /* for close() */
-#elif defined(HAVE_RAND_S)
-# define _CRT_RAND_S
-# include <stdlib.h>
-#else
-# include <stdio.h>
-#endif
-
-#include "rand_source.h"
-
-
-/*
- * global dev_rand_fdes is file descriptor for /dev/random
- *
- * This variable is also used to indicate that the random source has
- * been initialized. When this variable is set to the value of the
- * #define RAND_SOURCE_NOT_READY, it indicates that the random source
- * is not ready to be used. The value of the #define
- * RAND_SOURCE_READY is for use whenever that variable is used as an
- * indicator of the state of the random source, but not as a file
- * descriptor.
- */
-
-#define RAND_SOURCE_NOT_READY (-1)
-#define RAND_SOURCE_READY (17)
-
-static int dev_random_fdes = RAND_SOURCE_NOT_READY;
-
-
-err_status_t
-rand_source_init(void) {
- if (dev_random_fdes >= 0) {
- /* already open */
- return err_status_ok;
- }
-#ifdef DEV_URANDOM
- /* open random source for reading */
- dev_random_fdes = open(DEV_URANDOM, O_RDONLY);
- if (dev_random_fdes < 0)
- return err_status_init_fail;
-#elif defined(HAVE_RAND_S)
- dev_random_fdes = RAND_SOURCE_READY;
-#else
- /* no random source available; let the user know */
- fprintf(stderr, "WARNING: no real random source present!\n");
- dev_random_fdes = RAND_SOURCE_READY;
-#endif
- return err_status_ok;
-}
-
-err_status_t
-rand_source_get_octet_string(void *dest, uint32_t len) {
-
- /*
- * read len octets from /dev/random to dest, and
- * check return value to make sure enough octets were
- * written
- */
-#ifdef DEV_URANDOM
- if (read(dev_random_fdes, dest, len) != len)
- return err_status_fail;
-#elif defined(HAVE_RAND_S)
- uint8_t *dst = (uint8_t *)dest;
- while (len)
- {
- unsigned int val;
- errno_t err = rand_s(&val);
-
- if (err != 0)
- return err_status_fail;
-
- *dst++ = val & 0xff;
- len--;
- }
-#else
- /* Generic C-library (rand()) version */
- /* This is a random source of last resort */
- uint8_t *dst = (uint8_t *)dest;
- while (len)
- {
- int val = rand();
- /* rand() returns 0-32767 (ugh) */
- /* Is this a good enough way to get random bytes?
- It is if it passes FIPS-140... */
- *dst++ = val & 0xff;
- len--;
- }
-#endif
- return err_status_ok;
-}
-
-err_status_t
-rand_source_deinit(void) {
- if (dev_random_fdes < 0)
- return err_status_dealloc_fail; /* well, we haven't really failed, *
- * but there is something wrong */
-#ifdef DEV_URANDOM
- close(dev_random_fdes);
-#endif
- dev_random_fdes = RAND_SOURCE_NOT_READY;
-
- return err_status_ok;
-}
diff --git a/crypto/test/aes_calc.c b/crypto/test/aes_calc.c
deleted file mode 100644
index 2fac07a..0000000
--- a/crypto/test/aes_calc.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * aes_calc.c
- *
- * A simple AES calculator for generating AES encryption values
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
-
- Example usage (with first NIST FIPS 197 test case):
-
-[sh]$ test/aes_calc 000102030405060708090a0b0c0d0e0f 00112233445566778899aabbccddeeff -v
- plaintext: 00112233445566778899aabbccddeeff
- key: 000102030405060708090a0b0c0d0e0f
- ciphertext: 69c4e0d86a7b0430d8cdb78070b4c55a
-
- */
-
-#include "aes.h"
-#include <stdio.h>
-#include <string.h>
-
-void
-usage(char *prog_name) {
- printf("usage: %s <key> <plaintext> [-v]\n", prog_name);
- exit(255);
-}
-
-#define AES_KEY_LEN 16
-
-int
-main (int argc, char *argv[]) {
- v128_t data, key;
- aes_expanded_key_t exp_key;
- int len;
- int verbose;
-
- if (argc == 3) {
- /* we're not in verbose mode */
- verbose = 0;
- } else if (argc == 4) {
- if (strncmp(argv[3], "-v", 2) == 0) {
- /* we're in verbose mode */
- verbose = 1;
- } else {
- /* unrecognized flag, complain and exit */
- usage(argv[0]);
- }
- } else {
- /* we've been fed the wrong number of arguments - compain and exit */
- usage(argv[0]);
- }
-
- /* read in key, checking length */
- if (strlen(argv[1]) > AES_KEY_LEN*2) {
- fprintf(stderr,
- "error: too many digits in key "
- "(should be %d hexadecimal digits, found %u)\n",
- AES_KEY_LEN*2, (unsigned)strlen(argv[1]));
- exit(1);
- }
- len = hex_string_to_octet_string((char *)&key, argv[1], AES_KEY_LEN*2);
- /* check that hex string is the right length */
- if (len < AES_KEY_LEN*2) {
- fprintf(stderr,
- "error: too few digits in key "
- "(should be %d hexadecimal digits, found %d)\n",
- AES_KEY_LEN*2, len);
- exit(1);
- }
-
- /* read in plaintext, checking length */
- if (strlen(argv[2]) > 16*2) {
- fprintf(stderr,
- "error: too many digits in plaintext "
- "(should be %d hexadecimal digits, found %u)\n",
- 16*2, (unsigned)strlen(argv[2]));
- exit(1);
- }
- len = hex_string_to_octet_string((char *)(&data), argv[2], 16*2);
- /* check that hex string is the right length */
- if (len < 16*2) {
- fprintf(stderr,
- "error: too few digits in plaintext "
- "(should be %d hexadecimal digits, found %d)\n",
- 16*2, len);
- exit(1);
- }
-
- if (verbose) {
- /* print out plaintext */
- printf("plaintext:\t%s\n", octet_string_hex_string((uint8_t *)&data, 16));
- }
-
- /* encrypt plaintext */
- aes_expand_encryption_key(&key, exp_key);
-
- aes_encrypt(&data, exp_key);
-
- /* write ciphertext to output */
- if (verbose) {
- printf("key:\t\t%s\n", v128_hex_string(&key));
- printf("ciphertext:\t");
- }
- printf("%s\n", v128_hex_string(&data));
-
- return 0;
-}
-
diff --git a/crypto/test/auth_driver.c b/crypto/test/auth_driver.c
deleted file mode 100644
index cd8a75d..0000000
--- a/crypto/test/auth_driver.c
+++ /dev/null
@@ -1,200 +0,0 @@
-/*
- * auth_driver.c
- *
- * a driver for auth functions
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include <stdio.h> /* for printf() */
-#include <stdlib.h> /* for xalloc() */
-#include <unistd.h> /* for getopt() */
-
-#include "auth.h"
-#include "null_auth.h"
-
-#define PRINT_DEBUG_DATA 0
-
-extern auth_type_t tmmhv2;
-
-const uint16_t msg0[9] = {
- 0x6015, 0xf141, 0x5ba1, 0x29a0, 0xf604, 0xd1c, 0x2d9, 0xaa8a, 0x7931
-};
-
-/* key1 is for TAG_WORDS = 2 */
-
-const uint16_t key1[47] = {
- 0xe627, 0x6a01, 0x5ea7, 0xf27a, 0xc536, 0x2192, 0x11be, 0xea35,
- 0xdb9d, 0x63d6, 0xfa8a, 0xfc45, 0xe08b, 0xd216, 0xced2, 0x7853,
- 0x1a82, 0x22f5, 0x90fb, 0x1c29, 0x708e, 0xd06f, 0x82c3, 0xbee6,
- 0x4f21, 0x6f33, 0x65c0, 0xd211, 0xc25e, 0x9138, 0x4fa3, 0x7c1f,
- 0x61ac, 0x3489, 0x2976, 0x8c19, 0x8252, 0xddbf, 0xcad3, 0xc28f,
- 0x68d6, 0x58dd, 0x504f, 0x2bbf, 0x0278, 0x70b7, 0xcfca
-};
-
-double
-auth_bits_per_second(auth_t *h, int msg_len);
-
-
-void
-usage(char *prog_name) {
- printf("usage: %s [ -t | -v ]\n", prog_name);
- exit(255);
-}
-
-#define MAX_MSG_LEN 2048
-
-int
-main (int argc, char *argv[]) {
- auth_t *a = NULL;
- err_status_t status;
- int i;
- int c;
- unsigned do_timing_test = 0;
- unsigned do_validation = 0;
-
- /* process input arguments */
- while (1) {
- c = getopt(argc, argv, "tv");
- if (c == -1)
- break;
- switch (c) {
- case 't':
- do_timing_test = 1;
- break;
- case 'v':
- do_validation = 1;
- break;
- default:
- usage(argv[0]);
- }
- }
-
- printf("auth driver\nDavid A. McGrew\nCisco Systems, Inc.\n");
-
- if (!do_validation && !do_timing_test)
- usage(argv[0]);
-
- if (do_validation) {
- printf("running self-test for %s...", tmmhv2.description);
- status = tmmhv2_add_big_test();
- if (status) {
- printf("tmmhv2_add_big_test failed with error code %d\n", status);
- exit(status);
- }
- status = auth_type_self_test(&tmmhv2);
- if (status) {
- printf("failed with error code %d\n", status);
- exit(status);
- }
- printf("passed\n");
- }
-
- if (do_timing_test) {
-
- /* tmmhv2 timing test */
- status = auth_type_alloc(&tmmhv2, &a, 94, 4);
- if (status) {
- fprintf(stderr, "can't allocate tmmhv2\n");
- exit(status);
- }
- status = auth_init(a, (uint8_t *)key1);
- if (status) {
- printf("error initializaing auth function\n");
- exit(status);
- }
-
- printf("timing %s (tag length %d)\n",
- tmmhv2.description, auth_get_tag_length(a));
- for (i=8; i <= MAX_MSG_LEN; i *= 2)
- printf("msg len: %d\tgigabits per second: %f\n",
- i, auth_bits_per_second(a, i) / 1E9);
-
- status = auth_dealloc(a);
- if (status) {
- printf("error deallocating auth function\n");
- exit(status);
- }
-
- }
-
- return 0;
-}
-
-#define NUM_TRIALS 100000
-
-#include <time.h>
-
-double
-auth_bits_per_second(auth_t *a, int msg_len_octets) {
- int i;
- clock_t timer;
- uint8_t *result;
- int msg_len = (msg_len_octets + 1)/2;
- uint16_t *msg_string;
-
- /* create random message */
- msg_string = (uint16_t *) crypto_alloc(msg_len_octets);
- if (msg_string == NULL)
- return 0.0; /* indicate failure */
- for (i=0; i < msg_len; i++)
- msg_string[i] = (uint16_t) random();
-
- /* allocate temporary storage for authentication tag */
- result = crypto_alloc(auth_get_tag_length(a));
- if (result == NULL) {
- free(msg_string);
- return 0.0; /* indicate failure */
- }
-
- timer = clock();
- for (i=0; i < NUM_TRIALS; i++) {
- auth_compute(a, (uint8_t *)msg_string, msg_len_octets, (uint8_t *)result);
- }
- timer = clock() - timer;
-
- free(msg_string);
- free(result);
-
- return (double) NUM_TRIALS * 8 * msg_len_octets * CLOCKS_PER_SEC / timer;
-}
-
-
diff --git a/crypto/test/cipher_driver.c b/crypto/test/cipher_driver.c
deleted file mode 100644
index 25ca90a..0000000
--- a/crypto/test/cipher_driver.c
+++ /dev/null
@@ -1,491 +0,0 @@
-/*
- * cipher_driver.c
- *
- * A driver for the generic cipher type
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <stdio.h> /* for printf() */
-#include <stdlib.h> /* for rand() */
-#include <string.h> /* for memset() */
-#include <unistd.h> /* for getopt() */
-#include "cipher.h"
-#include "aes_icm.h"
-#include "null_cipher.h"
-
-#define PRINT_DEBUG 0
-
-void
-cipher_driver_test_throughput(cipher_t *c);
-
-err_status_t
-cipher_driver_self_test(cipher_type_t *ct);
-
-
-/*
- * cipher_driver_test_buffering(ct) tests the cipher's output
- * buffering for correctness by checking the consistency of succesive
- * calls
- */
-
-err_status_t
-cipher_driver_test_buffering(cipher_t *c);
-
-
-/*
- * functions for testing cipher cache thrash
- */
-err_status_t
-cipher_driver_test_array_throughput(cipher_type_t *ct,
- int klen, int num_cipher);
-
-void
-cipher_array_test_throughput(cipher_t *ca[], int num_cipher);
-
-uint64_t
-cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher,
- unsigned octets_in_buffer, int num_trials);
-
-err_status_t
-cipher_array_delete(cipher_t *cipher_array[], int num_cipher);
-
-err_status_t
-cipher_array_alloc_init(cipher_t ***cipher_array, int num_ciphers,
- cipher_type_t *ctype, int klen);
-
-void
-usage(char *prog_name) {
- printf("usage: %s [ -t | -v | -a ]\n", prog_name);
- exit(255);
-}
-
-void
-check_status(err_status_t s) {
- if (s) {
- printf("error (code %d)\n", s);
- exit(s);
- }
- return;
-}
-
-/*
- * null_cipher, aes_icm, and aes_cbc are the cipher meta-objects
- * defined in the files in crypto/cipher subdirectory. these are
- * declared external so that we can use these cipher types here
- */
-
-extern cipher_type_t null_cipher;
-extern cipher_type_t aes_icm;
-extern cipher_type_t aes_cbc;
-
-int
-main(int argc, char *argv[]) {
- cipher_t *c = NULL;
- err_status_t status;
- unsigned char test_key[20] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13
- };
- int q;
- unsigned do_timing_test = 0;
- unsigned do_validation = 0;
- unsigned do_array_timing_test = 0;
-
- /* process input arguments */
- while (1) {
- q = getopt(argc, argv, "tva");
- if (q == -1)
- break;
- switch (q) {
- case 't':
- do_timing_test = 1;
- break;
- case 'v':
- do_validation = 1;
- break;
- case 'a':
- do_array_timing_test = 1;
- break;
- default:
- usage(argv[0]);
- }
- }
-
- printf("cipher test driver\n"
- "David A. McGrew\n"
- "Cisco Systems, Inc.\n");
-
- if (!do_validation && !do_timing_test && !do_array_timing_test)
- usage(argv[0]);
-
- /* arry timing (cache thrash) test */
- if (do_array_timing_test) {
- int max_num_cipher = 1 << 16; /* number of ciphers in cipher_array */
- int num_cipher;
-
- for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
- cipher_driver_test_array_throughput(&null_cipher, 0, num_cipher);
-
- for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
- cipher_driver_test_array_throughput(&aes_icm, 30, num_cipher);
-
- for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
- cipher_driver_test_array_throughput(&aes_cbc, 16, num_cipher);
-
- }
-
- if (do_validation) {
- cipher_driver_self_test(&null_cipher);
- cipher_driver_self_test(&aes_icm);
- cipher_driver_self_test(&aes_cbc);
- }
-
- /* do timing and/or buffer_test on null_cipher */
- status = cipher_type_alloc(&null_cipher, &c, 0);
- check_status(status);
-
- status = cipher_init(c, NULL, direction_encrypt);
- check_status(status);
-
- if (do_timing_test)
- cipher_driver_test_throughput(c);
- if (do_validation) {
- status = cipher_driver_test_buffering(c);
- check_status(status);
- }
- status = cipher_dealloc(c);
- check_status(status);
-
-
- /* run the throughput test on the aes_icm cipher */
- status = cipher_type_alloc(&aes_icm, &c, 30);
- if (status) {
- fprintf(stderr, "error: can't allocate cipher\n");
- exit(status);
- }
-
- status = cipher_init(c, test_key, direction_encrypt);
- check_status(status);
-
- if (do_timing_test)
- cipher_driver_test_throughput(c);
-
- if (do_validation) {
- status = cipher_driver_test_buffering(c);
- check_status(status);
- }
-
- status = cipher_dealloc(c);
- check_status(status);
-
- return 0;
-}
-
-void
-cipher_driver_test_throughput(cipher_t *c) {
- int i;
- int min_enc_len = 32;
- int max_enc_len = 2048; /* should be a power of two */
- int num_trials = 100000;
-
- printf("timing %s throughput:\n", c->type->description);
- fflush(stdout);
- for (i=min_enc_len; i <= max_enc_len; i = i * 2)
- printf("msg len: %d\tgigabits per second: %f\n",
- i, cipher_bits_per_second(c, i, num_trials) / 1e9);
-
-}
-
-err_status_t
-cipher_driver_self_test(cipher_type_t *ct) {
- err_status_t status;
-
- printf("running cipher self-test for %s...", ct->description);
- status = cipher_type_self_test(ct);
- if (status) {
- printf("failed with error code %d\n", status);
- exit(status);
- }
- printf("passed\n");
-
- return err_status_ok;
-}
-
-/*
- * cipher_driver_test_buffering(ct) tests the cipher's output
- * buffering for correctness by checking the consistency of succesive
- * calls
- */
-
-err_status_t
-cipher_driver_test_buffering(cipher_t *c) {
- int i, j, num_trials = 1000;
- unsigned len, buflen = 1024;
- uint8_t buffer0[buflen], buffer1[buflen], *current, *end;
- uint8_t idx[16] = {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34
- };
- err_status_t status;
-
- printf("testing output buffering for cipher %s...",
- c->type->description);
-
- for (i=0; i < num_trials; i++) {
-
- /* set buffers to zero */
- for (j=0; j < buflen; j++)
- buffer0[j] = buffer1[j] = 0;
-
- /* initialize cipher */
- status = cipher_set_iv(c, idx);
- if (status)
- return status;
-
- /* generate 'reference' value by encrypting all at once */
- status = cipher_encrypt(c, buffer0, &buflen);
- if (status)
- return status;
-
- /* re-initialize cipher */
- status = cipher_set_iv(c, idx);
- if (status)
- return status;
-
- /* now loop over short lengths until buffer1 is encrypted */
- current = buffer1;
- end = buffer1 + buflen;
- while (current < end) {
-
- /* choose a short length */
- len = rand() & 0x01f;
-
- /* make sure that len doesn't cause us to overreach the buffer */
- if (current + len > end)
- len = end - current;
-
- status = cipher_encrypt(c, current, &len);
- if (status)
- return status;
-
- /* advance pointer into buffer1 to reflect encryption */
- current += len;
-
- /* if buffer1 is all encrypted, break out of loop */
- if (current == end)
- break;
- }
-
- /* compare buffers */
- for (j=0; j < buflen; j++)
- if (buffer0[j] != buffer1[j]) {
-#if PRINT_DEBUG
- printf("test case %d failed at byte %d\n", i, j);
- printf("computed: %s\n", octet_string_hex_string(buffer1, buflen));
- printf("expected: %s\n", octet_string_hex_string(buffer0, buflen));
-#endif
- return err_status_algo_fail;
- }
- }
-
- printf("passed\n");
-
- return err_status_ok;
-}
-
-
-/*
- * The function cipher_test_throughput_array() tests the effect of CPU
- * cache thrash on cipher throughput.
- *
- * cipher_array_alloc_init(ctype, array, num_ciphers) creates an array
- * of cipher_t of type ctype
- */
-
-err_status_t
-cipher_array_alloc_init(cipher_t ***ca, int num_ciphers,
- cipher_type_t *ctype, int klen) {
- int i, j;
- err_status_t status;
- uint8_t *key;
- cipher_t **cipher_array;
-
- /* allocate array of pointers to ciphers */
- cipher_array = (cipher_t **) malloc(sizeof(cipher_t *) * num_ciphers);
- if (cipher_array == NULL)
- return err_status_alloc_fail;
-
- /* set ca to location of cipher_array */
- *ca = cipher_array;
-
- /* allocate key */
- key = crypto_alloc(klen);
- if (key == NULL) {
- free(cipher_array);
- return err_status_alloc_fail;
- }
-
- /* allocate and initialize an array of ciphers */
- for (i=0; i < num_ciphers; i++) {
-
- /* allocate cipher */
- status = cipher_type_alloc(ctype, cipher_array, klen);
- if (status)
- return status;
-
- /* generate random key and initialize cipher */
- for (j=0; j < klen; j++)
- key[j] = (uint8_t) rand();
- status = cipher_init(*cipher_array, key, direction_encrypt);
- if (status)
- return status;
-
-/* printf("%dth cipher is at %p\n", i, *cipher_array); */
-/* printf("%dth cipher description: %s\n", i, */
-/* (*cipher_array)->type->description); */
-
- /* advance cipher array pointer */
- cipher_array++;
- }
-
- return err_status_ok;
-}
-
-err_status_t
-cipher_array_delete(cipher_t *cipher_array[], int num_cipher) {
- int i;
-
- for (i=0; i < num_cipher; i++) {
- cipher_dealloc(cipher_array[i]);
- }
-
- free(cipher_array);
-
- return err_status_ok;
-}
-
-
-/*
- * cipher_array_bits_per_second(c, l, t) computes (an estimate of) the
- * number of bits that a cipher implementation can encrypt in a second
- * when distinct keys are used to encrypt distinct messages
- *
- * c is a cipher (which MUST be allocated an initialized already), l
- * is the length in octets of the test data to be encrypted, and t is
- * the number of trials
- *
- * if an error is encountered, the value 0 is returned
- */
-
-uint64_t
-cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher,
- unsigned octets_in_buffer, int num_trials) {
- int i;
- v128_t nonce;
- clock_t timer;
- unsigned char *enc_buf;
- int cipher_index = 0;
-
-
- enc_buf = crypto_alloc(octets_in_buffer);
- if (enc_buf == NULL)
- return 0; /* indicate bad parameters by returning null */
-
- /* time repeated trials */
- v128_set_to_zero(&nonce);
- timer = clock();
- for(i=0; i < num_trials; i++, nonce.v32[3] = i) {
-
- /* choose a cipher at random from the array*/
- cipher_index = (*((uint32_t *)enc_buf)) % num_cipher;
-
- /* encrypt buffer with cipher */
- cipher_set_iv(cipher_array[cipher_index], &nonce);
- cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_in_buffer);
- }
- timer = clock() - timer;
-
- free(enc_buf);
-
- if (timer == 0) {
- /* Too fast! */
- return 0;
- }
-
- return CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
-}
-
-void
-cipher_array_test_throughput(cipher_t *ca[], int num_cipher) {
- int i;
- int min_enc_len = 16;
- int max_enc_len = 2048; /* should be a power of two */
- int num_trials = 10000;
-
- printf("timing %s throughput with array size %d:\n",
- (ca[0])->type->description, num_cipher);
- fflush(stdout);
- for (i=min_enc_len; i <= max_enc_len; i = i * 4)
- printf("msg len: %d\tgigabits per second: %f\n", i,
- cipher_array_bits_per_second(ca, num_cipher, i, num_trials) / 1e9);
-
-}
-
-err_status_t
-cipher_driver_test_array_throughput(cipher_type_t *ct,
- int klen, int num_cipher) {
- cipher_t **ca = NULL;
- err_status_t status;
-
- status = cipher_array_alloc_init(&ca, num_cipher, ct, klen);
- if (status) {
- printf("error: cipher_array_alloc_init() failed with error code %d\n",
- status);
- return status;
- }
-
- cipher_array_test_throughput(ca, num_cipher);
-
- cipher_array_delete(ca, num_cipher);
-
- return err_status_ok;
-}
diff --git a/crypto/test/datatypes_driver.c b/crypto/test/datatypes_driver.c
deleted file mode 100644
index f186652..0000000
--- a/crypto/test/datatypes_driver.c
+++ /dev/null
@@ -1,237 +0,0 @@
-/*
- * datatypes_driver.c
- *
- * a test driver for crypto/math datatypes
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include <stdio.h> /* for printf() */
-#include <string.h> /* for strlen() */
-#include "datatypes.h"
-
-void
-byte_order(void);
-
-void
-test_hex_string_funcs(void);
-
-void
-print_string(char *s);
-
-void
-test_bswap(void);
-
-int
-main (void) {
-
- /*
- * this program includes various and sundry tests for fundamental
- * datatypes. it's a grab-bag of throwaway code, retained only in
- * case of future problems
- */
-
- int i, j;
- v128_t x;
- char *r =
- "The Moving Finger writes; and, having writ,\n"
- "Moves on: nor all thy Piety nor Wit\n"
- "Shall lure it back to cancel half a Line,\n"
- "Nor all thy Tears wash out a Word of it.";
- char *s = "incomplet";
-
- print_string(r);
- print_string(s);
-
- byte_order();
- test_hex_string_funcs();
-
- for (j=0; j < 128; j++) {
- v128_set_to_zero(&x);
- /* x.v32[0] = (1 << j); */
- v128_set_bit(&x, j);
- printf("%s\n", v128_bit_string(&x));
- v128_clear_bit(&x, j);
- printf("%s\n", v128_bit_string(&x));
-
- }
-
- printf("----------------------------------------------\n");
- v128_set_to_zero(&x);
- for (i=0; i < 128; i++) {
- v128_set_bit(&x, i);
- }
- printf("%s\n", v128_bit_string(&x));
-
- printf("----------------------------------------------\n");
- v128_set_to_zero(&x);
- v128_set_bit(&x, 0);
- for (i=0; i < 128; i++) {
- printf("%s\n", v128_bit_string(&x));
- v128_right_shift(&x, 1);
- }
- printf("----------------------------------------------\n");
- v128_set_to_zero(&x);
- v128_set_bit(&x, 127);
- for (i=0; i < 128; i++) {
- printf("%s\n", v128_bit_string(&x));
- v128_left_shift(&x, 1);
- }
- printf("----------------------------------------------\n");
- for (i=0; i < 128; i++) {
- v128_set_to_zero(&x);
- v128_set_bit(&x, 127);
- v128_left_shift(&x, i);
- printf("%s\n", v128_bit_string(&x));
- }
- printf("----------------------------------------------\n");
- v128_set_to_zero(&x);
- for (i=0; i < 128; i+=2) {
- v128_set_bit(&x, i);
- }
- printf("bit_string: { %s }\n", v128_bit_string(&x));
- printf("get_bit: { ");
- for (i=0; i < 128; i++) {
- if (v128_get_bit(&x, i) == 1)
- printf("1");
- else
- printf("0");
- }
- printf(" } \n");
-
- test_bswap();
-
- return 0;
-}
-
-
-/* byte_order() prints out byte ordering of datatypes */
-
-void
-byte_order(void) {
- int i;
- v128_t e;
-#if 0
- v16_t b;
- v32_t c;
- v64_t d;
-
- for (i=0; i < sizeof(b); i++)
- b.octet[i] = i;
- for (i=0; i < sizeof(c); i++)
- c.octet[i] = i;
- for (i=0; i < sizeof(d); i++)
- d.octet[i] = i;
-
- printf("v128_t:\t%s\n", v128_hex_string(&e));
- printf("v64_t:\t%s\n", v64_hex_string(&d));
- printf("v32_t:\t%s\n", v32_hex_string(c));
- printf("v16_t:\t%s\n", v16_hex_string(b));
-
- c.value = 0x01020304;
- printf("v32_t:\t%s\n", v32_hex_string(c));
- b.value = 0x0102;
- printf("v16_t:\t%s\n", v16_hex_string(b));
-
- printf("uint16_t ordering:\n");
-
- c.value = 0x00010002;
- printf("v32_t:\t%x%x\n", c.v16[0], c.v16[1]);
-#endif
-
- printf("byte ordering of crypto/math datatypes:\n");
- for (i=0; i < sizeof(e); i++)
- e.v8[i] = i;
- printf("v128_t: %s\n", v128_hex_string(&e));
-
-}
-
-void
-test_hex_string_funcs(void) {
- char hex1[] = "abadcafe";
- char hex2[] = "0123456789abcdefqqqqq";
- char raw[10];
- int len;
-
- len = hex_string_to_octet_string(raw, hex1, strlen(hex1));
- printf("computed length: %d\tstring: %s\n", len,
- octet_string_hex_string(raw, len/2));
- printf("expected length: %u\tstring: %s\n", (unsigned)strlen(hex1), hex1);
-
- len = hex_string_to_octet_string(raw, hex2, strlen(hex2));
- printf("computed length: %d\tstring: %s\n", len,
- octet_string_hex_string(raw, len/2));
- printf("expected length: %d\tstring: %s\n", 16, "0123456789abcdef");
-
-}
-
-void
-print_string(char *s) {
- int i;
- printf("%s\n", s);
- printf("strlen(s) = %u\n", (unsigned)strlen(s));
- printf("{ ");
- for (i=0; i < strlen(s); i++) {
- printf("0x%x, ", s[i]);
- if (((i+1) % 8) == 0)
- printf("\n ");
- }
- printf("}\n");
-}
-
-void
-test_bswap(void) {
- uint32_t x = 0x11223344;
- uint64_t y = 0x1122334455667788LL;
-
- printf("before: %0x\nafter: %0x\n", x, be32_to_cpu(x));
- printf("before: %0llx\nafter: %0llx\n", (unsigned long long)y,
- (unsigned long long)be64_to_cpu(y));
-
- y = 1234;
-
- printf("1234: %0llx\n", (unsigned long long)y);
- printf("as octet string: %s\n",
- octet_string_hex_string((uint8_t *) &y, 8));
- y = be64_to_cpu(y);
- printf("bswapped octet string: %s\n",
- octet_string_hex_string((uint8_t *) &y, 8));
-}
diff --git a/crypto/test/env.c b/crypto/test/env.c
deleted file mode 100644
index 37a6e27..0000000
--- a/crypto/test/env.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/*
- * env.c
- *
- * prints out a brief report on the build environment
- *
- * David McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <stdio.h>
-#include <string.h> /* for srtcmp() */
-#include "config.h"
-
-int
-main(void) {
- int err_count = 0;
- char *str;
-
-#ifdef WORDS_BIGENDIAN
- printf("CPU set to big-endian\t\t\t(WORDS_BIGENDIAN == 1)\n");
-#else
- printf("CPU set to little-endian\t\t(WORDS_BIGENDIAN == 0)\n");
-#endif
-
-#ifdef CPU_RISC
- printf("CPU set to RISC\t\t\t\t(CPU_RISC == 1)\n");
-#elif defined(CPU_CISC)
- printf("CPU set to CISC\t\t\t\t(CPU_CISC == 1)\n");
-#else
- printf("CPU set to an unknown type, probably due to a configuration error\n");
- err_count++;
-#endif
-
-#ifdef CPU_ALTIVEC
- printf("CPU set to ALTIVEC\t\t\t\t(CPU_ALTIVEC == 0)\n");
-#endif
-
-#ifndef NO_64BIT_MATH
- printf("using native 64-bit type\t\t(NO_64_BIT_MATH == 0)\n");
-#else
- printf("using built-in 64-bit math\t\t(NO_64_BIT_MATH == 1)\n");
-#endif
-
-#ifdef ERR_REPORTING_STDOUT
- printf("using stdout for error reporting\t(ERR_REPORTING_STDOUT == 1)\n");
-#endif
-
-#ifdef DEV_URANDOM
- str = DEV_URANDOM;
-#else
- str = "";
-#endif
- printf("using %s as a random source\t(DEV_URANDOM == %s)\n",
- str, str);
- if (strcmp("", str) == 0) {
- err_count++;
- }
-
- if (err_count)
- printf("warning: configuration is probably in error "
- "(found %d problems)\n", err_count);
-
- return err_count;
-}
diff --git a/crypto/test/kernel_driver.c b/crypto/test/kernel_driver.c
deleted file mode 100644
index 8ef8a5f..0000000
--- a/crypto/test/kernel_driver.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/*
- * kernel_driver.c
- *
- * a test driver for the crypto_kernel
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright(c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include <stdio.h> /* for printf() */
-#include <unistd.h> /* for getopt() */
-#include "crypto_kernel.h"
-
-void
-usage(char *prog_name) {
- printf("usage: %s [ -v ][ -d debug_module ]*\n", prog_name);
- exit(255);
-}
-
-int
-main (int argc, char *argv[]) {
- extern char *optarg;
- int q;
- int do_validation = 0;
- err_status_t status;
-
- if (argc == 1)
- usage(argv[0]);
-
- /* initialize kernel - we need to do this before anything else */
- status = crypto_kernel_init();
- if (status) {
- printf("error: crypto_kernel init failed\n");
- exit(1);
- }
- printf("crypto_kernel successfully initalized\n");
-
- /* process input arguments */
- while (1) {
- q = getopt(argc, argv, "vd:");
- if (q == -1)
- break;
- switch (q) {
- case 'v':
- do_validation = 1;
- break;
- case 'd':
- status = crypto_kernel_set_debug_module(optarg, 1);
- if (status) {
- printf("error: set debug module (%s) failed\n", optarg);
- exit(1);
- }
- break;
- default:
- usage(argv[0]);
- }
- }
-
- if (do_validation) {
- printf("checking crypto_kernel status...\n");
- status = crypto_kernel_status();
- if (status) {
- printf("failed\n");
- exit(1);
- }
- printf("crypto_kernel passed self-tests\n");
- }
-
- status = crypto_kernel_shutdown();
- if (status) {
- printf("error: crypto_kernel shutdown failed\n");
- exit(1);
- }
- printf("crypto_kernel successfully shut down\n");
-
- return 0;
-}
-
-/*
- * crypto_kernel_cipher_test() is a test of the cipher interface
- * of the crypto_kernel
- */
-
-err_status_t
-crypto_kernel_cipher_test(void) {
-
- /* not implemented yet! */
-
- return err_status_ok;
-}
diff --git a/crypto/test/rand_gen.c b/crypto/test/rand_gen.c
deleted file mode 100644
index ccea097..0000000
--- a/crypto/test/rand_gen.c
+++ /dev/null
@@ -1,140 +0,0 @@
-/*
- * rand_gen.c
- *
- * a random source (random number generator)
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright(c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include <stdio.h> /* for printf() */
-#include <unistd.h> /* for getopt() */
-#include "crypto_kernel.h"
-
-/*
- * MAX_PRINT_STRING_LEN is defined in datatypes.h, and is the length
- * of the largest hexadecimal string that can be generated by the
- * function octet_string_hex_string().
- */
-
-#define BUF_LEN (MAX_PRINT_STRING_LEN/2)
-
-void
-usage(char *prog_name) {
- printf("usage: %s -n <num_bytes> [-l][ -d debug_module ]*\n"
- " -n <num> output <num> random bytes, where <num>"
- " is between zero and %d\n"
- " -l list the avaliable debug modules\n"
- " -d <mod> turn on debugging module <mod>\n",
- prog_name, BUF_LEN);
- exit(255);
-}
-
-int
-main (int argc, char *argv[]) {
- extern char *optarg;
- int q;
- int num_octets = 0;
- unsigned do_list_mods = 0;
- err_status_t status;
-
- if (argc == 1)
- usage(argv[0]);
-
- /* initialize kernel - we need to do this before anything else */
- status = crypto_kernel_init();
- if (status) {
- printf("error: crypto_kernel init failed\n");
- exit(1);
- }
-
- /* process input arguments */
- while (1) {
- q = getopt(argc, argv, "ld:n:");
- if (q == -1)
- break;
- switch (q) {
- case 'd':
- status = crypto_kernel_set_debug_module(optarg, 1);
- if (status) {
- printf("error: set debug module (%s) failed\n", optarg);
- exit(1);
- }
- break;
- case 'l':
- do_list_mods = 1;
- break;
- case 'n':
- num_octets = atoi(optarg);
- if (num_octets < 0 || num_octets > BUF_LEN)
- usage(argv[0]);
- break;
- default:
- usage(argv[0]);
- }
- }
-
- if (do_list_mods) {
- status = crypto_kernel_list_debug_modules();
- if (status) {
- printf("error: list of debug modules failed\n");
- exit(1);
- }
- }
-
- if (num_octets > 0) {
- uint8_t buffer[BUF_LEN];
-
- status = crypto_get_random(buffer, num_octets);
- if (status) {
- printf("error: failure in random source\n");
- } else {
- printf("%s\n", octet_string_hex_string(buffer, num_octets));
- }
- }
-
- status = crypto_kernel_shutdown();
- if (status) {
- printf("error: crypto_kernel shutdown failed\n");
- exit(1);
- }
-
- return 0;
-}
-
diff --git a/crypto/test/sha1_driver.c b/crypto/test/sha1_driver.c
deleted file mode 100644
index f7cb6ca..0000000
--- a/crypto/test/sha1_driver.c
+++ /dev/null
@@ -1,533 +0,0 @@
-/*
- * sha1_driver.c
- *
- * a test driver for SHA-1
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <stdio.h>
-#include "sha1.h"
-
-#define SHA_PASS 0
-#define SHA_FAIL 1
-
-#define MAX_HASH_DATA_LEN 1024
-#define MAX_HASH_OUT_LEN 20
-
-typedef struct hash_test_case_t {
- unsigned data_len; /* number of octets in data */
- unsigned hash_len; /* number of octets output by hash */
- uint8_t data[MAX_HASH_DATA_LEN]; /* message data */
- uint8_t hash[MAX_HASH_OUT_LEN]; /* expected hash output */
- struct hash_test_case_t *next_test_case;
-} hash_test_case_t;
-
-hash_test_case_t *sha1_test_case_list;
-
-err_status_t
-hash_test_case_add(hash_test_case_t **list_ptr,
- char *hex_data,
- unsigned data_len,
- char *hex_hash,
- unsigned hash_len) {
- hash_test_case_t *list_head = *list_ptr;
- hash_test_case_t *test_case;
- unsigned tmp_len;
-
- test_case = malloc(sizeof(hash_test_case_t));
- if (test_case == NULL)
- return err_status_alloc_fail;
-
- tmp_len = hex_string_to_octet_string((char *)test_case->data, hex_data, data_len*2);
- if (tmp_len != data_len*2)
- return err_status_parse_err;
-
- tmp_len = hex_string_to_octet_string((char *)test_case->hash, hex_hash, hash_len*2);
- if (tmp_len != hash_len*2)
- return err_status_parse_err;
-
- test_case->data_len = data_len;
- test_case->hash_len = hash_len;
-
- /* add the new test case to the head of the list */
- test_case->next_test_case = list_head;
- *list_ptr = test_case;
-
- return err_status_ok;
-}
-
-err_status_t
-sha1_test_case_validate(const hash_test_case_t *test_case) {
- sha1_ctx_t ctx;
- uint32_t hash_value[5];
-
- if (test_case == NULL)
- return err_status_bad_param;
-
- if (test_case->hash_len != 20)
- return err_status_bad_param;
- if (test_case->data_len > MAX_HASH_DATA_LEN)
- return err_status_bad_param;
-
- sha1_init(&ctx);
- sha1_update(&ctx, test_case->data, test_case->data_len);
- sha1_final(&ctx, hash_value);
- if (0 == memcmp(test_case->hash, hash_value, 20)) {
-#if VERBOSE
- printf("PASSED: reference value: %s\n",
- octet_string_hex_string((uint8_t *)test_case->hash, 20));
- printf("PASSED: computed value: %s\n",
- octet_string_hex_string((uint8_t *)hash_value, 20));
-#endif
- return err_status_ok;
- }
-
- printf("reference value: %s\n",
- octet_string_hex_string((uint8_t *)test_case->hash, 20));
- printf("computed value: %s\n",
- octet_string_hex_string((uint8_t *)hash_value, 20));
-
- return err_status_algo_fail;
-
-}
-
-struct hex_sha1_test_case_t {
- unsigned bit_len;
- char hex_data[MAX_HASH_DATA_LEN*2];
- char hex_hash[40];
-};
-
-err_status_t
-sha1_add_test_cases() {
- int i;
- err_status_t err;
-
- /*
- * these test cases are taken from the "SHA-1 Sample Vectors"
- * provided by NIST at http://csrc.nist.gov/cryptval/shs.html
- */
-
- struct hex_sha1_test_case_t tc[] = {
- {
- 0,
- "",
- "da39a3ee5e6b4b0d3255bfef95601890afd80709"
- },
- {
- 8,
- "a8",
- "99f2aa95e36f95c2acb0eaf23998f030638f3f15"
- },
- {
- 16,
- "3000",
- "f944dcd635f9801f7ac90a407fbc479964dec024"
- },
- {
- 24,
- "42749e",
- "a444319e9b6cc1e8464c511ec0969c37d6bb2619"
- },
- {
- 32,
- "9fc3fe08",
- "16a0ff84fcc156fd5d3ca3a744f20a232d172253"
- },
- {
- 40,
- "b5c1c6f1af",
- "fec9deebfcdedaf66dda525e1be43597a73a1f93"
- },
- {
- 48,
- "e47571e5022e",
- "8ce051181f0ed5e9d0c498f6bc4caf448d20deb5"
- },
- {
- 56,
- "3e1b28839fb758",
- "67da53837d89e03bf652ef09c369a3415937cfd3"
- },
- {
- 64,
- "a81350cbb224cb90",
- "305e4ff9888ad855a78573cddf4c5640cce7e946"
- },
- {
- 72, "c243d167923dec3ce1",
- "5902b77b3265f023f9bbc396ba1a93fa3509bde7"
- },
- {
- 80,
- "50ac18c59d6a37a29bf4",
- "fcade5f5d156bf6f9af97bdfa9c19bccfb4ff6ab"
- },
- {
- 88,
- "98e2b611ad3b1cccf634f6",
- "1d20fbe00533c10e3cbd6b27088a5de0c632c4b5"
- },
- {
- 96,
- "73fe9afb68e1e8712e5d4eec",
- "7e1b7e0f7a8f3455a9c03e9580fd63ae205a2d93"
- },
- {
- 104,
- "9e701ed7d412a9226a2a130e66",
- "706f0677146307b20bb0e8d6311e329966884d13"
- },
- {
- 112,
- "6d3ee90413b0a7cbf69e5e6144ca",
- "a7241a703aaf0d53fe142f86bf2e849251fa8dff"
- },
- {
- 120,
- "fae24d56514efcb530fd4802f5e71f",
- "400f53546916d33ad01a5e6df66822dfbdc4e9e6"
- },
- {
- 128,
- "c5a22dd6eda3fe2bdc4ddb3ce6b35fd1",
- "fac8ab93c1ae6c16f0311872b984f729dc928ccd"
- },
- {
- 136,
- "d98cded2adabf08fda356445c781802d95",
- "fba6d750c18da58f6e2aab10112b9a5ef3301b3b"
- },
- {
- 144,
- "bcc6d7087a84f00103ccb32e5f5487a751a2",
- "29d27c2d44c205c8107f0351b05753ac708226b6"
- },
- {
- 152,
- "36ecacb1055434190dbbc556c48bafcb0feb0d",
- "b971bfc1ebd6f359e8d74cb7ecfe7f898d0ba845"
- },
- {
- 160,
- "5ff9edb69e8f6bbd498eb4537580b7fba7ad31d0",
- "96d08c430094b9fcc164ad2fb6f72d0a24268f68"
- },
- {
- 168, "c95b441d8270822a46a798fae5defcf7b26abace36",
- "a287ea752a593d5209e287881a09c49fa3f0beb1"
- },
- {
- 176,
- "83104c1d8a55b28f906f1b72cb53f68cbb097b44f860",
- "a06c713779cbd88519ed4a585ac0cb8a5e9d612b"
- },
- {
- 184,
- "755175528d55c39c56493d697b790f099a5ce741f7754b",
- "bff7d52c13a3688132a1d407b1ab40f5b5ace298"
- },
- {
- 192,
- "088fc38128bbdb9fd7d65228b3184b3faac6c8715f07272f",
- "c7566b91d7b6f56bdfcaa9781a7b6841aacb17e9"
- },
- {
- 200,
- "a4a586eb9245a6c87e3adf1009ac8a49f46c07e14185016895",
- "ffa30c0b5c550ea4b1e34f8a60ec9295a1e06ac1"
- },
- {
- 208,
- "8e7c555270c006092c2a3189e2a526b873e2e269f0fb28245256",
- "29e66ed23e914351e872aa761df6e4f1a07f4b81"
- },
- {
- 216,
- "a5f3bfa6bb0ba3b59f6b9cbdef8a558ec565e8aa3121f405e7f2f0",
- "b28cf5e5b806a01491d41f69bd9248765c5dc292"
- },
- {
- 224,
- "589054f0d2bd3c2c85b466bfd8ce18e6ec3e0b87d944cd093ba36469",
- "60224fb72c46069652cd78bcd08029ef64da62f3"
- },
- {
- 232,
- "a0abb12083b5bbc78128601bf1cbdbc0fdf4b862b24d899953d8da0ff3",
- "b72c4a86f72608f24c05f3b9088ef92fba431df7"
- },
- {
- 240,
- "82143f4cea6fadbf998e128a8811dc75301cf1db4f079501ea568da68eeb",
- "73779ad5d6b71b9b8328ef7220ff12eb167076ac"
- },
- {
- 248,
- "9f1231dd6df1ff7bc0b0d4f989d048672683ce35d956d2f57913046267e6f3",
- "a09671d4452d7cf50015c914a1e31973d20cc1a0"
- },
- {
- 256,
- "041c512b5eed791f80d3282f3a28df263bb1df95e1239a7650e5670fc2187919",
- "e88cdcd233d99184a6fd260b8fca1b7f7687aee0"
- },
- {
- 264,
- "17e81f6ae8c2e5579d69dafa6e070e7111461552d314b691e7a3e7a4feb3fae418",
- "010def22850deb1168d525e8c84c28116cb8a269"
- },
- {
- 272,
- "d15976b23a1d712ad28fad04d805f572026b54dd64961fda94d5355a0cc98620cf77",
- "aeaa40ba1717ed5439b1e6ea901b294ba500f9ad"
- },
- {
- 280,
- "09fce4d434f6bd32a44e04b848ff50ec9f642a8a85b37a264dc73f130f22838443328f",
- "c6433791238795e34f080a5f1f1723f065463ca0"
- },
- {
- 288, "f17af27d776ec82a257d8d46d2b46b639462c56984cc1be9c1222eadb8b26594a25c709d",
- "e21e22b89c1bb944a32932e6b2a2f20d491982c3"
- },
- {
- 296,
- "b13ce635d6f8758143ffb114f2f601cb20b6276951416a2f94fbf4ad081779d79f4f195b22",
- "575323a9661f5d28387964d2ba6ab92c17d05a8a"
- },
- {
- 304,
- "5498793f60916ff1c918dde572cdea76da8629ba4ead6d065de3dfb48de94d234cc1c5002910",
- "feb44494af72f245bfe68e86c4d7986d57c11db7"
- },
- {
- 312,
- "498a1e0b39fa49582ae688cd715c86fbaf8a81b8b11b4d1594c49c902d197c8ba8a621fd6e3be5",
- "cff2290b3648ba2831b98dde436a72f9ebf51eee"
- },
- {
- 320,
- "3a36ae71521f9af628b3e34dcb0d4513f84c78ee49f10416a98857150b8b15cb5c83afb4b570376e",
- "9b4efe9d27b965905b0c3dab67b8d7c9ebacd56c"
- },
- {
- 328,
- "dcc76b40ae0ea3ba253e92ac50fcde791662c5b6c948538cffc2d95e9de99cac34dfca38910db2678f",
- "afedb0ff156205bcd831cbdbda43db8b0588c113"
- },
- {
- 336,
- "5b5ec6ec4fd3ad9c4906f65c747fd4233c11a1736b6b228b92e90cddabb0c7c2fcf9716d3fad261dff33",
- "8deb1e858f88293a5e5e4d521a34b2a4efa70fc4"
- },
- {
- 344,
- "df48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab",
- "95cbdac0f74afa69cebd0e5c7defbc6faf0cbeaf"
- },
- {
- 352,
- "1f179b3b82250a65e1b0aee949e218e2f45c7a8dbfd6ba08de05c55acfc226b48c68d7f7057e5675cd96fcfc",
- "f0307bcb92842e5ae0cd4f4f14f3df7f877fbef2"
- },
- {
- 360,
- "ee3d72da3a44d971578972a8e6780ce64941267e0f7d0179b214fa97855e1790e888e09fbe3a70412176cb3b54",
- "7b13bb0dbf14964bd63b133ac85e22100542ef55"
- },
- {
- 368,
- "d4d4c7843d312b30f610b3682254c8be96d5f6684503f8fbfbcd15774fc1b084d3741afb8d24aaa8ab9c104f7258",
- "c314d2b6cf439be678d2a74e890d96cfac1c02ed"
- },
- {
- 376,
- "32c094944f5936a190a0877fb9178a7bf60ceae36fd530671c5b38c5dbd5e6a6c0d615c2ac8ad04b213cc589541cf6",
- "4d0be361e410b47a9d67d8ce0bb6a8e01c53c078"
- },
- {
- 384,
- "e5d3180c14bf27a5409fa12b104a8fd7e9639609bfde6ee82bbf9648be2546d29688a65e2e3f3da47a45ac14343c9c02",
- "e5353431ffae097f675cbf498869f6fbb6e1c9f2"
- },
- {
- 392,
- "e7b6e4b69f724327e41e1188a37f4fe38b1dba19cbf5a7311d6e32f1038e97ab506ee05aebebc1eed09fc0e357109818b9",
- "b8720a7068a085c018ab18961de2765aa6cd9ac4"
- },
- {
- 400,
- "bc880cb83b8ac68ef2fedc2da95e7677ce2aa18b0e2d8b322701f67af7d5e7a0d96e9e33326ccb7747cfff0852b961bfd475",
- "b0732181568543ba85f2b6da602b4b065d9931aa"
- },
- {
- 408,
- "235ea9c2ba7af25400f2e98a47a291b0bccdaad63faa2475721fda5510cc7dad814bce8dabb611790a6abe56030b798b75c944",
- "9c22674cf3222c3ba921672694aafee4ce67b96b"
- },
- {
- 416,
- "07e3e29fed63104b8410f323b975fd9fba53f636af8c4e68a53fb202ca35dd9ee07cb169ec5186292e44c27e5696a967f5e67709",
- "d128335f4cecca9066cdae08958ce656ff0b4cfc"
- },
- {
- 424,
- "65d2a1dd60a517eb27bfbf530cf6a5458f9d5f4730058bd9814379547f34241822bf67e6335a6d8b5ed06abf8841884c636a25733f",
- "0b67c57ac578de88a2ae055caeaec8bb9b0085a0"
- },
- {
- 432,
- "dcc86b3bd461615bab739d8daafac231c0f462e819ad29f9f14058f3ab5b75941d4241ea2f17ebb8a458831b37a9b16dead4a76a9b0e",
- "c766f912a89d4ccda88e0cce6a713ef5f178b596"
- },
- {
- 440,
- "4627d54f0568dc126b62a8c35fb46a9ac5024400f2995e51635636e1afc4373dbb848eb32df23914230560b82477e9c3572647a7f2bb92",
- "9aa3925a9dcb177b15ccff9b78e70cf344858779"
- },
- {
- 448,
- "ba531affd4381168ef24d8b275a84d9254c7f5cc55fded53aa8024b2c5c5c8aa7146fe1d1b83d62b70467e9a2e2cb67b3361830adbab28d7",
- "4811fa30042fc076acf37c8e2274d025307e5943"
- },
- {
- 456,
- "8764dcbcf89dcf4282eb644e3d568bdccb4b13508bfa7bfe0ffc05efd1390be22109969262992d377691eb4f77f3d59ea8466a74abf57b2ef4",
- "6743018450c9730761ee2b130df9b91c1e118150"
- },
- {
- 464,
- "497d9df9ddb554f3d17870b1a31986c1be277bc44feff713544217a9f579623d18b5ffae306c25a45521d2759a72c0459b58957255ab592f3be4",
- "71ad4a19d37d92a5e6ef3694ddbeb5aa61ada645"
- },
- {
- 472,
- "72c3c2e065aefa8d9f7a65229e818176eef05da83f835107ba90ec2e95472e73e538f783b416c04654ba8909f26a12db6e5c4e376b7615e4a25819",
- "a7d9dc68dacefb7d6116186048cb355cc548e11d"
- },
- {
- 480,
- "7cc9894454d0055ab5069a33984e2f712bef7e3124960d33559f5f3b81906bb66fe64da13c153ca7f5cabc89667314c32c01036d12ecaf5f9a78de98",
- "142e429f0522ba5abf5131fa81df82d355b96909"
- },
- {
- 488,
- "74e8404d5a453c5f4d306f2cfa338ca65501c840ddab3fb82117933483afd6913c56aaf8a0a0a6b2a342fc3d9dc7599f4a850dfa15d06c61966d74ea59",
- "ef72db70dcbcab991e9637976c6faf00d22caae9"
- },
- {
- 496,
- "46fe5ed326c8fe376fcc92dc9e2714e2240d3253b105adfbb256ff7a19bc40975c604ad7c0071c4fd78a7cb64786e1bece548fa4833c04065fe593f6fb10",
- "f220a7457f4588d639dc21407c942e9843f8e26b"
- },
- {
- 504,
- "836dfa2524d621cf07c3d2908835de859e549d35030433c796b81272fd8bc0348e8ddbc7705a5ad1fdf2155b6bc48884ac0cd376925f069a37849c089c8645",
- "ddd2117b6e309c233ede85f962a0c2fc215e5c69"
- },
- {
- 512,
- "7e3a4c325cb9c52b88387f93d01ae86d42098f5efa7f9457388b5e74b6d28b2438d42d8b64703324d4aa25ab6aad153ae30cd2b2af4d5e5c00a8a2d0220c6116",
- "a3054427cdb13f164a610b348702724c808a0dcc"
- }
- };
-
-
- for (i=0; i < 65; i++) {
- err = hash_test_case_add(&sha1_test_case_list,
- tc[i].hex_data,
- tc[i].bit_len/8,
- tc[i].hex_hash, 20);
- if (err) {
- printf("error adding hash test case (code %d)\n", err);
- return err;
- }
- }
-
- return err_status_ok;
-}
-
-
-err_status_t
-sha1_validate(void) {
- hash_test_case_t *test_case;
- err_status_t err;
-
- err = sha1_add_test_cases();
- if (err) {
- printf("error adding SHA1 test cases (error code %d)\n", err);
- return err;
- }
-
- if (sha1_test_case_list == NULL)
- return err_status_cant_check;
-
- test_case = sha1_test_case_list;
- while (test_case != NULL) {
- err = sha1_test_case_validate(test_case);
- if (err) {
- printf("error validating hash test case (error code %d)\n", err);
- return err;
- }
- test_case = test_case->next_test_case;
- }
-
- return err_status_ok;
-}
-
-
-
-int
-main (void) {
- err_status_t err;
-
- printf("sha1 test driver\n");
-
- err = sha1_validate();
- if (err) {
- printf("SHA1 did not pass validation testing\n");
- return 1;
- }
- printf("SHA1 passed validation tests\n");
-
- return 0;
-
-}
diff --git a/crypto/test/stat_driver.c b/crypto/test/stat_driver.c
deleted file mode 100644
index 09cc44a..0000000
--- a/crypto/test/stat_driver.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * stat-driver.c
- *
- * test driver for the stat_test functions
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-
-#include <stdio.h> /* for printf() */
-
-#include "err.h"
-#include "stat.h"
-
-#include "cipher.h"
-
-typedef struct {
- void *state;
-} random_source_t;
-
-err_status_t
-random_source_alloc(void);
-
-void
-err_check(err_status_t s) {
- if (s) {
- printf("error (code %d)\n", s);
- exit(1);
- }
-}
-
-int
-main (int argc, char *argv[]) {
- uint8_t buffer[2500];
- unsigned int buf_len = 2500;
- int i, j;
- extern cipher_type_t aes_icm;
- cipher_t *c;
- uint8_t key[30] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05
- };
- v128_t nonce;
- int num_trials = 500;
- int num_fail;
-
- printf("statistical tests driver\n");
-
- for (i=0; i < 2500; i++)
- buffer[i] = 0;
-
- /* run tests */
- printf("running stat_tests on all-null buffer, expecting failure\n");
- printf("monobit %d\n", stat_test_monobit(buffer));
- printf("poker %d\n", stat_test_poker(buffer));
- printf("runs %d\n", stat_test_runs(buffer));
-
- for (i=0; i < 2500; i++)
- buffer[i] = rand();
- printf("running stat_tests on rand(), expecting success\n");
- printf("monobit %d\n", stat_test_monobit(buffer));
- printf("poker %d\n", stat_test_poker(buffer));
- printf("runs %d\n", stat_test_runs(buffer));
-
- printf("running stat_tests on AES-128-ICM, expecting success\n");
- /* set buffer to cipher output */
- for (i=0; i < 2500; i++)
- buffer[i] = 0;
- err_check(cipher_type_alloc(&aes_icm, &c, 30));
- err_check(cipher_init(c, key, direction_encrypt));
- err_check(cipher_set_iv(c, &nonce));
- err_check(cipher_encrypt(c, buffer, &buf_len));
- /* run tests on cipher outout */
- printf("monobit %d\n", stat_test_monobit(buffer));
- printf("poker %d\n", stat_test_poker(buffer));
- printf("runs %d\n", stat_test_runs(buffer));
-
- printf("runs test (please be patient): ");
- fflush(stdout);
- num_fail = 0;
- v128_set_to_zero(&nonce);
- for(j=0; j < num_trials; j++) {
- for (i=0; i < 2500; i++)
- buffer[i] = 0;
- nonce.v32[3] = i;
- err_check(cipher_set_iv(c, &nonce));
- err_check(cipher_encrypt(c, buffer, &buf_len));
- if (stat_test_runs(buffer)) {
- num_fail++;
- }
- }
-
- printf("%d failures in %d tests\n", num_fail, num_trials);
- printf("(nota bene: a small fraction of stat_test failures does not \n"
- "indicate that the random source is invalid)\n");
-
- return 0;
-}
diff --git a/doc/Doxyfile b/doc/Doxyfile
deleted file mode 100644
index c6e6a6d..0000000
--- a/doc/Doxyfile
+++ /dev/null
@@ -1,1042 +0,0 @@
-# Doxyfile 1.3-rc3
-
-# This file describes the settings to be used by the documentation system
-# doxygen (www.doxygen.org) for a project
-#
-# All text after a hash (#) is considered a comment and will be ignored
-# The format is:
-# TAG = value [value, ...]
-# For lists items can also be appended using:
-# TAG += value [value, ...]
-# Values that contain spaces should be placed between quotes (" ")
-
-#---------------------------------------------------------------------------
-# General configuration options
-#---------------------------------------------------------------------------
-
-# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
-# by quotes) that should identify the project.
-
-PROJECT_NAME = libSRTP
-
-# The PROJECT_NUMBER tag can be used to enter a project or revision number.
-# This could be handy for archiving the generated documentation or
-# if some version control system is used.
-
-PROJECT_NUMBER = 1.3.22
-
-# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
-# base path where the generated documentation will be put.
-# If a relative path is entered, it will be relative to the location
-# where doxygen was started. If left blank the current directory will be used.
-
-OUTPUT_DIRECTORY =
-
-# The OUTPUT_LANGUAGE tag is used to specify the language in which all
-# documentation generated by doxygen is written. Doxygen will use this
-# information to generate all constant output in the proper language.
-# The default language is English, other supported languages are:
-# Brazilian, Catalan, Chinese, Chinese-Traditional, Croatian, Czech, Danish, Dutch,
-# Finnish, French, German, Greek, Hungarian, Italian, Japanese, Japanese-en
-# (Japanese with english messages), Korean, Norwegian, Polish, Portuguese,
-# Romanian, Russian, Serbian, Slovak, Slovene, Spanish, Swedish and Ukrainian.
-
-OUTPUT_LANGUAGE = English
-
-# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in
-# documentation are documented, even if no documentation was available.
-# Private class members and static file members will be hidden unless
-# the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES
-
-EXTRACT_ALL = NO
-
-# If the EXTRACT_PRIVATE tag is set to YES all private members of a class
-# will be included in the documentation.
-
-EXTRACT_PRIVATE = NO
-
-# If the EXTRACT_STATIC tag is set to YES all static members of a file
-# will be included in the documentation.
-
-EXTRACT_STATIC = NO
-
-# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs)
-# defined locally in source files will be included in the documentation.
-# If set to NO only classes defined in header files are included.
-
-EXTRACT_LOCAL_CLASSES = YES
-
-# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all
-# undocumented members of documented classes, files or namespaces.
-# If set to NO (the default) these members will be included in the
-# various overviews, but no documentation section is generated.
-# This option has no effect if EXTRACT_ALL is enabled.
-
-HIDE_UNDOC_MEMBERS = YES
-
-# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all
-# undocumented classes that are normally visible in the class hierarchy.
-# If set to NO (the default) these class will be included in the various
-# overviews. This option has no effect if EXTRACT_ALL is enabled.
-
-HIDE_UNDOC_CLASSES = NO
-
-# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all
-# friend (class|struct|union) declarations.
-# If set to NO (the default) these declarations will be included in the
-# documentation.
-
-HIDE_FRIEND_COMPOUNDS = NO
-
-# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any
-# documentation blocks found inside the body of a function.
-# If set to NO (the default) these blocks will be appended to the
-# function's detailed documentation block.
-
-HIDE_IN_BODY_DOCS = NO
-
-# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will
-# include brief member descriptions after the members that are listed in
-# the file and class documentation (similar to JavaDoc).
-# Set to NO to disable this.
-
-BRIEF_MEMBER_DESC = YES
-
-# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend
-# the brief description of a member or function before the detailed description.
-# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the
-# brief descriptions will be completely suppressed.
-
-REPEAT_BRIEF = NO
-
-# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then
-# Doxygen will generate a detailed section even if there is only a brief
-# description.
-
-ALWAYS_DETAILED_SEC = NO
-
-# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show
-# all inherited members of a class in the documentation of that class
-# as if those members were ordinary class members. Constructors,
-# destructors and assignment operators of the base classes will not be
-# shown.
-
-INLINE_INHERITED_MEMB = NO
-
-# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full
-# path before files name in the file list and in the header files. If set
-# to NO the shortest path that makes the file name unique will be used.
-
-FULL_PATH_NAMES = NO
-
-# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag
-# can be used to strip a user defined part of the path. Stripping is
-# only done if one of the specified strings matches the left-hand part of
-# the path. It is allowed to use relative paths in the argument list.
-
-STRIP_FROM_PATH =
-
-# The INTERNAL_DOCS tag determines if documentation
-# that is typed after a \internal command is included. If the tag is set
-# to NO (the default) then the documentation will be excluded.
-# Set it to YES to include the internal documentation.
-
-INTERNAL_DOCS = NO
-
-# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate
-# file names in lower case letters. If set to YES upper case letters are also
-# allowed. This is useful if you have classes or files whose names only differ
-# in case and if your file system supports case sensitive file names. Windows
-# users are adviced to set this option to NO.
-
-CASE_SENSE_NAMES = YES
-
-# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter
-# (but less readable) file names. This can be useful is your file systems
-# doesn't support long names like on DOS, Mac, or CD-ROM.
-
-SHORT_NAMES = NO
-
-# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen
-# will show members with their full class and namespace scopes in the
-# documentation. If set to YES the scope will be hidden.
-
-HIDE_SCOPE_NAMES = NO
-
-# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen
-# will generate a verbatim copy of the header file for each class for
-# which an include is specified. Set to NO to disable this.
-
-VERBATIM_HEADERS = YES
-
-# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen
-# will put list of the files that are included by a file in the documentation
-# of that file.
-
-SHOW_INCLUDE_FILES = NO
-
-# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen
-# will interpret the first line (until the first dot) of a JavaDoc-style
-# comment as the brief description. If set to NO, the JavaDoc
-# comments will behave just like the Qt-style comments (thus requiring an
-# explict @brief command for a brief description.
-
-JAVADOC_AUTOBRIEF = NO
-
-# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen
-# treat a multi-line C++ special comment block (i.e. a block of //! or ///
-# comments) as a brief description. This used to be the default behaviour.
-# The new default is to treat a multi-line C++ comment block as a detailed
-# description. Set this tag to YES if you prefer the old behaviour instead.
-
-MULTILINE_CPP_IS_BRIEF = NO
-
-# If the DETAILS_AT_TOP tag is set to YES then Doxygen
-# will output the detailed description near the top, like JavaDoc.
-# If set to NO, the detailed description appears after the member
-# documentation.
-
-DETAILS_AT_TOP = NO
-
-# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented
-# member inherits the documentation from any documented member that it
-# reimplements.
-
-INHERIT_DOCS = YES
-
-# If the INLINE_INFO tag is set to YES (the default) then a tag [inline]
-# is inserted in the documentation for inline members.
-
-INLINE_INFO = YES
-
-# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen
-# will sort the (detailed) documentation of file and class members
-# alphabetically by member name. If set to NO the members will appear in
-# declaration order.
-
-SORT_MEMBER_DOCS = YES
-
-# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC
-# tag is set to YES, then doxygen will reuse the documentation of the first
-# member in the group (if any) for the other members of the group. By default
-# all members of a group must be documented explicitly.
-
-DISTRIBUTE_GROUP_DOC = NO
-
-# The TAB_SIZE tag can be used to set the number of spaces in a tab.
-# Doxygen uses this value to replace tabs by spaces in code fragments.
-
-TAB_SIZE = 3
-
-# The GENERATE_TODOLIST tag can be used to enable (YES) or
-# disable (NO) the todo list. This list is created by putting \todo
-# commands in the documentation.
-
-GENERATE_TODOLIST = YES
-
-# The GENERATE_TESTLIST tag can be used to enable (YES) or
-# disable (NO) the test list. This list is created by putting \test
-# commands in the documentation.
-
-GENERATE_TESTLIST = YES
-
-# The GENERATE_BUGLIST tag can be used to enable (YES) or
-# disable (NO) the bug list. This list is created by putting \bug
-# commands in the documentation.
-
-GENERATE_BUGLIST = YES
-
-# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or
-# disable (NO) the deprecated list. This list is created by putting
-# \deprecated commands in the documentation.
-
-GENERATE_DEPRECATEDLIST= YES
-
-# This tag can be used to specify a number of aliases that acts
-# as commands in the documentation. An alias has the form "name=value".
-# For example adding "sideeffect=\par Side Effects:\n" will allow you to
-# put the command \sideeffect (or @sideeffect) in the documentation, which
-# will result in a user defined paragraph with heading "Side Effects:".
-# You can put \n's in the value part of an alias to insert newlines.
-
-ALIASES =
-
-# The ENABLED_SECTIONS tag can be used to enable conditional
-# documentation sections, marked by \if sectionname ... \endif.
-
-ENABLED_SECTIONS =
-
-# The MAX_INITIALIZER_LINES tag determines the maximum number of lines
-# the initial value of a variable or define consist of for it to appear in
-# the documentation. If the initializer consists of more lines than specified
-# here it will be hidden. Use a value of 0 to hide initializers completely.
-# The appearance of the initializer of individual variables and defines in the
-# documentation can be controlled using \showinitializer or \hideinitializer
-# command in the documentation regardless of this setting.
-
-MAX_INITIALIZER_LINES = 30
-
-# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources
-# only. Doxygen will then generate output that is more tailored for C.
-# For instance some of the names that are used will be different. The list
-# of all members will be omitted, etc.
-
-OPTIMIZE_OUTPUT_FOR_C = YES
-
-# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java sources
-# only. Doxygen will then generate output that is more tailored for Java.
-# For instance namespaces will be presented as packages, qualified scopes
-# will look different, etc.
-
-OPTIMIZE_OUTPUT_JAVA = NO
-
-# Set the SHOW_USED_FILES tag to NO to disable the list of files generated
-# at the bottom of the documentation of classes and structs. If set to YES the
-# list will mention the files that were used to generate the documentation.
-
-SHOW_USED_FILES = YES
-
-#---------------------------------------------------------------------------
-# configuration options related to warning and progress messages
-#---------------------------------------------------------------------------
-
-# The QUIET tag can be used to turn on/off the messages that are generated
-# by doxygen. Possible values are YES and NO. If left blank NO is used.
-
-QUIET = NO
-
-# The WARNINGS tag can be used to turn on/off the warning messages that are
-# generated by doxygen. Possible values are YES and NO. If left blank
-# NO is used.
-
-WARNINGS = YES
-
-# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings
-# for undocumented members. If EXTRACT_ALL is set to YES then this flag will
-# automatically be disabled.
-
-WARN_IF_UNDOCUMENTED = YES
-
-# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for
-# potential errors in the documentation, such as not documenting some
-# parameters in a documented function, or documenting parameters that
-# don't exist or using markup commands wrongly.
-
-WARN_IF_DOC_ERROR = YES
-
-# The WARN_FORMAT tag determines the format of the warning messages that
-# doxygen can produce. The string should contain the $file, $line, and $text
-# tags, which will be replaced by the file and line number from which the
-# warning originated and the warning text.
-
-WARN_FORMAT = "$file:$line: $text"
-
-# The WARN_LOGFILE tag can be used to specify a file to which warning
-# and error messages should be written. If left blank the output is written
-# to stderr.
-
-WARN_LOGFILE =
-
-#---------------------------------------------------------------------------
-# configuration options related to the input files
-#---------------------------------------------------------------------------
-
-# The INPUT tag can be used to specify the files and/or directories that contain
-# documented source files. You may enter file names like "myfile.cpp" or
-# directories like "/usr/src/myproject". Separate the files or directories
-# with spaces.
-
-INPUT = intro.txt ../include/srtp.h ../crypto/include/crypto_types.h ../crypto/include/err.h ../crypto/include/crypto.h crypto_kernel.txt
-
-# If the value of the INPUT tag contains directories, you can use the
-# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
-# and *.h) to filter out the source-files in the directories. If left
-# blank the following patterns are tested:
-# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx *.hpp
-# *.h++ *.idl *.odl
-
-FILE_PATTERNS =
-
-# The RECURSIVE tag can be used to turn specify whether or not subdirectories
-# should be searched for input files as well. Possible values are YES and NO.
-# If left blank NO is used.
-
-RECURSIVE = NO
-
-# The EXCLUDE tag can be used to specify files and/or directories that should
-# excluded from the INPUT source files. This way you can easily exclude a
-# subdirectory from a directory tree whose root is specified with the INPUT tag.
-
-EXCLUDE =
-
-# The EXCLUDE_SYMLINKS tag can be used select whether or not files or directories
-# that are symbolic links (a Unix filesystem feature) are excluded from the input.
-
-EXCLUDE_SYMLINKS = NO
-
-# If the value of the INPUT tag contains directories, you can use the
-# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
-# certain files from those directories.
-
-EXCLUDE_PATTERNS =
-
-# The EXAMPLE_PATH tag can be used to specify one or more files or
-# directories that contain example code fragments that are included (see
-# the \include command).
-
-EXAMPLE_PATH =
-
-# If the value of the EXAMPLE_PATH tag contains directories, you can use the
-# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
-# and *.h) to filter out the source-files in the directories. If left
-# blank all files are included.
-
-EXAMPLE_PATTERNS =
-
-# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be
-# searched for input files to be used with the \include or \dontinclude
-# commands irrespective of the value of the RECURSIVE tag.
-# Possible values are YES and NO. If left blank NO is used.
-
-EXAMPLE_RECURSIVE = NO
-
-# The IMAGE_PATH tag can be used to specify one or more files or
-# directories that contain image that are included in the documentation (see
-# the \image command).
-
-IMAGE_PATH =
-
-# The INPUT_FILTER tag can be used to specify a program that doxygen should
-# invoke to filter for each input file. Doxygen will invoke the filter program
-# by executing (via popen()) the command <filter> <input-file>, where <filter>
-# is the value of the INPUT_FILTER tag, and <input-file> is the name of an
-# input file. Doxygen will then use the output that the filter program writes
-# to standard output.
-
-INPUT_FILTER =
-
-# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using
-# INPUT_FILTER) will be used to filter the input files when producing source
-# files to browse (i.e. when SOURCE_BROWSER is set to YES).
-
-FILTER_SOURCE_FILES = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to source browsing
-#---------------------------------------------------------------------------
-
-# If the SOURCE_BROWSER tag is set to YES then a list of source files will
-# be generated. Documented entities will be cross-referenced with these sources.
-
-SOURCE_BROWSER = NO
-
-# Setting the INLINE_SOURCES tag to YES will include the body
-# of functions and classes directly in the documentation.
-
-INLINE_SOURCES = NO
-
-# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct
-# doxygen to hide any special comment blocks from generated source code
-# fragments. Normal C and C++ comments will always remain visible.
-
-STRIP_CODE_COMMENTS = YES
-
-# If the REFERENCED_BY_RELATION tag is set to YES (the default)
-# then for each documented function all documented
-# functions referencing it will be listed.
-
-REFERENCED_BY_RELATION = YES
-
-# If the REFERENCES_RELATION tag is set to YES (the default)
-# then for each documented function all documented entities
-# called/used by that function will be listed.
-
-REFERENCES_RELATION = YES
-
-#---------------------------------------------------------------------------
-# configuration options related to the alphabetical class index
-#---------------------------------------------------------------------------
-
-# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index
-# of all compounds will be generated. Enable this if the project
-# contains a lot of classes, structs, unions or interfaces.
-
-ALPHABETICAL_INDEX = NO
-
-# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then
-# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns
-# in which this list will be split (can be a number in the range [1..20])
-
-COLS_IN_ALPHA_INDEX = 5
-
-# In case all classes in a project start with a common prefix, all
-# classes will be put under the same header in the alphabetical index.
-# The IGNORE_PREFIX tag can be used to specify one or more prefixes that
-# should be ignored while generating the index headers.
-
-IGNORE_PREFIX =
-
-#---------------------------------------------------------------------------
-# configuration options related to the HTML output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_HTML tag is set to YES (the default) Doxygen will
-# generate HTML output.
-
-GENERATE_HTML = NO
-
-# The HTML_OUTPUT tag is used to specify where the HTML docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `html' will be used as the default path.
-
-HTML_OUTPUT = html
-
-# The HTML_FILE_EXTENSION tag can be used to specify the file extension for
-# each generated HTML page (for example: .htm,.php,.asp). If it is left blank
-# doxygen will generate files with .html extension.
-
-HTML_FILE_EXTENSION = .html
-
-# The HTML_HEADER tag can be used to specify a personal HTML header for
-# each generated HTML page. If it is left blank doxygen will generate a
-# standard header.
-
-HTML_HEADER =
-
-# The HTML_FOOTER tag can be used to specify a personal HTML footer for
-# each generated HTML page. If it is left blank doxygen will generate a
-# standard footer.
-
-HTML_FOOTER =
-
-# The HTML_STYLESHEET tag can be used to specify a user defined cascading
-# style sheet that is used by each HTML page. It can be used to
-# fine-tune the look of the HTML output. If the tag is left blank doxygen
-# will generate a default style sheet
-
-HTML_STYLESHEET =
-
-# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
-# files or namespaces will be aligned in HTML using tables. If set to
-# NO a bullet list will be used.
-
-HTML_ALIGN_MEMBERS = YES
-
-# If the GENERATE_HTMLHELP tag is set to YES, additional index files
-# will be generated that can be used as input for tools like the
-# Microsoft HTML help workshop to generate a compressed HTML help file (.chm)
-# of the generated HTML documentation.
-
-GENERATE_HTMLHELP = NO
-
-# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can
-# be used to specify the file name of the resulting .chm file. You
-# can add a path in front of the file if the result should not be
-# written to the html output dir.
-
-CHM_FILE =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can
-# be used to specify the location (absolute path including file name) of
-# the HTML help compiler (hhc.exe). If non empty doxygen will try to run
-# the html help compiler on the generated index.hhp.
-
-HHC_LOCATION =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag
-# controls if a separate .chi index file is generated (YES) or that
-# it should be included in the master .chm file (NO).
-
-GENERATE_CHI = NO
-
-# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag
-# controls whether a binary table of contents is generated (YES) or a
-# normal table of contents (NO) in the .chm file.
-
-BINARY_TOC = NO
-
-# The TOC_EXPAND flag can be set to YES to add extra items for group members
-# to the contents of the Html help documentation and to the tree view.
-
-TOC_EXPAND = NO
-
-# The DISABLE_INDEX tag can be used to turn on/off the condensed index at
-# top of each HTML page. The value NO (the default) enables the index and
-# the value YES disables it.
-
-DISABLE_INDEX = NO
-
-# This tag can be used to set the number of enum values (range [1..20])
-# that doxygen will group on one line in the generated HTML documentation.
-
-ENUM_VALUES_PER_LINE = 4
-
-# If the GENERATE_TREEVIEW tag is set to YES, a side panel will be
-# generated containing a tree-like index structure (just like the one that
-# is generated for HTML Help). For this to work a browser that supports
-# JavaScript, DHTML, CSS and frames is required (for instance Mozilla,
-# Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are
-# probably better off using the HTML help feature.
-
-GENERATE_TREEVIEW = NO
-
-# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be
-# used to set the initial width (in pixels) of the frame in which the tree
-# is shown.
-
-TREEVIEW_WIDTH = 250
-
-#---------------------------------------------------------------------------
-# configuration options related to the LaTeX output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will
-# generate Latex output.
-
-GENERATE_LATEX = YES
-
-# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `latex' will be used as the default path.
-
-LATEX_OUTPUT = latex
-
-# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be
-# invoked. If left blank `latex' will be used as the default command name.
-
-LATEX_CMD_NAME = latex
-
-# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to
-# generate index for LaTeX. If left blank `makeindex' will be used as the
-# default command name.
-
-MAKEINDEX_CMD_NAME = makeindex
-
-# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact
-# LaTeX documents. This may be useful for small projects and may help to
-# save some trees in general.
-
-COMPACT_LATEX = NO
-
-# The PAPER_TYPE tag can be used to set the paper type that is used
-# by the printer. Possible values are: a4, a4wide, letter, legal and
-# executive. If left blank a4wide will be used.
-
-PAPER_TYPE = letter
-
-# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX
-# packages that should be included in the LaTeX output.
-
-EXTRA_PACKAGES =
-
-# The LATEX_HEADER tag can be used to specify a personal LaTeX header for
-# the generated latex document. The header should contain everything until
-# the first chapter. If it is left blank doxygen will generate a
-# standard header. Notice: only use this tag if you know what you are doing!
-
-LATEX_HEADER = header.tex
-
-# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
-# is prepared for conversion to pdf (using ps2pdf). The pdf file will
-# contain links (just like the HTML output) instead of page references
-# This makes the output suitable for online browsing using a pdf viewer.
-
-PDF_HYPERLINKS = YES
-
-# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of
-# plain latex in the generated Makefile. Set this option to YES to get a
-# higher quality PDF documentation.
-
-USE_PDFLATEX = YES
-
-# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode.
-# command to the generated LaTeX files. This will instruct LaTeX to keep
-# running if errors occur, instead of asking the user for help.
-# This option is also used when generating formulas in HTML.
-
-LATEX_BATCHMODE = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the RTF output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output
-# The RTF output is optimised for Word 97 and may not look very pretty with
-# other RTF readers or editors.
-
-GENERATE_RTF = NO
-
-# The RTF_OUTPUT tag is used to specify where the RTF docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `rtf' will be used as the default path.
-
-RTF_OUTPUT = rtf
-
-# If the COMPACT_RTF tag is set to YES Doxygen generates more compact
-# RTF documents. This may be useful for small projects and may help to
-# save some trees in general.
-
-COMPACT_RTF = NO
-
-# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated
-# will contain hyperlink fields. The RTF file will
-# contain links (just like the HTML output) instead of page references.
-# This makes the output suitable for online browsing using WORD or other
-# programs which support those fields.
-# Note: wordpad (write) and others do not support links.
-
-RTF_HYPERLINKS = NO
-
-# Load stylesheet definitions from file. Syntax is similar to doxygen's
-# config file, i.e. a series of assigments. You only have to provide
-# replacements, missing definitions are set to their default value.
-
-RTF_STYLESHEET_FILE =
-
-# Set optional variables used in the generation of an rtf document.
-# Syntax is similar to doxygen's config file.
-
-RTF_EXTENSIONS_FILE =
-
-#---------------------------------------------------------------------------
-# configuration options related to the man page output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_MAN tag is set to YES (the default) Doxygen will
-# generate man pages
-
-GENERATE_MAN = NO
-
-# The MAN_OUTPUT tag is used to specify where the man pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `man' will be used as the default path.
-
-MAN_OUTPUT = man
-
-# The MAN_EXTENSION tag determines the extension that is added to
-# the generated man pages (default is the subroutine's section .3)
-
-MAN_EXTENSION = .3
-
-# If the MAN_LINKS tag is set to YES and Doxygen generates man output,
-# then it will generate one additional man file for each entity
-# documented in the real man page(s). These additional files
-# only source the real man page, but without them the man command
-# would be unable to find the correct page. The default is NO.
-
-MAN_LINKS = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the XML output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_XML tag is set to YES Doxygen will
-# generate an XML file that captures the structure of
-# the code including all documentation. Note that this
-# feature is still experimental and incomplete at the
-# moment.
-
-GENERATE_XML = NO
-
-# The XML_SCHEMA tag can be used to specify an XML schema,
-# which can be used by a validating XML parser to check the
-# syntax of the XML files.
-
-XML_SCHEMA =
-
-# The XML_DTD tag can be used to specify an XML DTD,
-# which can be used by a validating XML parser to check the
-# syntax of the XML files.
-
-XML_DTD =
-
-#---------------------------------------------------------------------------
-# configuration options for the AutoGen Definitions output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will
-# generate an AutoGen Definitions (see autogen.sf.net) file
-# that captures the structure of the code including all
-# documentation. Note that this feature is still experimental
-# and incomplete at the moment.
-
-GENERATE_AUTOGEN_DEF = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the Perl module output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_PERLMOD tag is set to YES Doxygen will
-# generate a Perl module file that captures the structure of
-# the code including all documentation. Note that this
-# feature is still experimental and incomplete at the
-# moment.
-
-GENERATE_PERLMOD = NO
-
-# If the PERLMOD_LATEX tag is set to YES Doxygen will generate
-# the necessary Makefile rules, Perl scripts and LaTeX code to be able
-# to generate PDF and DVI output from the Perl module output.
-
-PERLMOD_LATEX = NO
-
-# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be
-# nicely formatted so it can be parsed by a human reader. This is useful
-# if you want to understand what is going on. On the other hand, if this
-# tag is set to NO the size of the Perl module output will be much smaller
-# and Perl will parse it just the same.
-
-PERLMOD_PRETTY = YES
-
-# The names of the make variables in the generated doxyrules.make file
-# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX.
-# This is useful so different doxyrules.make files included by the same
-# Makefile don't overwrite each other's variables.
-
-PERLMOD_MAKEVAR_PREFIX =
-
-#---------------------------------------------------------------------------
-# Configuration options related to the preprocessor
-#---------------------------------------------------------------------------
-
-# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will
-# evaluate all C-preprocessor directives found in the sources and include
-# files.
-
-ENABLE_PREPROCESSING = YES
-
-# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro
-# names in the source code. If set to NO (the default) only conditional
-# compilation will be performed. Macro expansion can be done in a controlled
-# way by setting EXPAND_ONLY_PREDEF to YES.
-
-MACRO_EXPANSION = NO
-
-# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES
-# then the macro expansion is limited to the macros specified with the
-# PREDEFINED and EXPAND_AS_PREDEFINED tags.
-
-EXPAND_ONLY_PREDEF = NO
-
-# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
-# in the INCLUDE_PATH (see below) will be search if a #include is found.
-
-SEARCH_INCLUDES = YES
-
-# The INCLUDE_PATH tag can be used to specify one or more directories that
-# contain include files that are not input files but should be processed by
-# the preprocessor.
-
-INCLUDE_PATH =
-
-# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
-# patterns (like *.h and *.hpp) to filter out the header-files in the
-# directories. If left blank, the patterns specified with FILE_PATTERNS will
-# be used.
-
-INCLUDE_FILE_PATTERNS =
-
-# The PREDEFINED tag can be used to specify one or more macro names that
-# are defined before the preprocessor is started (similar to the -D option of
-# gcc). The argument of the tag is a list of macros of the form: name
-# or name=definition (no spaces). If the definition and the = are
-# omitted =1 is assumed.
-
-PREDEFINED =
-
-# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
-# this tag can be used to specify a list of macro names that should be expanded.
-# The macro definition that is found in the sources will be used.
-# Use the PREDEFINED tag if you want to use a different macro definition.
-
-EXPAND_AS_DEFINED =
-
-# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then
-# doxygen's preprocessor will remove all function-like macros that are alone
-# on a line, have an all uppercase name, and do not end with a semicolon. Such
-# function macros are typically used for boiler-plate code, and will confuse the
-# parser if not removed.
-
-SKIP_FUNCTION_MACROS = YES
-
-#---------------------------------------------------------------------------
-# Configuration::addtions related to external references
-#---------------------------------------------------------------------------
-
-# The TAGFILES tag can be used to specify one or more tagfiles.
-
-TAGFILES =
-
-# When a file name is specified after GENERATE_TAGFILE, doxygen will create
-# a tag file that is based on the input files it reads.
-
-GENERATE_TAGFILE =
-
-# If the ALLEXTERNALS tag is set to YES all external classes will be listed
-# in the class index. If set to NO only the inherited external classes
-# will be listed.
-
-ALLEXTERNALS = NO
-
-# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed
-# in the modules index. If set to NO, only the current project's groups will
-# be listed.
-
-EXTERNAL_GROUPS = YES
-
-# The PERL_PATH should be the absolute path and name of the perl script
-# interpreter (i.e. the result of `which perl').
-
-PERL_PATH = /usr/bin/perl
-
-#---------------------------------------------------------------------------
-# Configuration options related to the dot tool
-#---------------------------------------------------------------------------
-
-# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will
-# generate a inheritance diagram (in Html, RTF and LaTeX) for classes with base or
-# super classes. Setting the tag to NO turns the diagrams off. Note that this
-# option is superceded by the HAVE_DOT option below. This is only a fallback. It is
-# recommended to install and use dot, since it yield more powerful graphs.
-
-CLASS_DIAGRAMS = YES
-
-# If set to YES, the inheritance and collaboration graphs will hide
-# inheritance and usage relations if the target is undocumented
-# or is not a class.
-
-HIDE_UNDOC_RELATIONS = YES
-
-# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is
-# available from the path. This tool is part of Graphviz, a graph visualization
-# toolkit from AT&T and Lucent Bell Labs. The other options in this section
-# have no effect if this option is set to NO (the default)
-
-HAVE_DOT = NO
-
-# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for each documented class showing the direct and
-# indirect inheritance relations. Setting this tag to YES will force the
-# the CLASS_DIAGRAMS tag to NO.
-
-CLASS_GRAPH = YES
-
-# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for each documented class showing the direct and
-# indirect implementation dependencies (inheritance, containment, and
-# class references variables) of the class with other documented classes.
-
-COLLABORATION_GRAPH = YES
-
-# If set to YES, the inheritance and collaboration graphs will show the
-# relations between templates and their instances.
-
-TEMPLATE_RELATIONS = YES
-
-# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT
-# tags are set to YES then doxygen will generate a graph for each documented
-# file showing the direct and indirect include dependencies of the file with
-# other documented files.
-
-INCLUDE_GRAPH = YES
-
-# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and
-# HAVE_DOT tags are set to YES then doxygen will generate a graph for each
-# documented header file showing the documented files that directly or
-# indirectly include this file.
-
-INCLUDED_BY_GRAPH = YES
-
-# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen
-# will graphical hierarchy of all classes instead of a textual one.
-
-GRAPHICAL_HIERARCHY = YES
-
-# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
-# generated by dot. Possible values are png, jpg, or gif
-# If left blank png will be used.
-
-DOT_IMAGE_FORMAT = png
-
-# The tag DOT_PATH can be used to specify the path where the dot tool can be
-# found. If left blank, it is assumed the dot tool can be found on the path.
-
-DOT_PATH =
-
-# The DOTFILE_DIRS tag can be used to specify one or more directories that
-# contain dot files that are included in the documentation (see the
-# \dotfile command).
-
-DOTFILE_DIRS =
-
-# The MAX_DOT_GRAPH_WIDTH tag can be used to set the maximum allowed width
-# (in pixels) of the graphs generated by dot. If a graph becomes larger than
-# this value, doxygen will try to truncate the graph, so that it fits within
-# the specified constraint. Beware that most browsers cannot cope with very
-# large images.
-
-MAX_DOT_GRAPH_WIDTH = 1024
-
-# The MAX_DOT_GRAPH_HEIGHT tag can be used to set the maximum allows height
-# (in pixels) of the graphs generated by dot. If a graph becomes larger than
-# this value, doxygen will try to truncate the graph, so that it fits within
-# the specified constraint. Beware that most browsers cannot cope with very
-# large images.
-
-MAX_DOT_GRAPH_HEIGHT = 1024
-
-# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will
-# generate a legend page explaining the meaning of the various boxes and
-# arrows in the dot generated graphs.
-
-GENERATE_LEGEND = YES
-
-# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will
-# remove the intermedate dot files that are used to generate
-# the various graphs.
-
-DOT_CLEANUP = YES
-
-#---------------------------------------------------------------------------
-# Configuration::addtions related to the search engine
-#---------------------------------------------------------------------------
-
-# The SEARCHENGINE tag specifies whether or not a search engine should be
-# used. If set to NO the values of all tags below this one will be ignored.
-
-SEARCHENGINE = NO
-
-# The CGI_NAME tag should be the name of the CGI script that
-# starts the search engine (doxysearch) with the correct parameters.
-# A script with this name will be generated by doxygen.
-
-CGI_NAME = search.cgi
-
-# The CGI_URL tag should be the absolute URL to the directory where the
-# cgi binaries are located. See the documentation of your http daemon for
-# details.
-
-CGI_URL =
-
-# The DOC_URL tag should be the absolute URL to the directory where the
-# documentation is located. If left blank the absolute path to the
-# documentation, with file:// prepended to it, will be used.
-
-DOC_URL =
-
-# The DOC_ABSPATH tag should be the absolute path to the directory where the
-# documentation is located. If left blank the directory on the local machine
-# will be used.
-
-DOC_ABSPATH =
-
-# The BIN_ABSPATH tag must point to the directory where the doxysearch binary
-# is installed.
-
-BIN_ABSPATH = /usr/local/bin/
-
-# The EXT_DOC_PATHS tag can be used to specify one or more paths to
-# documentation generated for other projects. This allows doxysearch to search
-# the documentation for these projects as well.
-
-EXT_DOC_PATHS =
diff --git a/doc/Makefile b/doc/Makefile
deleted file mode 100644
index d4c0845..0000000
--- a/doc/Makefile
+++ /dev/null
@@ -1,44 +0,0 @@
-# Makefile for libSRTP documentation
-#
-# David A. McGrew
-# Cisco Systems, Inc.
-#
-# This makefile does not use the autoconf system; we don't really need
-# it. We just run doxygen then latex. If you don't have either of
-# these, then there is no way that you can make your own
-# documentation. Of course, you can just go online at pick up the
-# documentation from http://srtp.sourceforge.net.
-
-srcdir = .
-top_srcdir = ..
-top_builddir = ../
-
-
-# Determine the version of the library
-
-version = $(shell cat $(top_srcdir)/VERSION)
-
-
-.PHONY: libsrtpdoc cryptodoc clean
-libsrtpdoc:
- @if test ! -e Doxyfile; then \
- echo "*** Sorry, can't build doc outside source dir"; exit 1; \
- fi
- sed 's/LIBSRTPVERSION/$(version)/' header.template > header.tex
- doxygen
- sed 's/\subsection/\section/' latex/index.tex > latex/index.tmp
- mv latex/index.tmp latex/index.tex
- cd latex; make
- cp latex/refman.pdf libsrtp.pdf
-
-
-cryptodoc: clean
- doxygen crypto.dox
- cd latex; make
- cp latex/refman.pdf crypto.pdf
-
-clean:
- rm -rf latex/ header.tex
- for a in * ; do \
- if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
- done;
diff --git a/doc/Makefile.in b/doc/Makefile.in
deleted file mode 100644
index 5b4b6bd..0000000
--- a/doc/Makefile.in
+++ /dev/null
@@ -1,44 +0,0 @@
-# Makefile for libSRTP documentation
-#
-# David A. McGrew
-# Cisco Systems, Inc.
-#
-# This makefile does not use the autoconf system; we don't really need
-# it. We just run doxygen then latex. If you don't have either of
-# these, then there is no way that you can make your own
-# documentation. Of course, you can just go online at pick up the
-# documentation from http://srtp.sourceforge.net.
-
-srcdir = @srcdir@
-top_srcdir = @top_srcdir@
-top_builddir = @top_builddir@
-VPATH = @srcdir@
-
-# Determine the version of the library
-
-version = $(shell cat $(top_srcdir)/VERSION)
-
-
-.PHONY: libsrtpdoc cryptodoc clean
-libsrtpdoc:
- @if test ! -e Doxyfile; then \
- echo "*** Sorry, can't build doc outside source dir"; exit 1; \
- fi
- sed 's/LIBSRTPVERSION/$(version)/' header.template > header.tex
- doxygen
- sed 's/\subsection/\section/' latex/index.tex > latex/index.tmp
- mv latex/index.tmp latex/index.tex
- cd latex; make
- cp latex/refman.pdf libsrtp.pdf
-
-
-cryptodoc: clean
- doxygen crypto.dox
- cd latex; make
- cp latex/refman.pdf crypto.pdf
-
-clean:
- rm -rf latex/ header.tex
- for a in * ; do \
- if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
- done;
diff --git a/doc/crypto_kernel.txt b/doc/crypto_kernel.txt
deleted file mode 100644
index b0d033f..0000000
--- a/doc/crypto_kernel.txt
+++ /dev/null
@@ -1,76 +0,0 @@
-/**
-
-@defgroup CryptoKernel Cryptographic Kernel
-
-All of the cryptographic functions are contained in a kernel.
-
-*/
-
-/**
-
-@defgroup CipherImplementations Ciphers
-@ingroup CryptoKernel
-
-@brief A generic cipher type enables cipher agility, that is, the
-ability to write code that runs with multiple cipher types.
-Ciphers can be used through the crypto kernel, or can be accessed
-directly, if need be.
-
-@{
-
-*/
-
-/**
- * @brief Allocates a cipher of a particular type.
- * @warning May be implemented as a macro.
- */
-err_status_t
-cipher_type_alloc(cipher_type_t *ctype, cipher_t **cipher,
- unsigned key_len);
-
-/**
- * @brief Initialized a cipher to use a particular key. May
- * be invoked more than once on the same cipher.
- * @warning May be implemented as a macro.
- */
-
-err_status_t
-cipher_init(cipher_t *cipher, const uint8_t *key);
-
-/**
- * @brief Sets the initialization vector of a given cipher.
- * @warning May be implemented as a macro.
- */
-
-err_status_t
-cipher_set_iv(cipher_t *cipher, void *iv);
-
-/**
- * @brief Encrypts a buffer with a given cipher.
- * @warning May be implemented as a macro.
- */
-
-err_status_t
-cipher_encrypt(cipher_t *cipher, void *buf, unsigned int *len);
-
-/**
- * @brief Sets a buffer to the keystream generated by the cipher.
- * @warning May be implemented as a macro.
- */
-err_status_t
-cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output);
-
-/**
- * @brief Deallocates a cipher.
- * @warning May be implemented as a macro.
- */
-err_status_t
-cipher_dealloc(cipher_t *cipher);
-
-
-
-/**
- * @}
- */
-
- */
\ No newline at end of file
diff --git a/doc/draft-irtf-cfrg-icm-00.txt b/doc/draft-irtf-cfrg-icm-00.txt
deleted file mode 100644
index ddfce33..0000000
--- a/doc/draft-irtf-cfrg-icm-00.txt
+++ /dev/null
Binary files differ
diff --git a/doc/header.template b/doc/header.template
deleted file mode 100644
index 2c0b96d..0000000
--- a/doc/header.template
+++ /dev/null
@@ -1,115 +0,0 @@
-% header.tex
-%
-% header file for the libSRTP documentation - based on the header
-% file generated by doxygen, with the initial chapters of the
-% original libSRTP documentation tacked on
-%
-\documentclass[letterpaper]{book}
-\usepackage{makeidx}
-\usepackage{fancyhdr}
-\usepackage{graphicx}
-\usepackage{multicol}
-\usepackage{float}
-\usepackage{textcomp}
-\usepackage{alltt}
-\usepackage{times}
-\usepackage{graphicx}
-\ifx\pdfoutput\undefined
-\usepackage[ps2pdf,
- pagebackref=true,
- colorlinks=true,
- linkcolor=blue
- ]{hyperref}
-\else
-\usepackage[pdftex,
- pagebackref=true,
- colorlinks=true,
- linkcolor=blue
- ]{hyperref}
-\fi
-\usepackage{doxygen}
-\makeindex
-\setcounter{tocdepth}{1}
-\renewcommand{\footrulewidth}{0.4pt}
-
-% these lengths are from DAM
-\textwidth = 6.5 in
-%\textheight = 9 in
-\oddsidemargin = 0.0 in
-\evensidemargin = 0.0 in
-\topmargin = 0.0 in
-\headheight = 0.0 in
-%\headsep = 0.0 in
-\parskip = 0.2in
-\parindent = 0.0in
-
-% these header and footer definitions from DAM
-\lhead{libSRTP}
-\chead{}
-\rhead{\rightmark}
-%\rhead{\slshape }
-\lfoot{}
-\cfoot{ \thepage }
-\rfoot{}
-%\fancyhead[LE,RO]{\rightmark }
-%\fancyhead[LO,RE]{\slshape }
-
-% let's use the palatino font
-\fontfamily{ppl}
-\selectfont
-
-
-\begin{document}
-\begin{titlepage}
-\vspace*{4cm}
-%\begin{center}
-{\Huge
-libSRTP LIBSRTPVERSION Overview and Reference Manual\\
- \hrulefill
-}\\
-\vspace*{0cm}
-\begin{flushright}
-{\Large David A. McGrew \\ \texttt{mcgrew@cisco.com} }\\
-\vspace*{0.5cm}
-\end{flushright}
-%\end{center}
-
-%\includegraphics[scale=.8]{phone}
-
-\end{titlepage}
-
-
-\clearemptydoublepage
-\vspace*{3cm}
-{\LARGE Preface}
-\vspace{1cm}
-
-The original implementation and documentation of libSRTP was written
-by David McGrew of Cisco Systems, Inc. in order to promote the use,
-understanding, and interoperability of Secure RTP. Michael Jerris
-contributed support for building under MSVC. Andris Pavenis
-contributed many important fixes. Brian West contributed changes to
-enable dynamic linking. Yves Shumann reported documentation bugs.
-Randell Jesup contributed a working SRTCP implementation and other
-fixes. Alex Vanzella and Will Clark contributed changes so that the
-AES ICM implementation can be used for ISMA media encryption. Steve
-Underwood contributed x86\_64 portability changes. We also give
-thanks to Fredrik Thulin, Brian Weis, Mark Baugher, Jeff Chan, Bill
-Simon, Douglas Smith, Bill May, Richard Preistley, Joe Tardo and
-others for contributions, comments, and corrections.
-
-This reference material in this documenation was generated using the
-\texttt{doxygen} utility for automatic documentation of source code.
-
-\copyright 2001-2005 by David A. McGrew, Cisco Systems, Inc.
-\thispagestyle{empty}
-
-\clearemptydoublepage
-\pagenumbering{roman}
-\tableofcontents
-%\clearemptydoublepage
-
-\clearemptydoublepage
-\pagenumbering{arabic}
-
-
diff --git a/doc/intro.txt b/doc/intro.txt
deleted file mode 100644
index f315599..0000000
--- a/doc/intro.txt
+++ /dev/null
@@ -1,395 +0,0 @@
-/**
-
-@mainpage Introduction to libSRTP
-
-This document describes libSRTP, the Open Source Secure RTP library
-from Cisco Systems, Inc. RTP is the Real-time Transport Protocol, an
-IETF standard for the transport of real-time data such as telephony,
-audio, and video, defined by RFC1889. Secure RTP (SRTP) is an RTP
-profile for providing confidentiality to RTP data and authentication
-to the RTP header and payload. SRTP is an IETF Proposed Standard, and
-is defined in RFC 3711, and was developed in the IETF Audio/Video
-Transport (AVT) Working Group. This library supports all of the
-mandatory features of SRTP, but not all of the optional features. See
-the @ref Features section for more detailed information.
-
-This document is organized as follows. The first chapter provides
-background material on SRTP and overview of libSRTP. The following
-chapters provide a detailed reference to the libSRTP API and related
-functions. The reference material is created automatically (using the
-doxygen utility) from comments embedded in some of the C header
-files. The documentation is organized into modules in order to improve
-its clarity. These modules do not directly correspond to files. An
-underlying cryptographic kernel provides much of the basic
-functionality of libSRTP, but is mostly undocumented because it does
-its work behind the scenes.
-
-@section LICENSE License and Disclaimer
-
-libSRTP is distributed under the following license, which is included
-in the source code distribution. It is reproduced in the manual in
-case you got the library from another source.
-
-@latexonly
-\begin{quote}
-Copyright (c) 2001-2005 Cisco Systems, Inc. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-\begin{itemize}
-\item Redistributions of source code must retain the above copyright
- notice, this list of conditions and the following disclaimer.
-\item Redistributions in binary form must reproduce the above
- copyright notice, this list of conditions and the following
- disclaimer in the documentation and/or other materials provided
- with the distribution.
-\item Neither the name of the Cisco Systems, Inc. nor the names of its
- contributors may be used to endorse or promote products derived
- from this software without specific prior written permission.
-\end{itemize}
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
-INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-OF THE POSSIBILITY OF SUCH DAMAGE.
-\end{quote}
-@endlatexonly
-
-@section Features Supported Features
-
-This library supports all of the mandatory-to-implement features of
-SRTP (as defined by the most recent Internet Draft). Some of these
-features can be selected (or de-selected) at run time by setting an
-appropriate policy; this is done using the structure srtp_policy_t.
-Some other behaviors of the protocol can be adapted by defining an
-approriate event handler for the exceptional events; see the @ref
-SRTPevents section.
-
-Some options that are not included in the specification are supported.
-Most notably, the TMMH authentication function is included, though it
-was removed from the SRTP Internet Draft during the summer of 2002.
-
-
-@latexonly
-Some options that are described in the SRTP specification are not
-supported. This includes
-\begin{itemize}
-\item the Master Key Index (MKI),
-\item key derivation rates other than zero,
-\item the cipher F8,
-\item anti-replay lists with sizes other than 128,
-\item the use of the packet index to select between master keys.
-\end{itemize}
-@endlatexonly
-
-The user should be aware that it is possible to misuse this libary,
-and that the result may be that the security level it provides is
-inadequate. If you are implementing a feature using this library, you
-will want to read the Security Considerations section of the Internet
-Draft. In addition, it is important that you read and understand the
-terms outlined in the @ref LICENSE section.
-
-
-@section Installing Installing and Building libSRTP
-
-@latexonly
-
-To install libSRTP, download the latest release of the distribution
-from \texttt{srtp.sourceforge.net}. The format of the names of the
-distributions are \texttt{srtp-A.B.C.tgz}, where \texttt{A} is the
-version number, \texttt{B} is the major release number, \texttt{C} is
-the minor release number, and \texttt{tgz} is the file
-extension\footnote{The extension \texttt{.tgz} is identical to
-\texttt{tar.gz}, and indicates a compressed tar file.} You probably
-want to get the most recent release. Unpack the distribution and
-extract the source files; the directory into which the soruce files
-will go is named \texttt{srtp}.
-
-libSRTP uses the GNU \texttt{autoconf} and \texttt{make}
-utilities\footnote{BSD make will not work; if both versions of make
-are on your platform, you can invoke GNU make as \texttt{gmake}.}. In
-the \texttt{srtp} directory, run the configure script and then make:
-\begin{verbatim}
- ./configure [ options ]
- make
-\end{verbatim}
-The configure script accepts the following options:
-\begin{quote}
-\begin{description}
-\item[--help] provides a usage summary.
-\item[--disable-debug] compiles libSRTP without the runtime
- dynamic debugging system.
-\item[--enable-generic-aesicm] compile in changes for ismacryp
-\item[--enable-syslog] use syslog for error reporting.
-\item[--disable-stdout] diables stdout for error reporting.
-\item[--enable-console] use \texttt{/dev/console} for error reporting
-\item[--gdoi] use GDOI key management (disabled at present).
-\end{description}
-\end{quote}
-
-By default, dynamic debbuging is enabled and stdout is used for
-debugging. You can use the configure options to have the debugging
-output sent to syslog or the system console. Alternatively, you can
-define ERR\_REPORTING\_FILE in \texttt{include/conf.h} to be any other
-file that can be opened by libSRTP, and debug messages will be sent to
-it.
-
-This package has been tested on the following platforms: Mac OS X
-(powerpc-apple-darwin1.4), Cygwin (i686-pc-cygwin), Solaris
-(sparc-sun-solaris2.6), RedHat Linux 7.1 and 9 (i686-pc-linux), and
-OpenBSD (sparc-unknown-openbsd2.7).
-
-
-@endlatexonly
-
-@section Applications Applications
-
-@latexonly
-
-Several test drivers and a simple and portable srtp application are
-included in the \texttt{test/} subdirectory.
-
-\begin{center}
-\begin{tabular}{ll}
-\hline
-Test driver & Function tested \\
-\hline
-kernel\_driver & crypto kernel (ciphers, auth funcs, rng) \\
-srtp\_driver & srtp in-memory tests (does not use the network) \\
-rdbx\_driver & rdbx (extended replay database) \\
-roc\_driver & extended sequence number functions \\
-replay\_driver & replay database \\
-cipher\_driver & ciphers \\
-auth\_driver & hash functions \\
-\hline
-\end{tabular}
-\end{center}
-
-The app rtpw is a simple rtp application which reads words from
-/usr/dict/words and then sends them out one at a time using [s]rtp.
-Manual srtp keying uses the -k option; automated key management
-using gdoi will be added later.
-
-The usage for rtpw is
-
-\texttt{rtpw [[-d $<$debug$>$]* [-k $<$key$>$ [-a][-e]] [-s | -r] dest\_ip
-dest\_port][-l]}
-
-Either the -s (sender) or -r (receiver) option must be chosen. The
-values dest\_ip, dest\_port are the IP address and UDP port to which
-the dictionary will be sent, respectively. The options are:
-\begin{center}
-\begin{tabular}{ll}
- -s & (S)RTP sender - causes app to send words \\
- -r & (S)RTP receive - causes app to receve words \\
- -k $<$key$>$ & use SRTP master key $<$key$>$, where the
- key is a hexadecimal value (without the
- leading "0x") \\
- -e & encrypt/decrypt (for data confidentiality)
- (requires use of -k option as well)\\
- -a & message authentication
- (requires use of -k option as well) \\
- -l & list the avaliable debug modules \\
- -d $<$debug$>$ & turn on debugging for module $<$debug$>$ \\
-\end{tabular}
-\end{center}
-
-In order to get a random 30-byte value for use as a key/salt pair, you
-can use the \texttt{rand\_gen} utility in the \texttt{test/}
-subdirectory.
-
-An example of an SRTP session using two rtpw programs follows:
-
-\begin{verbatim}
-[sh1] set k=`test/rand_gen -n 30`
-[sh1] echo $k
-c1eec3717da76195bb878578790af71c4ee9f859e197a414a78d5abc7451
-[sh1]$ test/rtpw -s -k $k -ea 0.0.0.0 9999
-Security services: confidentiality message authentication
-set master key/salt to C1EEC3717DA76195BB878578790AF71C/4EE9F859E197A414A78D5ABC7451
-setting SSRC to 2078917053
-sending word: A
-sending word: a
-sending word: aa
-sending word: aal
-sending word: aalii
-sending word: aam
-sending word: Aani
-sending word: aardvark
-...
-
-[sh2] set k=c1eec3717da76195bb878578790af71c4ee9f859e197a414a78d5abc7451
-[sh2]$ test/rtpw -r -k $k -ea 0.0.0.0 9999
-security services: confidentiality message authentication
-set master key/salt to C1EEC3717DA76195BB878578790AF71C/4EE9F859E197A414A78D5ABC7451
-19 octets received from SSRC 2078917053 word: A
-19 octets received from SSRC 2078917053 word: a
-20 octets received from SSRC 2078917053 word: aa
-21 octets received from SSRC 2078917053 word: aal
-...
-\end{verbatim}
-
-
-@endlatexonly
-
-
-@section Review Secure RTP Background
-
-In this section we review SRTP and introduce some terms that are used
-in libSRTP. An RTP session is defined by a pair of destination
-transport addresses, that is, a network address plus a pair of UDP
-ports for RTP and RTCP. RTCP, the RTP control protocol, is used to
-coordinate between the participants in an RTP session, e.g. to provide
-feedback from receivers to senders. An @e SRTP @e session is
-similarly defined; it is just an RTP session for which the SRTP
-profile is being used. An SRTP session consists of the traffic sent
-to the SRTP or SRTCP destination transport addresses. Each
-participant in a session is identified by a synchronization source
-(SSRC) identifier. Some participants may not send any SRTP traffic;
-they are called receivers, even though they send out SRTCP traffic,
-such as receiver reports.
-
-RTP allows multiple sources to send RTP and RTCP traffic during the
-same session. The synchronization source identifier (SSRC) is used to
-distinguish these sources. In libSRTP, we call the SRTP and SRTCP
-traffic from a particular source a @e stream. Each stream has its own
-SSRC, sequence number, rollover counter, and other data. A particular
-choice of options, cryptographic mechanisms, and keys is called a @e
-policy. Each stream within a session can have a distinct policy
-applied to it. A session policy is a collection of stream policies.
-
-A single policy can be used for all of the streams in a given session,
-though the case in which a single @e key is shared across multiple
-streams requires care. When key sharing is used, the SSRC values that
-identify the streams @b must be distinct. This requirement can be
-enforced by using the convention that each SRTP and SRTCP key is used
-for encryption by only a single sender. In other words, the key is
-shared only across streams that originate from a particular device (of
-course, other SRTP participants will need to use the key for
-decryption). libSRTP supports this enforcement by detecting the case
-in which a key is used for both inbound and outbound data.
-
-
-@section Overview libSRTP Overview
-
-libSRTP provides functions for protecting RTP and RTCP. RTP packets
-can be encrypted and authenticated (using the srtp_protect()
-function), turning them into SRTP packets. Similarly, SRTP packets
-can be decrypted and have their authentication verified (using the
-srtp_unprotect() function), turning them into RTP packets. Similar
-functions apply security to RTCP packets.
-
-The typedef srtp_stream_t points to a structure holding all of the
-state associated with an SRTP stream, including the keys and
-parameters for cipher and message authentication functions and the
-anti-replay data. A particular srtp_stream_t holds the information
-needed to protect a particular RTP and RTCP stream. This datatype
-is intentionally opaque in order to better seperate the libSRTP
-API from its implementation.
-
-Within an SRTP session, there can be multiple streams, each
-originating from a particular sender. Each source uses a distinct
-stream context to protect the RTP and RTCP stream that it is
-originating. The typedef srtp_t points to a structure holding all of
-the state associated with an SRTP session. There can be multiple
-stream contexts associated with a single srtp_t. A stream context
-cannot exist indepent from an srtp_t, though of course an srtp_t can
-be created that contains only a single stream context. A device
-participating in an SRTP session must have a stream context for each
-source in that session, so that it can process the data that it
-receives from each sender.
-
-
-In libSRTP, a session is created using the function srtp_create().
-The policy to be implemented in the session is passed into this
-function as an srtp_policy_t structure. A single one of these
-structures describes the policy of a single stream. These structures
-can also be linked together to form an entire session policy. A linked
-list of srtp_policy_t structures is equivalent to a session policy.
-In such a policy, we refer to a single srtp_policy_t as an @e element.
-
-An srtp_policy_t strucutre contains two crypto_policy_t structures
-that describe the cryptograhic policies for RTP and RTCP, as well as
-the SRTP master key and the SSRC value. The SSRC describes what to
-protect (e.g. which stream), and the crypto_policy_t structures
-describe how to protect it. The key is contained in a policy element
-because it simplifies the interface to the library. In many cases, it
-is desirable to use the same cryptographic policies across all of the
-streams in a session, but to use a distinct key for each stream. A
-crypto_policy_t structure can be initialized by using either the
-crypto_policy_set_rtp_default() or crypto_policy_set_rtcp_default()
-functions, which set a crypto policy structure to the default policies
-for RTP and RTCP protection, respectively.
-
-@section Example Example Code
-
-This section provides a simple example of how to use libSRTP. The
-example code lacks error checking, but is functional. Here we assume
-that the value ssrc is already set to describe the SSRC of the stream
-that we are sending, and that the functions get_rtp_packet() and
-send_srtp_packet() are available to us. The former puts an RTP packet
-into the buffer and returns the number of octets written to that
-buffer. The latter sends the RTP packet in the buffer, given the
-length as its second argument.
-
-@verbatim
- srtp_t session;
- srtp_policy_t policy;
- uint8_t key[30];
-
- // initialize libSRTP
- srtp_init();
-
- // set policy to describe a policy for an SRTP stream
- crypto_policy_set_rtp_default(&policy.rtp);
- crypto_policy_set_rtcp_default(&policy.rtcp);
- policy.ssrc = ssrc;
- policy.key = key;
- policy.next = NULL;
-
- // set key to random value
- crypto_get_random(key, 30);
-
- // allocate and initialize the SRTP session
- srtp_create(&session, policy);
-
- // main loop: get rtp packets, send srtp packets
- while (1) {
- char rtp_buffer[2048];
- unsigned len;
-
- len = get_rtp_packet(rtp_buffer);
- srtp_protect(session, rtp_buffer, &len);
- send_srtp_packet(rtp_buffer, len);
- }
-@endverbatim
-
-@section ISMAcryp ISMA Encryption Support
-
-The Internet Streaming Media Alliance (ISMA) specifies a way
-to pre-encrypt a media file prior to streaming. This method
-is an alternative to SRTP encryption, which is potentially
-useful when a particular media file will be streamed
-multiple times. The specification is available online
-at http://www.isma.tv/specreq.nsf/SpecRequest.
-
-libSRTP provides the encryption and decryption functions needed for ISMAcryp
-in the library @t libaesicm.a, which is included in the default
-Makefile target. This library is used by the MPEG4IP project; see
-http://mpeg4ip.sourceforge.net/.
-
-Note that ISMAcryp does not provide authentication for
-RTP nor RTCP, nor confidentiality for RTCP.
-ISMAcryp RECOMMENDS the use of SRTP message authentication for ISMAcryp
-streams while using ISMAcryp encryption to protect the media itself.
-
-
- */
diff --git a/doc/libsrtp.pdf b/doc/libsrtp.pdf
deleted file mode 100644
index 99ddff1..0000000
--- a/doc/libsrtp.pdf
+++ /dev/null
Binary files differ
diff --git a/doc/references.txt b/doc/references.txt
deleted file mode 100644
index 2ec9d43..0000000
--- a/doc/references.txt
+++ /dev/null
@@ -1,21 +0,0 @@
-SRTP and ICM References
-September, 2005
-
-This document provides references for the various cryptographic
-functions used in libSRTP and libaesicm.
-
-Secure RTP is defined in RFC 3711, which is included in this
-distribution for convenience. The counter mode definition is in
-Section 4.1.1 of the SRTP draft.
-
-SHA-1 is defined in FIPS-180-1, available online at the NIST website.
-
-HMAC is defined in RFC2104, and HMAC-SHA1 test vectors are available
-in RFC2202, which are available online at http://www.ietf.org/rfc/
-
-ICM is defined by draft-irtf-cfrg-icm-00.txt, and its application in
-ISMAcryp (the Internet Streaming Media Alliance 1.0 Encryption and
-Authentication) is defined in that specification. It is available
-from http://www.isma.tv/.
-
-
diff --git a/doc/rfc3711.txt b/doc/rfc3711.txt
deleted file mode 100644
index ecc0648..0000000
--- a/doc/rfc3711.txt
+++ /dev/null
@@ -1,3139 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. Baugher
-Request for Comments: 3711 D. McGrew
-Category: Standards Track Cisco Systems, Inc.
- M. Naslund
- E. Carrara
- K. Norrman
- Ericsson Research
- March 2004
-
-
- The Secure Real-time Transport Protocol (SRTP)
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2004). All Rights Reserved.
-
-Abstract
-
- This document describes the Secure Real-time Transport Protocol
- (SRTP), a profile of the Real-time Transport Protocol (RTP), which
- can provide confidentiality, message authentication, and replay
- protection to the RTP traffic and to the control traffic for RTP, the
- Real-time Transport Control Protocol (RTCP).
-
-Table of Contents
-
- 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
- 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 3
- 2. Goals and Features . . . . . . . . . . . . . . . . . . . . . . 4
- 2.1. Features . . . . . . . . . . . . . . . . . . . . . . . . 5
- 3. SRTP Framework . . . . . . . . . . . . . . . . . . . . . . . . 5
- 3.1. Secure RTP . . . . . . . . . . . . . . . . . . . . . . . 6
- 3.2. SRTP Cryptographic Contexts. . . . . . . . . . . . . . . 7
- 3.2.1. Transform-independent parameters . . . . . . . . 8
- 3.2.2. Transform-dependent parameters . . . . . . . . . 10
- 3.2.3. Mapping SRTP Packets to Cryptographic Contexts . 10
- 3.3. SRTP Packet Processing . . . . . . . . . . . . . . . . . 11
- 3.3.1. Packet Index Determination, and ROC, s_l Update. 13
- 3.3.2. Replay Protection. . . . . . . . . . . . . . . . 15
- 3.4. Secure RTCP . . . . . . . . . . . . . . . . . . . . . . . 15
-
-
-
-Baugher, et al. Standards Track [Page 1]
-
-RFC 3711 SRTP March 2004
-
-
- 4. Pre-Defined Cryptographic Transforms . . . . . . . . . . . . . 19
- 4.1. Encryption . . . . . . . . . . . . . . . . . . . . . . . 19
- 4.1.1. AES in Counter Mode. . . . . . . . . . . . . . . 21
- 4.1.2. AES in f8-mode . . . . . . . . . . . . . . . . . 22
- 4.1.3. NULL Cipher. . . . . . . . . . . . . . . . . . . 25
- 4.2. Message Authentication and Integrity . . . . . . . . . . 25
- 4.2.1. HMAC-SHA1. . . . . . . . . . . . . . . . . . . . 25
- 4.3. Key Derivation . . . . . . . . . . . . . . . . . . . . . 26
- 4.3.1. Key Derivation Algorithm . . . . . . . . . . . . 26
- 4.3.2. SRTCP Key Derivation . . . . . . . . . . . . . . 28
- 4.3.3. AES-CM PRF . . . . . . . . . . . . . . . . . . . 28
- 5. Default and mandatory-to-implement Transforms. . . . . . . . . 28
- 5.1. Encryption: AES-CM and NULL. . . . . . . . . . . . . . . 29
- 5.2. Message Authentication/Integrity: HMAC-SHA1. . . . . . . 29
- 5.3. Key Derivation: AES-CM PRF . . . . . . . . . . . . . . . 29
- 6. Adding SRTP Transforms . . . . . . . . . . . . . . . . . . . . 29
- 7. Rationale. . . . . . . . . . . . . . . . . . . . . . . . . . . 30
- 7.1. Key derivation . . . . . . . . . . . . . . . . . . . . . 30
- 7.2. Salting key. . . . . . . . . . . . . . . . . . . . . . . 30
- 7.3. Message Integrity from Universal Hashing . . . . . . . . 31
- 7.4. Data Origin Authentication Considerations. . . . . . . . 31
- 7.5. Short and Zero-length Message Authentication . . . . . . 32
- 8. Key Management Considerations. . . . . . . . . . . . . . . . . 33
- 8.1. Re-keying . . . . . . . . . . . . . . . . . . . . . . . 34
- 8.1.1. Use of the <From, To> for re-keying. . . . . . . 34
- 8.2. Key Management parameters. . . . . . . . . . . . . . . . 35
- 9. Security Considerations. . . . . . . . . . . . . . . . . . . . 37
- 9.1. SSRC collision and two-time pad. . . . . . . . . . . . . 37
- 9.2. Key Usage. . . . . . . . . . . . . . . . . . . . . . . . 38
- 9.3. Confidentiality of the RTP Payload . . . . . . . . . . . 39
- 9.4. Confidentiality of the RTP Header. . . . . . . . . . . . 40
- 9.5. Integrity of the RTP payload and header. . . . . . . . . 40
- 9.5.1. Risks of Weak or Null Message Authentication. . . 42
- 9.5.2. Implicit Header Authentication . . . . . . . . . 43
- 10. Interaction with Forward Error Correction mechanisms. . . . . 43
- 11. Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . 43
- 11.1. Unicast. . . . . . . . . . . . . . . . . . . . . . . . . 43
- 11.2. Multicast (one sender) . . . . . . . . . . . . . . . . . 44
- 11.3. Re-keying and access control . . . . . . . . . . . . . . 45
- 11.4. Summary of basic scenarios . . . . . . . . . . . . . . . 46
- 12. IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 46
- 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 47
- 14. References . . . . . . . . . . . . . . . . . . . . . . . . . . 47
- 14.1. Normative References . . . . . . . . . . . . . . . . . . 47
- 14.2. Informative References . . . . . . . . . . . . . . . . . 48
- Appendix A: Pseudocode for Index Determination . . . . . . . . . . 51
- Appendix B: Test Vectors . . . . . . . . . . . . . . . . . . . . . 51
- B.1. AES-f8 Test Vectors. . . . . . . . . . . . . . . . . . . 51
-
-
-
-Baugher, et al. Standards Track [Page 2]
-
-RFC 3711 SRTP March 2004
-
-
- B.2. AES-CM Test Vectors. . . . . . . . . . . . . . . . . . . 52
- B.3. Key Derivation Test Vectors. . . . . . . . . . . . . . . 53
- Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 55
- Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 56
-
-1. Introduction
-
- This document describes the Secure Real-time Transport Protocol
- (SRTP), a profile of the Real-time Transport Protocol (RTP), which
- can provide confidentiality, message authentication, and replay
- protection to the RTP traffic and to the control traffic for RTP,
- RTCP (the Real-time Transport Control Protocol) [RFC3350].
-
- SRTP provides a framework for encryption and message authentication
- of RTP and RTCP streams (Section 3). SRTP defines a set of default
- cryptographic transforms (Sections 4 and 5), and it allows new
- transforms to be introduced in the future (Section 6). With
- appropriate key management (Sections 7 and 8), SRTP is secure
- (Sections 9) for unicast and multicast RTP applications (Section 11).
-
- SRTP can achieve high throughput and low packet expansion. SRTP
- proves to be a suitable protection for heterogeneous environments
- (mix of wired and wireless networks). To get such features, default
- transforms are described, based on an additive stream cipher for
- encryption, a keyed-hash based function for message authentication,
- and an "implicit" index for sequencing/synchronization based on the
- RTP sequence number for SRTP and an index number for Secure RTCP
- (SRTCP).
-
-1.1. Notational Conventions
-
- The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [RFC2119]. The
- terminology conforms to [RFC2828] with the following exception. For
- simplicity we use the term "random" throughout the document to denote
- randomly or pseudo-randomly generated values. Large amounts of
- random bits may be difficult to obtain, and for the security of SRTP,
- pseudo-randomness is sufficient [RFC1750].
-
- By convention, the adopted representation is the network byte order,
- i.e., the left most bit (octet) is the most significant one. By XOR
- we mean bitwise addition modulo 2 of binary strings, and || denotes
- concatenation. In other words, if C = A || B, then the most
- significant bits of C are the bits of A, and the least significant
- bits of C equal the bits of B. Hexadecimal numbers are prefixed by
- 0x.
-
-
-
-
-Baugher, et al. Standards Track [Page 3]
-
-RFC 3711 SRTP March 2004
-
-
- The word "encryption" includes also use of the NULL algorithm (which
- in practice does leave the data in the clear).
-
- With slight abuse of notation, we use the terms "message
- authentication" and "authentication tag" as is common practice, even
- though in some circumstances, e.g., group communication, the service
- provided is actually only integrity protection and not data origin
- authentication.
-
-2. Goals and Features
-
- The security goals for SRTP are to ensure:
-
- * the confidentiality of the RTP and RTCP payloads, and
-
- * the integrity of the entire RTP and RTCP packets, together with
- protection against replayed packets.
-
- These security services are optional and independent from each other,
- except that SRTCP integrity protection is mandatory (malicious or
- erroneous alteration of RTCP messages could otherwise disrupt the
- processing of the RTP stream).
-
- Other, functional, goals for the protocol are:
-
- * a framework that permits upgrading with new cryptographic
- transforms,
-
- * low bandwidth cost, i.e., a framework preserving RTP header
- compression efficiency,
-
- and, asserted by the pre-defined transforms:
-
- * a low computational cost,
-
- * a small footprint (i.e., small code size and data memory for
- keying information and replay lists),
-
- * limited packet expansion to support the bandwidth economy goal,
-
- * independence from the underlying transport, network, and physical
- layers used by RTP, in particular high tolerance to packet loss
- and re-ordering.
-
- These properties ensure that SRTP is a suitable protection scheme for
- RTP/RTCP in both wired and wireless scenarios.
-
-
-
-
-
-Baugher, et al. Standards Track [Page 4]
-
-RFC 3711 SRTP March 2004
-
-
-2.1. Features
-
- Besides the above mentioned direct goals, SRTP provides for some
- additional features. They have been introduced to lighten the burden
- on key management and to further increase security. They include:
-
- * A single "master key" can provide keying material for
- confidentiality and integrity protection, both for the SRTP stream
- and the corresponding SRTCP stream. This is achieved with a key
- derivation function (see Section 4.3), providing "session keys"
- for the respective security primitive, securely derived from the
- master key.
-
- * In addition, the key derivation can be configured to periodically
- refresh the session keys, which limits the amount of ciphertext
- produced by a fixed key, available for an adversary to
- cryptanalyze.
-
- * "Salting keys" are used to protect against pre-computation and
- time-memory tradeoff attacks [MF00] [BS00].
-
- Detailed rationale for these features can be found in Section 7.
-
-3. SRTP Framework
-
- RTP is the Real-time Transport Protocol [RFC3550]. We define SRTP as
- a profile of RTP. This profile is an extension to the RTP
- Audio/Video Profile [RFC3551]. Except where explicitly noted, all
- aspects of that profile apply, with the addition of the SRTP security
- features. Conceptually, we consider SRTP to be a "bump in the stack"
- implementation which resides between the RTP application and the
- transport layer. SRTP intercepts RTP packets and then forwards an
- equivalent SRTP packet on the sending side, and intercepts SRTP
- packets and passes an equivalent RTP packet up the stack on the
- receiving side.
-
- Secure RTCP (SRTCP) provides the same security services to RTCP as
- SRTP does to RTP. SRTCP message authentication is MANDATORY and
- thereby protects the RTCP fields to keep track of membership, provide
- feedback to RTP senders, or maintain packet sequence counters. SRTCP
- is described in Section 3.4.
-
-
-
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 5]
-
-RFC 3711 SRTP March 2004
-
-
-3.1. Secure RTP
-
- The format of an SRTP packet is illustrated in Figure 1.
-
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<+
- |V=2|P|X| CC |M| PT | sequence number | |
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | timestamp | |
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | synchronization source (SSRC) identifier | |
- +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |
- | contributing source (CSRC) identifiers | |
- | .... | |
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | RTP extension (OPTIONAL) | |
- +>+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | | payload ... | |
- | | +-------------------------------+ |
- | | | RTP padding | RTP pad count | |
- +>+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<+
- | ~ SRTP MKI (OPTIONAL) ~ |
- | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | : authentication tag (RECOMMENDED) : |
- | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | |
- +- Encrypted Portion* Authenticated Portion ---+
-
- Figure 1. The format of an SRTP packet. *Encrypted Portion is the
- same size as the plaintext for the Section 4 pre-defined transforms.
-
- The "Encrypted Portion" of an SRTP packet consists of the encryption
- of the RTP payload (including RTP padding when present) of the
- equivalent RTP packet. The Encrypted Portion MAY be the exact size
- of the plaintext or MAY be larger. Figure 1 shows the RTP payload
- including any possible padding for RTP [RFC3550].
-
- None of the pre-defined encryption transforms uses any padding; for
- these, the RTP and SRTP payload sizes match exactly. New transforms
- added to SRTP (following Section 6) may require padding, and may
- hence produce larger payloads. RTP provides its own padding format
- (as seen in Fig. 1), which due to the padding indicator in the RTP
- header has merits in terms of compactness relative to paddings using
- prefix-free codes. This RTP padding SHALL be the default method for
- transforms requiring padding. Transforms MAY specify other padding
- methods, and MUST then specify the amount, format, and processing of
- their padding. It is important to note that encryption transforms
-
-
-
-Baugher, et al. Standards Track [Page 6]
-
-RFC 3711 SRTP March 2004
-
-
- that use padding are vulnerable to subtle attacks, especially when
- message authentication is not used [V02]. Each specification for a
- new encryption transform needs to carefully consider and describe the
- security implications of the padding that it uses. Message
- authentication codes define their own padding, so this default does
- not apply to authentication transforms.
-
- The OPTIONAL MKI and the RECOMMENDED authentication tag are the only
- fields defined by SRTP that are not in RTP. Only 8-bit alignment is
- assumed.
-
- MKI (Master Key Identifier): configurable length, OPTIONAL. The
- MKI is defined, signaled, and used by key management. The
- MKI identifies the master key from which the session
- key(s) were derived that authenticate and/or encrypt the
- particular packet. Note that the MKI SHALL NOT identify
- the SRTP cryptographic context, which is identified
- according to Section 3.2.3. The MKI MAY be used by key
- management for the purposes of re-keying, identifying a
- particular master key within the cryptographic context
- (Section 3.2.1).
-
- Authentication tag: configurable length, RECOMMENDED. The
- authentication tag is used to carry message authentication
- data. The Authenticated Portion of an SRTP packet
- consists of the RTP header followed by the Encrypted
- Portion of the SRTP packet. Thus, if both encryption and
- authentication are applied, encryption SHALL be applied
- before authentication on the sender side and conversely on
- the receiver side. The authentication tag provides
- authentication of the RTP header and payload, and it
- indirectly provides replay protection by authenticating
- the sequence number. Note that the MKI is not integrity
- protected as this does not provide any extra protection.
-
-3.2. SRTP Cryptographic Contexts
-
- Each SRTP stream requires the sender and receiver to maintain
- cryptographic state information. This information is called the
- "cryptographic context".
-
- SRTP uses two types of keys: session keys and master keys. By a
- "session key", we mean a key which is used directly in a
- cryptographic transform (e.g., encryption or message authentication),
- and by a "master key", we mean a random bit string (given by the key
- management protocol) from which session keys are derived in a
-
-
-
-
-
-Baugher, et al. Standards Track [Page 7]
-
-RFC 3711 SRTP March 2004
-
-
- cryptographically secure way. The master key(s) and other parameters
- in the cryptographic context are provided by key management
- mechanisms external to SRTP, see Section 8.
-
-3.2.1. Transform-independent parameters
-
- Transform-independent parameters are present in the cryptographic
- context independently of the particular encryption or authentication
- transforms that are used. The transform-independent parameters of
- the cryptographic context for SRTP consist of:
-
- * a 32-bit unsigned rollover counter (ROC), which records how many
- times the 16-bit RTP sequence number has been reset to zero after
- passing through 65,535. Unlike the sequence number (SEQ), which
- SRTP extracts from the RTP packet header, the ROC is maintained by
- SRTP as described in Section 3.3.1.
-
- We define the index of the SRTP packet corresponding to a given
- ROC and RTP sequence number to be the 48-bit quantity
-
- i = 2^16 * ROC + SEQ.
-
- * for the receiver only, a 16-bit sequence number s_l, which can be
- thought of as the highest received RTP sequence number (see
- Section 3.3.1 for its handling), which SHOULD be authenticated
- since message authentication is RECOMMENDED,
-
- * an identifier for the encryption algorithm, i.e., the cipher and
- its mode of operation,
-
- * an identifier for the message authentication algorithm,
-
- * a replay list, maintained by the receiver only (when
- authentication and replay protection are provided), containing
- indices of recently received and authenticated SRTP packets,
-
- * an MKI indicator (0/1) as to whether an MKI is present in SRTP and
- SRTCP packets,
-
- * if the MKI indicator is set to one, the length (in octets) of the
- MKI field, and (for the sender) the actual value of the currently
- active MKI (the value of the MKI indicator and length MUST be kept
- fixed for the lifetime of the context),
-
- * the master key(s), which MUST be random and kept secret,
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 8]
-
-RFC 3711 SRTP March 2004
-
-
- * for each master key, there is a counter of the number of SRTP
- packets that have been processed (sent) with that master key
- (essential for security, see Sections 3.3.1 and 9),
-
- * non-negative integers n_e, and n_a, determining the length of the
- session keys for encryption, and message authentication.
-
- In addition, for each master key, an SRTP stream MAY use the
- following associated values:
-
- * a master salt, to be used in the key derivation of session keys.
- This value, when used, MUST be random, but MAY be public. Use of
- master salt is strongly RECOMMENDED, see Section 9.2. A "NULL"
- salt is treated as 00...0.
-
- * an integer in the set {1,2,4,...,2^24}, the "key_derivation_rate",
- where an unspecified value is treated as zero. The constraint to
- be a power of 2 simplifies the session-key derivation
- implementation, see Section 4.3.
-
- * an MKI value,
-
- * <From, To> values, specifying the lifetime for a master key,
- expressed in terms of the two 48-bit index values inside whose
- range (including the range end-points) the master key is valid.
- For the use of <From, To>, see Section 8.1.1. <From, To> is an
- alternative to the MKI and assumes that a master key is in one-
- to-one correspondence with the SRTP session key on which the
- <From, To> range is defined.
-
- SRTCP SHALL by default share the crypto context with SRTP, except:
-
- * no rollover counter and s_l-value need to be maintained as the
- RTCP index is explicitly carried in each SRTCP packet,
-
- * a separate replay list is maintained (when replay protection is
- provided),
-
- * SRTCP maintains a separate counter for its master key (even if the
- master key is the same as that for SRTP, see below), as a means to
- maintain a count of the number of SRTCP packets that have been
- processed with that key.
-
- Note in particular that the master key(s) MAY be shared between SRTP
- and the corresponding SRTCP, if the pre-defined transforms (including
- the key derivation) are used but the session key(s) MUST NOT be so
- shared.
-
-
-
-
-Baugher, et al. Standards Track [Page 9]
-
-RFC 3711 SRTP March 2004
-
-
- In addition, there can be cases (see Sections 8 and 9.1) where
- several SRTP streams within a given RTP session, identified by their
- synchronization source (SSRCs, which is part of the RTP header),
- share most of the crypto context parameters (including possibly
- master and session keys). In such cases, just as in the normal
- SRTP/SRTCP parameter sharing above, separate replay lists and packet
- counters for each stream (SSRC) MUST still be maintained. Also,
- separate SRTP indices MUST then be maintained.
-
- A summary of parameters, pre-defined transforms, and default values
- for the above parameters (and other SRTP parameters) can be found in
- Sections 5 and 8.2.
-
-3.2.2. Transform-dependent parameters
-
- All encryption, authentication/integrity, and key derivation
- parameters are defined in the transforms section (Section 4).
- Typical examples of such parameters are block size of ciphers,
- session keys, data for the Initialization Vector (IV) formation, etc.
- Future SRTP transform specifications MUST include a section to list
- the additional cryptographic context's parameters for that transform,
- if any.
-
-3.2.3. Mapping SRTP Packets to Cryptographic Contexts
-
- Recall that an RTP session for each participant is defined [RFC3550]
- by a pair of destination transport addresses (one network address
- plus a port pair for RTP and RTCP), and that a multimedia session is
- defined as a collection of RTP sessions. For example, a particular
- multimedia session could include an audio RTP session, a video RTP
- session, and a text RTP session.
-
- A cryptographic context SHALL be uniquely identified by the triplet
- context identifier:
-
- context id = <SSRC, destination network address, destination
- transport port number>
-
- where the destination network address and the destination transport
- port are the ones in the SRTP packet. It is assumed that, when
- presented with this information, the key management returns a context
- with the information as described in Section 3.2.
-
- As noted above, SRTP and SRTCP by default share the bulk of the
- parameters in the cryptographic context. Thus, retrieving the crypto
- context parameters for an SRTCP stream in practice may imply a
- binding to the correspondent SRTP crypto context. It is up to the
- implementation to assure such binding, since the RTCP port may not be
-
-
-
-Baugher, et al. Standards Track [Page 10]
-
-RFC 3711 SRTP March 2004
-
-
- directly deducible from the RTP port only. Alternatively, the key
- management may choose to provide separate SRTP- and SRTCP- contexts,
- duplicating the common parameters (such as master key(s)). The
- latter approach then also enables SRTP and SRTCP to use, e.g.,
- distinct transforms, if so desired. Similar considerations arise
- when multiple SRTP streams, forming part of one single RTP session,
- share keys and other parameters.
-
- If no valid context can be found for a packet corresponding to a
- certain context identifier, that packet MUST be discarded.
-
-3.3. SRTP Packet Processing
-
- The following applies to SRTP. SRTCP is described in Section 3.4.
-
- Assuming initialization of the cryptographic context(s) has taken
- place via key management, the sender SHALL do the following to
- construct an SRTP packet:
-
- 1. Determine which cryptographic context to use as described in
- Section 3.2.3.
-
- 2. Determine the index of the SRTP packet using the rollover counter,
- the highest sequence number in the cryptographic context, and the
- sequence number in the RTP packet, as described in Section 3.3.1.
-
- 3. Determine the master key and master salt. This is done using the
- index determined in the previous step or the current MKI in the
- cryptographic context, according to Section 8.1.
-
- 4. Determine the session keys and session salt (if they are used by
- the transform) as described in Section 4.3, using master key,
- master salt, key_derivation_rate, and session key-lengths in the
- cryptographic context with the index, determined in Steps 2 and 3.
-
- 5. Encrypt the RTP payload to produce the Encrypted Portion of the
- packet (see Section 4.1, for the defined ciphers). This step uses
- the encryption algorithm indicated in the cryptographic context,
- the session encryption key and the session salt (if used) found in
- Step 4 together with the index found in Step 2.
-
- 6. If the MKI indicator is set to one, append the MKI to the packet.
-
- 7. For message authentication, compute the authentication tag for the
- Authenticated Portion of the packet, as described in Section 4.2.
- This step uses the current rollover counter, the authentication
-
-
-
-
-
-Baugher, et al. Standards Track [Page 11]
-
-RFC 3711 SRTP March 2004
-
-
- algorithm indicated in the cryptographic context, and the session
- authentication key found in Step 4. Append the authentication tag
- to the packet.
-
- 8. If necessary, update the ROC as in Section 3.3.1, using the packet
- index determined in Step 2.
-
- To authenticate and decrypt an SRTP packet, the receiver SHALL do the
- following:
-
- 1. Determine which cryptographic context to use as described in
- Section 3.2.3.
-
- 2. Run the algorithm in Section 3.3.1 to get the index of the SRTP
- packet. The algorithm uses the rollover counter and highest
- sequence number in the cryptographic context with the sequence
- number in the SRTP packet, as described in Section 3.3.1.
-
- 3. Determine the master key and master salt. If the MKI indicator in
- the context is set to one, use the MKI in the SRTP packet,
- otherwise use the index from the previous step, according to
- Section 8.1.
-
- 4. Determine the session keys, and session salt (if used by the
- transform) as described in Section 4.3, using master key, master
- salt, key_derivation_rate and session key-lengths in the
- cryptographic context with the index, determined in Steps 2 and 3.
-
- 5. For message authentication and replay protection, first check if
- the packet has been replayed (Section 3.3.2), using the Replay
- List and the index as determined in Step 2. If the packet is
- judged to be replayed, then the packet MUST be discarded, and the
- event SHOULD be logged.
-
- Next, perform verification of the authentication tag, using the
- rollover counter from Step 2, the authentication algorithm
- indicated in the cryptographic context, and the session
- authentication key from Step 4. If the result is "AUTHENTICATION
- FAILURE" (see Section 4.2), the packet MUST be discarded from
- further processing and the event SHOULD be logged.
-
- 6. Decrypt the Encrypted Portion of the packet (see Section 4.1, for
- the defined ciphers), using the decryption algorithm indicated in
- the cryptographic context, the session encryption key and salt (if
- used) found in Step 4 with the index from Step 2.
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 12]
-
-RFC 3711 SRTP March 2004
-
-
- 7. Update the rollover counter and highest sequence number, s_l, in
- the cryptographic context as in Section 3.3.1, using the packet
- index estimated in Step 2. If replay protection is provided, also
- update the Replay List as described in Section 3.3.2.
-
- 8. When present, remove the MKI and authentication tag fields from
- the packet.
-
-3.3.1. Packet Index Determination, and ROC, s_l Update
-
- SRTP implementations use an "implicit" packet index for sequencing,
- i.e., not all of the index is explicitly carried in the SRTP packet.
- For the pre-defined transforms, the index i is used in replay
- protection (Section 3.3.2), encryption (Section 4.1), message
- authentication (Section 4.2), and for the key derivation (Section
- 4.3).
-
- When the session starts, the sender side MUST set the rollover
- counter, ROC, to zero. Each time the RTP sequence number, SEQ, wraps
- modulo 2^16, the sender side MUST increment ROC by one, modulo 2^32
- (see security aspects below). The sender's packet index is then
- defined as
-
- i = 2^16 * ROC + SEQ.
-
- Receiver-side implementations use the RTP sequence number to
- determine the correct index of a packet, which is the location of the
- packet in the sequence of all SRTP packets. A robust approach for
- the proper use of a rollover counter requires its handling and use to
- be well defined. In particular, out-of-order RTP packets with
- sequence numbers close to 2^16 or zero must be properly handled.
-
- The index estimate is based on the receiver's locally maintained ROC
- and s_l values. At the setup of the session, the ROC MUST be set to
- zero. Receivers joining an on-going session MUST be given the
- current ROC value using out-of-band signaling such as key-management
- signaling. Furthermore, the receiver SHALL initialize s_l to the RTP
- sequence number (SEQ) of the first observed SRTP packet (unless the
- initial value is provided by out of band signaling such as key
- management).
-
- On consecutive SRTP packets, the receiver SHOULD estimate the index
- as
- i = 2^16 * v + SEQ,
-
- where v is chosen from the set { ROC-1, ROC, ROC+1 } (modulo 2^32)
- such that i is closest (in modulo 2^48 sense) to the value 2^16 * ROC
- + s_l (see Appendix A for pseudocode).
-
-
-
-Baugher, et al. Standards Track [Page 13]
-
-RFC 3711 SRTP March 2004
-
-
- After the packet has been processed and authenticated (when enabled
- for SRTP packets for the session), the receiver MUST use v to
- conditionally update its s_l and ROC variables as follows. If
- v=(ROC-1) mod 2^32, then there is no update to s_l or ROC. If v=ROC,
- then s_l is set to SEQ if and only if SEQ is larger than the current
- s_l; there is no change to ROC. If v=(ROC+1) mod 2^32, then s_l is
- set to SEQ and ROC is set to v.
-
- After a re-keying occurs (changing to a new master key), the rollover
- counter always maintains its sequence of values, i.e., it MUST NOT be
- reset to zero.
-
- As the rollover counter is 32 bits long and the sequence number is 16
- bits long, the maximum number of packets belonging to a given SRTP
- stream that can be secured with the same key is 2^48 using the pre-
- defined transforms. After that number of SRTP packets have been sent
- with a given (master or session) key, the sender MUST NOT send any
- more packets with that key. (There exists a similar limit for SRTCP,
- which in practice may be more restrictive, see Section 9.2.) This
- limitation enforces a security benefit by providing an upper bound on
- the amount of traffic that can pass before cryptographic keys are
- changed. Re-keying (see Section 8.1) MUST be triggered, before this
- amount of traffic, and MAY be triggered earlier, e.g., for increased
- security and access control to media. Recurring key derivation by
- means of a non-zero key_derivation_rate (see Section 4.3), also gives
- stronger security but does not change the above absolute maximum
- value.
-
- On the receiver side, there is a caveat to updating s_l and ROC: if
- message authentication is not present, neither the initialization of
- s_l, nor the ROC update can be made completely robust. The
- receiver's "implicit index" approach works for the pre-defined
- transforms as long as the reorder and loss of the packets are not too
- great and bit-errors do not occur in unfortunate ways. In
- particular, 2^15 packets would need to be lost, or a packet would
- need to be 2^15 packets out of sequence before synchronization is
- lost. Such drastic loss or reorder is likely to disrupt the RTP
- application itself.
-
- The algorithm for the index estimate and ROC update is a matter of
- implementation, and should take into consideration the environment
- (e.g., packet loss rate) and the cases when synchronization is likely
- to be lost, e.g., when the initial sequence number (randomly chosen
- by RTP) is not known in advance (not sent in the key management
- protocol) but may be near to wrap modulo 2^16.
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 14]
-
-RFC 3711 SRTP March 2004
-
-
- A more elaborate and more robust scheme than the one given above is
- the handling of RTP's own "rollover counter", see Appendix A.1 of
- [RFC3550].
-
-3.3.2. Replay Protection
-
- Secure replay protection is only possible when integrity protection
- is present. It is RECOMMENDED to use replay protection, both for RTP
- and RTCP, as integrity protection alone cannot assure security
- against replay attacks.
-
- A packet is "replayed" when it is stored by an adversary, and then
- re-injected into the network. When message authentication is
- provided, SRTP protects against such attacks through a Replay List.
- Each SRTP receiver maintains a Replay List, which conceptually
- contains the indices of all of the packets which have been received
- and authenticated. In practice, the list can use a "sliding window"
- approach, so that a fixed amount of storage suffices for replay
- protection. Packet indices which lag behind the packet index in the
- context by more than SRTP-WINDOW-SIZE can be assumed to have been
- received, where SRTP-WINDOW-SIZE is a receiver-side, implementation-
- dependent parameter and MUST be at least 64, but which MAY be set to
- a higher value.
-
- The receiver checks the index of an incoming packet against the
- replay list and the window. Only packets with index ahead of the
- window, or, inside the window but not already received, SHALL be
- accepted.
-
- After the packet has been authenticated (if necessary the window is
- first moved ahead), the replay list SHALL be updated with the new
- index.
-
- The Replay List can be efficiently implemented by using a bitmap to
- represent which packets have been received, as described in the
- Security Architecture for IP [RFC2401].
-
-3.4. Secure RTCP
-
- Secure RTCP follows the definition of Secure RTP. SRTCP adds three
- mandatory new fields (the SRTCP index, an "encrypt-flag", and the
- authentication tag) and one optional field (the MKI) to the RTCP
- packet definition. The three mandatory fields MUST be appended to an
- RTCP packet in order to form an equivalent SRTCP packet. The added
- fields follow any other profile-specific extensions.
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 15]
-
-RFC 3711 SRTP March 2004
-
-
- According to Section 6.1 of [RFC3550], there is a REQUIRED packet
- format for compound packets. SRTCP MUST be given packets according
- to that requirement in the sense that the first part MUST be a sender
- report or a receiver report. However, the RTCP encryption prefix (a
- random 32-bit quantity) specified in that Section MUST NOT be used
- since, as is stated there, it is only applicable to the encryption
- method specified in [RFC3550] and is not needed by the cryptographic
- mechanisms used in SRTP.
-
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<+
- |V=2|P| RC | PT=SR or RR | length | |
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | SSRC of sender | |
- +>+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |
- | ~ sender info ~ |
- | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | ~ report block 1 ~ |
- | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | ~ report block 2 ~ |
- | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | ~ ... ~ |
- | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | |V=2|P| SC | PT=SDES=202 | length | |
- | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |
- | | SSRC/CSRC_1 | |
- | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | ~ SDES items ~ |
- | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |
- | ~ ... ~ |
- +>+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |
- | |E| SRTCP index | |
- | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<+
- | ~ SRTCP MKI (OPTIONAL) ~ |
- | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | : authentication tag : |
- | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
- | |
- +-- Encrypted Portion Authenticated Portion -----+
-
-
- Figure 2. An example of the format of a Secure RTCP packet,
- consisting of an underlying RTCP compound packet with a Sender Report
- and SDES packet.
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 16]
-
-RFC 3711 SRTP March 2004
-
-
- The Encrypted Portion of an SRTCP packet consists of the encryption
- (Section 4.1) of the RTCP payload of the equivalent compound RTCP
- packet, from the first RTCP packet, i.e., from the ninth (9) octet to
- the end of the compound packet. The Authenticated Portion of an
- SRTCP packet consists of the entire equivalent (eventually compound)
- RTCP packet, the E flag, and the SRTCP index (after any encryption
- has been applied to the payload).
-
- The added fields are:
-
- E-flag: 1 bit, REQUIRED
- The E-flag indicates if the current SRTCP packet is
- encrypted or unencrypted. Section 9.1 of [RFC3550] allows
- the split of a compound RTCP packet into two lower-layer
- packets, one to be encrypted and one to be sent in the
- clear. The E bit set to "1" indicates encrypted packet, and
- "0" indicates non-encrypted packet.
-
- SRTCP index: 31 bits, REQUIRED
- The SRTCP index is a 31-bit counter for the SRTCP packet.
- The index is explicitly included in each packet, in contrast
- to the "implicit" index approach used for SRTP. The SRTCP
- index MUST be set to zero before the first SRTCP packet is
- sent, and MUST be incremented by one, modulo 2^31, after
- each SRTCP packet is sent. In particular, after a re-key,
- the SRTCP index MUST NOT be reset to zero again.
-
- Authentication Tag: configurable length, REQUIRED
- The authentication tag is used to carry message
- authentication data.
-
- MKI: configurable length, OPTIONAL
- The MKI is the Master Key Indicator, and functions according
- to the MKI definition in Section 3.
-
- SRTCP uses the cryptographic context parameters and packet processing
- of SRTP by default, with the following changes:
-
- * The receiver does not need to "estimate" the index, as it is
- explicitly signaled in the packet.
-
- * Pre-defined SRTCP encryption is as specified in Section 4.1, but
- using the definition of the SRTCP Encrypted Portion given in this
- section, and using the SRTCP index as the index i. The encryption
- transform and related parameters SHALL by default be the same
- selected for the protection of the associated SRTP stream(s),
- while the NULL algorithm SHALL be applied to the RTCP packets not
- to be encrypted. SRTCP may have a different encryption transform
-
-
-
-Baugher, et al. Standards Track [Page 17]
-
-RFC 3711 SRTP March 2004
-
-
- than the one used by the corresponding SRTP. The expected use for
- this feature is when the former has NULL-encryption and the latter
- has a non NULL-encryption.
-
- The E-flag is assigned a value by the sender depending on whether the
- packet was encrypted or not.
-
- * SRTCP decryption is performed as in Section 4, but only if the E
- flag is equal to 1. If so, the Encrypted Portion is decrypted,
- using the SRTCP index as the index i. In case the E-flag is 0,
- the payload is simply left unmodified.
-
- * SRTCP replay protection is as defined in Section 3.3.2, but using
- the SRTCP index as the index i and a separate Replay List that is
- specific to SRTCP.
-
- * The pre-defined SRTCP authentication tag is specified as in
- Section 4.2, but with the Authenticated Portion of the SRTCP
- packet given in this section (which includes the index). The
- authentication transform and related parameters (e.g., key size)
- SHALL by default be the same as selected for the protection of the
- associated SRTP stream(s).
-
- * In the last step of the processing, only the sender needs to
- update the value of the SRTCP index by incrementing it modulo 2^31
- and for security reasons the sender MUST also check the number of
- SRTCP packets processed, see Section 9.2.
-
- Message authentication for RTCP is REQUIRED, as it is the control
- protocol (e.g., it has a BYE packet) for RTP.
-
- Precautions must be taken so that the packet expansion in SRTCP (due
- to the added fields) does not cause SRTCP messages to use more than
- their share of RTCP bandwidth. To avoid this, the following two
- measures MUST be taken:
-
- 1. When initializing the RTCP variable "avg_rtcp_size" defined in
- chapter 6.3 of [RFC3550], it MUST include the size of the fields
- that will be added by SRTCP (index, E-bit, authentication tag, and
- when present, the MKI).
-
- 2. When updating the "avg_rtcp_size" using the variable "packet_size"
- (section 6.3.3 of [RFC3550]), the value of "packet_size" MUST
- include the size of the additional fields added by SRTCP.
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 18]
-
-RFC 3711 SRTP March 2004
-
-
- With these measures in place the SRTCP messages will not use more
- than the allotted bandwidth. The effect of the size of the added
- fields on the SRTCP traffic will be that messages will be sent with
- longer packet intervals. The increase in the intervals will be
- directly proportional to size of the added fields. For the pre-
- defined transforms, the size of the added fields will be at least 14
- octets, and upper bounded depending on MKI and the authentication tag
- sizes.
-
-4. Pre-Defined Cryptographic Transforms
-
- While there are numerous encryption and message authentication
- algorithms that can be used in SRTP, below we define default
- algorithms in order to avoid the complexity of specifying the
- encodings for the signaling of algorithm and parameter identifiers.
- The defined algorithms have been chosen as they fulfill the goals
- listed in Section 2. Recommendations on how to extend SRTP with new
- transforms are given in Section 6.
-
-4.1. Encryption
-
- The following parameters are common to both pre-defined, non-NULL,
- encryption transforms specified in this section.
-
- * BLOCK_CIPHER-MODE indicates the block cipher used and its mode of
- operation
- * n_b is the bit-size of the block for the block cipher
- * k_e is the session encryption key
- * n_e is the bit-length of k_e
- * k_s is the session salting key
- * n_s is the bit-length of k_s
- * SRTP_PREFIX_LENGTH is the octet length of the keystream prefix, a
- non-negative integer, specified by the message authentication code
- in use.
-
- The distinct session keys and salts for SRTP/SRTCP are by default
- derived as specified in Section 4.3.
-
- The encryption transforms defined in SRTP map the SRTP packet index
- and secret key into a pseudo-random keystream segment. Each
- keystream segment encrypts a single RTP packet. The process of
- encrypting a packet consists of generating the keystream segment
- corresponding to the packet, and then bitwise exclusive-oring that
- keystream segment onto the payload of the RTP packet to produce the
- Encrypted Portion of the SRTP packet. In case the payload size is
- not an integer multiple of n_b bits, the excess (least significant)
- bits of the keystream are simply discarded. Decryption is done the
- same way, but swapping the roles of the plaintext and ciphertext.
-
-
-
-Baugher, et al. Standards Track [Page 19]
-
-RFC 3711 SRTP March 2004
-
-
- +----+ +------------------+---------------------------------+
- | KG |-->| Keystream Prefix | Keystream Suffix |---+
- +----+ +------------------+---------------------------------+ |
- |
- +---------------------------------+ v
- | Payload of RTP Packet |->(*)
- +---------------------------------+ |
- |
- +---------------------------------+ |
- | Encrypted Portion of SRTP Packet|<--+
- +---------------------------------+
-
- Figure 3: Default SRTP Encryption Processing. Here KG denotes the
- keystream generator, and (*) denotes bitwise exclusive-or.
-
- The definition of how the keystream is generated, given the index,
- depends on the cipher and its mode of operation. Below, two such
- keystream generators are defined. The NULL cipher is also defined,
- to be used when encryption of RTP is not required.
-
- The SRTP definition of the keystream is illustrated in Figure 3. The
- initial octets of each keystream segment MAY be reserved for use in a
- message authentication code, in which case the keystream used for
- encryption starts immediately after the last reserved octet. The
- initial reserved octets are called the "keystream prefix" (not to be
- confused with the "encryption prefix" of [RFC3550, Section 6.1]), and
- the remaining octets are called the "keystream suffix". The
- keystream prefix MUST NOT be used for encryption. The process is
- illustrated in Figure 3.
-
- The number of octets in the keystream prefix is denoted as
- SRTP_PREFIX_LENGTH. The keystream prefix is indicated by a positive,
- non-zero value of SRTP_PREFIX_LENGTH. This means that, even if
- confidentiality is not to be provided, the keystream generator output
- may still need to be computed for packet authentication, in which
- case the default keystream generator (mode) SHALL be used.
-
- The default cipher is the Advanced Encryption Standard (AES) [AES],
- and we define two modes of running AES, (1) Segmented Integer Counter
- Mode AES and (2) AES in f8-mode. In the remainder of this section,
- let E(k,x) be AES applied to key k and input block x.
-
-
-
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 20]
-
-RFC 3711 SRTP March 2004
-
-
-4.1.1. AES in Counter Mode
-
- Conceptually, counter mode [AES-CTR] consists of encrypting
- successive integers. The actual definition is somewhat more
- complicated, in order to randomize the starting point of the integer
- sequence. Each packet is encrypted with a distinct keystream
- segment, which SHALL be computed as follows.
-
- A keystream segment SHALL be the concatenation of the 128-bit output
- blocks of the AES cipher in the encrypt direction, using key k = k_e,
- in which the block indices are in increasing order. Symbolically,
- each keystream segment looks like
-
- E(k, IV) || E(k, IV + 1 mod 2^128) || E(k, IV + 2 mod 2^128) ...
-
- where the 128-bit integer value IV SHALL be defined by the SSRC, the
- SRTP packet index i, and the SRTP session salting key k_s, as below.
-
- IV = (k_s * 2^16) XOR (SSRC * 2^64) XOR (i * 2^16)
-
- Each of the three terms in the XOR-sum above is padded with as many
- leading zeros as needed to make the operation well-defined,
- considered as a 128-bit value.
-
- The inclusion of the SSRC allows the use of the same key to protect
- distinct SRTP streams within the same RTP session, see the security
- caveats in Section 9.1.
-
- In the case of SRTCP, the SSRC of the first header of the compound
- packet MUST be used, i SHALL be the 31-bit SRTCP index and k_e, k_s
- SHALL be replaced by the SRTCP encryption session key and salt.
-
- Note that the initial value, IV, is fixed for each packet and is
- formed by "reserving" 16 zeros in the least significant bits for the
- purpose of the counter. The number of blocks of keystream generated
- for any fixed value of IV MUST NOT exceed 2^16 to avoid keystream
- re-use, see below. The AES has a block size of 128 bits, so 2^16
- output blocks are sufficient to generate the 2^23 bits of keystream
- needed to encrypt the largest possible RTP packet (except for IPv6
- "jumbograms" [RFC2675], which are not likely to be used for RTP-based
- multimedia traffic). This restriction on the maximum bit-size of the
- packet that can be encrypted ensures the security of the encryption
- method by limiting the effectiveness of probabilistic attacks [BDJR].
-
- For a particular Counter Mode key, each IV value used as an input
- MUST be distinct, in order to avoid the security exposure of a two-
- time pad situation (Section 9.1). To satisfy this constraint, an
- implementation MUST ensure that the combination of the SRTP packet
-
-
-
-Baugher, et al. Standards Track [Page 21]
-
-RFC 3711 SRTP March 2004
-
-
- index of ROC || SEQ, and the SSRC used in the construction of the IV
- are distinct for any particular key. The failure to ensure this
- uniqueness could be catastrophic for Secure RTP. This is in contrast
- to the situation for RTP itself, which may be able to tolerate such
- failures. It is RECOMMENDED that, if a dedicated security module is
- present, the RTP sequence numbers and SSRC either be generated or
- checked by that module (i.e., sequence-number and SSRC processing in
- an SRTP system needs to be protected as well as the key).
-
-4.1.2. AES in f8-mode
-
- To encrypt UMTS (Universal Mobile Telecommunications System, as 3G
- networks) data, a solution (see [f8-a] [f8-b]) known as the f8-
- algorithm has been developed. On a high level, the proposed scheme
- is a variant of Output Feedback Mode (OFB) [HAC], with a more
- elaborate initialization and feedback function. As in normal OFB,
- the core consists of a block cipher. We also define here the use of
- AES as a block cipher to be used in what we shall call "f8-mode of
- operation" RTP encryption. The AES f8-mode SHALL use the same
- default sizes for session key and salt as AES counter mode.
-
- Figure 4 shows the structure of block cipher, E, running in f8-mode.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 22]
-
-RFC 3711 SRTP March 2004
-
-
- IV
- |
- v
- +------+
- | |
- +--->| E |
- | +------+
- | |
- m -> (*) +-----------+-------------+-- ... ------+
- | IV' | | | |
- | | j=1 -> (*) j=2 -> (*) ... j=L-1 ->(*)
- | | | | |
- | | +-> (*) +-> (*) ... +-> (*)
- | | | | | | | |
- | v | v | v | v
- | +------+ | +------+ | +------+ | +------+
- k_e ---+--->| E | | | E | | | E | | | E |
- | | | | | | | | | | |
- +------+ | +------+ | +------+ | +------+
- | | | | | | |
- +------+ +--------+ +-- ... ----+ |
- | | | |
- v v v v
- S(0) S(1) S(2) . . . S(L-1)
-
- Figure 4. f8-mode of operation (asterisk, (*), denotes bitwise XOR).
- The figure represents the KG in Figure 3, when AES-f8 is used.
-
-4.1.2.1. f8 Keystream Generation
-
- The Initialization Vector (IV) SHALL be determined as described in
- Section 4.1.2.2 (and in Section 4.1.2.3 for SRTCP).
-
- Let IV', S(j), and m denote n_b-bit blocks. The keystream,
- S(0) ||... || S(L-1), for an N-bit message SHALL be defined by
- setting IV' = E(k_e XOR m, IV), and S(-1) = 00..0. For
- j = 0,1,..,L-1 where L = N/n_b (rounded up to nearest integer if it
- is not already an integer) compute
-
- S(j) = E(k_e, IV' XOR j XOR S(j-1))
-
- Notice that the IV is not used directly. Instead it is fed through E
- under another key to produce an internal, "masked" value (denoted
- IV') to prevent an attacker from gaining known input/output pairs.
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 23]
-
-RFC 3711 SRTP March 2004
-
-
- The role of the internal counter, j, is to prevent short keystream
- cycles. The value of the key mask m SHALL be
-
- m = k_s || 0x555..5,
-
- i.e., the session salting key, appended by the binary pattern 0101..
- to fill out the entire desired key size, n_e.
-
- The sender SHOULD NOT generate more than 2^32 blocks, which is
- sufficient to generate 2^39 bits of keystream. Unlike counter mode,
- there is no absolute threshold above (below) which f8 is guaranteed
- to be insecure (secure). The above bound has been chosen to limit,
- with sufficient security margin, the probability of degenerative
- behavior in the f8 keystream generation.
-
-4.1.2.2. f8 SRTP IV Formation
-
- The purpose of the following IV formation is to provide a feature
- which we call implicit header authentication (IHA), see Section 9.5.
-
- The SRTP IV for 128-bit block AES-f8 SHALL be formed in the following
- way:
-
- IV = 0x00 || M || PT || SEQ || TS || SSRC || ROC
-
- M, PT, SEQ, TS, SSRC SHALL be taken from the RTP header; ROC is from
- the cryptographic context.
-
- The presence of the SSRC as part of the IV allows AES-f8 to be used
- when a master key is shared between multiple streams within the same
- RTP session, see Section 9.1.
-
-4.1.2.3. f8 SRTCP IV Formation
-
- The SRTCP IV for 128-bit block AES-f8 SHALL be formed in the
- following way:
-
- IV= 0..0 || E || SRTCP index || V || P || RC || PT || length || SSRC
-
- where V, P, RC, PT, length, SSRC SHALL be taken from the first header
- in the RTCP compound packet. E and SRTCP index are the 1-bit and
- 31-bit fields added to the packet.
-
-
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 24]
-
-RFC 3711 SRTP March 2004
-
-
-4.1.3. NULL Cipher
-
- The NULL cipher is used when no confidentiality for RTP/RTCP is
- requested. The keystream can be thought of as "000..0", i.e., the
- encryption SHALL simply copy the plaintext input into the ciphertext
- output.
-
-4.2. Message Authentication and Integrity
-
- Throughout this section, M will denote data to be integrity
- protected. In the case of SRTP, M SHALL consist of the Authenticated
- Portion of the packet (as specified in Figure 1) concatenated with
- the ROC, M = Authenticated Portion || ROC; in the case of SRTCP, M
- SHALL consist of the Authenticated Portion (as specified in Figure 2)
- only.
-
- Common parameters:
-
- * AUTH_ALG is the authentication algorithm
- * k_a is the session message authentication key
- * n_a is the bit-length of the authentication key
- * n_tag is the bit-length of the output authentication tag
- * SRTP_PREFIX_LENGTH is the octet length of the keystream prefix as
- defined above, a parameter of AUTH_ALG
-
- The distinct session authentication keys for SRTP/SRTCP are by
- default derived as specified in Section 4.3.
-
- The values of n_a, n_tag, and SRTP_PREFIX_LENGTH MUST be fixed for
- any particular fixed value of the key.
-
- We describe the process of computing authentication tags as follows.
- The sender computes the tag of M and appends it to the packet. The
- SRTP receiver verifies a message/authentication tag pair by computing
- a new authentication tag over M using the selected algorithm and key,
- and then compares it to the tag associated with the received message.
- If the two tags are equal, then the message/tag pair is valid;
- otherwise, it is invalid and the error audit message "AUTHENTICATION
- FAILURE" MUST be returned.
-
-4.2.1. HMAC-SHA1
-
- The pre-defined authentication transform for SRTP is HMAC-SHA1
- [RFC2104]. With HMAC-SHA1, the SRTP_PREFIX_LENGTH (Figure 3) SHALL
- be 0. For SRTP (respectively SRTCP), the HMAC SHALL be applied to
- the session authentication key and M as specified above, i.e.,
- HMAC(k_a, M). The HMAC output SHALL then be truncated to the n_tag
- left-most bits.
-
-
-
-Baugher, et al. Standards Track [Page 25]
-
-RFC 3711 SRTP March 2004
-
-
-4.3. Key Derivation
-
-4.3.1. Key Derivation Algorithm
-
- Regardless of the encryption or message authentication transform that
- is employed (it may be an SRTP pre-defined transform or newly
- introduced according to Section 6), interoperable SRTP
- implementations MUST use the SRTP key derivation to generate session
- keys. Once the key derivation rate is properly signaled at the start
- of the session, there is no need for extra communication between the
- parties that use SRTP key derivation.
-
- packet index ---+
- |
- v
- +-----------+ master +--------+ session encr_key
- | ext | key | |---------->
- | key mgmt |-------->| key | session auth_key
- | (optional | | deriv |---------->
- | rekey) |-------->| | session salt_key
- | | master | |---------->
- +-----------+ salt +--------+
-
- Figure 5: SRTP key derivation.
-
- At least one initial key derivation SHALL be performed by SRTP, i.e.,
- the first key derivation is REQUIRED. Further applications of the
- key derivation MAY be performed, according to the
- "key_derivation_rate" value in the cryptographic context. The key
- derivation function SHALL initially be invoked before the first
- packet and then, when r > 0, a key derivation is performed whenever
- index mod r equals zero. This can be thought of as "refreshing" the
- session keys. The value of "key_derivation_rate" MUST be kept fixed
- for the lifetime of the associated master key.
-
- Interoperable SRTP implementations MAY also derive session salting
- keys for encryption transforms, as is done in both of the pre-
- defined transforms.
-
- Let m and n be positive integers. A pseudo-random function family is
- a set of keyed functions {PRF_n(k,x)} such that for the (secret)
- random key k, given m-bit x, PRF_n(k,x) is an n-bit string,
- computationally indistinguishable from random n-bit strings, see
- [HAC]. For the purpose of key derivation in SRTP, a secure PRF with
- m = 128 (or more) MUST be used, and a default PRF transform is
- defined in Section 4.3.3.
-
-
-
-
-
-Baugher, et al. Standards Track [Page 26]
-
-RFC 3711 SRTP March 2004
-
-
- Let "a DIV t" denote integer division of a by t, rounded down, and
- with the convention that "a DIV 0 = 0" for all a. We also make the
- convention of treating "a DIV t" as a bit string of the same length
- as a, and thus "a DIV t" will in general have leading zeros.
-
- Key derivation SHALL be defined as follows in terms of <label>, an
- 8-bit constant (see below), master_salt and key_derivation_rate, as
- determined in the cryptographic context, and index, the packet index
- (i.e., the 48-bit ROC || SEQ for SRTP):
-
- * Let r = index DIV key_derivation_rate (with DIV as defined above).
-
- * Let key_id = <label> || r.
-
- * Let x = key_id XOR master_salt, where key_id and master_salt are
- aligned so that their least significant bits agree (right-
- alignment).
-
- <label> MUST be unique for each type of key to be derived. We
- currently define <label> 0x00 to 0x05 (see below), and future
- extensions MAY specify new values in the range 0x06 to 0xff for other
- purposes. The n-bit SRTP key (or salt) for this packet SHALL then be
- derived from the master key, k_master as follows:
-
- PRF_n(k_master, x).
-
- (The PRF may internally specify additional formatting and padding of
- x, see e.g., Section 4.3.3 for the default PRF.)
-
- The session keys and salt SHALL now be derived using:
-
- - k_e (SRTP encryption): <label> = 0x00, n = n_e.
-
- - k_a (SRTP message authentication): <label> = 0x01, n = n_a.
-
- - k_s (SRTP salting key): <label> = 0x02, n = n_s.
-
- where n_e, n_s, and n_a are from the cryptographic context.
-
- The master key and master salt MUST be random, but the master salt
- MAY be public.
-
- Note that for a key_derivation_rate of 0, the application of the key
- derivation SHALL take place exactly once.
-
- The definition of DIV above is purely for notational convenience.
- For a non-zero t among the set of allowed key derivation rates, "a
- DIV t" can be implemented as a right-shift by the base-2 logarithm of
-
-
-
-Baugher, et al. Standards Track [Page 27]
-
-RFC 3711 SRTP March 2004
-
-
- t. The derivation operation is further facilitated if the rates are
- chosen to be powers of 256, but that granularity was considered too
- coarse to be a requirement of this specification.
-
- The upper limit on the number of packets that can be secured using
- the same master key (see Section 9.2) is independent of the key
- derivation.
-
-4.3.2. SRTCP Key Derivation
-
- SRTCP SHALL by default use the same master key (and master salt) as
- SRTP. To do this securely, the following changes SHALL be done to
- the definitions in Section 4.3.1 when applying session key derivation
- for SRTCP.
-
- Replace the SRTP index by the 32-bit quantity: 0 || SRTCP index
- (i.e., excluding the E-bit, replacing it with a fixed 0-bit), and use
- <label> = 0x03 for the SRTCP encryption key, <label> = 0x04 for the
- SRTCP authentication key, and, <label> = 0x05 for the SRTCP salting
- key.
-
-4.3.3. AES-CM PRF
-
- The currently defined PRF, keyed by 128, 192, or 256 bit master key,
- has input block size m = 128 and can produce n-bit outputs for n up
- to 2^23. PRF_n(k_master,x) SHALL be AES in Counter Mode as described
- in Section 4.1.1, applied to key k_master, and IV equal to (x*2^16),
- and with the output keystream truncated to the n first (left-most)
- bits. (Requiring n/128, rounded up, applications of AES.)
-
-5. Default and mandatory-to-implement Transforms
-
- The default transforms also are mandatory-to-implement transforms in
- SRTP. Of course, "mandatory-to-implement" does not imply
- "mandatory-to-use". Table 1 summarizes the pre-defined transforms.
- The default values below are valid for the pre-defined transforms.
-
- mandatory-to-impl. optional default
-
- encryption AES-CM, NULL AES-f8 AES-CM
- message integrity HMAC-SHA1 - HMAC-SHA1
- key derivation (PRF) AES-CM - AES-CM
-
- Table 1: Mandatory-to-implement, optional and default transforms in
- SRTP and SRTCP.
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 28]
-
-RFC 3711 SRTP March 2004
-
-
-5.1. Encryption: AES-CM and NULL
-
- AES running in Segmented Integer Counter Mode, as defined in Section
- 4.1.1, SHALL be the default encryption algorithm. The default key
- lengths SHALL be 128-bit for the session encryption key (n_e). The
- default session salt key-length (n_s) SHALL be 112 bits.
-
- The NULL cipher SHALL also be mandatory-to-implement.
-
-5.2. Message Authentication/Integrity: HMAC-SHA1
-
- HMAC-SHA1, as defined in Section 4.2.1, SHALL be the default message
- authentication code. The default session authentication key-length
- (n_a) SHALL be 160 bits, the default authentication tag length
- (n_tag) SHALL be 80 bits, and the SRTP_PREFIX_LENGTH SHALL be zero
- for HMAC-SHA1. In addition, for SRTCP, the pre-defined HMAC-SHA1
- MUST NOT be applied with a value of n_tag, nor n_a, that are smaller
- than these defaults. For SRTP, smaller values are NOT RECOMMENDED,
- but MAY be used after careful consideration of the issues in Section
- 7.5 and 9.5.
-
-5.3. Key Derivation: AES-CM PRF
-
- The AES Counter Mode based key derivation and PRF defined in Sections
- 4.3.1 to 4.3.3, using a 128-bit master key, SHALL be the default
- method for generating session keys. The default master salt length
- SHALL be 112 bits and the default key-derivation rate SHALL be zero.
-
-6. Adding SRTP Transforms
-
- Section 4 provides examples of the level of detail needed for
- defining transforms. Whenever a new transform is to be added to
- SRTP, a companion standard track RFC MUST be written to exactly
- define how the new transform can be used with SRTP (and SRTCP). Such
- a companion RFC SHOULD avoid overlap with the SRTP protocol document.
- Note however, that it MAY be necessary to extend the SRTP or SRTCP
- cryptographic context definition with new parameters (including fixed
- or default values), add steps to the packet processing, or even add
- fields to the SRTP/SRTCP packets. The companion RFC SHALL explain
- any known issues regarding interactions between the transform and
- other aspects of SRTP.
-
- Each new transform document SHOULD specify its key attributes, e.g.,
- size of keys (minimum, maximum, recommended), format of keys,
- recommended/required processing of input keying material,
- requirements/recommendations on key lifetime, re-keying and key
- derivation, whether sharing of keys between SRTP and SRTCP is allowed
- or not, etc.
-
-
-
-Baugher, et al. Standards Track [Page 29]
-
-RFC 3711 SRTP March 2004
-
-
- An added message integrity transform SHOULD define a minimum
- acceptable key/tag size for SRTCP, equivalent in strength to the
- minimum values as defined in Section 5.2.
-
-7. Rationale
-
- This section explains the rationale behind several important features
- of SRTP.
-
-7.1. Key derivation
-
- Key derivation reduces the burden on the key establishment. As many
- as six different keys are needed per crypto context (SRTP and SRTCP
- encryption keys and salts, SRTP and SRTCP authentication keys), but
- these are derived from a single master key in a cryptographically
- secure way. Thus, the key management protocol needs to exchange only
- one master key (plus master salt when required), and then SRTP itself
- derives all the necessary session keys (via the first, mandatory
- application of the key derivation function).
-
- Multiple applications of the key derivation function are optional,
- but will give security benefits when enabled. They prevent an
- attacker from obtaining large amounts of ciphertext produced by a
- single fixed session key. If the attacker was able to collect a
- large amount of ciphertext for a certain session key, he might be
- helped in mounting certain attacks.
-
- Multiple applications of the key derivation function provide
- backwards and forward security in the sense that a compromised
- session key does not compromise other session keys derived from the
- same master key. This means that the attacker who is able to recover
- a certain session key, is anyway not able to have access to messages
- secured under previous and later session keys (derived from the same
- master key). (Note that, of course, a leaked master key reveals all
- the session keys derived from it.)
-
- Considerations arise with high-rate key refresh, especially in large
- multicast settings, see Section 11.
-
-7.2. Salting key
-
- The master salt guarantees security against off-line key-collision
- attacks on the key derivation that might otherwise reduce the
- effective key size [MF00].
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 30]
-
-RFC 3711 SRTP March 2004
-
-
- The derived session salting key used in the encryption, has been
- introduced to protect against some attacks on additive stream
- ciphers, see Section 9.2. The explicit inclusion method of the salt
- in the IV has been selected for ease of hardware implementation.
-
-7.3. Message Integrity from Universal Hashing
-
- The particular definition of the keystream given in Section 4.1 (the
- keystream prefix) is to give provision for particular universal hash
- functions, suitable for message authentication in the Wegman-Carter
- paradigm [WC81]. Such functions are provably secure, simple, quick,
- and especially appropriate for Digital Signal Processors and other
- processors with a fast multiply operation.
-
- No authentication transforms are currently provided in SRTP other
- than HMAC-SHA1. Future transforms, like the above mentioned
- universal hash functions, MAY be added following the guidelines in
- Section 6.
-
-7.4. Data Origin Authentication Considerations
-
- Note that in pair-wise communications, integrity and data origin
- authentication are provided together. However, in group scenarios
- where the keys are shared between members, the MAC tag only proves
- that a member of the group sent the packet, but does not prevent
- against a member impersonating another. Data origin authentication
- (DOA) for multicast and group RTP sessions is a hard problem that
- needs a solution; while some promising proposals are being
- investigated [PCST1] [PCST2], more work is needed to rigorously
- specify these technologies. Thus SRTP data origin authentication in
- groups is for further study.
-
- DOA can be done otherwise using signatures. However, this has high
- impact in terms of bandwidth and processing time, therefore we do not
- offer this form of authentication in the pre-defined packet-integrity
- transform.
-
- The presence of mixers and translators does not allow data origin
- authentication in case the RTP payload and/or the RTP header are
- manipulated. Note that these types of middle entities also disrupt
- end-to-end confidentiality (as the IV formation depends e.g., on the
- RTP header preservation). A certain trust model may choose to trust
- the mixers/translators to decrypt/re-encrypt the media (this would
- imply breaking the end-to-end security, with related security
- implications).
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 31]
-
-RFC 3711 SRTP March 2004
-
-
-7.5. Short and Zero-length Message Authentication
-
- As shown in Figure 1, the authentication tag is RECOMMENDED in SRTP.
- A full 80-bit authentication-tag SHOULD be used, but a shorter tag or
- even a zero-length tag (i.e., no message authentication) MAY be used
- under certain conditions to support either of the following two
- application environments.
-
- 1. Strong authentication can be impractical in environments where
- bandwidth preservation is imperative. An important special
- case is wireless communication systems, in which bandwidth is a
- scarce and expensive resource. Studies have shown that for
- certain applications and link technologies, additional bytes
- may result in a significant decrease in spectrum efficiency
- [SWO]. Considerable effort has been made to design IP header
- compression techniques to improve spectrum efficiency
- [RFC3095]. A typical voice application produces 20 byte
- samples, and the RTP, UDP and IP headers need to be jointly
- compressed to one or two bytes on average in order to obtain
- acceptable wireless bandwidth economy [RFC3095]. In this case,
- strong authentication would impose nearly fifty percent
- overhead.
-
- 2. Authentication is impractical for applications that use data
- links with fixed-width fields that cannot accommodate the
- expansion due to the authentication tag. This is the case for
- some important existing wireless channels. For example, zero-
- byte header compression is used to adapt EVRC/SMV voice with
- the legacy IS-95 bearer channel in CDMA2000 VoIP services. It
- was found that not a single additional octet could be added to
- the data, which motivated the creation of a zero-byte profile
- for ROHC [RFC3242].
-
- A short tag is secure for a restricted set of applications. Consider
- a voice telephony application, for example, such as a G.729 audio
- codec with a 20-millisecond packetization interval, protected by a
- 32-bit message authentication tag. The likelihood of any given
- packet being successfully forged is only one in 2^32. Thus an
- adversary can control no more than 20 milliseconds of audio output
- during a 994-day period, on average. In contrast, the effect of a
- single forged packet can be much larger if the application is
- stateful. A codec that uses relative or predictive compression
- across packets will propagate the maliciously generated state,
- affecting a longer duration of output.
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 32]
-
-RFC 3711 SRTP March 2004
-
-
- Certainly not all SRTP or telephony applications meet the criteria
- for short or zero-length authentication tags. Section 9.5.1
- discusses the risks of weak or no message authentication, and section
- 9.5 describes the circumstances when it is acceptable and when it is
- unacceptable.
-
-8. Key Management Considerations
-
- There are emerging key management standards [MIKEY] [KEYMGT] [SDMS]
- for establishing an SRTP cryptographic context (e.g., an SRTP master
- key). Both proprietary and open-standard key management methods are
- likely to be used for telephony applications [MIKEY] [KINK] and
- multicast applications [GDOI]. This section provides guidance for
- key management systems that service SRTP session.
-
- For initialization, an interoperable SRTP implementation SHOULD be
- given the SSRC and MAY be given the initial RTP sequence number for
- the RTP stream by key management (thus, key management has a
- dependency on RTP operational parameters). Sending the RTP sequence
- number in the key management may be useful e.g., when the initial
- sequence number is close to wrapping (to avoid synchronization
- problems), and to communicate the current sequence number to a
- joining endpoint (to properly initialize its replay list).
-
- If the pre-defined transforms are used, SRTP allows sharing of the
- same master key between SRTP/SRTCP streams belonging to the same RTP
- session.
-
- First, sharing between SRTP streams belonging to the same RTP session
- is secure if the design of the synchronization mechanism, i.e., the
- IV, avoids keystream re-use (the two-time pad, Section 9.1). This is
- taken care of by the fact that RTP provides for unique SSRCs for
- streams belonging to the same RTP session. See Section 9.1 for
- further discussion.
-
- Second, sharing between SRTP and the corresponding SRTCP is secure.
- The fact that an SRTP stream and its associated SRTCP stream both
- carry the same SSRC does not constitute a problem for the two-time
- pad due to the key derivation. Thus, SRTP and SRTCP corresponding to
- one RTP session MAY share master keys (as they do by default).
-
- Note that message authentication also has a dependency on SSRC
- uniqueness that is unrelated to the problem of keystream reuse: SRTP
- streams authenticated under the same key MUST have a distinct SSRC in
- order to identify the sender of the message. This requirement is
- needed because the SSRC is the cryptographically authenticated field
-
-
-
-
-
-Baugher, et al. Standards Track [Page 33]
-
-RFC 3711 SRTP March 2004
-
-
- used to distinguish between different SRTP streams. Were two streams
- to use identical SSRC values, then an adversary could substitute
- messages from one stream into the other without detection.
-
- SRTP/SRTCP MUST NOT share master keys under any other circumstances
- than the ones given above, i.e., between SRTP and its corresponding
- SRTCP, and, between streams belonging to the same RTP session.
-
-8.1. Re-keying
-
- The recommended way for a particular key management system to provide
- re-key within SRTP is by associating a master key in a crypto context
- with an MKI.
-
- This provides for easy master key retrieval (see Scenarios in Section
- 11), but has the disadvantage of adding extra bits to each packet.
- As noted in Section 7.5, some wireless links do not cater for added
- bits, therefore SRTP also defines a more economic way of triggering
- re-keying, via use of <From, To>, which works in some specific,
- simple scenarios (see Section 8.1.1).
-
- SRTP senders SHALL count the amount of SRTP and SRTCP traffic being
- used for a master key and invoke key management to re-key if needed
- (Section 9.2). These interactions are defined by the key management
- interface to SRTP and are not defined by this protocol specification.
-
-8.1.1. Use of the <From, To> for re-keying
-
- In addition to the use of the MKI, SRTP defines another optional
- mechanism for master key retrieval, the <From, To>. The <From, To>
- specifies the range of SRTP indices (a pair of sequence number and
- ROC) within which a certain master key is valid, and is (when used)
- part of the crypto context. By looking at the 48-bit SRTP index of
- the current SRTP packet, the corresponding master key can be found by
- determining which From-To interval it belongs to. For SRTCP, the
- most recently observed/used SRTP index (which can be obtained from
- the cryptographic context) is used for this purpose, even though
- SRTCP has its own (31-bit) index (see caveat below).
-
- This method, compared to the MKI, has the advantage of identifying
- the master key and defining its lifetime without adding extra bits to
- each packet. This could be useful, as already noted, for some
- wireless links that do not cater for added bits. However, its use
- SHOULD be limited to specific, very simple scenarios. We recommend
- to limit its use when the RTP session is a simple unidirectional or
- bi-directional stream. This is because in case of multiple streams,
- it is difficult to trigger the re-key based on the <From, To> of a
- single RTP stream. For example, if several streams share a master
-
-
-
-Baugher, et al. Standards Track [Page 34]
-
-RFC 3711 SRTP March 2004
-
-
- key, there is no simple one-to-one correspondence between the index
- sequence space of a certain stream, and the index sequence space on
- which the <From, To> values are based. Consequently, when a master
- key is shared between streams, one of these streams MUST be
- designated by key management as the one whose index space defines the
- re-keying points. Also, the re-key triggering on SRTCP is based on
- the correspondent SRTP stream, i.e., when the SRTP stream changes the
- master key, so does the correspondent SRTCP. This becomes obviously
- more and more complex with multiple streams.
-
- The default values for the <From, To> are "from the first observed
- packet" and "until further notice". However, the maximum limit of
- SRTP/SRTCP packets that are sent under each given master/session key
- (Section 9.2) MUST NOT be exceeded.
-
- In case the <From, To> is used as key retrieval, then the MKI is not
- inserted in the packet (and its indicator in the crypto context is
- zero). However, using the MKI does not exclude using <From, To> key
- lifetime simultaneously. This can for instance be useful to signal
- at the sender side at which point in time an MKI is to be made
- active.
-
-8.2. Key Management parameters
-
- The table below lists all SRTP parameters that key management can
- supply. For reference, it also provides a summary of the default and
- mandatory-to-support values for an SRTP implementation as described
- in Section 5.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 35]
-
-RFC 3711 SRTP March 2004
-
-
- Parameter Mandatory-to-support Default
- --------- -------------------- -------
-
- SRTP and SRTCP encr transf. AES_CM, NULL AES_CM
- (Other possible values: AES_f8)
-
- SRTP and SRTCP auth transf. HMAC-SHA1 HMAC-SHA1
-
- SRTP and SRTCP auth params:
- n_tag (tag length) 80 80
- SRTP prefix_length 0 0
-
- Key derivation PRF AES_CM AES_CM
-
- Key material params
- (for each master key):
- master key length 128 128
- n_e (encr session key length) 128 128
- n_a (auth session key length) 160 160
- master salt key
- length of the master salt 112 112
- n_s (session salt key length) 112 112
- key derivation rate 0 0
-
- key lifetime
- SRTP-packets-max-lifetime 2^48 2^48
- SRTCP-packets-max-lifetime 2^31 2^31
- from-to-lifetime <From, To>
- MKI indicator 0 0
- length of the MKI 0 0
- value of the MKI
-
- Crypto context index params:
- SSRC value
- ROC
- SEQ
- SRTCP Index
- Transport address
- Port number
-
- Relation to other RTP profiles:
- sender's order between FEC and SRTP FEC-SRTP FEC-SRTP
- (see Section 10)
-
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 36]
-
-RFC 3711 SRTP March 2004
-
-
-9. Security Considerations
-
-9.1. SSRC collision and two-time pad
-
- Any fixed keystream output, generated from the same key and index
- MUST only be used to encrypt once. Re-using such keystream (jokingly
- called a "two-time pad" system by cryptographers), can seriously
- compromise security. The NSA's VENONA project [C99] provides a
- historical example of such a compromise. It is REQUIRED that
- automatic key management be used for establishing and maintaining
- SRTP and SRTCP keying material; this requirement is to avoid
- keystream reuse, which is more likely to occur with manual key
- management. Furthermore, in SRTP, a "two-time pad" is avoided by
- requiring the key, or some other parameter of cryptographic
- significance, to be unique per RTP/RTCP stream and packet. The pre-
- defined SRTP transforms accomplish packet-uniqueness by including the
- packet index and stream-uniqueness by inclusion of the SSRC.
-
- The pre-defined transforms (AES-CM and AES-f8) allow master keys to
- be shared across streams belonging to the same RTP session by the
- inclusion of the SSRC in the IV. A master key MUST NOT be shared
- among different RTP sessions.
-
- Thus, the SSRC MUST be unique between all the RTP streams within the
- same RTP session that share the same master key. RTP itself provides
- an algorithm for detecting SSRC collisions within the same RTP
- session. Thus, temporary collisions could lead to temporary two-time
- pad, in the unfortunate event that SSRCs collide at a point in time
- when the streams also have identical sequence numbers (occurring with
- probability roughly 2^(-48)). Therefore, the key management SHOULD
- take care of avoiding such SSRC collisions by including the SSRCs to
- be used in the session as negotiation parameters, proactively
- assuring their uniqueness. This is a strong requirements in
- scenarios where for example, there are multiple senders that can
- start to transmit simultaneously, before SSRC collision are detected
- at the RTP level.
-
- Note also that even with distinct SSRCs, extensive use of the same
- key might improve chances of probabilistic collision and time-
- memory-tradeoff attacks succeeding.
-
- As described, master keys MAY be shared between streams belonging to
- the same RTP session, but it is RECOMMENDED that each SSRC have its
- own master key. When master keys are shared among SSRC participants
- and SSRCs are managed by a key management module as recommended
- above, the RECOMMENDED policy for an SSRC collision error is for the
- participant to leave the SRTP session as it is a sign of malfunction.
-
-
-
-
-Baugher, et al. Standards Track [Page 37]
-
-RFC 3711 SRTP March 2004
-
-
-9.2. Key Usage
-
- The effective key size is determined (upper bounded) by the size of
- the master key and, for encryption, the size of the salting key. Any
- additive stream cipher is vulnerable to attacks that use statistical
- knowledge about the plaintext source to enable key collision and
- time-memory tradeoff attacks [MF00] [H80] [BS00]. These attacks take
- advantage of commonalities among plaintexts, and provide a way for a
- cryptanalyst to amortize the computational effort of decryption over
- many keys, or over many bytes of output, thus reducing the effective
- key size of the cipher. A detailed analysis of these attacks and
- their applicability to the encryption of Internet traffic is provided
- in [MF00]. In summary, the effective key size of SRTP when used in a
- security system in which m distinct keys are used, is equal to the
- key size of the cipher less the logarithm (base two) of m.
- Protection against such attacks can be provided simply by increasing
- the size of the keys used, which here can be accomplished by the use
- of the salting key. Note that the salting key MUST be random but MAY
- be public. A salt size of (the suggested) size 112 bits protects
- against attacks in scenarios where at most 2^112 keys are in use.
- This is sufficient for all practical purposes.
-
- Implementations SHOULD use keys that are as large as possible.
- Please note that in many cases increasing the key size of a cipher
- does not affect the throughput of that cipher.
-
- The use of the SRTP and SRTCP indices in the pre-defined transforms
- fixes the maximum number of packets that can be secured with the same
- key. This limit is fixed to 2^48 SRTP packets for an SRTP stream,
- and 2^31 SRTCP packets, when SRTP and SRTCP are considered
- independently. Due to for example re-keying, reaching this limit may
- or may not coincide with wrapping of the indices, and thus the sender
- MUST keep packet counts. However, when the session keys for related
- SRTP and SRTCP streams are derived from the same master key (the
- default behavior, Section 4.3), the upper bound that has to be
- considered is in practice the minimum of the two quantities. That
- is, when 2^48 SRTP packets or 2^31 SRTCP packets have been secured
- with the same key (whichever occurs before), the key management MUST
- be called to provide new master key(s) (previously stored and used
- keys MUST NOT be used again), or the session MUST be terminated. If
- a sender of RTCP discovers that the sender of SRTP (or SRTCP) has not
- updated the master or session key prior to sending 2^48 SRTP (or 2^31
- SRTCP) packets belonging to the same SRTP (SRTCP) stream, it is up to
- the security policy of the RTCP sender how to behave, e.g., whether
- an RTCP BYE-packet should be sent and/or if the event should be
- logged.
-
-
-
-
-
-Baugher, et al. Standards Track [Page 38]
-
-RFC 3711 SRTP March 2004
-
-
- Note: in most typical applications (assuming at least one RTCP packet
- for every 128,000 RTP packets), it will be the SRTCP index that first
- reaches the upper limit, although the time until this occurs is very
- long: even at 200 SRTCP packets/sec, the 2^31 index space of SRTCP is
- enough to secure approximately 4 months of communication.
-
- Note that if the master key is to be shared between SRTP streams
- within the same RTP session (Section 9.1), although the above bounds
- are on a per stream (i.e., per SSRC) basis, the sender MUST base re-
- key decision on the stream whose sequence number space is the first
- to be exhausted.
-
- Key derivation limits the amount of plaintext that is encrypted with
- a fixed session key, and made available to an attacker for analysis,
- but key derivation does not extend the master key's lifetime. To see
- this, simply consider our requirements to avoid two-time pad: two
- distinct packets MUST either be processed with distinct IVs, or with
- distinct session keys, and both the distinctness of IV and of the
- session keys are (for the pre-defined transforms) dependent on the
- distinctness of the packet indices.
-
- Note that with the key derivation, the effective key size is at most
- that of the master key, even if the derived session key is
- considerably longer. With the pre-defined authentication transform,
- the session authentication key is 160 bits, but the master key by
- default is only 128 bits. This design choice was made to comply with
- certain recommendations in [RFC2104] so that an existing HMAC
- implementation can be plugged into SRTP without problems. Since the
- default tag size is 80 bits, it is, for the applications in mind,
- also considered acceptable from security point of view. Users having
- concerns about this are RECOMMENDED to instead use a 192 bit master
- key in the key derivation. It was, however, chosen not to mandate
- 192-bit keys since existing AES implementations to be used in the
- key-derivation may not always support key-lengths other than 128
- bits. Since AES is not defined (or properly analyzed) for use with
- 160 bit keys it is NOT RECOMMENDED that ad-hoc key-padding schemes
- are used to pad shorter keys to 192 or 256 bits.
-
-9.3. Confidentiality of the RTP Payload
-
- SRTP's pre-defined ciphers are "seekable" stream ciphers, i.e.,
- ciphers able to efficiently seek to arbitrary locations in their
- keystream (so that the encryption or decryption of one packet does
- not depend on preceding packets). By using seekable stream ciphers,
- SRTP avoids the denial of service attacks that are possible on stream
- ciphers that lack this property. It is important to be aware that,
- as with any stream cipher, the exact length of the payload is
- revealed by the encryption. This means that it may be possible to
-
-
-
-Baugher, et al. Standards Track [Page 39]
-
-RFC 3711 SRTP March 2004
-
-
- deduce certain "formatting bits" of the payload, as the length of the
- codec output might vary due to certain parameter settings etc. This,
- in turn, implies that the corresponding bit of the keystream can be
- deduced. However, if the stream cipher is secure (counter mode and
- f8 are provably secure under certain assumptions [BDJR] [KSYH] [IK]),
- knowledge of a few bits of the keystream will not aid an attacker in
- predicting subsequent keystream bits. Thus, the payload length (and
- information deducible from this) will leak, but nothing else.
-
- As some RTP packet could contain highly predictable data, e.g., SID,
- it is important to use a cipher designed to resist known plaintext
- attacks (which is the current practice).
-
-9.4. Confidentiality of the RTP Header
-
- In SRTP, RTP headers are sent in the clear to allow for header
- compression. This means that data such as payload type,
- synchronization source identifier, and timestamp are available to an
- eavesdropper. Moreover, since RTP allows for future extensions of
- headers, we cannot foresee what kind of possibly sensitive
- information might also be "leaked".
-
- SRTP is a low-cost method, which allows header compression to reduce
- bandwidth. It is up to the endpoints' policies to decide about the
- security protocol to employ. If one really needs to protect headers,
- and is allowed to do so by the surrounding environment, then one
- should also look at alternatives, e.g., IPsec [RFC2401].
-
-9.5. Integrity of the RTP payload and header
-
- SRTP messages are subject to attacks on their integrity and source
- identification, and these risks are discussed in Section 9.5.1. To
- protect against these attacks, each SRTP stream SHOULD be protected
- by HMAC-SHA1 [RFC2104] with an 80-bit output tag and a 160-bit key,
- or a message authentication code with equivalent strength. Secure
- RTP SHOULD NOT be used without message authentication, except under
- the circumstances described in this section. It is important to note
- that encryption algorithms, including AES Counter Mode and f8, do not
- provide message authentication. SRTCP MUST NOT be used with weak (or
- NULL) authentication.
-
- SRTP MAY be used with weak authentication (e.g., a 32-bit
- authentication tag), or with no authentication (the NULL
- authentication algorithm). These options allow SRTP to be used to
- provide confidentiality in situations where
-
- * weak or null authentication is an acceptable security risk, and
- * it is impractical to provide strong message authentication.
-
-
-
-Baugher, et al. Standards Track [Page 40]
-
-RFC 3711 SRTP March 2004
-
-
- These conditions are described below and in Section 7.5. Note that
- both conditions MUST hold in order for weak or null authentication to
- be used. The risks associated with exercising the weak or null
- authentication options need to be considered by a security audit
- prior to their use for a particular application or environment given
- the risks, which are discussed in Section 9.5.1.
-
- Weak authentication is acceptable when the RTP application is such
- that the effect of a small fraction of successful forgeries is
- negligible. If the application is stateless, then the effect of a
- single forged RTP packet is limited to the decoding of that
- particular packet. Under this condition, the size of the
- authentication tag MUST ensure that only a negligible fraction of the
- packets passed to the RTP application by the SRTP receiver can be
- forgeries. This fraction is negligible when an adversary, if given
- control of the forged packets, is not able to make a significant
- impact on the output of the RTP application (see the example of
- Section 7.5).
-
- Weak or null authentication MAY be acceptable when it is unlikely
- that an adversary can modify ciphertext so that it decrypts to an
- intelligible value. One important case is when it is difficult for
- an adversary to acquire the RTP plaintext data, since for many
- codecs, an adversary that does not know the input signal cannot
- manipulate the output signal in a controlled way. In many cases it
- may be difficult for the adversary to determine the actual value of
- the plaintext. For example, a hidden snooping device might be
- required in order to know a live audio or video signal. The
- adversary's signal must have a quality equivalent to or greater than
- that of the signal under attack, since otherwise the adversary would
- not have enough information to encode that signal with the codec used
- by the victim. Plaintext prediction may also be especially difficult
- for an interactive application such as a telephone call.
-
- Weak or null authentication MUST NOT be used when the RTP application
- makes data forwarding or access control decisions based on the RTP
- data. In such a case, an attacker may be able to subvert
- confidentiality by causing the receiver to forward data to an
- attacker. See Section 3 of [B96] for a real-life example of such
- attacks.
-
- Null authentication MUST NOT be used when a replay attack, in which
- an adversary stores packets then replays them later in the session,
- could have a non-negligible impact on the receiver. An example of a
- successful replay attack is the storing of the output of a
- surveillance camera for a period of time, later followed by the
-
-
-
-
-
-Baugher, et al. Standards Track [Page 41]
-
-RFC 3711 SRTP March 2004
-
-
- injection of that output to the monitoring station to avoid
- surveillance. Encryption does not protect against this attack, and
- non-null authentication is REQUIRED in order to defeat it.
-
- If existential message forgery is an issue, i.e., when the accuracy
- of the received data is of non-negligible importance, null
- authentication MUST NOT be used.
-
-9.5.1. Risks of Weak or Null Message Authentication
-
- During a security audit considering the use of weak or null
- authentication, it is important to keep in mind the following attacks
- which are possible when no message authentication algorithm is used.
-
- An attacker who cannot predict the plaintext is still always able to
- modify the message sent between the sender and the receiver so that
- it decrypts to a random plaintext value, or to send a stream of bogus
- packets to the receiver that will decrypt to random plaintext values.
- This attack is essentially a denial of service attack, though in the
- absence of message authentication, the RTP application will have
- inputs that are bit-wise correlated with the true value. Some
- multimedia codecs and common operating systems will crash when such
- data are accepted as valid video data. This denial of service attack
- may be a much larger threat than that due to an attacker dropping,
- delaying, or re-ordering packets.
-
- An attacker who cannot predict the plaintext can still replay a
- previous message with certainty that the receiver will accept it.
- Applications with stateless codecs might be robust against this type
- of attack, but for other, more complex applications these attacks may
- be far more grave.
-
- An attacker who can predict the plaintext can modify the ciphertext
- so that it will decrypt to any value of her choosing. With an
- additive stream cipher, an attacker will always be able to change
- individual bits.
-
- An attacker may be able to subvert confidentiality due to the lack of
- authentication when a data forwarding or access control decision is
- made on decrypted but unauthenticated plaintext. This is because the
- receiver may be fooled into forwarding data to an attacker, leading
- to an indirect breach of confidentiality (see Section 3 of [B96]).
- This is because data-forwarding decisions are made on the decrypted
- plaintext; information in the plaintext will determine to what subnet
- (or process) the plaintext is forwarded in ESP [RFC2401] tunnel mode
- (respectively, transport mode). When Secure RTP is used without
-
-
-
-
-
-Baugher, et al. Standards Track [Page 42]
-
-RFC 3711 SRTP March 2004
-
-
- message authentication, it should be verified that the application
- does not make data forwarding or access control decisions based on
- the decrypted plaintext.
-
- Some cipher modes of operation that require padding, e.g., standard
- cipher block chaining (CBC) are very sensitive to attacks on
- confidentiality if certain padding types are used in the absence of
- integrity. The attack [V02] shows that this is indeed the case for
- the standard RTP padding as discussed in reference to Figure 1, when
- used together with CBC mode. Later transform additions to SRTP MUST
- therefore carefully consider the risk of using this padding without
- proper integrity protection.
-
-9.5.2. Implicit Header Authentication
-
- The IV formation of the f8-mode gives implicit authentication (IHA)
- of the RTP header, even when message authentication is not used.
- When IHA is used, an attacker that modifies the value of the RTP
- header will cause the decryption process at the receiver to produce
- random plaintext values. While this protection is not equivalent to
- message authentication, it may be useful for some applications.
-
-10. Interaction with Forward Error Correction mechanisms
-
- The default processing when using Forward Error Correction (e.g., RFC
- 2733) processing with SRTP SHALL be to perform FEC processing prior
- to SRTP processing on the sender side and to perform SRTP processing
- prior to FEC processing on the receiver side. Any change to this
- ordering (reversing it, or, placing FEC between SRTP encryption and
- SRTP authentication) SHALL be signaled out of band.
-
-11. Scenarios
-
- SRTP can be used as security protocol for the RTP/RTCP traffic in
- many different scenarios. SRTP has a number of configuration
- options, in particular regarding key usage, and can have impact on
- the total performance of the application according to the way it is
- used. Hence, the use of SRTP is dependent on the kind of scenario
- and application it is used with. In the following, we briefly
- illustrate some use cases for SRTP, and give some guidelines for
- recommended setting of its options.
-
-11.1. Unicast
-
- A typical example would be a voice call or video-on-demand
- application.
-
-
-
-
-
-Baugher, et al. Standards Track [Page 43]
-
-RFC 3711 SRTP March 2004
-
-
- Consider one bi-directional RTP stream, as one RTP session. It is
- possible for the two parties to share the same master key in the two
- directions according to the principles of Section 9.1. The first
- round of the key derivation splits the master key into any or all of
- the following session keys (according to the provided security
- functions):
-
- SRTP_encr_key, SRTP_auth_key, SRTCP_encr_key, and SRTCP_auth key.
-
- (For simplicity, we omit discussion of the salts, which are also
- derived.) In this scenario, it will in most cases suffice to have a
- single master key with the default lifetime. This guarantees
- sufficiently long lifetime of the keys and a minimum set of keys in
- place for most practical purposes. Also, in this case RTCP
- protection can be applied smoothly. Under these assumptions, use of
- the MKI can be omitted. As the key-derivation in combination with
- large difference in the packet rate in the respective directions may
- require simultaneous storage of several session keys, if storage is
- an issue, we recommended to use low-rate key derivation.
-
- The same considerations can be extended to the unicast scenario with
- multiple RTP sessions, where each session would have a distinct
- master key.
-
-11.2. Multicast (one sender)
-
- Just as with (unprotected) RTP, a scalability issue arises in big
- groups due to the possibly very large amount of SRTCP Receiver
- Reports that the sender might need to process. In SRTP, the sender
- may have to keep state (the cryptographic context) for each receiver,
- or more precisely, for the SRTCP used to protect Receiver Reports.
- The overhead increases proportionally to the size of the group. In
- particular, re-keying requires special concern, see below.
-
- Consider first a small group of receivers. There are a few possible
- setups with the distribution of master keys among the receivers.
- Given a single RTP session, one possibility is that the receivers
- share the same master key as per Section 9.1 to secure all their
- respective RTCP traffic. This shared master key could then be the
- same one used by the sender to protect its outbound SRTP traffic.
- Alternatively, it could be a master key shared only among the
- receivers and used solely for their SRTCP traffic. Both alternatives
- require the receivers to trust each other.
-
- Considering SRTCP and key storage, it is recommended to use low-rate
- (or zero) key_derivation (except the mandatory initial one), so that
- the sender does not need to store too many session keys (each SRTCP
- stream might otherwise have a different session key at a given point
-
-
-
-Baugher, et al. Standards Track [Page 44]
-
-RFC 3711 SRTP March 2004
-
-
- in time, as the SRTCP sources send at different times). Thus, in
- case key derivation is wanted for SRTP, the cryptographic context for
- SRTP can be kept separate from the SRTCP crypto context, so that it
- is possible to have a key_derivation_rate of 0 for SRTCP and a non-
- zero value for SRTP.
-
- Use of the MKI for re-keying is RECOMMENDED for most applications
- (see Section 8.1).
-
- If there are more than one SRTP/SRTCP stream (within the same RTP
- session) that share the master key, the upper limit of 2^48 SRTP
- packets / 2^31 SRTCP packets means that, before one of the streams
- reaches its maximum number of packets, re-keying MUST be triggered on
- ALL streams sharing the master key. (From strict security point of
- view, only the stream reaching the maximum would need to be re-keyed,
- but then the streams would no longer be sharing master key, which is
- the intention.) A local policy at the sender side should force
- rekeying in a way that the maximum packet limit is not reached on any
- of the streams. Use of the MKI for re-keying is RECOMMENDED.
-
- In large multicast with one sender, the same considerations as for
- the small group multicast hold. The biggest issue in this scenario
- is the additional load placed at the sender side, due to the state
- (cryptographic contexts) that has to be maintained for each receiver,
- sending back RTCP Receiver Reports. At minimum, a replay window
- might need to be maintained for each RTCP source.
-
-11.3. Re-keying and access control
-
- Re-keying may occur due to access control (e.g., when a member is
- removed during a multicast RTP session), or for pure cryptographic
- reasons (e.g., the key is at the end of its lifetime). When using
- SRTP default transforms, the master key MUST be replaced before any
- of the index spaces are exhausted for any of the streams protected by
- one and the same master key.
-
- How key management re-keys SRTP implementations is out of scope, but
- it is clear that there are straightforward ways to manage keys for a
- multicast group. In one-sender multicast, for example, it is
- typically the responsibility of the sender to determine when a new
- key is needed. The sender is the one entity that can keep track of
- when the maximum number of packets has been sent, as receivers may
- join and leave the session at any time, there may be packet loss and
- delay etc. In scenarios other than one-sender multicast, other
- methods can be used. Here, one must take into consideration that key
- exchange can be a costly operation, taking several seconds for a
- single exchange. Hence, some time before the master key is
- exhausted/expires, out-of-band key management is initiated, resulting
-
-
-
-Baugher, et al. Standards Track [Page 45]
-
-RFC 3711 SRTP March 2004
-
-
- in a new master key that is shared with the receiver(s). In any
- event, to maintain synchronization when switching to the new key,
- group policy might choose between using the MKI and the <From, To>,
- as described in Section 8.1.
-
- For access control purposes, the <From, To> periods are set at the
- desired granularity, dependent on the packet rate. High rate re-
- keying can be problematic for SRTCP in some large-group scenarios.
- As mentioned, there are potential problems in using the SRTP index,
- rather than the SRTCP index, for determining the master key. In
- particular, for short periods during switching of master keys, it may
- be the case that SRTCP packets are not under the current master key
- of the correspondent SRTP. Therefore, using the MKI for re-keying in
- such scenarios will produce better results.
-
-11.4. Summary of basic scenarios
-
- The description of these scenarios highlights some recommendations on
- the use of SRTP, mainly related to re-keying and large scale
- multicast:
-
- - Do not use fast re-keying with the <From, To> feature. It may, in
- particular, give problems in retrieving the correct SRTCP key, if
- an SRTCP packet arrives close to the re-keying time. The MKI
- SHOULD be used in this case.
-
- - If multiple SRTP streams in the same RTP session share the same
- master key, also moderate rate re-keying MAY have the same
- problems, and the MKI SHOULD be used.
-
- - Though offering increased security, a non-zero key_derivation_rate
- is NOT RECOMMENDED when trying to minimize the number of keys in
- use with multiple streams.
-
-12. IANA Considerations
-
- The RTP specification establishes a registry of profile names for use
- by higher-level control protocols, such as the Session Description
- Protocol (SDP), to refer to transport methods. This profile
- registers the name "RTP/SAVP".
-
- SRTP uses cryptographic transforms which a key management protocol
- signals. It is the task of each particular key management protocol
- to register the cryptographic transforms or suites of transforms with
- IANA. The key management protocol conveys these protocol numbers,
- not SRTP, and each key management protocol chooses the numbering
- scheme and syntax that it requires.
-
-
-
-
-Baugher, et al. Standards Track [Page 46]
-
-RFC 3711 SRTP March 2004
-
-
- Specification of a key management protocol for SRTP is out of scope
- here. Section 8.2, however, provides guidance on the parameters that
- need to be defined for the default and mandatory transforms.
-
-13. Acknowledgements
-
- David Oran (Cisco) and Rolf Blom (Ericsson) are co-authors of this
- document but their valuable contributions are acknowledged here to
- keep the length of the author list down.
-
- The authors would in addition like to thank Magnus Westerlund, Brian
- Weis, Ghyslain Pelletier, Morgan Lindqvist, Robert Fairlie-
- Cuninghame, Adrian Perrig, the AVT WG and in particular the chairmen
- Colin Perkins and Stephen Casner, the Transport and Security Area
- Directors, and Eric Rescorla for their reviews and support.
-
-14. References
-
-14.1. Normative References
-
- [AES] NIST, "Advanced Encryption Standard (AES)", FIPS PUB 197,
- http://www.nist.gov/aes/
-
- [RFC2104] Krawczyk, H., Bellare, M. and R. Canetti, "HMAC: Keyed-
- Hashing for Message Authentication", RFC 2104, February
- 1997.
-
- [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [RFC2401] Kent, S. and R. Atkinson, "Security Architecture for
- Internet Protocol", RFC 2401, November 1998.
-
- [RFC2828] Shirey, R., "Internet Security Glossary", FYI 36, RFC 2828,
- May 2000.
-
- [RFC3550] Schulzrinne, H., Casner, S., Frederick, R. and V. Jacobson,
- "RTP: A Transport Protocol for Real-time Applications", RFC
- 3550, July 2003.
-
- [RFC3551] Schulzrinne, H. and S. Casner, "RTP Profile for Audio and
- Video Conferences with Minimal Control", RFC 3551, July
- 2003.
-
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 47]
-
-RFC 3711 SRTP March 2004
-
-
-14.2. Informative References
-
- [AES-CTR] Lipmaa, H., Rogaway, P. and D. Wagner, "CTR-Mode
- Encryption", NIST, http://csrc.nist.gov/encryption/modes/
- workshop1/papers/lipmaa-ctr.pdf
-
- [B96] Bellovin, S., "Problem Areas for the IP Security
- Protocols," in Proceedings of the Sixth Usenix Unix
- Security Symposium, pp. 1-16, San Jose, CA, July 1996
- (http://www.research.att.com/~smb/papers/index.html).
-
- [BDJR] Bellare, M., Desai, A., Jokipii, E. and P. Rogaway, "A
- Concrete Treatment of Symmetric Encryption: Analysis of DES
- Modes of Operation", Proceedings 38th IEEE FOCS, pp. 394-
- 403, 1997.
-
- [BS00] Biryukov, A. and A. Shamir, "Cryptanalytic Time/Memory/Data
- Tradeoffs for Stream Ciphers", Proceedings, ASIACRYPT 2000,
- LNCS 1976, pp. 1-13, Springer Verlag.
-
- [C99] Crowell, W. P., "Introduction to the VENONA Project",
- http://www.nsa.gov:8080/docs/venona/index.html.
-
- [CTR] Dworkin, M., NIST Special Publication 800-38A,
- "Recommendation for Block Cipher Modes of Operation:
- Methods and Techniques", 2001.
- http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-
- 38a.pdf.
-
- [f8-a] 3GPP TS 35.201 V4.1.0 (2001-12) Technical Specification 3rd
- Generation Partnership Project; Technical Specification
- Group Services and System Aspects; 3G Security;
- Specification of the 3GPP Confidentiality and Integrity
- Algorithms; Document 1: f8 and f9 Specification (Release
- 4).
-
- [f8-b] 3GPP TR 33.908 V4.0.0 (2001-09) Technical Report 3rd
- Generation Partnership Project; Technical Specification
- Group Services and System Aspects; 3G Security; General
- Report on the Design, Specification and Evaluation of 3GPP
- Standard Confidentiality and Integrity Algorithms (Release
- 4).
-
- [GDOI] Baugher, M., Weis, B., Hardjono, T. and H. Harney, "The
- Group Domain of Interpretation, RFC 3547, July 2003.
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 48]
-
-RFC 3711 SRTP March 2004
-
-
- [HAC] Menezes, A., Van Oorschot, P. and S. Vanstone, "Handbook
- of Applied Cryptography", CRC Press, 1997, ISBN 0-8493-
- 8523-7.
-
- [H80] Hellman, M. E., "A cryptanalytic time-memory trade-off",
- IEEE Transactions on Information Theory, July 1980, pp.
- 401-406.
-
- [IK] T. Iwata and T. Kohno: "New Security Proofs for the 3GPP
- Confidentiality and Integrity Algorithms", Proceedings of
- FSE 2004.
-
- [KINK] Thomas, M. and J. Vilhuber, "Kerberized Internet
- Negotiation of Keys (KINK)", Work in Progress.
-
- [KEYMGT] Arrko, J., et al., "Key Management Extensions for Session
- Description Protocol (SDP) and Real Time Streaming Protocol
- (RTSP)", Work in Progress.
-
- [KSYH] Kang, J-S., Shin, S-U., Hong, D. and O. Yi, "Provable
- Security of KASUMI and 3GPP Encryption Mode f8",
- Proceedings Asiacrypt 2001, Springer Verlag LNCS 2248, pp.
- 255-271, 2001.
-
- [MIKEY] Arrko, J., et. al., "MIKEY: Multimedia Internet KEYing",
- Work in Progress.
-
- [MF00] McGrew, D. and S. Fluhrer, "Attacks on Encryption of
- Redundant Plaintext and Implications on Internet Security",
- the Proceedings of the Seventh Annual Workshop on Selected
- Areas in Cryptography (SAC 2000), Springer-Verlag.
-
- [PCST1] Perrig, A., Canetti, R., Tygar, D. and D. Song, "Efficient
- and Secure Source Authentication for Multicast", in Proc.
- of Network and Distributed System Security Symposium NDSS
- 2001, pp. 35-46, 2001.
-
- [PCST2] Perrig, A., Canetti, R., Tygar, D. and D. Song, "Efficient
- Authentication and Signing of Multicast Streams over Lossy
- Channels", in Proc. of IEEE Security and Privacy Symposium
- S&P2000, pp. 56-73, 2000.
-
- [RFC1750] Eastlake, D., Crocker, S. and J. Schiller, "Randomness
- Recommendations for Security", RFC 1750, December 1994.
-
- [RFC2675] Borman, D., Deering, S. and R. Hinden, "IPv6 Jumbograms",
- RFC 2675, August 1999.
-
-
-
-
-Baugher, et al. Standards Track [Page 49]
-
-RFC 3711 SRTP March 2004
-
-
- [RFC3095] Bormann, C., Burmeister, C., Degermark, M., Fukuhsima, H.,
- Hannu, H., Jonsson, L-E., Hakenberg, R., Koren, T., Le, K.,
- Liu, Z., Martensson, A., Miyazaki, A., Svanbro, K., Wiebke,
- T., Yoshimura, T. and H. Zheng, "RObust Header Compression:
- Framework and Four Profiles: RTP, UDP, ESP, and
- uncompressed (ROHC)", RFC 3095, July 2001.
-
- [RFC3242] Jonsson, L-E. and G. Pelletier, "RObust Header Compression
- (ROHC): A Link-Layer Assisted Profile for IP/UDP/RTP ", RFC
- 3242, April 2002.
-
- [SDMS] Andreasen, F., Baugher, M. and D. Wing, "Session
- Description Protocol Security Descriptions for Media
- Streams", Work in Progress.
-
- [SWO] Svanbro, K., Wiorek, J. and B. Olin, "Voice-over-IP-over-
- wireless", Proc. PIMRC 2000, London, Sept. 2000.
-
- [V02] Vaudenay, S., "Security Flaws Induced by CBC Padding -
- Application to SSL, IPsec, WTLS...", Advances in
- Cryptology, EUROCRYPT'02, LNCS 2332, pp. 534-545.
-
- [WC81] Wegman, M. N., and J.L. Carter, "New Hash Functions and
- Their Use in Authentication and Set Equality", JCSS 22,
- 265-279, 1981.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 50]
-
-RFC 3711 SRTP March 2004
-
-
-Appendix A: Pseudocode for Index Determination
-
- The following is an example of pseudo-code for the algorithm to
- determine the index i of an SRTP packet with sequence number SEQ. In
- the following, signed arithmetic is assumed.
-
- if (s_l < 32,768)
- if (SEQ - s_l > 32,768)
- set v to (ROC-1) mod 2^32
- else
- set v to ROC
- endif
- else
- if (s_l - 32,768 > SEQ)
- set v to (ROC+1) mod 2^32
- else
- set v to ROC
- endif
- endif
- return SEQ + v*65,536
-
-Appendix B: Test Vectors
-
- All values are in hexadecimal.
-
-B.1. AES-f8 Test Vectors
-
- SRTP PREFIX LENGTH : 0
-
- RTP packet header : 806e5cba50681de55c621599
-
- RTP packet payload : 70736575646f72616e646f6d6e657373
- 20697320746865206e65787420626573
- 74207468696e67
-
- ROC : d462564a
- key : 234829008467be186c3de14aae72d62c
- salt key : 32f2870d
- key-mask (m) : 32f2870d555555555555555555555555
- key XOR key-mask : 11baae0dd132eb4d3968b41ffb278379
-
- IV : 006e5cba50681de55c621599d462564a
- IV' : 595b699bbd3bc0df26062093c1ad8f73
-
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 51]
-
-RFC 3711 SRTP March 2004
-
-
- j = 0
- IV' xor j : 595b699bbd3bc0df26062093c1ad8f73
- S(-1) : 00000000000000000000000000000000
- IV' xor S(-1) xor j : 595b699bbd3bc0df26062093c1ad8f73
- S(0) : 71ef82d70a172660240709c7fbb19d8e
- plaintext : 70736575646f72616e646f6d6e657373
- ciphertext : 019ce7a26e7854014a6366aa95d4eefd
-
- j = 1
- IV' xor j : 595b699bbd3bc0df26062093c1ad8f72
- S(0) : 71ef82d70a172660240709c7fbb19d8e
- IV' xor S(0) xor j : 28b4eb4cb72ce6bf020129543a1c12fc
- S(1) : 3abd640a60919fd43bd289a09649b5fc
- plaintext : 20697320746865206e65787420626573
- ciphertext : 1ad4172a14f9faf455b7f1d4b62bd08f
-
- j = 2
- IV' xor j : 595b699bbd3bc0df26062093c1ad8f71
- S(1) : 3abd640a60919fd43bd289a09649b5fc
- IV' xor S(1) xor j : 63e60d91ddaa5f0b1dd4a93357e43a8d
- S(2) : 220c7a8715266565b09ecc8a2a62b11b
- plaintext : 74207468696e67
- ciphertext : 562c0eef7c4802
-
-B.2. AES-CM Test Vectors
-
- Keystream segment length: 1044512 octets (65282 AES blocks)
- Session Key: 2B7E151628AED2A6ABF7158809CF4F3C
- Rollover Counter: 00000000
- Sequence Number: 0000
- SSRC: 00000000
- Session Salt: F0F1F2F3F4F5F6F7F8F9FAFBFCFD0000 (already shifted)
- Offset: F0F1F2F3F4F5F6F7F8F9FAFBFCFD0000
-
- Counter Keystream
-
- F0F1F2F3F4F5F6F7F8F9FAFBFCFD0000 E03EAD0935C95E80E166B16DD92B4EB4
- F0F1F2F3F4F5F6F7F8F9FAFBFCFD0001 D23513162B02D0F72A43A2FE4A5F97AB
- F0F1F2F3F4F5F6F7F8F9FAFBFCFD0002 41E95B3BB0A2E8DD477901E4FCA894C0
- ... ...
- F0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF EC8CDF7398607CB0F2D21675EA9EA1E4
- F0F1F2F3F4F5F6F7F8F9FAFBFCFDFF00 362B7C3C6773516318A077D7FC5073AE
- F0F1F2F3F4F5F6F7F8F9FAFBFCFDFF01 6A2CC3787889374FBEB4C81B17BA6C44
-
- Nota Bene: this test case is contrived so that the latter part of the
- keystream segment coincides with the test case in Section F.5.1 of
- [CTR].
-
-
-
-
-Baugher, et al. Standards Track [Page 52]
-
-RFC 3711 SRTP March 2004
-
-
-B.3. Key Derivation Test Vectors
-
- This section provides test data for the default key derivation
- function, which uses AES-128 in Counter Mode. In the following, we
- walk through the initial key derivation for the AES-128 Counter Mode
- cipher, which requires a 16 octet session encryption key and a 14
- octet session salt, and an authentication function which requires a
- 94-octet session authentication key. These values are called the
- cipher key, the cipher salt, and the auth key in the following.
- Since this is the initial key derivation and the key derivation rate
- is equal to zero, the value of (index DIV key_derivation_rate) is
- zero (actually, a six-octet string of zeros). In the following, we
- shorten key_derivation_rate to kdr.
-
- The inputs to the key derivation function are the 16 octet master key
- and the 14 octet master salt:
-
- master key: E1F97A0D3E018BE0D64FA32C06DE4139
- master salt: 0EC675AD498AFEEBB6960B3AABE6
-
- We first show how the cipher key is generated. The input block for
- AES-CM is generated by exclusive-oring the master salt with the
- concatenation of the encryption key label 0x00 with (index DIV kdr),
- then padding on the right with two null octets (which implements the
- multiply-by-2^16 operation, see Section 4.3.3). The resulting value
- is then AES-CM- encrypted using the master key to get the cipher key.
-
- index DIV kdr: 000000000000
- label: 00
- master salt: 0EC675AD498AFEEBB6960B3AABE6
- -----------------------------------------------
- xor: 0EC675AD498AFEEBB6960B3AABE6 (x, PRF input)
-
- x*2^16: 0EC675AD498AFEEBB6960B3AABE60000 (AES-CM input)
-
- cipher key: C61E7A93744F39EE10734AFE3FF7A087 (AES-CM output)
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 53]
-
-RFC 3711 SRTP March 2004
-
-
- Next, we show how the cipher salt is generated. The input block for
- AES-CM is generated by exclusive-oring the master salt with the
- concatenation of the encryption salt label. That value is padded and
- encrypted as above.
-
- index DIV kdr: 000000000000
- label: 02
- master salt: 0EC675AD498AFEEBB6960B3AABE6
-
- ----------------------------------------------
- xor: 0EC675AD498AFEE9B6960B3AABE6 (x, PRF input)
-
- x*2^16: 0EC675AD498AFEE9B6960B3AABE60000 (AES-CM input)
-
- 30CBBC08863D8C85D49DB34A9AE17AC6 (AES-CM ouptut)
-
- cipher salt: 30CBBC08863D8C85D49DB34A9AE1
-
- We now show how the auth key is generated. The input block for AES-
- CM is generated as above, but using the authentication key label.
-
- index DIV kdr: 000000000000
- label: 01
- master salt: 0EC675AD498AFEEBB6960B3AABE6
- -----------------------------------------------
- xor: 0EC675AD498AFEEAB6960B3AABE6 (x, PRF input)
-
- x*2^16: 0EC675AD498AFEEAB6960B3AABE60000 (AES-CM input)
-
- Below, the auth key is shown on the left, while the corresponding AES
- input blocks are shown on the right.
-
- auth key AES input blocks
- CEBE321F6FF7716B6FD4AB49AF256A15 0EC675AD498AFEEAB6960B3AABE60000
- 6D38BAA48F0A0ACF3C34E2359E6CDBCE 0EC675AD498AFEEAB6960B3AABE60001
- E049646C43D9327AD175578EF7227098 0EC675AD498AFEEAB6960B3AABE60002
- 6371C10C9A369AC2F94A8C5FBCDDDC25 0EC675AD498AFEEAB6960B3AABE60003
- 6D6E919A48B610EF17C2041E47403576 0EC675AD498AFEEAB6960B3AABE60004
- 6B68642C59BBFC2F34DB60DBDFB2 0EC675AD498AFEEAB6960B3AABE60005
-
-
-
-
-
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 54]
-
-RFC 3711 SRTP March 2004
-
-
-Authors' Addresses
-
- Questions and comments should be directed to the authors and
- avt@ietf.org:
-
- Mark Baugher
- Cisco Systems, Inc.
- 5510 SW Orchid Street
- Portland, OR 97219 USA
-
- Phone: +1 408-853-4418
- EMail: mbaugher@cisco.com
-
-
- Elisabetta Carrara
- Ericsson Research
- SE-16480 Stockholm
- Sweden
-
- Phone: +46 8 50877040
- EMail: elisabetta.carrara@ericsson.com
-
-
- David A. McGrew
- Cisco Systems, Inc.
- San Jose, CA 95134-1706
- USA
-
- Phone: +1 301-349-5815
- EMail: mcgrew@cisco.com
-
-
- Mats Naslund
- Ericsson Research
- SE-16480 Stockholm
- Sweden
-
- Phone: +46 8 58533739
- EMail: mats.naslund@ericsson.com
-
-
- Karl Norrman
- Ericsson Research
- SE-16480 Stockholm
- Sweden
-
- Phone: +46 8 4044502
- EMail: karl.norrman@ericsson.com
-
-
-
-Baugher, et al. Standards Track [Page 55]
-
-RFC 3711 SRTP March 2004
-
-
-Full Copyright Statement
-
- Copyright (C) The Internet Society (2004). This document is subject
- to the rights, licenses and restrictions contained in BCP 78 and
- except as set forth therein, the authors retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at ietf-
- ipr@ietf.org.
-
-Acknowledgement
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-
-
-Baugher, et al. Standards Track [Page 56]
-
diff --git a/googlepatches/google-10-srtp-ios-fixes.pack b/googlepatches/google-10-srtp-ios-fixes.pack
deleted file mode 100644
index 53d0c88..0000000
--- a/googlepatches/google-10-srtp-ios-fixes.pack
+++ /dev/null
@@ -1,99 +0,0 @@
-Change 19593349 by seh@seh-gcomm_android on 2011/02/18 16:57:20 *pending*
-
- Merge in changes from GComm for mobile's version.
-
- PRESUBMIT=passed
- R=astor,hta,juberti,mikaelp,tschmelcher
- CC=a2a-mobile
- DELTA=7 (3 added, 0 deleted, 4 changed)
- OCL=19593349
-
-Affected files ...
-
-... //depot/google3/third_party/libsrtp/README.google#6 edit
-... //depot/google3/third_party/libsrtp/crypto/ae_xfm/xfm.c#4 edit
-... //depot/google3/third_party/libsrtp/crypto/cipher/aes_icm.c#4 edit
-... //depot/google3/third_party/libsrtp/crypto/include/config.h#5 edit
-... //depot/google3/third_party/libsrtp/srtp/ekt.c#3 edit
-
-==== //depot/google3/third_party/libsrtp/README.google#6 - /Users/seh/dev/source/gcomm_android/google3/third_party/libsrtp/README.google ====
-# action=edit type=text
---- google3/third_party/libsrtp/README.google 2011-02-18 17:17:34.000000000 -0800
-+++ google3/third_party/libsrtp/README.google 2011-02-18 17:31:53.000000000 -0800
-@@ -19,3 +19,6 @@
- - applied a security fix to not accept unencrypted SRTP unless specified by policy.
- - applied a fix to not crash when receiving a RTCP packet that had a much larger sequence number than the previous RTCP packet
- - all patches are stored individually in the googlepatches subdirectory
-+- iOS related changes.
-+ undefine HAVE_BYTESWAP_H in config.h
-+ Fix debug build compile errors: added static keyword to inline methods and undefined DEBUG before #define DEBUG
-\ No newline at end of file
-==== //depot/google3/third_party/libsrtp/crypto/ae_xfm/xfm.c#4 - /Users/seh/dev/source/gcomm_android/google3/third_party/libsrtp/crypto/ae_xfm/xfm.c ====
-# action=edit type=text
---- google3/third_party/libsrtp/crypto/ae_xfm/xfm.c 2011-02-18 16:57:41.000000000 -0800
-+++ google3/third_party/libsrtp/crypto/ae_xfm/xfm.c 2011-02-18 16:09:33.000000000 -0800
-@@ -177,6 +177,7 @@
-
- #define ENC 1
-
-+#undef DEBUG
- #define DEBUG 0
-
- err_status_t
-==== //depot/google3/third_party/libsrtp/crypto/cipher/aes_icm.c#4 - /Users/seh/dev/source/gcomm_android/google3/third_party/libsrtp/crypto/cipher/aes_icm.c ====
-# action=edit type=text
---- google3/third_party/libsrtp/crypto/cipher/aes_icm.c 2011-02-18 16:57:41.000000000 -0800
-+++ google3/third_party/libsrtp/crypto/cipher/aes_icm.c 2011-02-18 16:47:09.000000000 -0800
-@@ -285,7 +285,7 @@
- * this is an internal, hopefully inlined function
- */
-
--inline void
-+static inline void
- aes_icm_advance_ismacryp(aes_icm_ctx_t *c, uint8_t forIsmacryp) {
- /* fill buffer with new keystream */
- v128_copy(&c->keystream_buffer, &c->counter);
-==== //depot/google3/third_party/libsrtp/crypto/include/config.h#5 - /Users/seh/dev/source/gcomm_android/google3/third_party/libsrtp/crypto/include/config.h ====
-# action=edit type=text
---- google3/third_party/libsrtp/crypto/include/config.h 2011-02-18 16:57:41.000000000 -0800
-+++ google3/third_party/libsrtp/crypto/include/config.h 2011-02-18 16:41:52.000000000 -0800
-@@ -193,6 +193,8 @@
- #define inline
- #endif
- typedef short int16_t;
-+#elif defined(IOS)
-+#undef HAVE_BYTESWAP_H
- /* Adjustments to build on MacOS. */
- #elif defined(OSX)
- #undef DEV_URANDOM
-==== //depot/google3/third_party/libsrtp/srtp/ekt.c#3 - /Users/seh/dev/source/gcomm_android/google3/third_party/libsrtp/srtp/ekt.c ====
-# action=edit type=text
---- google3/third_party/libsrtp/srtp/ekt.c 2011-02-18 16:57:41.000000000 -0800
-+++ google3/third_party/libsrtp/srtp/ekt.c 2011-02-18 16:51:58.000000000 -0800
-@@ -90,7 +90,7 @@
- return 0;
- }
-
--inline ekt_spi_t
-+static inline ekt_spi_t
- srtcp_packet_get_ekt_spi(const uint8_t *packet_start, unsigned pkt_octet_len) {
- const uint8_t *spi_location;
-
-@@ -99,7 +99,7 @@
- return *((const ekt_spi_t *)spi_location);
- }
-
--inline uint32_t
-+static inline uint32_t
- srtcp_packet_get_ekt_roc(const uint8_t *packet_start, unsigned pkt_octet_len) {
- const uint8_t *roc_location;
-
-@@ -108,7 +108,7 @@
- return *((const uint32_t *)roc_location);
- }
-
--inline const uint8_t *
-+static inline const uint8_t *
- srtcp_packet_get_emk_location(const uint8_t *packet_start,
- unsigned pkt_octet_len) {
- const uint8_t *location;
diff --git a/googlepatches/google-11-srtp-replay-fix.patch b/googlepatches/google-11-srtp-replay-fix.patch
deleted file mode 100644
index 46d3f7f..0000000
--- a/googlepatches/google-11-srtp-replay-fix.patch
+++ /dev/null
@@ -1,107 +0,0 @@
-==== //depot/google3/third_party/libsrtp/README.google#8 - None ====
-# action=edit type=text
---- google3/third_party/libsrtp/README.google 2011-02-22 19:05:30.000000000 -0800
-+++ google3/third_party/libsrtp/README.google 2011-05-27 17:56:49.000000000 -0700
-@@ -21,4 +21,6 @@
- - all patches are stored individually in the googlepatches subdirectory
- - iOS related changes.
- undefine HAVE_BYTESWAP_H in config.h
-- Fix debug build compile errors: added static keyword to inline methods and undefined DEBUG before #define DEBUG
-\ No newline at end of file
-+ Fix debug build compile errors: added static keyword to inline methods and undefined DEBUG before #define DEBUG
-+- Fixed a bug related to replay detection when sequence number rolls back
-+ arround 0. (Currently contacting libsrtp developers for upstream.)
-==== //depot/google3/third_party/libsrtp/crypto/replay/rdbx.c#5 - None ====
-# action=edit type=text
---- google3/third_party/libsrtp/crypto/replay/rdbx.c 2010-02-25 06:36:30.000000000 -0800
-+++ google3/third_party/libsrtp/crypto/replay/rdbx.c 2011-05-27 17:56:49.000000000 -0700
-@@ -145,7 +145,16 @@
- if (local_seq < seq_num_median) {
- if (s - local_seq > seq_num_median) {
- guess_roc = local_roc - 1;
-- difference = seq_num_max - s + local_seq;
-+ // The return value is the relative difference from local_seq to s.
-+ // The original value is negation of its purpose. According to document
-+ // http://www.ietf.org/rfc/rfc3711.txt, when this condition is true, the
-+ // resulting new index should be (local_roc-1, s). But original logic
-+ // will end up positive difference and rdbx_check would pass. Hence after
-+ // rdbx_add_index would make local index to be the wrong value because
-+ // local index should not be updated in this case. For example, when
-+ // local index is (1, 100) and next sequence is 65530, the wrong updated
-+ // index would be (1, 205).
-+ difference = s - local_seq - seq_num_max;
- } else {
- guess_roc = local_roc;
- difference = s - local_seq;
-==== //depot/google3/third_party/libsrtp/test/rdbx_driver.c#5 - None ====
-# action=edit type=text
---- google3/third_party/libsrtp/test/rdbx_driver.c 2010-02-25 06:36:30.000000000 -0800
-+++ google3/third_party/libsrtp/test/rdbx_driver.c 2011-05-27 17:56:49.000000000 -0700
-@@ -226,7 +226,7 @@
- * test sequential insertion
- */
- printf("\ttesting sequential insertion...");
-- for (idx=0; idx < num_trials; idx++) {
-+ for (idx=0; idx < (uint32_t)num_trials; idx++) {
- status = rdbx_check_add(&rdbx, idx);
- if (status)
- return status;
-@@ -245,7 +245,7 @@
- printf("warning: no false positive tests performed\n");
- }
- printf("\ttesting for false positives...");
-- for (idx=0; idx < num_fp_trials; idx++) {
-+ for (idx=0; idx < (uint32_t)num_fp_trials; idx++) {
- status = rdbx_check_expect_failure(&rdbx, idx);
- if (status)
- return status;
-@@ -269,12 +269,34 @@
- ut_init(&utc);
-
- printf("\ttesting non-sequential insertion...");
-- for (idx=0; idx < num_trials; idx++) {
-+ for (idx=0; idx < (uint32_t)num_trials; idx++) {
- ircvd = ut_next_index(&utc);
- status = rdbx_check_unordered(&rdbx, ircvd);
- if (status)
- return status;
- }
-+ printf("passed\n");
-+
-+ /*
-+ * test a replay condition close to zero.
-+ */
-+ rdbx_uninit(&rdbx);
-+
-+ if (rdbx_init(&rdbx, ws) != err_status_ok) {
-+ printf("replay_init failed\n");
-+ return err_status_init_fail;
-+ }
-+
-+ printf("\ttesting replay close to zero...");
-+ status = rdbx_check_add(&rdbx, 1);
-+ if (status)
-+ return status;
-+ status = rdbx_check_expect_failure(&rdbx, 64500);
-+ if (status)
-+ return status;
-+ status = rdbx_check_add(&rdbx, 2);
-+ if (status)
-+ return status;
- printf("passed\n");
-
- rdbx_uninit(&rdbx);
-@@ -303,7 +325,7 @@
-
- failures = 0;
- timer = clock();
-- for(i=0; i < num_trials; i++) {
-+ for(i=0; i < (uint32_t)num_trials; i++) {
-
- delta = index_guess(&rdbx.index, &est, i);
-
-@@ -321,4 +343,3 @@
-
- return (double) CLOCKS_PER_SEC * num_trials / timer;
- }
--
diff --git a/googlepatches/google-12-srtp-hide-aes-tables-main.patch b/googlepatches/google-12-srtp-hide-aes-tables-main.patch
deleted file mode 100644
index 4f571bf..0000000
--- a/googlepatches/google-12-srtp-hide-aes-tables-main.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-Change 22848094 by param@param-gcomm-server on 2011/07/29 11:51:00 *pending*
-
- Make main in aes_tables hidable.
-
- PRESUBMIT=passed
- R=tschmelcher,jacobly
- CC=a2a-mobile,third-party-owners
- DELTA=7 (7 added, 0 deleted, 0 changed)
- OCL=22848094
- BUG=5096975
-
-Affected files ...
-
-... //depot/google3/third_party/libsrtp/README.google#9 edit
-... //depot/google3/third_party/libsrtp/tables/aes_tables.c#4 edit
-
-==== //depot/google3/third_party/libsrtp/README.google#9 - /home/param/sources/gcomm-server/google3/third_party/libsrtp/README.google ====
-# action=edit type=text
---- google3/third_party/libsrtp/README.google 2011-07-22 15:49:10.000000000 -0700
-+++ google3/third_party/libsrtp/README.google 2011-08-08 11:37:50.000000000 -0700
-@@ -25,3 +25,7 @@
- - Fixed a bug related to replay detection when sequence number rolls back
- arround 0. (Currently contacting libsrtp developers for upstream.)
- - Adding public.mk and Android.mk for building android flavour of libsrtp.
-+- Make main in tables/aes_tables.c hidable. If it is present, it conflicts
-+ with main in the application and cause link error when all_load flag is
-+ present for the linker command. Can be now hidden using flag
-+ HIDE_AES_TABLES_MAIN
-==== //depot/google3/third_party/libsrtp/tables/aes_tables.c#4 - /home/param/sources/gcomm-server/google3/third_party/libsrtp/tables/aes_tables.c ====
-# action=edit type=text
---- google3/third_party/libsrtp/tables/aes_tables.c 2010-02-25 06:36:30.000000000 -0800
-+++ google3/third_party/libsrtp/tables/aes_tables.c 2011-07-29 11:52:25.000000000 -0700
-@@ -198,6 +198,8 @@
-
- #define TABLES_32BIT 1
-
-+#ifndef HIDE_AES_TABLES_MAIN
-+
- int
- main(void) {
- int i;
-@@ -309,6 +311,8 @@
-
- return 0;
- }
-+
-+#endif // HIDE_AES_TABLES_MAIN
-
- #if AES_INVERSE_TEST
-
diff --git a/googlepatches/google-5-buffer-overflow.patch b/googlepatches/google-5-buffer-overflow.patch
deleted file mode 100644
index 88d23ce..0000000
--- a/googlepatches/google-5-buffer-overflow.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-diff --git a/google3/third_party/libsrtp/crypto/cipher/aes_icm.c b/google3/third_party/libsrtp/crypto/cipher/aes_icm.c
-index d333899..45714c0 100644
---- a/google3/third_party/libsrtp/crypto/cipher/aes_icm.c
-+++ b/google3/third_party/libsrtp/crypto/cipher/aes_icm.c
-@@ -164,18 +164,20 @@ aes_icm_dealloc(cipher_t *c) {
- err_status_t
- aes_icm_context_init(aes_icm_ctx_t *c, const uint8_t *key) {
- v128_t tmp_key;
-+ int i;
-
- /* set counter and initial values to 'offset' value */
- /* FIX!!! this assumes the salt is at key + 16, and thus that the */
-- /* FIX!!! cipher key length is 16! Also note this copies past the
-- end of the 'key' array by 2 bytes! */
-- v128_copy_octet_string(&c->counter, key + 16);
-- v128_copy_octet_string(&c->offset, key + 16);
-+ /* FIX!!! cipher key length is 16! */
-+ for (i = 0; i < 14; i++) {
-+ c->counter.v8[i] = key[16 + i];
-+ c->offset.v8[i] = key[16 + i];
-+ }
-
- /* force last two octets of the offset to zero (for srtp compatibility) */
- c->offset.v8[14] = c->offset.v8[15] = 0;
- c->counter.v8[14] = c->counter.v8[15] = 0;
--
-+
- /* set tmp_key (for alignment) */
- v128_copy_octet_string(&tmp_key, key);
-
-@@ -508,4 +510,3 @@ cipher_type_t aes_icm = {
- (cipher_test_case_t *) &aes_icm_test_case_0,
- (debug_module_t *) &mod_aes_icm
- };
--
diff --git a/googlepatches/google-6-srtp-driver-fix.patch b/googlepatches/google-6-srtp-driver-fix.patch
deleted file mode 100644
index 7d82e74..0000000
--- a/googlepatches/google-6-srtp-driver-fix.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-diff --git a/google3/third_party/libsrtp/test/srtp_driver.c b/google3/third_party/libsrtp/test/srtp_driver.c
-index 9bd4c66..f6a84f9 100644
---- a/google3/third_party/libsrtp/test/srtp_driver.c
-+++ b/google3/third_party/libsrtp/test/srtp_driver.c
-@@ -138,7 +138,7 @@ debug_module_t mod_driver = {
-
- int
- main (int argc, char *argv[]) {
-- char q;
-+ int q;
- unsigned do_timing_test = 0;
- unsigned do_rejection_test = 0;
- unsigned do_codec_timing = 0;
-@@ -169,13 +169,13 @@ main (int argc, char *argv[]) {
- if (status) {
- printf("error: load of srtp_driver debug module failed "
- "with error code %d\n", status);
-- exit(1);
-+ exit(1);
- }
-
- /* process input arguments */
- while (1) {
- q = getopt_s(argc, argv, "trcvld:");
-- if (q == -1)
-+ if (q == -1)
- break;
- switch (q) {
- case 't':
diff --git a/googlepatches/google-7-srtp-security-fix.patch b/googlepatches/google-7-srtp-security-fix.patch
deleted file mode 100644
index 54e3e9e..0000000
--- a/googlepatches/google-7-srtp-security-fix.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-diff --git a/google3/third_party/libsrtp/crypto/include/integers.h b/google3/third_party/libsrtp/crypto/include/integers.h
-index 7010efd..3515d13 100644
---- a/google3/third_party/libsrtp/crypto/include/integers.h
-+++ b/google3/third_party/libsrtp/crypto/include/integers.h
-@@ -98,7 +98,6 @@ typedef unsigned short int uint16_t;
- typedef unsigned int uint32_t;
- #endif
-
--
- #ifdef NO_64BIT_MATH
- typedef double uint64_t;
- /* assert that sizeof(double) == 8 */
-diff --git a/google3/third_party/libsrtp/include/srtp.h b/google3/third_party/libsrtp/include/srtp.h
-index 7f17853..bbaac95 100644
---- a/google3/third_party/libsrtp/include/srtp.h
-+++ b/google3/third_party/libsrtp/include/srtp.h
-@@ -50,10 +50,6 @@
- extern "C" {
- #endif
-
--#ifdef _MSC_VER
--#pragma pack(4)
--#endif
--
- #include "crypto_kernel.h"
-
- /**
-@@ -930,10 +926,6 @@ srtp_install_event_handler(srtp_event_handler_func_t func);
- #define SRTCP_E_BYTE_BIT 0x80
- #define SRTCP_INDEX_MASK 0x7fffffff
-
--#ifdef _MSC_VER
--#pragma pack()
--#endif
--
- #ifdef __cplusplus
- }
- #endif
-diff --git a/google3/third_party/libsrtp/srtp/srtp.c b/google3/third_party/libsrtp/srtp/srtp.c
-index 6010dd4..3fc52ee 100644
---- a/google3/third_party/libsrtp/srtp/srtp.c
-+++ b/google3/third_party/libsrtp/srtp/srtp.c
-@@ -1657,6 +1657,8 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) {
- srtp_stream_ctx_t *stream;
- int prefix_len;
- uint32_t seq_num;
-+ int e_bit_in_packet; /* whether the E-bit was found in the packet */
-+ int sec_serv_confidentiality; /* whether confidentiality was requested */
-
- /* we assume the hdr is 32-bit aligned to start */
- /*
-@@ -1694,7 +1696,10 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) {
- return err_status_no_ctx;
- }
- }
--
-+
-+ sec_serv_confidentiality = stream->rtcp_services == sec_serv_conf ||
-+ stream->rtcp_services == sec_serv_conf_and_auth;
-+
- /* get tag length from stream context */
- tag_len = auth_get_tag_length(stream->rtcp_auth);
-
-@@ -1714,8 +1719,12 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) {
- */
- trailer = (uint32_t *) ((char *) hdr +
- *pkt_octet_len -(tag_len + sizeof(srtcp_trailer_t)));
-- if (*((unsigned char *) trailer) & SRTCP_E_BYTE_BIT) {
-- enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header;
-+ e_bit_in_packet = (*((unsigned char *) trailer) & SRTCP_E_BYTE_BIT) == SRTCP_E_BYTE_BIT;
-+ if (e_bit_in_packet != sec_serv_confidentiality) {
-+ return err_status_cant_check;
-+ }
-+ if (sec_serv_confidentiality) {
-+ enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header;
- } else {
- enc_octet_len = 0;
- enc_start = NULL; /* this indicates that there's no encryption */
-diff --git a/google3/third_party/libsrtp/test/srtp_driver.c b/google3/third_party/libsrtp/test/srtp_driver.c
-index f6a84f9..3c97072 100644
---- a/google3/third_party/libsrtp/test/srtp_driver.c
-+++ b/google3/third_party/libsrtp/test/srtp_driver.c
-@@ -1246,7 +1246,7 @@ srtp_create_big_policy(srtp_policy_t **list) {
- * loop over policy list, mallocing a new list and copying values
- * into it (and incrementing the SSRC value as we go along)
- */
-- tmp = NULL;
-+ tmp = p = NULL;
- while (policy_array[i] != NULL) {
- p = (srtp_policy_t*) malloc(sizeof(srtp_policy_t));
- if (p == NULL)
diff --git a/googlepatches/google-8-rdb-crash.patch b/googlepatches/google-8-rdb-crash.patch
deleted file mode 100644
index 0286603..0000000
--- a/googlepatches/google-8-rdb-crash.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- rdb.c Thu Mar 25 17:38:24 2010
-+++ rgb.bak Fri Mar 19 17:50:47 2010
-@@ -115,7 +115,7 @@ rdb_add_index(rdb_t *rdb, uint32_t index
-
- /* shift the window forward by delta bits*/
- v128_left_shift(&rdb->bitmask, delta);
-- v128_set_bit(&rdb->bitmask, rdb_bits_in_bitmask-delta);
-+ v128_set_bit(&rdb->bitmask, rdb_bits_in_bitmask - 1);
- rdb->window_start += delta;
-
- }
diff --git a/googlepatches/google-9-rdbx-leak-plug.patch b/googlepatches/google-9-rdbx-leak-plug.patch
deleted file mode 100644
index f53861d..0000000
--- a/googlepatches/google-9-rdbx-leak-plug.patch
+++ /dev/null
@@ -1,298 +0,0 @@
-diff --git a/google3/third_party/libsrtp/include/srtp_priv.h b/google3/third_party/libsrtp/include/srtp_priv.h
-index cf2274e..3bed757 100644
---- a/google3/third_party/libsrtp/include/srtp_priv.h
-+++ b/google3/third_party/libsrtp/include/srtp_priv.h
-@@ -189,6 +189,13 @@ srtp_stream_init(srtp_stream_t srtp,
-
-
- /*
-+ * Uninitializes and Deallocates a stream.
-+ */
-+err_status_t
-+srtp_stream_uninit_and_dealloc(srtp_stream_t stream,
-+ srtp_stream_t stream_template);
-+
-+/*
- * libsrtp internal datatypes
- */
-
-diff --git a/google3/third_party/libsrtp/srtp/srtp.c b/google3/third_party/libsrtp/srtp/srtp.c
-index 3fc52ee..314c3e4 100644
---- a/google3/third_party/libsrtp/srtp/srtp.c
-+++ b/google3/third_party/libsrtp/srtp/srtp.c
-@@ -92,35 +92,31 @@ srtp_stream_alloc(srtp_stream_ctx_t **str_ptr,
- str = (srtp_stream_ctx_t *) crypto_alloc(sizeof(srtp_stream_ctx_t));
- if (str == NULL)
- return err_status_alloc_fail;
-- *str_ptr = str;
--
-+ *str_ptr = str;
-+
- /* allocate cipher */
- stat = crypto_kernel_alloc_cipher(p->rtp.cipher_type,
- &str->rtp_cipher,
- p->rtp.cipher_key_len);
- if (stat) {
-- crypto_free(str);
-- return stat;
-+ goto err_rtp_cipher_alloc;
- }
-
- /* allocate auth function */
- stat = crypto_kernel_alloc_auth(p->rtp.auth_type,
- &str->rtp_auth,
- p->rtp.auth_key_len,
-- p->rtp.auth_tag_len);
-+ p->rtp.auth_tag_len);
-+
- if (stat) {
-- cipher_dealloc(str->rtp_cipher);
-- crypto_free(str);
-- return stat;
-+ goto err_rtp_auth_alloc;
- }
--
-+
- /* allocate key limit structure */
- str->limit = (key_limit_ctx_t*) crypto_alloc(sizeof(key_limit_ctx_t));
- if (str->limit == NULL) {
-- auth_dealloc(str->rtp_auth);
-- cipher_dealloc(str->rtp_cipher);
-- crypto_free(str);
-- return err_status_alloc_fail;
-+ stat = err_status_alloc_fail;
-+ goto err_limit_alloc;
- }
-
- /*
-@@ -129,13 +125,9 @@ srtp_stream_alloc(srtp_stream_ctx_t **str_ptr,
- */
- stat = crypto_kernel_alloc_cipher(p->rtcp.cipher_type,
- &str->rtcp_cipher,
-- p->rtcp.cipher_key_len);
-+ p->rtcp.cipher_key_len);
- if (stat) {
-- auth_dealloc(str->rtp_auth);
-- cipher_dealloc(str->rtp_cipher);
-- crypto_free(str->limit);
-- crypto_free(str);
-- return stat;
-+ goto err_rtcp_cipher_alloc;
- }
-
- /* allocate auth function */
-@@ -144,33 +136,37 @@ srtp_stream_alloc(srtp_stream_ctx_t **str_ptr,
- p->rtcp.auth_key_len,
- p->rtcp.auth_tag_len);
- if (stat) {
-- cipher_dealloc(str->rtcp_cipher);
-- auth_dealloc(str->rtp_auth);
-- cipher_dealloc(str->rtp_cipher);
-- crypto_free(str->limit);
-- crypto_free(str);
-- return stat;
-- }
-+ goto err_rtcp_auth_alloc;
-+ }
-
- /* allocate ekt data associated with stream */
- stat = ekt_alloc(&str->ekt, p->ekt);
- if (stat) {
-- auth_dealloc(str->rtcp_auth);
-- cipher_dealloc(str->rtcp_cipher);
-- auth_dealloc(str->rtp_auth);
-- cipher_dealloc(str->rtp_cipher);
-- crypto_free(str->limit);
-- crypto_free(str);
-- return stat;
-+ goto err_ekt_alloc;
- }
-
- return err_status_ok;
-+
-+err_ekt_alloc:
-+ auth_dealloc(str->rtcp_auth);
-+err_rtcp_auth_alloc:
-+ cipher_dealloc(str->rtcp_cipher);
-+err_rtcp_cipher_alloc:
-+ crypto_free(str->limit);
-+err_limit_alloc:
-+ auth_dealloc(str->rtp_auth);
-+err_rtp_auth_alloc:
-+ cipher_dealloc(str->rtp_cipher);
-+err_rtp_cipher_alloc:
-+ crypto_free(str);
-+ return stat;
- }
-
- err_status_t
--srtp_stream_dealloc(srtp_t session, srtp_stream_ctx_t *stream) {
-+srtp_stream_dealloc(srtp_stream_ctx_t *stream,
-+ srtp_stream_ctx_t *stream_template) {
- err_status_t status;
--
-+
- /*
- * we use a conservative deallocation strategy - if any deallocation
- * fails, then we report that fact without trying to deallocate
-@@ -178,41 +174,29 @@ srtp_stream_dealloc(srtp_t session, srtp_stream_ctx_t *stream) {
- */
-
- /* deallocate cipher, if it is not the same as that in template */
-- if (session->stream_template
-- && stream->rtp_cipher == session->stream_template->rtp_cipher) {
-- /* do nothing */
-- } else {
-+ if (!stream_template || stream->rtp_cipher != stream_template->rtp_cipher) {
- status = cipher_dealloc(stream->rtp_cipher);
- if (status)
- return status;
- }
-
- /* deallocate auth function, if it is not the same as that in template */
-- if (session->stream_template
-- && stream->rtp_auth == session->stream_template->rtp_auth) {
-- /* do nothing */
-- } else {
-+ if (!stream_template || stream->rtp_auth != stream_template->rtp_auth) {
- status = auth_dealloc(stream->rtp_auth);
- if (status)
- return status;
- }
-
- /* deallocate key usage limit, if it is not the same as that in template */
-- if (session->stream_template
-- && stream->limit == session->stream_template->limit) {
-- /* do nothing */
-- } else {
-+ if (!stream_template || stream->limit != stream_template->limit) {
- crypto_free(stream->limit);
-- }
-+ }
-
-- /*
-+ /*
- * deallocate rtcp cipher, if it is not the same as that in
-- * template
-+ * template
- */
-- if (session->stream_template
-- && stream->rtcp_cipher == session->stream_template->rtcp_cipher) {
-- /* do nothing */
-- } else {
-+ if (!stream_template || stream->rtcp_cipher != stream_template->rtcp_cipher) {
- status = cipher_dealloc(stream->rtcp_cipher);
- if (status)
- return status;
-@@ -222,17 +206,14 @@ srtp_stream_dealloc(srtp_t session, srtp_stream_ctx_t *stream) {
- * deallocate rtcp auth function, if it is not the same as that in
- * template
- */
-- if (session->stream_template
-- && stream->rtcp_auth == session->stream_template->rtcp_auth) {
-- /* do nothing */
-- } else {
-+ if (!stream_template || stream->rtcp_auth != stream_template->rtcp_auth) {
- status = auth_dealloc(stream->rtcp_auth);
- if (status)
- return status;
- }
-
- /* DAM - need to deallocate EKT here */
--
-+
- /* deallocate srtp stream context */
- crypto_free(stream);
-
-@@ -549,7 +530,12 @@ srtp_stream_init(srtp_stream_ctx_t *srtp,
- }
-
- return err_status_ok;
-- }
-+}
-+
-+err_status_t
-+srtp_stream_uninit(srtp_stream_ctx_t *srtp) {
-+ return rdbx_uninit(&srtp->rtp_rdbx);
-+}
-
-
- /*
-@@ -1201,28 +1187,16 @@ srtp_dealloc(srtp_t session) {
- stream = session->stream_list;
- while (stream != NULL) {
- srtp_stream_t next = stream->next;
-- status = srtp_stream_dealloc(session, stream);
-- if (status)
-+ status = srtp_stream_uninit_and_dealloc(stream, session->stream_template);
-+ if (status) {
- return status;
-+ }
- stream = next;
- }
--
-+
- /* deallocate stream template, if there is one */
- if (session->stream_template != NULL) {
-- status = auth_dealloc(session->stream_template->rtcp_auth);
-- if (status)
-- return status;
-- status = cipher_dealloc(session->stream_template->rtcp_cipher);
-- if (status)
-- return status;
-- crypto_free(session->stream_template->limit);
-- status = cipher_dealloc(session->stream_template->rtp_cipher);
-- if (status)
-- return status;
-- status = auth_dealloc(session->stream_template->rtp_auth);
-- if (status)
-- return status;
-- crypto_free(session->stream_template);
-+ status = srtp_stream_uninit_and_dealloc(session->stream_template, NULL);
- }
-
- /* deallocate session context */
-@@ -1287,7 +1261,6 @@ srtp_add_stream(srtp_t session,
- crypto_free(tmp);
- return err_status_bad_param;
- }
--
- return err_status_ok;
- }
-
-@@ -1334,12 +1307,11 @@ srtp_create(srtp_t *session, /* handle for session */
- err_status_t
- srtp_remove_stream(srtp_t session, uint32_t ssrc) {
- srtp_stream_ctx_t *stream, *last_stream;
-- err_status_t status;
-
- /* sanity check arguments */
- if (session == NULL)
- return err_status_bad_param;
--
-+
- /* find stream in list; complain if not found */
- last_stream = stream = session->stream_list;
- while ((stream != NULL) && (ssrc != stream->ssrc)) {
-@@ -1352,8 +1324,20 @@ srtp_remove_stream(srtp_t session, uint32_t ssrc) {
- /* remove stream from the list */
- last_stream->next = stream->next;
-
-+ return srtp_stream_uninit_and_dealloc(stream, session->stream_template);
-+}
-+
-+err_status_t
-+srtp_stream_uninit_and_dealloc(srtp_stream_ctx_t *stream,
-+ srtp_stream_ctx_t *stream_template) {
-+ err_status_t status;
-+ /* deallocate rdbx data */
-+ status = srtp_stream_uninit(stream);
-+ if (status)
-+ return status;
-+
- /* deallocate the stream */
-- status = srtp_stream_dealloc(session, stream);
-+ status = srtp_stream_dealloc(stream, stream_template);
- if (status)
- return status;
-
diff --git a/googlepatches/vidyo-1-srtp-win.patch b/googlepatches/vidyo-1-srtp-win.patch
deleted file mode 100644
index cb6da56..0000000
--- a/googlepatches/vidyo-1-srtp-win.patch
+++ /dev/null
@@ -1,297 +0,0 @@
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-pristine/config.hw srtp/config.hw
---- srtp-pristine/config.hw 2007-05-23 13:40:21.000000000 -0400
-+++ srtp/config.hw 2009-04-22 17:58:01.000000000 -0400
-@@ -1,7 +1,7 @@
- /* crypto/include/config.h. Generated by configure. */
- /* config_in.h. Generated from configure.in by autoheader. */
-
--#ifdef (_MSC_VER >= 1400)
-+#if (_MSC_VER >= 1400)
- # define HAVE_RAND_S 1
- #endif
-
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-pristine/crypto/cipher/aes_icm.c srtp/crypto/cipher/aes_icm.c
---- srtp-pristine/crypto/cipher/aes_icm.c 2006-07-18 15:45:46.000000000 -0400
-+++ srtp/crypto/cipher/aes_icm.c 2009-04-22 17:58:01.000000000 -0400
-@@ -210,7 +210,7 @@ aes_icm_set_octet(aes_icm_ctx_t *c,
- ((high32(octet_num) & 0x0f)<<(32-4)) |
- (low32(octet_num) >> 4));
- #else
-- int tail_num = octet_num % 16;
-+ int tail_num = (int)(octet_num % 16);
- uint64_t block_num = octet_num / 16;
- #endif
-
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-pristine/install-win.bat srtp/install-win.bat
---- srtp-pristine/install-win.bat 1969-12-31 19:00:00.000000000 -0500
-+++ srtp/install-win.bat 2009-04-22 17:58:01.000000000 -0400
-@@ -0,0 +1,31 @@
-+:: Installs from srtp windows build directory to directory specified on
-+:: command line
-+
-+
-+@if "%1"=="" (
-+ echo "Usage: %~nx0 destdir"
-+ exit /b 1
-+) else (
-+ set destdir=%1
-+)
-+
-+@if not exist %destdir% (
-+ echo %destdir% not found
-+ exit /b 1
-+)
-+
-+@for %%d in (include\srtp.h crypto\include\crypto.h Debug\srtp.lib Release\srtp.lib) do (
-+ if not exist "%%d" (
-+ echo "%%d not found: are you in the right directory?"
-+ exit /b 1
-+ )
-+)
-+
-+mkdir %destdir%\include
-+mkdir %destdir%\include\srtp
-+mkdir %destdir%\lib
-+
-+copy include\*.h %destdir%\include\srtp
-+copy crypto\include\*.h %destdir%\include\srtp
-+copy Release\srtp.lib %destdir%\lib\srtp.lib
-+copy Debug\srtp.lib %destdir%\lib\srtpd.lib
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-pristine/srtp/ekt.c srtp/srtp/ekt.c
---- srtp-pristine/srtp/ekt.c 2007-06-15 14:36:09.000000000 -0400
-+++ srtp/srtp/ekt.c 2009-04-22 18:47:06.000000000 -0400
-@@ -91,27 +91,27 @@ ekt_octets_after_base_tag(ekt_stream_t e
- }
-
- inline ekt_spi_t
--srtcp_packet_get_ekt_spi(const void *packet_start, unsigned pkt_octet_len) {
-- void *spi_location;
-+srtcp_packet_get_ekt_spi(const uint8_t *packet_start, unsigned pkt_octet_len) {
-+ const uint8_t *spi_location;
-
- spi_location = packet_start + (pkt_octet_len - EKT_SPI_LEN);
-
-- return *((ekt_spi_t *)spi_location);
-+ return *((const ekt_spi_t *)spi_location);
- }
-
- inline uint32_t
--srtcp_packet_get_ekt_roc(const void *packet_start, unsigned pkt_octet_len) {
-- void *roc_location;
-+srtcp_packet_get_ekt_roc(const uint8_t *packet_start, unsigned pkt_octet_len) {
-+ const uint8_t *roc_location;
-
- roc_location = packet_start + (pkt_octet_len - EKT_OCTETS_AFTER_ROC);
-
-- return *((uint32_t *)roc_location);
-+ return *((const uint32_t *)roc_location);
- }
-
--inline void *
--srtcp_packet_get_emk_location(const void *packet_start,
-+inline const uint8_t *
-+srtcp_packet_get_emk_location(const uint8_t *packet_start,
- unsigned pkt_octet_len) {
-- void *location;
-+ const uint8_t *location;
-
- location = packet_start + (pkt_octet_len - EKT_OCTETS_AFTER_BASE_TAG);
-
-@@ -161,7 +161,7 @@ srtp_stream_init_from_ekt(srtp_stream_t
- const void *srtcp_hdr,
- unsigned pkt_octet_len) {
- err_status_t err;
-- uint8_t *master_key;
-+ const uint8_t *master_key;
- srtp_policy_t srtp_policy;
- unsigned master_key_len;
- uint32_t roc;
-@@ -179,7 +179,7 @@ srtp_stream_init_from_ekt(srtp_stream_t
-
- /* decrypt the Encrypted Master Key field */
- master_key = srtcp_packet_get_emk_location(srtcp_hdr, pkt_octet_len);
-- aes_decrypt_with_raw_key(master_key, stream->ekt->data->ekt_dec_key);
-+ aes_decrypt_with_raw_key((void*)master_key, stream->ekt->data->ekt_dec_key);
-
- /* set the SRTP ROC */
- roc = srtcp_packet_get_ekt_roc(srtcp_hdr, pkt_octet_len);
-@@ -201,7 +201,7 @@ ekt_write_data(ekt_stream_t ekt,
- uint32_t roc;
- uint16_t isn;
- unsigned emk_len;
-- void *packet;
-+ uint8_t *packet;
-
- /* if the pointer ekt is NULL, then EKT is not in effect */
- if (!ekt) {
-@@ -211,7 +211,7 @@ ekt_write_data(ekt_stream_t ekt,
-
- /* write zeros into the location of the base tag */
- octet_string_set_to_zero(base_tag, base_tag_len);
-- packet = base_tag + base_tag_len;
-+ packet = (uint8_t*)base_tag + base_tag_len;
-
- /* copy encrypted master key into packet */
- emk_len = ekt_octets_after_base_tag(ekt);
-@@ -221,14 +221,14 @@ ekt_write_data(ekt_stream_t ekt,
- packet += emk_len;
-
- /* copy ROC into packet */
-- roc = pkt_index >> 16;
-+ roc = (uint32_t)(pkt_index >> 16);
- *((uint32_t *)packet) = be32_to_cpu(roc);
- debug_print(mod_srtp, "writing EKT ROC: %s,",
- octet_string_hex_string(packet, sizeof(roc)));
- packet += sizeof(roc);
-
- /* copy ISN into packet */
-- isn = pkt_index;
-+ isn = (uint16_t)pkt_index;
- *((uint16_t *)packet) = htons(isn);
- debug_print(mod_srtp, "writing EKT ISN: %s,",
- octet_string_hex_string(packet, sizeof(isn)));
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-pristine/srtp.def srtp/srtp.def
---- srtp-pristine/srtp.def 2006-05-22 16:46:21.000000000 -0400
-+++ srtp/srtp.def 2009-04-22 17:58:01.000000000 -0400
-@@ -89,4 +89,3 @@ aes_icm_encrypt_ismacryp
- aes_icm_alloc_ismacryp
- crypto_alloc
- crypto_free
--\ No newline at end of file
-\ No newline at end of file
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-pristine/srtp.sln srtp/srtp.sln
---- srtp-pristine/srtp.sln 1969-12-31 19:00:00.000000000 -0500
-+++ srtp/srtp.sln 2009-04-22 17:58:01.000000000 -0400
-@@ -0,0 +1,26 @@
-+
-+Microsoft Visual Studio Solution File, Format Version 9.00
-+# Visual C++ Express 2005
-+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "srtp", "srtp.vcproj", "{EEF031CB-FED8-451E-A471-91EC8D4F6750}"
-+EndProject
-+Global
-+ GlobalSection(SolutionConfigurationPlatforms) = preSolution
-+ Debug Dll|Win32 = Debug Dll|Win32
-+ Debug|Win32 = Debug|Win32
-+ Release Dll|Win32 = Release Dll|Win32
-+ Release|Win32 = Release|Win32
-+ EndGlobalSection
-+ GlobalSection(ProjectConfigurationPlatforms) = postSolution
-+ {EEF031CB-FED8-451E-A471-91EC8D4F6750}.Debug Dll|Win32.ActiveCfg = Debug Dll|Win32
-+ {EEF031CB-FED8-451E-A471-91EC8D4F6750}.Debug Dll|Win32.Build.0 = Debug Dll|Win32
-+ {EEF031CB-FED8-451E-A471-91EC8D4F6750}.Debug|Win32.ActiveCfg = Debug|Win32
-+ {EEF031CB-FED8-451E-A471-91EC8D4F6750}.Debug|Win32.Build.0 = Debug|Win32
-+ {EEF031CB-FED8-451E-A471-91EC8D4F6750}.Release Dll|Win32.ActiveCfg = Release Dll|Win32
-+ {EEF031CB-FED8-451E-A471-91EC8D4F6750}.Release Dll|Win32.Build.0 = Release Dll|Win32
-+ {EEF031CB-FED8-451E-A471-91EC8D4F6750}.Release|Win32.ActiveCfg = Release|Win32
-+ {EEF031CB-FED8-451E-A471-91EC8D4F6750}.Release|Win32.Build.0 = Release|Win32
-+ EndGlobalSection
-+ GlobalSection(SolutionProperties) = preSolution
-+ HideSolutionNode = FALSE
-+ EndGlobalSection
-+EndGlobal
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-pristine/srtp.vcproj srtp/srtp.vcproj
---- srtp-pristine/srtp.vcproj 2006-05-22 16:46:21.000000000 -0400
-+++ srtp/srtp.vcproj 2009-04-22 17:58:01.000000000 -0400
-@@ -49,7 +49,7 @@
- PreprocessorDefinitions="WIN32;_DEBUG;_LIB;HAVE_CONFIG_H"
- MinimalRebuild="true"
- BasicRuntimeChecks="3"
-- RuntimeLibrary="3"
-+ RuntimeLibrary="1"
- StructMemberAlignment="0"
- UsePrecompiledHeader="0"
- WarningLevel="3"
-@@ -116,7 +116,7 @@
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories="crypto/include;include"
- PreprocessorDefinitions="WIN32;NDEBUG;_LIB;HAVE_CONFIG_H"
-- RuntimeLibrary="2"
-+ RuntimeLibrary="0"
- StructMemberAlignment="0"
- UsePrecompiledHeader="0"
- WarningLevel="3"
-@@ -324,6 +324,10 @@
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
- >
- <File
-+ RelativePath=".\srtp\ekt.c"
-+ >
-+ </File>
-+ <File
- RelativePath=".\srtp\srtp.c"
- >
- </File>
-@@ -484,10 +488,6 @@
- >
- </File>
- <File
-- RelativePath=".\crypto\include\crypto_math.h"
-- >
-- </File>
-- <File
- RelativePath=".\crypto\include\crypto_types.h"
- >
- </File>
-@@ -500,6 +500,10 @@
- >
- </File>
- <File
-+ RelativePath=".\include\ekt.h"
-+ >
-+ </File>
-+ <File
- RelativePath=".\crypto\include\err.h"
- >
- </File>
-@@ -516,10 +520,6 @@
- >
- </File>
- <File
-- RelativePath=".\crypto\include\kernel_compat.h"
-- >
-- </File>
-- <File
- RelativePath=".\crypto\include\key.h"
- >
- </File>
-@@ -548,10 +548,6 @@
- >
- </File>
- <File
-- RelativePath=".\include\rtp.h"
-- >
-- </File>
-- <File
- RelativePath=".\crypto\include\sha1.h"
- >
- </File>
-@@ -560,15 +556,15 @@
- >
- </File>
- <File
-- RelativePath=".\crypto\include\stat.h"
-+ RelativePath=".\include\srtp_priv.h"
- >
- </File>
- <File
-- RelativePath=".\include\ut_sim.h"
-+ RelativePath=".\crypto\include\stat.h"
- >
- </File>
- <File
-- RelativePath=".\crypto\include\xfm.h"
-+ RelativePath=".\include\ut_sim.h"
- >
- </File>
- </Filter>
-@@ -579,6 +575,10 @@
- >
- </Filter>
- <File
-+ RelativePath=".\config.hw"
-+ >
-+ </File>
-+ <File
- RelativePath=".\srtp.def"
- >
- </File>
diff --git a/googlepatches/vidyo-2-srtp-lin.patch b/googlepatches/vidyo-2-srtp-lin.patch
deleted file mode 100644
index 29e82ed..0000000
--- a/googlepatches/vidyo-2-srtp-lin.patch
+++ /dev/null
@@ -1,95 +0,0 @@
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-win/Makefile.in srtp/Makefile.in
---- srtp-win/Makefile.in 2007-06-15 14:17:39.000000000 -0400
-+++ srtp/Makefile.in 2009-04-22 18:25:43.000000000 -0400
-@@ -26,7 +26,7 @@ runtest: build_table_apps test
- test/roc_driver$(EXE) -v >/dev/null
- test/replay_driver$(EXE) -v >/dev/null
- test/dtls_srtp_driver$(EXE) >/dev/null
-- cd test; ./rtpw_test.sh >/dev/null
-+ cd test; $(abspath $(srcdir))/test/rtpw_test.sh >/dev/null
- @echo "libsrtp test applications passed."
- $(MAKE) -C crypto runtest
-
-@@ -189,18 +189,20 @@ libsrtpdoc:
- .PHONY: clean superclean install
-
- install:
-- @if [ -d $(DESTDIR)$(includedir)/srtp ]; then \
-+ @if [ -r $(DESTDIR)$(includedir)/srtp/srtp.h ]; then \
- echo "you should run 'make uninstall' first"; exit 1; \
- fi
- $(INSTALL) -d $(DESTDIR)$(includedir)/srtp
- $(INSTALL) -d $(DESTDIR)$(libdir)
-- cp include/*.h $(DESTDIR)$(includedir)/srtp
-- cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp
-+ cp $(srcdir)/include/*.h $(DESTDIR)$(includedir)/srtp
-+ cp $(srcdir)/crypto/include/*.h $(DESTDIR)$(includedir)/srtp
-+ if [ "$(srcdir)" != "." ]; then cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp; fi
- if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi
-
- uninstall:
-- rm -rf $(DESTDIR)$(includedir)/srtp
-- rm -rf $(DESTDIR)$(libdir)/libsrtp.a
-+ rm -f $(DESTDIR)$(includedir)/srtp/*.h
-+ rm -f $(DESTDIR)$(libdir)/libsrtp.a
-+ -rmdir $(DESTDIR)$(includedir)/srtp
-
- clean:
- rm -rf $(cryptobj) $(srtpobj) $(cryptomath) TAGS \
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-win/srtp/ekt.c srtp/srtp/ekt.c
---- srtp-win/srtp/ekt.c 2009-04-22 18:47:06.000000000 -0400
-+++ srtp/srtp/ekt.c 2009-04-22 18:50:51.000000000 -0400
-@@ -131,6 +131,9 @@ ekt_alloc(ekt_stream_t *stream_data, ekt
- return err_status_ok;
- }
-
-+ /* TODO */
-+ *stream_data = NULL;
-+
- return err_status_ok;
- }
-
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-win/test/dtls_srtp_driver.c srtp/test/dtls_srtp_driver.c
---- srtp-win/test/dtls_srtp_driver.c 2006-07-17 16:41:22.000000000 -0400
-+++ srtp/test/dtls_srtp_driver.c 2009-04-23 15:50:26.000000000 -0400
-@@ -183,6 +183,7 @@ test_dtls_srtp() {
- err = crypto_policy_set_from_profile_for_rtcp(&policy.rtcp, profile);
- if (err) return err;
- policy.ssrc.type = ssrc_any_inbound;
-+ policy.ekt = NULL;
- policy.next = NULL;
-
- err = srtp_add_stream(s, &policy);
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-win/test/rtpw_test.sh srtp/test/rtpw_test.sh
---- srtp-win/test/rtpw_test.sh 2006-06-13 11:17:57.000000000 -0400
-+++ srtp/test/rtpw_test.sh 2009-04-22 18:30:27.000000000 -0400
-@@ -4,7 +4,7 @@
- #
- # tests the rtpw sender and receiver functions
-
--RTPW=rtpw
-+RTPW=./rtpw
- DEST_PORT=9999
- DURATION=3
-
-@@ -18,7 +18,7 @@ ARGS="-k $key -ae"
- # they are killed, those processes will linger. Re-running the script
- # will get rid of them.
-
--killall rtpw 2&>/dev/null
-+killall rtpw 2>/dev/null
-
- if test -x $RTPW; then
-
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-win/test/srtp_driver.c srtp/test/srtp_driver.c
---- srtp-win/test/srtp_driver.c 2007-06-15 14:17:40.000000000 -0400
-+++ srtp/test/srtp_driver.c 2009-04-22 18:20:27.000000000 -0400
-@@ -153,7 +153,7 @@ main (int argc, char *argv[]) {
- if (sizeof(srtp_hdr_t) != 12) {
- printf("error: srtp_hdr_t has incorrect size"
- "(size is %ld bytes, expected 12)\n",
-- sizeof(srtp_hdr_t));
-+ (long)sizeof(srtp_hdr_t));
- exit(1);
- }
-
diff --git a/googlepatches/vidyo-3-srtp-ws.patch b/googlepatches/vidyo-3-srtp-ws.patch
deleted file mode 100644
index c8896e0..0000000
--- a/googlepatches/vidyo-3-srtp-ws.patch
+++ /dev/null
@@ -1,937 +0,0 @@
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-lin/crypto/include/crypto_math.h srtp/crypto/include/crypto_math.h
---- srtp-lin/crypto/include/crypto_math.h 2006-06-08 13:00:27.000000000 -0400
-+++ srtp/crypto/include/crypto_math.h 2009-04-22 19:03:15.000000000 -0400
-@@ -233,40 +233,6 @@ void
- octet_string_set_to_zero(uint8_t *s, int len);
-
-
--/*
-- * functions manipulating bit_vector_t
-- *
-- * A bitvector_t consists of an array of words and an integer
-- * representing the number of significant bits stored in the array.
-- * The bits are packed as follows: the least significant bit is that
-- * of word[0], while the most significant bit is the nth most
-- * significant bit of word[m], where length = bits_per_word * m + n.
-- *
-- */
--
--#define bits_per_word 32
--#define bytes_per_word 4
--
--typedef struct {
-- uint32_t length;
-- uint32_t *word;
--} bitvector_t;
--
--int
--bitvector_alloc(bitvector_t *v, unsigned long length);
--
--void
--bitvector_set_bit(bitvector_t *v, int bit_index);
--
--int
--bitvector_get_bit(const bitvector_t *v, int bit_index);
--
--int
--bitvector_print_hex(const bitvector_t *v, FILE *stream);
--
--int
--bitvector_set_from_hex(bitvector_t *v, char *string);
--
- #endif /* MATH_H */
-
-
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-lin/crypto/include/datatypes.h srtp/crypto/include/datatypes.h
---- srtp-lin/crypto/include/datatypes.h 2006-07-12 18:41:57.000000000 -0400
-+++ srtp/crypto/include/datatypes.h 2009-04-22 19:20:01.000000000 -0400
-@@ -424,4 +424,83 @@ static inline uint64_t be64_to_cpu(uint6
-
- #endif /* WORDS_BIGENDIAN */
-
-+/*
-+ * functions manipulating bitvector_t
-+ *
-+ * A bitvector_t consists of an array of words and an integer
-+ * representing the number of significant bits stored in the array.
-+ * The bits are packed as follows: the least significant bit is that
-+ * of word[0], while the most significant bit is the nth most
-+ * significant bit of word[m], where length = bits_per_word * m + n.
-+ *
-+ */
-+
-+#define bits_per_word 32
-+#define bytes_per_word 4
-+
-+typedef struct {
-+ uint32_t length;
-+ uint32_t *word;
-+} bitvector_t;
-+
-+
-+#define _bitvector_get_bit(v, bit_index) \
-+( \
-+ ((((v)->word[((bit_index) >> 5)]) >> ((bit_index) & 31)) & 1) \
-+)
-+
-+
-+#define _bitvector_set_bit(v, bit_index) \
-+( \
-+ (((v)->word[((bit_index) >> 5)] |= ((uint32_t)1 << ((bit_index) & 31)))) \
-+)
-+
-+#define _bitvector_clear_bit(v, bit_index) \
-+( \
-+ (((v)->word[((bit_index) >> 5)] &= ~((uint32_t)1 << ((bit_index) & 31)))) \
-+)
-+
-+#define _bitvector_get_length(v) \
-+( \
-+ ((v)->length) \
-+)
-+
-+#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
-+
-+#define bitvector_get_bit(v, bit_index) _bitvector_get_bit(v, bit_index)
-+#define bitvector_set_bit(v, bit_index) _bitvector_set_bit(v, bit_index)
-+#define bitvector_clear_bit(v, bit_index) _bitvector_clear_bit(v, bit_index)
-+#define bitvector_get_length(v) _bitvector_get_length(v)
-+
-+#else
-+
-+int
-+bitvector_get_bit(const bitvector_t *v, int bit_index);
-+
-+void
-+bitvector_set_bit(bitvector_t *v, int bit_index);
-+
-+void
-+bitvector_clear_bit(bitvector_t *v, int bit_index);
-+
-+unsigned long
-+bitvector_get_length(const bitvector_t *v);
-+
-+#endif
-+
-+int
-+bitvector_alloc(bitvector_t *v, unsigned long length);
-+
-+void
-+bitvector_dealloc(bitvector_t *v);
-+
-+void
-+bitvector_set_to_zero(bitvector_t *x);
-+
-+void
-+bitvector_left_shift(bitvector_t *x, int index);
-+
-+char *
-+bitvector_bit_string(bitvector_t *x, char* buf, int len);
-+
- #endif /* _DATATYPES_H */
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-lin/crypto/include/rdbx.h srtp/crypto/include/rdbx.h
---- srtp-lin/crypto/include/rdbx.h 2007-06-15 14:17:40.000000000 -0400
-+++ srtp/crypto/include/rdbx.h 2009-04-22 19:03:15.000000000 -0400
-@@ -46,19 +46,29 @@ typedef uint64_t xtd_seq_num_t;
-
- typedef struct {
- xtd_seq_num_t index;
-- v128_t bitmask;
-+ bitvector_t bitmask;
- } rdbx_t;
-
-
- /*
-- * rdbx_init(rdbx_ptr)
-+ * rdbx_init(rdbx_ptr, ws)
- *
-- * initializes the rdbx pointed to by its argument, setting the
-- * rollover counter and sequence number to zero
-+ * initializes the rdbx pointed to by its argument with the window size ws,
-+ * setting the rollover counter and sequence number to zero
- */
-
- err_status_t
--rdbx_init(rdbx_t *rdbx);
-+rdbx_init(rdbx_t *rdbx, unsigned long ws);
-+
-+
-+/*
-+ * rdbx_uninit(rdbx_ptr)
-+ *
-+ * frees memory associated with the rdbx
-+ */
-+
-+err_status_t
-+rdbx_uninit(rdbx_t *rdbx);
-
-
- /*
-@@ -127,6 +137,15 @@ rdbx_get_packet_index(const rdbx_t *rdbx
- * api instead!
- */
-
-+/*
-+ * rdbx_get_ws(rdbx_ptr)
-+ *
-+ * gets the window size which was used to initialize the rdbx
-+ */
-+
-+unsigned long
-+rdbx_get_window_size(const rdbx_t *rdbx);
-+
-
- /* index_init(&pi) initializes a packet index pi (sets it to zero) */
-
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-lin/crypto/math/datatypes.c srtp/crypto/math/datatypes.c
---- srtp-lin/crypto/math/datatypes.c 2006-07-18 15:45:46.000000000 -0400
-+++ srtp/crypto/math/datatypes.c 2009-04-22 19:03:15.000000000 -0400
-@@ -387,6 +387,124 @@ v128_left_shift(v128_t *x, int index) {
-
- }
-
-+/* functions manipulating bitvector_t */
-+
-+#ifndef DATATYPES_USE_MACROS /* little functions are not macros */
-+
-+int
-+bitvector_get_bit(const bitvector_t *v, int bit_index)
-+{
-+ return _bitvector_get_bit(v, bit_index);
-+}
-+
-+void
-+bitvector_set_bit(bitvector_t *v, int bit_index)
-+{
-+ _bitvector_set_bit(v, bit_index);
-+}
-+
-+void
-+bitvector_clear_bit(bitvector_t *v, int bit_index)
-+{
-+ _bitvector_clear_bit(v, bit_index);
-+}
-+
-+
-+#endif /* DATATYPES_USE_MACROS */
-+
-+int
-+bitvector_alloc(bitvector_t *v, unsigned long length) {
-+ unsigned long l;
-+
-+ /* Round length up to a multiple of bits_per_word */
-+ length = (length + bits_per_word - 1) & ~(unsigned long)((bits_per_word - 1));
-+
-+ l = length / bits_per_word * bytes_per_word;
-+
-+ /* allocate memory, then set parameters */
-+ if (l == 0)
-+ v->word = NULL;
-+ else {
-+ v->word = (uint32_t*)crypto_alloc(l);
-+ if (v->word == NULL) {
-+ v->word = NULL;
-+ v->length = 0;
-+ return -1;
-+ }
-+ }
-+ v->length = length;
-+
-+ /* initialize bitvector to zero */
-+ bitvector_set_to_zero(v);
-+
-+ return 0;
-+}
-+
-+
-+void
-+bitvector_dealloc(bitvector_t *v) {
-+ if (v->word != NULL)
-+ crypto_free(v->word);
-+ v->word = NULL;
-+ v->length = 0;
-+}
-+
-+void
-+bitvector_set_to_zero(bitvector_t *x)
-+{
-+ /* C99 guarantees that memset(0) will set the value 0 for uint32_t */
-+ memset(x->word, 0, x->length >> 3);
-+}
-+
-+char *
-+bitvector_bit_string(bitvector_t *x, char* buf, int len) {
-+ int j, index;
-+ uint32_t mask;
-+
-+ for (j=index=0; j < (int)(x->length>>5) && index < len-1; j++) {
-+ for (mask=0x80000000; mask > 0; mask >>= 1) {
-+ if (x->word[j] & mask)
-+ buf[index] = '1';
-+ else
-+ buf[index] = '0';
-+ ++index;
-+ if (index >= len-1)
-+ break;
-+ }
-+ }
-+ buf[index] = 0; /* null terminate string */
-+
-+ return buf;
-+}
-+
-+void
-+bitvector_left_shift(bitvector_t *x, int index) {
-+ int i;
-+ const int base_index = index >> 5;
-+ const int bit_index = index & 31;
-+ const int word_length = x->length >> 5;
-+
-+ if (index >= (int)x->length) {
-+ bitvector_set_to_zero(x);
-+ return;
-+ }
-+
-+ if (bit_index == 0) {
-+ for (i=0; i < word_length - base_index; i++)
-+ x->word[i] = x->word[i+base_index];
-+ } else {
-+ for (i=0; i < word_length - base_index - 1; i++)
-+ x->word[i] = (x->word[i+base_index] >> bit_index) ^
-+ (x->word[i+base_index+1] << (32 - bit_index));
-+ x->word[word_length - base_index-1] = x->word[word_length-1] >> bit_index;
-+ }
-+
-+ /* now wrap up the final portion */
-+ for (i = word_length - base_index; i < word_length; i++)
-+ x->word[i] = 0;
-+
-+}
-+
-
- int
- octet_string_is_eq(uint8_t *a, uint8_t *b, int len) {
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-lin/crypto/math/math.c srtp/crypto/math/math.c
---- srtp-lin/crypto/math/math.c 2006-06-08 13:00:28.000000000 -0400
-+++ srtp/crypto/math/math.c 2009-04-22 19:03:15.000000000 -0400
-@@ -43,7 +43,6 @@
- */
-
- #include "crypto_math.h"
--#include <stdlib.h> /* malloc() used in bitvector_alloc */
-
- int
- octet_weight[256] = {
-@@ -773,165 +772,6 @@ octet_string_set_to_zero(uint8_t *s, int
-
- }
-
--/* functions manipulating bit_vector_t */
--
--#define BITVECTOR_MAX_WORDS 5
--
--int
--bitvector_alloc(bitvector_t *v, unsigned long length) {
-- unsigned long l = (length + bytes_per_word - 1) / bytes_per_word;
-- int i;
--
-- /* allocate memory, then set parameters */
-- if (l > BITVECTOR_MAX_WORDS)
-- return -1;
-- else
-- l = BITVECTOR_MAX_WORDS;
-- v->word = malloc(l);
-- if (v->word == NULL)
-- return -1;
-- v->length = length;
--
-- /* initialize bitvector to zero */
-- for (i=0; i < (length >> 5); i++) {
-- v->word = 0;
-- }
--
-- return 0;
--}
--
--void
--bitvector_set_bit(bitvector_t *v, int bit_index) {
--
-- v->word[(bit_index >> 5)] |= (1 << (bit_index & 31));
--
--}
--
--int
--bitvector_get_bit(const bitvector_t *v, int bit_index) {
--
-- return ((v->word[(bit_index >> 5)]) >> (bit_index & 31)) & 1;
--
--}
--
--#include <stdio.h>
--
--int
--bitvector_print_hex(const bitvector_t *v, FILE *stream) {
-- int i;
-- int m = v->length >> 5;
-- int n = v->length & 31;
-- char string[9];
-- uint32_t tmp;
--
-- /* if length isn't a multiple of four, we can't hex_print */
-- if (n & 3)
-- return -1;
--
-- /* if the length is zero, do nothing */
-- if (v->length == 0)
-- return 0;
--
-- /*
-- * loop over words from most significant to least significant -
-- */
--
-- for (i=m; i > 0; i++) {
-- char *str = string + 7;
-- tmp = v->word[i];
--
-- /* null terminate string */
-- string[8] = 0;
--
-- /* loop over nibbles */
-- *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
-- *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
-- *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
-- *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
-- *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
-- *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
-- *str-- = nibble_to_hex_char(tmp & 0xf); tmp >>= 4;
-- *str-- = nibble_to_hex_char(tmp & 0xf);
--
-- /* now print stream */
-- fprintf(stream, string);
-- }
--
-- return 0;
--
--}
--
--
--int
--hex_string_length(char *s) {
-- int count = 0;
--
-- /* ignore leading zeros */
-- while ((*s != 0) && *s == '0')
-- s++;
--
-- /* count remaining characters */
-- while (*s != 0) {
-- if (hex_char_to_nibble(*s++) == -1)
-- return -1;
-- count++;
-- }
--
-- return count;
--}
--
--int
--bitvector_set_from_hex(bitvector_t *v, char *string) {
-- int num_hex_chars, m, n, i, j;
-- uint32_t tmp;
--
-- num_hex_chars = hex_string_length(string);
-- if (num_hex_chars == -1)
-- return -1;
--
-- /* set length */
-- v->length = num_hex_chars * 4;
-- /*
-- * at this point, we should subtract away a bit if the high
-- * bit of the first character is zero, but we ignore that
-- * for now and assume that we're four-bit aligned - DAM
-- */
--
--
-- m = num_hex_chars / 8; /* number of words */
-- n = num_hex_chars % 8; /* number of nibbles in last word */
--
-- /* if the length is greater than the bitvector, return an error */
-- if (m > BITVECTOR_MAX_WORDS)
-- return -1;
--
-- /*
-- * loop over words from most significant - first word is a special
-- * case
-- */
--
-- if (n) {
-- tmp = 0;
-- for (i=0; i < n; i++) {
-- tmp = hex_char_to_nibble(*string++);
-- tmp <<= 4;
-- }
-- v->word[m] = tmp;
-- }
--
-- /* now loop over the rest of the words */
-- for (i=m-1; i >= 0; i--) {
-- tmp = 0;
-- for (j=0; j < 8; j++) {
-- tmp = hex_char_to_nibble(*string++);
-- tmp <<= 4;
-- }
-- v->word[i] = tmp;
-- }
--
-- return 0;
--}
--
-
- /* functions below not yet tested! */
-
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-lin/crypto/replay/rdbx.c srtp/crypto/replay/rdbx.c
---- srtp-lin/crypto/replay/rdbx.c 2007-06-15 14:17:40.000000000 -0400
-+++ srtp/crypto/replay/rdbx.c 2009-04-22 19:03:15.000000000 -0400
-@@ -45,7 +45,6 @@
-
- #include "rdbx.h"
-
--#define rdbx_high_bit_in_bitmask 127
-
- /*
- * from draft-ietf-avt-srtp-00.txt:
-@@ -180,17 +179,32 @@ index_guess(const xtd_seq_num_t *local,
-
-
- /*
-- * rdbx_init(&r) initalizes the rdbx_t pointed to by r
-+ * rdbx_init(&r, ws) initializes the rdbx_t pointed to by r with window size ws
- */
-
- err_status_t
--rdbx_init(rdbx_t *rdbx) {
-- v128_set_to_zero(&rdbx->bitmask);
-+rdbx_init(rdbx_t *rdbx, unsigned long ws) {
-+ if (ws == 0)
-+ return err_status_bad_param;
-+
-+ if (bitvector_alloc(&rdbx->bitmask, ws) != 0)
-+ return err_status_alloc_fail;
-+
- index_init(&rdbx->index);
-
- return err_status_ok;
- }
-
-+/*
-+ * rdbx_uninit(&r) uninitializes the rdbx_t pointed to by r
-+ */
-+
-+err_status_t
-+rdbx_uninit(rdbx_t *rdbx) {
-+ bitvector_dealloc(&rdbx->bitmask);
-+
-+ return err_status_ok;
-+}
-
- /*
- * rdbx_set_roc(rdbx, roc) initalizes the rdbx_t at the location rdbx
-@@ -202,7 +216,7 @@ rdbx_init(rdbx_t *rdbx) {
-
- err_status_t
- rdbx_set_roc(rdbx_t *rdbx, uint32_t roc) {
-- v128_set_to_zero(&rdbx->bitmask);
-+ bitvector_set_to_zero(&rdbx->bitmask);
-
- #ifdef NO_64BIT_MATH
- #error not yet implemented
-@@ -231,6 +245,17 @@ rdbx_get_packet_index(const rdbx_t *rdbx
- }
-
- /*
-+ * rdbx_get_window_size(rdbx) returns the value of the window size
-+ * for the rdbx_t pointed to by rdbx
-+ *
-+ */
-+
-+unsigned long
-+rdbx_get_window_size(const rdbx_t *rdbx) {
-+ return bitvector_get_length(&rdbx->bitmask);
-+}
-+
-+/*
- * rdbx_check(&r, delta) checks to see if the xtd_seq_num_t
- * which is at rdbx->index + delta is in the rdb
- */
-@@ -240,11 +265,11 @@ rdbx_check(const rdbx_t *rdbx, int delta
-
- if (delta > 0) { /* if delta is positive, it's good */
- return err_status_ok;
-- } else if (rdbx_high_bit_in_bitmask + delta < 0) {
-+ } else if ((int)(bitvector_get_length(&rdbx->bitmask) - 1) + delta < 0) {
- /* if delta is lower than the bitmask, it's bad */
- return err_status_replay_old;
-- } else if (v128_get_bit(&rdbx->bitmask,
-- rdbx_high_bit_in_bitmask + delta) == 1) {
-+ } else if (bitvector_get_bit(&rdbx->bitmask,
-+ (int)(bitvector_get_length(&rdbx->bitmask) - 1) + delta) == 1) {
- /* delta is within the window, so check the bitmask */
- return err_status_replay_fail;
- }
-@@ -268,11 +293,11 @@ rdbx_add_index(rdbx_t *rdbx, int delta)
- if (delta > 0) {
- /* shift forward by delta */
- index_advance(&rdbx->index, delta);
-- v128_left_shift(&rdbx->bitmask, delta);
-- v128_set_bit(&rdbx->bitmask, 127);
-+ bitvector_left_shift(&rdbx->bitmask, delta);
-+ bitvector_set_bit(&rdbx->bitmask, bitvector_get_length(&rdbx->bitmask) - 1);
- } else {
- /* delta is in window, so flip bit in bitmask */
-- v128_set_bit(&rdbx->bitmask, -delta);
-+ bitvector_set_bit(&rdbx->bitmask, -delta);
- }
-
- /* note that we need not consider the case that delta == 0 */
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-lin/include/srtp.h srtp/include/srtp.h
---- srtp-lin/include/srtp.h 2007-06-15 14:17:40.000000000 -0400
-+++ srtp/include/srtp.h 2009-04-22 19:06:22.000000000 -0400
-@@ -223,6 +223,8 @@ typedef struct srtp_policy_t {
- * this stream. */
- ekt_policy_t ekt; /**< Pointer to the EKT policy structure
- * for this stream (if any) */
-+ unsigned long window_size; /**< The window size to use for replay
-+ * protection. */
- struct srtp_policy_t *next; /**< Pointer to next stream policy. */
- } srtp_policy_t;
-
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-lin/srtp/srtp.c srtp/srtp/srtp.c
---- srtp-lin/srtp/srtp.c 2007-06-15 14:17:40.000000000 -0400
-+++ srtp/srtp/srtp.c 2009-04-22 19:18:43.000000000 -0400
-@@ -275,7 +275,10 @@ srtp_stream_clone(const srtp_stream_ctx_
- return status;
-
- /* initialize replay databases */
-- rdbx_init(&str->rtp_rdbx);
-+ status = rdbx_init(&str->rtp_rdbx,
-+ rdbx_get_window_size(&stream_template->rtp_rdbx));
-+ if (status)
-+ return status;
- rdb_init(&str->rtcp_rdb);
-
- /* set ssrc to that provided */
-@@ -491,7 +494,8 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
- p->ssrc.value);
-
- /* initialize replay database */
-- rdbx_init(&srtp->rtp_rdbx);
-+ err = rdbx_init(&srtp->rtp_rdbx, p->window_size);
-+ if (err) return err;
-
- /* initialize key limit to maximum value */
- #ifdef NO_64BIT_MATH
-@@ -525,14 +529,20 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
-
- /* initialize keys */
- err = srtp_stream_init_keys(srtp, p->key);
-- if (err) return err;
-+ if (err) {
-+ rdbx_uninit(&srtp->rtp_rdbx);
-+ return err;
-+ }
-
- /*
- * if EKT is in use, then initialize the EKT data associated with
- * the stream
- */
- err = ekt_stream_init_from_policy(srtp->ekt, p->ekt);
-- if (err) return err;
-+ if (err) {
-+ rdbx_uninit(&srtp->rtp_rdbx);
-+ return err;
-+ }
-
- return err_status_ok;
- }
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-lin/test/dtls_srtp_driver.c srtp/test/dtls_srtp_driver.c
---- srtp-lin/test/dtls_srtp_driver.c 2009-04-23 15:50:26.000000000 -0400
-+++ srtp/test/dtls_srtp_driver.c 2009-04-23 15:50:48.000000000 -0400
-@@ -184,6 +184,7 @@ test_dtls_srtp() {
- if (err) return err;
- policy.ssrc.type = ssrc_any_inbound;
- policy.ekt = NULL;
-+ policy.window_size = 128;
- policy.next = NULL;
-
- err = srtp_add_stream(s, &policy);
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-lin/test/rdbx_driver.c srtp/test/rdbx_driver.c
---- srtp-lin/test/rdbx_driver.c 2006-07-17 16:41:22.000000000 -0400
-+++ srtp/test/rdbx_driver.c 2009-04-22 19:22:21.000000000 -0400
-@@ -55,10 +55,10 @@
- #include "ut_sim.h"
-
- err_status_t
--test_replay_dbx(int num_trials);
-+test_replay_dbx(int num_trials, unsigned long ws);
-
- double
--rdbx_check_adds_per_second(int num_trials);
-+rdbx_check_adds_per_second(int num_trials, unsigned long ws);
-
- void
- usage(char *prog_name) {
-@@ -99,9 +99,18 @@ main (int argc, char *argv[]) {
- usage(argv[0]);
-
- if (do_validation) {
-- printf("testing rdbx_t...\n");
-+ printf("testing rdbx_t (ws=128)...\n");
-
-- status = test_replay_dbx(1 << 12);
-+ status = test_replay_dbx(1 << 12, 128);
-+ if (status) {
-+ printf("failed\n");
-+ exit(1);
-+ }
-+ printf("passed\n");
-+
-+ printf("testing rdbx_t (ws=1024)...\n");
-+
-+ status = test_replay_dbx(1 << 12, 1024);
- if (status) {
- printf("failed\n");
- exit(1);
-@@ -110,8 +119,10 @@ main (int argc, char *argv[]) {
- }
-
- if (do_timing_test) {
-- rate = rdbx_check_adds_per_second(1 << 18);
-- printf("rdbx_check/replay_adds per second: %e\n", rate);
-+ rate = rdbx_check_adds_per_second(1 << 18, 128);
-+ printf("rdbx_check/replay_adds per second (ws=128): %e\n", rate);
-+ rate = rdbx_check_adds_per_second(1 << 18, 1024);
-+ printf("rdbx_check/replay_adds per second (ws=1024): %e\n", rate);
- }
-
- return 0;
-@@ -119,8 +130,11 @@ main (int argc, char *argv[]) {
-
- void
- print_rdbx(rdbx_t *rdbx) {
-+ char buf[2048];
- printf("rdbx: {%llu, %s}\n",
-- (unsigned long long)(rdbx->index), v128_bit_string(&rdbx->bitmask));
-+ (unsigned long long)(rdbx->index),
-+ bitvector_bit_string(&rdbx->bitmask, buf, sizeof(buf))
-+);
- }
-
-
-@@ -194,17 +208,15 @@ rdbx_check_unordered(rdbx_t *rdbx, uint3
- return err_status_ok;
- }
-
--#define MAX_IDX 160
--
- err_status_t
--test_replay_dbx(int num_trials) {
-+test_replay_dbx(int num_trials, unsigned long ws) {
- rdbx_t rdbx;
- uint32_t idx, ircvd;
- ut_connection utc;
- err_status_t status;
- int num_fp_trials;
-
-- status = rdbx_init(&rdbx);
-+ status = rdbx_init(&rdbx, ws);
- if (status) {
- printf("replay_init failed with error code %d\n", status);
- exit(1);
-@@ -241,7 +253,9 @@ test_replay_dbx(int num_trials) {
- printf("passed\n");
-
- /* re-initialize */
-- if (rdbx_init(&rdbx) != err_status_ok) {
-+ rdbx_uninit(&rdbx);
-+
-+ if (rdbx_init(&rdbx, ws) != err_status_ok) {
- printf("replay_init failed\n");
- return err_status_init_fail;
- }
-@@ -263,6 +277,8 @@ test_replay_dbx(int num_trials) {
- }
- printf("passed\n");
-
-+ rdbx_uninit(&rdbx);
-+
- return err_status_ok;
- }
-
-@@ -272,7 +288,7 @@ test_replay_dbx(int num_trials) {
- #include <stdlib.h> /* for random() */
-
- double
--rdbx_check_adds_per_second(int num_trials) {
-+rdbx_check_adds_per_second(int num_trials, unsigned long ws) {
- uint32_t i;
- int delta;
- rdbx_t rdbx;
-@@ -280,7 +296,7 @@ rdbx_check_adds_per_second(int num_trial
- clock_t timer;
- int failures; /* count number of failures */
-
-- if (rdbx_init(&rdbx) != err_status_ok) {
-+ if (rdbx_init(&rdbx, ws) != err_status_ok) {
- printf("replay_init failed\n");
- exit(1);
- }
-@@ -301,6 +317,8 @@ rdbx_check_adds_per_second(int num_trial
-
- printf("number of failures: %d \n", failures);
-
-+ rdbx_uninit(&rdbx);
-+
- return (double) CLOCKS_PER_SEC * num_trials / timer;
- }
-
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-lin/test/rtpw.c srtp/test/rtpw.c
---- srtp-lin/test/rtpw.c 2006-07-17 16:41:22.000000000 -0400
-+++ srtp/test/rtpw.c 2009-04-22 19:16:52.000000000 -0400
-@@ -330,6 +330,7 @@ main (int argc, char *argv[]) {
- policy.ssrc.value = ssrc;
- policy.key = (uint8_t *) key;
- policy.next = NULL;
-+ policy.window_size = 128;
- policy.rtp.sec_serv = sec_servs;
- policy.rtcp.sec_serv = sec_serv_none; /* we don't do RTCP anyway */
-
-@@ -382,6 +383,7 @@ main (int argc, char *argv[]) {
- policy.rtcp.auth_key_len = 0;
- policy.rtcp.auth_tag_len = 0;
- policy.rtcp.sec_serv = sec_serv_none;
-+ policy.window_size = 0;
- policy.next = NULL;
- }
-
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-lin/test/srtp_driver.c srtp/test/srtp_driver.c
---- srtp-lin/test/srtp_driver.c 2009-04-22 18:20:27.000000000 -0400
-+++ srtp/test/srtp_driver.c 2009-04-22 19:16:52.000000000 -0400
-@@ -321,6 +321,8 @@ main (int argc, char *argv[]) {
- policy.ssrc.type = ssrc_specific;
- policy.ssrc.value = 0xdecafbad;
- policy.key = test_key;
-+ policy.ekt = NULL;
-+ policy.window_size = 128;
- policy.next = NULL;
-
- printf("mips estimate: %e\n", mips);
-@@ -989,14 +991,16 @@ srtp_session_print_policy(srtp_t srtp) {
- "# rtp services: %s\r\n"
- "# rtcp cipher: %s\r\n"
- "# rtcp auth: %s\r\n"
-- "# rtcp services: %s\r\n",
-+ "# rtcp services: %s\r\n"
-+ "# window size: %lu\r\n",
- direction[stream->direction],
- stream->rtp_cipher->type->description,
- stream->rtp_auth->type->description,
- serv_descr[stream->rtp_services],
- stream->rtcp_cipher->type->description,
- stream->rtcp_auth->type->description,
-- serv_descr[stream->rtcp_services]);
-+ serv_descr[stream->rtcp_services],
-+ rdbx_get_window_size(&stream->rtp_rdbx));
- }
-
- /* loop over streams in session, printing the policy of each */
-@@ -1011,14 +1015,16 @@ srtp_session_print_policy(srtp_t srtp) {
- "# rtp services: %s\r\n"
- "# rtcp cipher: %s\r\n"
- "# rtcp auth: %s\r\n"
-- "# rtcp services: %s\r\n",
-+ "# rtcp services: %s\r\n"
-+ "# window size: %lu\r\n",
- stream->ssrc,
- stream->rtp_cipher->type->description,
- stream->rtp_auth->type->description,
- serv_descr[stream->rtp_services],
- stream->rtcp_cipher->type->description,
- stream->rtcp_auth->type->description,
-- serv_descr[stream->rtcp_services]);
-+ serv_descr[stream->rtcp_services],
-+ rdbx_get_window_size(&stream->rtp_rdbx));
-
- /* advance to next stream in the list */
- stream = stream->next;
-@@ -1172,6 +1178,8 @@ srtp_validate() {
- policy.ssrc.type = ssrc_specific;
- policy.ssrc.value = 0xcafebabe;
- policy.key = test_key;
-+ policy.ekt = NULL;
-+ policy.window_size = 128;
- policy.next = NULL;
-
- status = srtp_create(&srtp_snd, &policy);
-@@ -1328,6 +1336,7 @@ const srtp_policy_t default_policy = {
- },
- test_key,
- NULL, /* indicates that EKT is not in use */
-+ 128, /* replay window size */
- NULL
- };
-
-@@ -1351,6 +1360,7 @@ const srtp_policy_t aes_tmmh_policy = {
- },
- test_key,
- NULL, /* indicates that EKT is not in use */
-+ 128, /* replay window size */
- NULL
- };
-
-@@ -1374,6 +1384,7 @@ const srtp_policy_t tmmh_only_policy = {
- },
- test_key,
- NULL, /* indicates that EKT is not in use */
-+ 128, /* replay window size */
- NULL
- };
-
-@@ -1397,6 +1408,7 @@ const srtp_policy_t aes_only_policy = {
- },
- test_key,
- NULL, /* indicates that EKT is not in use */
-+ 128, /* replay window size */
- NULL
- };
-
-@@ -1420,6 +1432,7 @@ const srtp_policy_t hmac_only_policy = {
- },
- test_key,
- NULL, /* indicates that EKT is not in use */
-+ 128, /* replay window size */
- NULL
- };
-
-@@ -1443,6 +1456,7 @@ const srtp_policy_t null_policy = {
- },
- test_key,
- NULL, /* indicates that EKT is not in use */
-+ 128, /* replay window size */
- NULL
- };
-
-@@ -1480,6 +1494,7 @@ const srtp_policy_t hmac_only_with_ekt_p
- },
- test_key,
- &ekt_test_policy, /* indicates that EKT is not in use */
-+ 128, /* replay window size */
- NULL
- };
-
-@@ -1531,5 +1546,7 @@ const srtp_policy_t wildcard_policy = {
- sec_serv_conf_and_auth /* security services flag */
- },
- test_key,
-+ NULL,
-+ 128, /* replay window size */
- NULL
- };
diff --git a/googlepatches/vidyo-4-srtp-rtx.patch b/googlepatches/vidyo-4-srtp-rtx.patch
deleted file mode 100644
index 18af19c..0000000
--- a/googlepatches/vidyo-4-srtp-rtx.patch
+++ /dev/null
@@ -1,216 +0,0 @@
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-ws/include/srtp.h srtp/include/srtp.h
---- srtp-ws/include/srtp.h 2009-04-22 19:06:22.000000000 -0400
-+++ srtp/include/srtp.h 2009-04-23 15:17:49.000000000 -0400
-@@ -225,6 +225,12 @@ typedef struct srtp_policy_t {
- * for this stream (if any) */
- unsigned long window_size; /**< The window size to use for replay
- * protection. */
-+ int allow_repeat_tx; /**< Whether retransmissions of
-+ * packets with the same sequence number
-+ * are allowed. (Note that such repeated
-+ * transmissions must have the same RTP
-+ * payload, or a severe security weakness
-+ * is introduced!) */
- struct srtp_policy_t *next; /**< Pointer to next stream policy. */
- } srtp_policy_t;
-
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-ws/include/srtp_priv.h srtp/include/srtp_priv.h
---- srtp-ws/include/srtp_priv.h 2007-06-15 14:17:40.000000000 -0400
-+++ srtp/include/srtp_priv.h 2009-04-22 19:27:10.000000000 -0400
-@@ -218,6 +218,7 @@ typedef struct srtp_stream_ctx_t {
- sec_serv_t rtcp_services;
- key_limit_ctx_t *limit;
- direction_t direction;
-+ int allow_repeat_tx;
- ekt_stream_t ekt;
- struct srtp_stream_ctx_t *next; /* linked list of streams */
- } srtp_stream_ctx_t;
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-ws/srtp/srtp.c srtp/srtp/srtp.c
---- srtp-ws/srtp/srtp.c 2009-04-22 19:18:43.000000000 -0400
-+++ srtp/srtp/srtp.c 2009-04-22 19:30:23.000000000 -0400
-@@ -280,6 +280,7 @@ srtp_stream_clone(const srtp_stream_ctx_
- if (status)
- return status;
- rdb_init(&str->rtcp_rdb);
-+ str->allow_repeat_tx = stream_template->allow_repeat_tx;
-
- /* set ssrc to that provided */
- str->ssrc = ssrc;
-@@ -525,6 +526,9 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
- /* initialize SRTCP replay database */
- rdb_init(&srtp->rtcp_rdb);
-
-+ /* initialize allow_repeat_tx */
-+ srtp->allow_repeat_tx = p->allow_repeat_tx;
-+
- /* DAM - no RTCP key limit at present */
-
- /* initialize keys */
-@@ -732,9 +736,12 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
- */
- delta = rdbx_estimate_index(&stream->rtp_rdbx, &est, ntohs(hdr->seq));
- status = rdbx_check(&stream->rtp_rdbx, delta);
-- if (status)
-- return status; /* we've been asked to reuse an index */
-- rdbx_add_index(&stream->rtp_rdbx, delta);
-+ if (status) {
-+ if (status != err_status_replay_fail || !stream->allow_repeat_tx)
-+ return status; /* we've been asked to reuse an index */
-+ }
-+ else
-+ rdbx_add_index(&stream->rtp_rdbx, delta);
-
- #ifdef NO_64BIT_MATH
- debug_print2(mod_srtp, "estimated packet index: %08x%08x",
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-ws/test/dtls_srtp_driver.c srtp/test/dtls_srtp_driver.c
---- srtp-ws/test/dtls_srtp_driver.c 2009-04-23 15:50:48.000000000 -0400
-+++ srtp/test/dtls_srtp_driver.c 2009-04-23 15:51:11.000000000 -0400
-@@ -185,6 +185,7 @@ test_dtls_srtp() {
- policy.ssrc.type = ssrc_any_inbound;
- policy.ekt = NULL;
- policy.window_size = 128;
-+ policy.allow_repeat_tx = 0;
- policy.next = NULL;
-
- err = srtp_add_stream(s, &policy);
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-ws/test/rtpw.c srtp/test/rtpw.c
---- srtp-ws/test/rtpw.c 2009-04-22 19:16:52.000000000 -0400
-+++ srtp/test/rtpw.c 2009-04-23 15:16:18.000000000 -0400
-@@ -331,6 +331,7 @@ main (int argc, char *argv[]) {
- policy.key = (uint8_t *) key;
- policy.next = NULL;
- policy.window_size = 128;
-+ policy.allow_repeat_tx = 0;
- policy.rtp.sec_serv = sec_servs;
- policy.rtcp.sec_serv = sec_serv_none; /* we don't do RTCP anyway */
-
-@@ -384,6 +385,7 @@ main (int argc, char *argv[]) {
- policy.rtcp.auth_tag_len = 0;
- policy.rtcp.sec_serv = sec_serv_none;
- policy.window_size = 0;
-+ policy.allow_repeat_tx = 0;
- policy.next = NULL;
- }
-
-diff -purN -x CVS -x '*~' -x '.*' -x 'obj-*' srtp-ws/test/srtp_driver.c srtp/test/srtp_driver.c
---- srtp-ws/test/srtp_driver.c 2009-04-22 19:16:52.000000000 -0400
-+++ srtp/test/srtp_driver.c 2009-04-23 15:16:18.000000000 -0400
-@@ -323,6 +323,7 @@ main (int argc, char *argv[]) {
- policy.key = test_key;
- policy.ekt = NULL;
- policy.window_size = 128;
-+ policy.allow_repeat_tx = 0;
- policy.next = NULL;
-
- printf("mips estimate: %e\n", mips);
-@@ -992,7 +993,8 @@ srtp_session_print_policy(srtp_t srtp) {
- "# rtcp cipher: %s\r\n"
- "# rtcp auth: %s\r\n"
- "# rtcp services: %s\r\n"
-- "# window size: %lu\r\n",
-+ "# window size: %lu\r\n"
-+ "# tx rtx allowed:%s\r\n",
- direction[stream->direction],
- stream->rtp_cipher->type->description,
- stream->rtp_auth->type->description,
-@@ -1000,7 +1002,8 @@ srtp_session_print_policy(srtp_t srtp) {
- stream->rtcp_cipher->type->description,
- stream->rtcp_auth->type->description,
- serv_descr[stream->rtcp_services],
-- rdbx_get_window_size(&stream->rtp_rdbx));
-+ rdbx_get_window_size(&stream->rtp_rdbx),
-+ stream->allow_repeat_tx ? "true" : "false");
- }
-
- /* loop over streams in session, printing the policy of each */
-@@ -1016,7 +1019,8 @@ srtp_session_print_policy(srtp_t srtp) {
- "# rtcp cipher: %s\r\n"
- "# rtcp auth: %s\r\n"
- "# rtcp services: %s\r\n"
-- "# window size: %lu\r\n",
-+ "# window size: %lu\r\n"
-+ "# tx rtx allowed:%s\r\n",
- stream->ssrc,
- stream->rtp_cipher->type->description,
- stream->rtp_auth->type->description,
-@@ -1024,7 +1028,8 @@ srtp_session_print_policy(srtp_t srtp) {
- stream->rtcp_cipher->type->description,
- stream->rtcp_auth->type->description,
- serv_descr[stream->rtcp_services],
-- rdbx_get_window_size(&stream->rtp_rdbx));
-+ rdbx_get_window_size(&stream->rtp_rdbx),
-+ stream->allow_repeat_tx ? "true" : "false");
-
- /* advance to next stream in the list */
- stream = stream->next;
-@@ -1180,6 +1185,7 @@ srtp_validate() {
- policy.key = test_key;
- policy.ekt = NULL;
- policy.window_size = 128;
-+ policy.allow_repeat_tx = 0;
- policy.next = NULL;
-
- status = srtp_create(&srtp_snd, &policy);
-@@ -1337,6 +1343,7 @@ const srtp_policy_t default_policy = {
- test_key,
- NULL, /* indicates that EKT is not in use */
- 128, /* replay window size */
-+ 0, /* retransmission not allowed */
- NULL
- };
-
-@@ -1361,6 +1368,7 @@ const srtp_policy_t aes_tmmh_policy = {
- test_key,
- NULL, /* indicates that EKT is not in use */
- 128, /* replay window size */
-+ 0, /* retransmission not allowed */
- NULL
- };
-
-@@ -1385,6 +1393,7 @@ const srtp_policy_t tmmh_only_policy = {
- test_key,
- NULL, /* indicates that EKT is not in use */
- 128, /* replay window size */
-+ 0, /* retransmission not allowed */
- NULL
- };
-
-@@ -1409,6 +1418,7 @@ const srtp_policy_t aes_only_policy = {
- test_key,
- NULL, /* indicates that EKT is not in use */
- 128, /* replay window size */
-+ 0, /* retransmission not allowed */
- NULL
- };
-
-@@ -1433,6 +1443,7 @@ const srtp_policy_t hmac_only_policy = {
- test_key,
- NULL, /* indicates that EKT is not in use */
- 128, /* replay window size */
-+ 0, /* retransmission not allowed */
- NULL
- };
-
-@@ -1457,6 +1468,7 @@ const srtp_policy_t null_policy = {
- test_key,
- NULL, /* indicates that EKT is not in use */
- 128, /* replay window size */
-+ 0, /* retransmission not allowed */
- NULL
- };
-
-@@ -1495,6 +1507,7 @@ const srtp_policy_t hmac_only_with_ekt_p
- test_key,
- &ekt_test_policy, /* indicates that EKT is not in use */
- 128, /* replay window size */
-+ 0, /* retransmission not allowed */
- NULL
- };
-
-@@ -1548,5 +1561,6 @@ const srtp_policy_t wildcard_policy = {
- test_key,
- NULL,
- 128, /* replay window size */
-+ 0, /* retransmission not allowed */
- NULL
- };
diff --git a/include/ekt.h b/include/ekt.h
deleted file mode 100644
index c43f409..0000000
--- a/include/ekt.h
+++ /dev/null
@@ -1,201 +0,0 @@
-/*
- * ekt.h
- *
- * interface to Encrypted Key Transport for SRTP
- *
- * David McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2005 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-
-/*
- * EKT implementation strategy
- *
- * use stream_template approach
- *
- * in srtp_unprotect, when a new stream appears, check if template has
- * EKT defined, and if it does, then apply EKT processing
- *
- * question: will we want to allow key-sharing templates in addition
- * to EKT templates? could define a new ssrc_type_t that's associated
- * with an EKT, e.g. ssrc_any_ekt.
- *
- *
- */
-
-#ifndef EKT_H
-#define EKT_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include "srtp_priv.h"
-
-#define EKT_CIPHER_DEFAULT 1
-#define EKT_CIPHER_AES_128_ECB 1
-#define EKT_CIPHER_AES_192_KEY_WRAP 2
-#define EKT_CIPHER_AES_256_KEY_WRAP 3
-
-typedef uint16_t ekt_spi_t;
-
-
-unsigned
-ekt_octets_after_base_tag(ekt_stream_t ekt);
-
-/*
- * an srtp_policy_t structure can contain a pointer to an
- * ekt_policy_t structure
- *
- * this structure holds all of the high level EKT information, and it
- * is passed into libsrtp to indicate what policy should be in effect
- */
-
-typedef struct ekt_policy_ctx_t {
- ekt_spi_t spi; /* security parameter index */
- uint8_t ekt_cipher_type;
- uint8_t *ekt_key;
- struct ekt_policy_ctx_t *next_ekt_policy;
-} ekt_policy_ctx_t;
-
-
-/*
- * an ekt_data_t structure holds the data corresponding to an ekt key,
- * spi, and so on
- */
-
-typedef struct ekt_data_t {
- ekt_spi_t spi;
- uint8_t ekt_cipher_type;
- aes_expanded_key_t ekt_enc_key;
- aes_expanded_key_t ekt_dec_key;
- struct ekt_data_t *next_ekt_data;
-} ekt_data_t;
-
-/*
- * an srtp_stream_ctx_t can contain an ekt_stream_ctx_t
- *
- * an ekt_stream_ctx_t structure holds all of the EKT information for
- * a specific SRTP stream
- */
-
-typedef struct ekt_stream_ctx_t {
- ekt_data_t *data;
- uint16_t isn; /* initial sequence number */
- uint8_t encrypted_master_key[SRTP_MAX_KEY_LEN];
-} ekt_stream_ctx_t;
-
-
-
-err_status_t
-ekt_alloc(ekt_stream_t *stream_data, ekt_policy_t policy);
-
-err_status_t
-ekt_stream_init(ekt_stream_t e,
- ekt_spi_t spi,
- void *ekt_key,
- unsigned ekt_cipher_type);
-
-err_status_t
-ekt_stream_init_from_policy(ekt_stream_t e, ekt_policy_t p);
-
-
-
-err_status_t
-srtp_stream_init_from_ekt(srtp_stream_t stream,
- const void *srtcp_hdr,
- unsigned pkt_octet_len);
-
-
-void
-ekt_write_data(ekt_stream_t ekt,
- void *base_tag,
- unsigned base_tag_len,
- int *packet_len,
- xtd_seq_num_t pkt_index);
-
-/*
- * We handle EKT by performing some additional steps before
- * authentication (copying the auth tag into a temporary location,
- * zeroizing the "base tag" field in the packet)
- *
- * With EKT, the tag_len parameter is actually the base tag
- * length
- */
-
-err_status_t
-ekt_tag_verification_preproces(uint8_t *pkt_tag,
- uint8_t *pkt_tag_copy,
- unsigned tag_len);
-
-err_status_t
-ekt_tag_verification_postproces(uint8_t *pkt_tag,
- uint8_t *pkt_tag_copy,
- unsigned tag_len);
-
-
-/*
- * @brief EKT pre-processing for srtcp tag generation
- *
- * This function does the pre-processing of the SRTCP authentication
- * tag format. When EKT is used, it consists of writing the Encrypted
- * Master Key, the SRTP ROC, the Initial Sequence Number, and SPI
- * fields. The Base Authentication Tag field is set to the all-zero
- * value
- *
- * When EKT is not used, this function is a no-op.
- *
- */
-
-err_status_t
-srtp_stream_srtcp_auth_tag_generation_preprocess(const srtp_stream_t *s,
- uint8_t *pkt_tag,
- unsigned pkt_octet_len);
-
-/* it's not clear that a tag_generation_postprocess function is needed */
-
-err_status_t
-srtcp_auth_tag_generation_postprocess();
-
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* EKT_H */
diff --git a/include/getopt_s.h b/include/getopt_s.h
deleted file mode 100644
index 2a6ece3..0000000
--- a/include/getopt_s.h
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * getopt.h
- *
- * interface to a minimal implementation of the getopt() function,
- * written so that test applications that use that function can run on
- * non-POSIX platforms
- *
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef GETOPT_S_H
-#define GETOPT_S_H
-
-/*
- * getopt_s(), optarg_s, and optind_s are small, locally defined
- * versions of the POSIX standard getopt() interface.
- */
-
-int
-getopt_s(int argc, char * const argv[], const char *optstring);
-
-extern char *optarg_s; /* defined in getopt.c */
-
-extern int optind_s; /* defined in getopt.c */
-
-#endif /* GETOPT_S_H */
diff --git a/include/rtp.h b/include/rtp.h
deleted file mode 100644
index 94279f5..0000000
--- a/include/rtp.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * rtp.h
- *
- * rtp interface for srtp reference implementation
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- *
- * data types:
- *
- * rtp_msg_t an rtp message (the data that goes on the wire)
- * rtp_sender_t sender side socket and rtp info
- * rtp_receiver_t receiver side socket and rtp info
- *
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef RTP_H
-#define RTP_H
-
-#ifdef HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#elif defined HAVE_WINSOCK2_H
-# include <winsock2.h>
-#endif
-
-#include "srtp.h"
-
-typedef struct rtp_sender_ctx_t *rtp_sender_t;
-
-typedef struct rtp_receiver_ctx_t *rtp_receiver_t;
-
-unsigned int
-rtp_sendto(rtp_sender_t sender, const void* msg, int len);
-
-unsigned int
-rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len);
-
-int
-rtp_receiver_init(rtp_receiver_t rcvr, int socket,
- struct sockaddr_in addr, unsigned int ssrc);
-
-int
-rtp_sender_init(rtp_sender_t sender, int socket,
- struct sockaddr_in addr, unsigned int ssrc);
-
-/*
- * srtp_sender_init(...) initializes an rtp_sender_t
- */
-
-int
-srtp_sender_init(rtp_sender_t rtp_ctx, /* structure to be init'ed */
- struct sockaddr_in name, /* socket name */
- sec_serv_t security_services, /* sec. servs. to be used */
- unsigned char *input_key /* master key/salt in hex */
- );
-
-int
-srtp_receiver_init(rtp_receiver_t rtp_ctx, /* structure to be init'ed */
- struct sockaddr_in name, /* socket name */
- sec_serv_t security_services, /* sec. servs. to be used */
- unsigned char *input_key /* master key/salt in hex */
- );
-
-
-int
-rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy);
-
-int
-rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy);
-
-
-rtp_sender_t
-rtp_sender_alloc();
-
-rtp_receiver_t
-rtp_receiver_alloc();
-
-
-/*
- * RTP_HEADER_LEN indicates the size of an RTP header
- */
-#define RTP_HEADER_LEN 12
-
-/*
- * RTP_MAX_BUF_LEN defines the largest RTP packet in the rtp.c implementation
- */
-#define RTP_MAX_BUF_LEN 16384
-
-
-#endif /* RTP_H */
diff --git a/include/rtp_priv.h b/include/rtp_priv.h
deleted file mode 100644
index 1421386..0000000
--- a/include/rtp_priv.h
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * rtp_priv.h
- *
- * private, internal header file for RTP
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef RTP_PRIV_H
-#define RTP_PRIV_H
-
-#include "srtp_priv.h"
-#include "rtp.h"
-
-typedef srtp_hdr_t rtp_hdr_t;
-
-typedef struct {
- srtp_hdr_t header;
- char body[RTP_MAX_BUF_LEN];
-} rtp_msg_t;
-
-typedef struct rtp_sender_ctx_t {
- rtp_msg_t message;
- int socket;
- srtp_ctx_t *srtp_ctx;
- struct sockaddr_in addr; /* reciever's address */
-} rtp_sender_ctx_t;
-
-typedef struct rtp_receiver_ctx_t {
- rtp_msg_t message;
- int socket;
- srtp_ctx_t *srtp_ctx;
- struct sockaddr_in addr; /* receiver's address */
-} rtp_receiver_ctx_t;
-
-
-#endif /* RTP_PRIV_H */
diff --git a/include/srtp.h b/include/srtp.h
deleted file mode 100644
index bbaac95..0000000
--- a/include/srtp.h
+++ /dev/null
@@ -1,933 +0,0 @@
-/*
- * srtp.h
- *
- * interface to libsrtp
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#ifndef SRTP_H
-#define SRTP_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include "crypto_kernel.h"
-
-/**
- * @defgroup SRTP Secure RTP
- *
- * @brief libSRTP provides functions for protecting RTP and RTCP. See
- * Section @ref Overview for an introduction to the use of the library.
- *
- * @{
- */
-
-/*
- * SRTP_MASTER_KEY_LEN is the nominal master key length supported by libSRTP
- */
-
-#define SRTP_MASTER_KEY_LEN 30
-
-/*
- * SRTP_MAX_KEY_LEN is the maximum key length supported by libSRTP
- */
-#define SRTP_MAX_KEY_LEN 64
-
-/*
- * SRTP_MAX_TAG_LEN is the maximum tag length supported by libSRTP
- */
-
-#define SRTP_MAX_TAG_LEN 12
-
-/**
- * SRTP_MAX_TRAILER_LEN is the maximum length of the SRTP trailer
- * (authentication tag and MKI) supported by libSRTP. This value is
- * the maximum number of octets that will be added to an RTP packet by
- * srtp_protect().
- *
- * @brief the maximum number of octets added by srtp_protect().
- */
-#define SRTP_MAX_TRAILER_LEN SRTP_MAX_TAG_LEN
-
-/*
- * nota bene: since libSRTP doesn't support the use of the MKI, the
- * SRTP_MAX_TRAILER_LEN value is just the maximum tag length
- */
-
-/**
- * @brief sec_serv_t describes a set of security services.
- *
- * A sec_serv_t enumeration is used to describe the particular
- * security services that will be applied by a particular crypto
- * policy (or other mechanism).
- */
-
-typedef enum {
- sec_serv_none = 0, /**< no services */
- sec_serv_conf = 1, /**< confidentiality */
- sec_serv_auth = 2, /**< authentication */
- sec_serv_conf_and_auth = 3 /**< confidentiality and authentication */
-} sec_serv_t;
-
-/**
- * @brief crypto_policy_t describes a particular crypto policy that
- * can be applied to an SRTP stream.
- *
- * A crypto_policy_t describes a particular cryptographic policy that
- * can be applied to an SRTP or SRTCP stream. An SRTP session policy
- * consists of a list of these policies, one for each SRTP stream
- * in the session.
- */
-
-typedef struct crypto_policy_t {
- cipher_type_id_t cipher_type; /**< An integer representing
- * the type of cipher. */
- int cipher_key_len; /**< The length of the cipher key
- * in octets. */
- auth_type_id_t auth_type; /**< An integer representing the
- * authentication function. */
- int auth_key_len; /**< The length of the authentication
- * function key in octets. */
- int auth_tag_len; /**< The length of the authentication
- * tag in octets. */
- sec_serv_t sec_serv; /**< The flag indicating the security
- * services to be applied. */
-} crypto_policy_t;
-
-
-/**
- * @brief ssrc_type_t describes the type of an SSRC.
- *
- * An ssrc_type_t enumeration is used to indicate a type of SSRC. See
- * @ref srtp_policy_t for more informataion.
- */
-
-typedef enum {
- ssrc_undefined = 0, /**< Indicates an undefined SSRC type. */
- ssrc_specific = 1, /**< Indicates a specific SSRC value */
- ssrc_any_inbound = 2, /**< Indicates any inbound SSRC value
- (i.e. a value that is used in the
- function srtp_unprotect()) */
- ssrc_any_outbound = 3 /**< Indicates any outbound SSRC value
- (i.e. a value that is used in the
- function srtp_protect()) */
-} ssrc_type_t;
-
-/**
- * @brief An ssrc_t represents a particular SSRC value, or a `wildcard' SSRC.
- *
- * An ssrc_t represents a particular SSRC value (if its type is
- * ssrc_specific), or a wildcard SSRC value that will match all
- * outbound SSRCs (if its type is ssrc_any_outbound) or all inbound
- * SSRCs (if its type is ssrc_any_inbound).
- *
- */
-
-typedef struct {
- ssrc_type_t type; /**< The type of this particular SSRC */
- unsigned int value; /**< The value of this SSRC, if it is not a wildcard */
-} ssrc_t;
-
-
-/**
- * @brief points to an EKT policy
- */
-typedef struct ekt_policy_ctx_t *ekt_policy_t;
-
-
-/**
- * @brief points to EKT stream data
- */
-typedef struct ekt_stream_ctx_t *ekt_stream_t;
-
-
-/**
- * @brief represents the policy for an SRTP session.
- *
- * A single srtp_policy_t struct represents the policy for a single
- * SRTP stream, and a linked list of these elements represents the
- * policy for an entire SRTP session. Each element contains the SRTP
- * and SRTCP crypto policies for that stream, a pointer to the SRTP
- * master key for that stream, the SSRC describing that stream, or a
- * flag indicating a `wildcard' SSRC value, and a `next' field that
- * holds a pointer to the next element in the list of policy elements,
- * or NULL if it is the last element.
- *
- * The wildcard value SSRC_ANY_INBOUND matches any SSRC from an
- * inbound stream that for which there is no explicit SSRC entry in
- * another policy element. Similarly, the value SSRC_ANY_OUTBOUND
- * will matches any SSRC from an outbound stream that does not appear
- * in another policy element. Note that wildcard SSRCs &b cannot be
- * used to match both inbound and outbound traffic. This restriction
- * is intentional, and it allows libSRTP to ensure that no security
- * lapses result from accidental re-use of SSRC values during key
- * sharing.
- *
- *
- * @warning The final element of the list @b must have its `next' pointer
- * set to NULL.
- */
-
-typedef struct srtp_policy_t {
- ssrc_t ssrc; /**< The SSRC value of stream, or the
- * flags SSRC_ANY_INBOUND or
- * SSRC_ANY_OUTBOUND if key sharing
- * is used for this policy element.
- */
- crypto_policy_t rtp; /**< SRTP crypto policy. */
- crypto_policy_t rtcp; /**< SRTCP crypto policy. */
- unsigned char *key; /**< Pointer to the SRTP master key for
- * this stream. */
- ekt_policy_t ekt; /**< Pointer to the EKT policy structure
- * for this stream (if any) */
- unsigned long window_size; /**< The window size to use for replay
- * protection. */
- int allow_repeat_tx; /**< Whether retransmissions of
- * packets with the same sequence number
- * are allowed. (Note that such repeated
- * transmissions must have the same RTP
- * payload, or a severe security weakness
- * is introduced!) */
- struct srtp_policy_t *next; /**< Pointer to next stream policy. */
-} srtp_policy_t;
-
-
-
-
-/**
- * @brief An srtp_t points to an SRTP session structure.
- *
- * The typedef srtp_t is a pointer to a structure that represents
- * an SRTP session. This datatype is intentially opaque in
- * order to separate the interface from the implementation.
- *
- * An SRTP session consists of all of the traffic sent to the RTP and
- * RTCP destination transport addresses, using the RTP/SAVP (Secure
- * Audio/Video Profile). A session can be viewed as a set of SRTP
- * streams, each of which originates with a different participant.
- */
-
-typedef struct srtp_ctx_t *srtp_t;
-
-
-/**
- * @brief An srtp_stream_t points to an SRTP stream structure.
- *
- * The typedef srtp_stream_t is a pointer to a structure that
- * represents an SRTP stream. This datatype is intentionally
- * opaque in order to separate the interface from the implementation.
- *
- * An SRTP stream consists of all of the traffic sent to an SRTP
- * session by a single participant. A session can be viewed as
- * a set of streams.
- *
- */
-typedef struct srtp_stream_ctx_t *srtp_stream_t;
-
-
-
-/**
- * @brief srtp_init() initializes the srtp library.
- *
- * @warning This function @b must be called before any other srtp
- * functions.
- */
-
-err_status_t
-srtp_init(void);
-
-/**
- * @brief srtp_protect() is the Secure RTP sender-side packet processing
- * function.
- *
- * The function call srtp_protect(ctx, rtp_hdr, len_ptr) applies SRTP
- * protection to the RTP packet rtp_hdr (which has length *len_ptr) using
- * the SRTP context ctx. If err_status_ok is returned, then rtp_hdr
- * points to the resulting SRTP packet and *len_ptr is the number of
- * octets in that packet; otherwise, no assumptions should be made
- * about the value of either data elements.
- *
- * The sequence numbers of the RTP packets presented to this function
- * need not be consecutive, but they @b must be out of order by less
- * than 2^15 = 32,768 packets.
- *
- * @warning This function assumes that it can write the authentication
- * tag into the location in memory immediately following the RTP
- * packet, and assumes that the RTP packet is aligned on a 32-bit
- * boundary.
- *
- * @param ctx is the SRTP context to use in processing the packet.
- *
- * @param rtp_hdr is a pointer to the RTP packet (before the call); after
- * the function returns, it points to the srtp packet.
- *
- * @param len_ptr is a pointer to the length in octets of the complete
- * RTP packet (header and body) before the function call, and of the
- * complete SRTP packet after the call, if err_status_ok was returned.
- * Otherwise, the value of the data to which it points is undefined.
- *
- * @return
- * - err_status_ok no problems
- * - err_status_replay_fail rtp sequence number was non-increasing
- * - @e other failure in cryptographic mechanisms
- */
-
-err_status_t
-srtp_protect(srtp_t ctx, void *rtp_hdr, int *len_ptr);
-
-/**
- * @brief srtp_unprotect() is the Secure RTP receiver-side packet
- * processing function.
- *
- * The function call srtp_unprotect(ctx, srtp_hdr, len_ptr) verifies
- * the Secure RTP protection of the SRTP packet pointed to by srtp_hdr
- * (which has length *len_ptr), using the SRTP context ctx. If
- * err_status_ok is returned, then srtp_hdr points to the resulting
- * RTP packet and *len_ptr is the number of octets in that packet;
- * otherwise, no assumptions should be made about the value of either
- * data elements.
- *
- * The sequence numbers of the RTP packets presented to this function
- * need not be consecutive, but they @b must be out of order by less
- * than 2^15 = 32,768 packets.
- *
- * @warning This function assumes that the SRTP packet is aligned on a
- * 32-bit boundary.
- *
- * @param ctx is a pointer to the srtp_t which applies to the
- * particular packet.
- *
- * @param srtp_hdr is a pointer to the header of the SRTP packet
- * (before the call). after the function returns, it points to the
- * rtp packet if err_status_ok was returned; otherwise, the value of
- * the data to which it points is undefined.
- *
- * @param len_ptr is a pointer to the length in octets of the complete
- * srtp packet (header and body) before the function call, and of the
- * complete rtp packet after the call, if err_status_ok was returned.
- * Otherwise, the value of the data to which it points is undefined.
- *
- * @return
- * - err_status_ok if the RTP packet is valid.
- * - err_status_auth_fail if the SRTP packet failed the message
- * authentication check.
- * - err_status_replay_fail if the SRTP packet is a replay (e.g. packet has
- * already been processed and accepted).
- * - [other] if there has been an error in the cryptographic mechanisms.
- *
- */
-
-err_status_t
-srtp_unprotect(srtp_t ctx, void *srtp_hdr, int *len_ptr);
-
-
-/**
- * @brief srtp_create() allocates and initializes an SRTP session.
-
- * The function call srtp_create(session, policy, key) allocates and
- * initializes an SRTP session context, applying the given policy and
- * key.
- *
- * @param session is the SRTP session to which the policy is to be added.
- *
- * @param policy is the srtp_policy_t struct that describes the policy
- * for the session. The struct may be a single element, or it may be
- * the head of a list, in which case each element of the list is
- * processed. It may also be NULL, in which case streams should be added
- * later using srtp_add_stream(). The final element of the list @b must
- * have its `next' field set to NULL.
- *
- * @return
- * - err_status_ok if creation succeded.
- * - err_status_alloc_fail if allocation failed.
- * - err_status_init_fail if initialization failed.
- */
-
-err_status_t
-srtp_create(srtp_t *session, const srtp_policy_t *policy);
-
-
-/**
- * @brief srtp_add_stream() allocates and initializes an SRTP stream
- * within a given SRTP session.
- *
- * The function call srtp_add_stream(session, policy) allocates and
- * initializes a new SRTP stream within a given, previously created
- * session, applying the policy given as the other argument to that
- * stream.
- *
- * @return values:
- * - err_status_ok if stream creation succeded.
- * - err_status_alloc_fail if stream allocation failed
- * - err_status_init_fail if stream initialization failed.
- */
-
-err_status_t
-srtp_add_stream(srtp_t session,
- const srtp_policy_t *policy);
-
-
-/**
- * @brief srtp_remove_stream() deallocates an SRTP stream.
- *
- * The function call srtp_remove_stream(session, ssrc) removes
- * the SRTP stream with the SSRC value ssrc from the SRTP session
- * context given by the argument session.
- *
- * @param session is the SRTP session from which the stream
- * will be removed.
- *
- * @param ssrc is the SSRC value of the stream to be removed.
- *
- * @warning Wildcard SSRC values cannot be removed from a
- * session.
- *
- * @return
- * - err_status_ok if the stream deallocation succeded.
- * - [other] otherwise.
- *
- */
-
-err_status_t
-srtp_remove_stream(srtp_t session, unsigned int ssrc);
-
-/**
- * @brief crypto_policy_set_rtp_default() sets a crypto policy
- * structure to the SRTP default policy for RTP protection.
- *
- * @param p is a pointer to the policy structure to be set
- *
- * The function call crypto_policy_set_rtp_default(&p) sets the
- * crypto_policy_t at location p to the SRTP default policy for RTP
- * protection, as defined in the specification. This function is a
- * convenience that helps to avoid dealing directly with the policy
- * data structure. You are encouraged to initialize policy elements
- * with this function call. Doing so may allow your code to be
- * forward compatible with later versions of libSRTP that include more
- * elements in the crypto_policy_t datatype.
- *
- * @return void.
- *
- */
-
-void
-crypto_policy_set_rtp_default(crypto_policy_t *p);
-
-/**
- * @brief crypto_policy_set_rtcp_default() sets a crypto policy
- * structure to the SRTP default policy for RTCP protection.
- *
- * @param p is a pointer to the policy structure to be set
- *
- * The function call crypto_policy_set_rtcp_default(&p) sets the
- * crypto_policy_t at location p to the SRTP default policy for RTCP
- * protection, as defined in the specification. This function is a
- * convenience that helps to avoid dealing directly with the policy
- * data structure. You are encouraged to initialize policy elements
- * with this function call. Doing so may allow your code to be
- * forward compatible with later versions of libSRTP that include more
- * elements in the crypto_policy_t datatype.
- *
- * @return void.
- *
- */
-
-void
-crypto_policy_set_rtcp_default(crypto_policy_t *p);
-
-/**
- * @brief crypto_policy_set_aes_cm_128_hmac_sha1_80() sets a crypto
- * policy structure to the SRTP default policy for RTP protection.
- *
- * @param p is a pointer to the policy structure to be set
- *
- * The function crypto_policy_set_aes_cm_128_hmac_sha1_80() is a
- * synonym for crypto_policy_set_rtp_default(). It conforms to the
- * naming convention used in
- * http://www.ietf.org/internet-drafts/draft-ietf-mmusic-sdescriptions-12.txt
- *
- * @return void.
- *
- */
-
-#define crypto_policy_set_aes_cm_128_hmac_sha1_80(p) crypto_policy_set_rtp_default(p)
-
-
-/**
- * @brief crypto_policy_set_aes_cm_128_hmac_sha1_32() sets a crypto
- * policy structure to a short-authentication tag policy
- *
- * @param p is a pointer to the policy structure to be set
- *
- * The function call crypto_policy_set_aes_cm_128_hmac_sha1_32(&p)
- * sets the crypto_policy_t at location p to use policy
- * AES_CM_128_HMAC_SHA1_32 as defined in
- * draft-ietf-mmusic-sdescriptions-12.txt. This policy uses AES-128
- * Counter Mode encryption and HMAC-SHA1 authentication, with an
- * authentication tag that is only 32 bits long. This length is
- * considered adequate only for protecting audio and video media that
- * use a stateless playback function. See Section 7.5 of RFC 3711
- * (http://www.ietf.org/rfc/rfc3711.txt).
- *
- * This function is a convenience that helps to avoid dealing directly
- * with the policy data structure. You are encouraged to initialize
- * policy elements with this function call. Doing so may allow your
- * code to be forward compatible with later versions of libSRTP that
- * include more elements in the crypto_policy_t datatype.
- *
- * @warning This crypto policy is intended for use in SRTP, but not in
- * SRTCP. It is recommended that a policy that uses longer
- * authentication tags be used for SRTCP. See Section 7.5 of RFC 3711
- * (http://www.ietf.org/rfc/rfc3711.txt).
- *
- * @return void.
- *
- */
-
-void
-crypto_policy_set_aes_cm_128_hmac_sha1_32(crypto_policy_t *p);
-
-
-
-/**
- * @brief crypto_policy_set_aes_cm_128_null_auth() sets a crypto
- * policy structure to an encryption-only policy
- *
- * @param p is a pointer to the policy structure to be set
- *
- * The function call crypto_policy_set_aes_cm_128_null_auth(&p) sets
- * the crypto_policy_t at location p to use the SRTP default cipher
- * (AES-128 Counter Mode), but to use no authentication method. This
- * policy is NOT RECOMMENDED unless it is unavoidable; see Section 7.5
- * of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt).
- *
- * This function is a convenience that helps to avoid dealing directly
- * with the policy data structure. You are encouraged to initialize
- * policy elements with this function call. Doing so may allow your
- * code to be forward compatible with later versions of libSRTP that
- * include more elements in the crypto_policy_t datatype.
- *
- * @warning This policy is NOT RECOMMENDED for SRTP unless it is
- * unavoidable, and it is NOT RECOMMENDED at all for SRTCP; see
- * Section 7.5 of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt).
- *
- * @return void.
- *
- */
-
-void
-crypto_policy_set_aes_cm_128_null_auth(crypto_policy_t *p);
-
-
-/**
- * @brief crypto_policy_set_null_cipher_hmac_sha1_80() sets a crypto
- * policy structure to an authentication-only policy
- *
- * @param p is a pointer to the policy structure to be set
- *
- * The function call crypto_policy_set_null_cipher_hmac_sha1_80(&p)
- * sets the crypto_policy_t at location p to use HMAC-SHA1 with an 80
- * bit authentication tag to provide message authentication, but to
- * use no encryption. This policy is NOT RECOMMENDED for SRTP unless
- * there is a requirement to forego encryption.
- *
- * This function is a convenience that helps to avoid dealing directly
- * with the policy data structure. You are encouraged to initialize
- * policy elements with this function call. Doing so may allow your
- * code to be forward compatible with later versions of libSRTP that
- * include more elements in the crypto_policy_t datatype.
- *
- * @warning This policy is NOT RECOMMENDED for SRTP unless there is a
- * requirement to forego encryption.
- *
- * @return void.
- *
- */
-
-void
-crypto_policy_set_null_cipher_hmac_sha1_80(crypto_policy_t *p);
-
-/**
- * @brief srtp_dealloc() deallocates storage for an SRTP session
- * context.
- *
- * The function call srtp_dealloc(s) deallocates storage for the
- * SRTP session context s. This function should be called no more
- * than one time for each of the contexts allocated by the function
- * srtp_create().
- *
- * @param s is the srtp_t for the session to be deallocated.
- *
- * @return
- * - err_status_ok if there no problems.
- * - err_status_dealloc_fail a memory deallocation failure occured.
- */
-
-err_status_t
-srtp_dealloc(srtp_t s);
-
-
-/*
- * @brief identifies a particular SRTP profile
- *
- * An srtp_profile_t enumeration is used to identify a particular SRTP
- * profile (that is, a set of algorithms and parameters). These
- * profiles are defined in the DTLS-SRTP draft.
- */
-
-typedef enum {
- srtp_profile_reserved = 0,
- srtp_profile_aes128_cm_sha1_80 = 1,
- srtp_profile_aes128_cm_sha1_32 = 2,
- srtp_profile_aes256_cm_sha1_80 = 3,
- srtp_profile_aes256_cm_sha1_32 = 4,
- srtp_profile_null_sha1_80 = 5,
- srtp_profile_null_sha1_32 = 6,
-} srtp_profile_t;
-
-
-/**
- * @brief crypto_policy_set_from_profile_for_rtp() sets a crypto policy
- * structure to the appropriate value for RTP based on an srtp_profile_t
- *
- * @param p is a pointer to the policy structure to be set
- *
- * The function call crypto_policy_set_rtp_default(&policy, profile)
- * sets the crypto_policy_t at location policy to the policy for RTP
- * protection, as defined by the srtp_profile_t profile.
- *
- * This function is a convenience that helps to avoid dealing directly
- * with the policy data structure. You are encouraged to initialize
- * policy elements with this function call. Doing so may allow your
- * code to be forward compatible with later versions of libSRTP that
- * include more elements in the crypto_policy_t datatype.
- *
- * @return values
- * - err_status_ok no problems were encountered
- * - err_status_bad_param the profile is not supported
- *
- */
-err_status_t
-crypto_policy_set_from_profile_for_rtp(crypto_policy_t *policy,
- srtp_profile_t profile);
-
-
-
-
-/**
- * @brief crypto_policy_set_from_profile_for_rtcp() sets a crypto policy
- * structure to the appropriate value for RTCP based on an srtp_profile_t
- *
- * @param p is a pointer to the policy structure to be set
- *
- * The function call crypto_policy_set_rtcp_default(&policy, profile)
- * sets the crypto_policy_t at location policy to the policy for RTCP
- * protection, as defined by the srtp_profile_t profile.
- *
- * This function is a convenience that helps to avoid dealing directly
- * with the policy data structure. You are encouraged to initialize
- * policy elements with this function call. Doing so may allow your
- * code to be forward compatible with later versions of libSRTP that
- * include more elements in the crypto_policy_t datatype.
- *
- * @return values
- * - err_status_ok no problems were encountered
- * - err_status_bad_param the profile is not supported
- *
- */
-err_status_t
-crypto_policy_set_from_profile_for_rtcp(crypto_policy_t *policy,
- srtp_profile_t profile);
-
-/**
- * @brief returns the master key length for a given SRTP profile
- */
-unsigned int
-srtp_profile_get_master_key_length(srtp_profile_t profile);
-
-
-/**
- * @brief returns the master salt length for a given SRTP profile
- */
-unsigned int
-srtp_profile_get_master_salt_length(srtp_profile_t profile);
-
-/**
- * @brief appends the salt to the key
- *
- * The function call append_salt_to_key(k, klen, s, slen)
- * copies the string s to the location at klen bytes following
- * the location k.
- *
- * @warning There must be at least bytes_in_salt + bytes_in_key bytes
- * available at the location pointed to by key.
- *
- */
-
-void
-append_salt_to_key(unsigned char *key, unsigned int bytes_in_key,
- unsigned char *salt, unsigned int bytes_in_salt);
-
-
-
-/**
- * @}
- */
-
-
-
-/**
- * @defgroup SRTCP Secure RTCP
- * @ingroup SRTP
- *
- * @brief Secure RTCP functions are used to protect RTCP traffic.
- *
- * RTCP is the control protocol for RTP. libSRTP protects RTCP
- * traffic in much the same way as it does RTP traffic. The function
- * srtp_protect_rtcp() applies cryptographic protections to outbound
- * RTCP packets, and srtp_unprotect_rtcp() verifies the protections on
- * inbound RTCP packets.
- *
- * A note on the naming convention: srtp_protect_rtcp() has an srtp_t
- * as its first argument, and thus has `srtp_' as its prefix. The
- * trailing `_rtcp' indicates the protocol on which it acts.
- *
- * @{
- */
-
-/**
- * @brief srtp_protect_rtcp() is the Secure RTCP sender-side packet
- * processing function.
- *
- * The function call srtp_protect_rtcp(ctx, rtp_hdr, len_ptr) applies
- * SRTCP protection to the RTCP packet rtcp_hdr (which has length
- * *len_ptr) using the SRTP session context ctx. If err_status_ok is
- * returned, then rtp_hdr points to the resulting SRTCP packet and
- * *len_ptr is the number of octets in that packet; otherwise, no
- * assumptions should be made about the value of either data elements.
- *
- * @warning This function assumes that it can write the authentication
- * tag into the location in memory immediately following the RTCP
- * packet, and assumes that the RTCP packet is aligned on a 32-bit
- * boundary.
- *
- * @param ctx is the SRTP context to use in processing the packet.
- *
- * @param rtcp_hdr is a pointer to the RTCP packet (before the call); after
- * the function returns, it points to the srtp packet.
- *
- * @param pkt_octet_len is a pointer to the length in octets of the
- * complete RTCP packet (header and body) before the function call,
- * and of the complete SRTCP packet after the call, if err_status_ok
- * was returned. Otherwise, the value of the data to which it points
- * is undefined.
- *
- * @return
- * - err_status_ok if there were no problems.
- * - [other] if there was a failure in
- * the cryptographic mechanisms.
- */
-
-
-err_status_t
-srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len);
-
-/**
- * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet
- * processing function.
- *
- * The function call srtp_unprotect_rtcp(ctx, srtp_hdr, len_ptr)
- * verifies the Secure RTCP protection of the SRTCP packet pointed to
- * by srtcp_hdr (which has length *len_ptr), using the SRTP session
- * context ctx. If err_status_ok is returned, then srtcp_hdr points
- * to the resulting RTCP packet and *len_ptr is the number of octets
- * in that packet; otherwise, no assumptions should be made about the
- * value of either data elements.
- *
- * @warning This function assumes that the SRTCP packet is aligned on a
- * 32-bit boundary.
- *
- * @param ctx is a pointer to the srtp_t which applies to the
- * particular packet.
- *
- * @param srtcp_hdr is a pointer to the header of the SRTCP packet
- * (before the call). After the function returns, it points to the
- * rtp packet if err_status_ok was returned; otherwise, the value of
- * the data to which it points is undefined.
- *
- * @param pkt_octet_len is a pointer to the length in octets of the
- * complete SRTCP packet (header and body) before the function call,
- * and of the complete rtp packet after the call, if err_status_ok was
- * returned. Otherwise, the value of the data to which it points is
- * undefined.
- *
- * @return
- * - err_status_ok if the RTCP packet is valid.
- * - err_status_auth_fail if the SRTCP packet failed the message
- * authentication check.
- * - err_status_replay_fail if the SRTCP packet is a replay (e.g. has
- * already been processed and accepted).
- * - [other] if there has been an error in the cryptographic mechanisms.
- *
- */
-
-err_status_t
-srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len);
-
-/**
- * @}
- */
-
-/**
- * @defgroup SRTPevents SRTP events and callbacks
- * @ingroup SRTP
- *
- * @brief libSRTP can use a user-provided callback function to
- * handle events.
- *
- *
- * libSRTP allows a user to provide a callback function to handle
- * events that need to be dealt with outside of the data plane (see
- * the enum srtp_event_t for a description of these events). Dealing
- * with these events is not a strict necessity; they are not
- * security-critical, but the application may suffer if they are not
- * handled. The function srtp_set_event_handler() is used to provide
- * the callback function.
- *
- * A default event handler that merely reports on the events as they
- * happen is included. It is also possible to set the event handler
- * function to NULL, in which case all events will just be silently
- * ignored.
- *
- * @{
- */
-
-/**
- * @brief srtp_event_t defines events that need to be handled
- *
- * The enum srtp_event_t defines events that need to be handled
- * outside the `data plane', such as SSRC collisions and
- * key expirations.
- *
- * When a key expires or the maximum number of packets has been
- * reached, an SRTP stream will enter an `expired' state in which no
- * more packets can be protected or unprotected. When this happens,
- * it is likely that you will want to either deallocate the stream
- * (using srtp_stream_dealloc()), and possibly allocate a new one.
- *
- * When an SRTP stream expires, the other streams in the same session
- * are unaffected, unless key sharing is used by that stream. In the
- * latter case, all of the streams in the session will expire.
- */
-
-typedef enum {
- event_ssrc_collision, /**<
- * An SSRC collision occured.
- */
- event_key_soft_limit, /**< An SRTP stream reached the soft key
- * usage limit and will expire soon.
- */
- event_key_hard_limit, /**< An SRTP stream reached the hard
- * key usage limit and has expired.
- */
- event_packet_index_limit /**< An SRTP stream reached the hard
- * packet limit (2^48 packets).
- */
-} srtp_event_t;
-
-/**
- * @brief srtp_event_data_t is the structure passed as a callback to
- * the event handler function
- *
- * The struct srtp_event_data_t holds the data passed to the event
- * handler function.
- */
-
-typedef struct srtp_event_data_t {
- srtp_t session; /**< The session in which the event happend. */
- srtp_stream_t stream; /**< The stream in which the event happend. */
- srtp_event_t event; /**< An enum indicating the type of event. */
-} srtp_event_data_t;
-
-/**
- * @brief srtp_event_handler_func_t is the function prototype for
- * the event handler.
- *
- * The typedef srtp_event_handler_func_t is the prototype for the
- * event handler function. It has as its only argument an
- * srtp_event_data_t which describes the event that needs to be handled.
- * There can only be a single, global handler for all events in
- * libSRTP.
- */
-
-typedef void (srtp_event_handler_func_t)(srtp_event_data_t *data);
-
-/**
- * @brief sets the event handler to the function supplied by the caller.
- *
- * The function call srtp_install_event_handler(func) sets the event
- * handler function to the value func. The value NULL is acceptable
- * as an argument; in this case, events will be ignored rather than
- * handled.
- *
- * @param func is a pointer to a fuction that takes an srtp_event_data_t
- * pointer as an argument and returns void. This function
- * will be used by libSRTP to handle events.
- */
-
-err_status_t
-srtp_install_event_handler(srtp_event_handler_func_t func);
-
-/**
- * @}
- */
-/* in host order, so outside the #if */
-#define SRTCP_E_BIT 0x80000000
-/* for byte-access */
-#define SRTCP_E_BYTE_BIT 0x80
-#define SRTCP_INDEX_MASK 0x7fffffff
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* SRTP_H */
diff --git a/include/srtp_priv.h b/include/srtp_priv.h
deleted file mode 100644
index 3bed757..0000000
--- a/include/srtp_priv.h
+++ /dev/null
@@ -1,263 +0,0 @@
-/*
- * srtp_priv.h
- *
- * private internal data structures and functions for libSRTP
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef SRTP_PRIV_H
-#define SRTP_PRIV_H
-
-#include "srtp.h"
-#include "rdbx.h"
-#include "rdb.h"
-#include "integers.h"
-
-/*
- * an srtp_hdr_t represents the srtp header
- *
- * in this implementation, an srtp_hdr_t is assumed to be 32-bit aligned
- *
- * (note that this definition follows that of RFC 1889 Appendix A, but
- * is not identical)
- */
-
-#ifndef WORDS_BIGENDIAN
-
-/*
- * srtp_hdr_t represents an RTP or SRTP header. The bit-fields in
- * this structure should be declared "unsigned int" instead of
- * "unsigned char", but doing so causes the MS compiler to not
- * fully pack the bit fields.
- */
-
-typedef struct {
- unsigned char cc:4; /* CSRC count */
- unsigned char x:1; /* header extension flag */
- unsigned char p:1; /* padding flag */
- unsigned char version:2; /* protocol version */
- unsigned char pt:7; /* payload type */
- unsigned char m:1; /* marker bit */
- uint16_t seq; /* sequence number */
- uint32_t ts; /* timestamp */
- uint32_t ssrc; /* synchronization source */
-} srtp_hdr_t;
-
-#else /* BIG_ENDIAN */
-
-typedef struct {
- unsigned char version:2; /* protocol version */
- unsigned char p:1; /* padding flag */
- unsigned char x:1; /* header extension flag */
- unsigned char cc:4; /* CSRC count */
- unsigned char m:1; /* marker bit */
- unsigned pt:7; /* payload type */
- uint16_t seq; /* sequence number */
- uint32_t ts; /* timestamp */
- uint32_t ssrc; /* synchronization source */
-} srtp_hdr_t;
-
-#endif
-
-typedef struct {
- uint16_t profile_specific; /* profile-specific info */
- uint16_t length; /* number of 32-bit words in extension */
-} srtp_hdr_xtnd_t;
-
-
-/*
- * srtcp_hdr_t represents a secure rtcp header
- *
- * in this implementation, an srtcp header is assumed to be 32-bit
- * alinged
- */
-
-#ifndef WORDS_BIGENDIAN
-
-typedef struct {
- unsigned char rc:5; /* reception report count */
- unsigned char p:1; /* padding flag */
- unsigned char version:2; /* protocol version */
- unsigned char pt:8; /* payload type */
- uint16_t len; /* length */
- uint32_t ssrc; /* synchronization source */
-} srtcp_hdr_t;
-
-typedef struct {
- unsigned int index:31; /* srtcp packet index in network order! */
- unsigned int e:1; /* encrypted? 1=yes */
- /* optional mikey/etc go here */
- /* and then the variable-length auth tag */
-} srtcp_trailer_t;
-
-
-#else /* BIG_ENDIAN */
-
-typedef struct {
- unsigned char version:2; /* protocol version */
- unsigned char p:1; /* padding flag */
- unsigned char rc:5; /* reception report count */
- unsigned char pt:8; /* payload type */
- uint16_t len; /* length */
- uint32_t ssrc; /* synchronization source */
-} srtcp_hdr_t;
-
-typedef struct {
- unsigned int version:2; /* protocol version */
- unsigned int p:1; /* padding flag */
- unsigned int count:5; /* varies by packet type */
- unsigned int pt:8; /* payload type */
- uint16_t length; /* len of uint32s of packet less header */
-} rtcp_common_t;
-
-typedef struct {
- unsigned int e:1; /* encrypted? 1=yes */
- unsigned int index:31; /* srtcp packet index */
- /* optional mikey/etc go here */
- /* and then the variable-length auth tag */
-} srtcp_trailer_t;
-
-#endif
-
-
-/*
- * the following declarations are libSRTP internal functions
- */
-
-/*
- * srtp_get_stream(ssrc) returns a pointer to the stream corresponding
- * to ssrc, or NULL if no stream exists for that ssrc
- */
-
-srtp_stream_t
-srtp_get_stream(srtp_t srtp, uint32_t ssrc);
-
-
-/*
- * srtp_stream_init_keys(s, k) (re)initializes the srtp_stream_t s by
- * deriving all of the needed keys using the KDF and the key k.
- */
-
-
-err_status_t
-srtp_stream_init_keys(srtp_stream_t srtp, const void *key);
-
-/*
- * srtp_stream_init(s, p) initializes the srtp_stream_t s to
- * use the policy at the location p
- */
-err_status_t
-srtp_stream_init(srtp_stream_t srtp,
- const srtp_policy_t *p);
-
-
-/*
- * Uninitializes and Deallocates a stream.
- */
-err_status_t
-srtp_stream_uninit_and_dealloc(srtp_stream_t stream,
- srtp_stream_t stream_template);
-
-/*
- * libsrtp internal datatypes
- */
-
-typedef enum direction_t {
- dir_unknown = 0,
- dir_srtp_sender = 1,
- dir_srtp_receiver = 2
-} direction_t;
-
-/*
- * an srtp_stream_t has its own SSRC, encryption key, authentication
- * key, sequence number, and replay database
- *
- * note that the keys might not actually be unique, in which case the
- * cipher_t and auth_t pointers will point to the same structures
- */
-
-typedef struct srtp_stream_ctx_t {
- uint32_t ssrc;
- cipher_t *rtp_cipher;
- auth_t *rtp_auth;
- rdbx_t rtp_rdbx;
- sec_serv_t rtp_services;
- cipher_t *rtcp_cipher;
- auth_t *rtcp_auth;
- rdb_t rtcp_rdb;
- sec_serv_t rtcp_services;
- key_limit_ctx_t *limit;
- direction_t direction;
- int allow_repeat_tx;
- ekt_stream_t ekt;
- struct srtp_stream_ctx_t *next; /* linked list of streams */
-} srtp_stream_ctx_t;
-
-
-/*
- * an srtp_ctx_t holds a stream list and a service description
- */
-
-typedef struct srtp_ctx_t {
- srtp_stream_ctx_t *stream_list; /* linked list of streams */
- srtp_stream_ctx_t *stream_template; /* act as template for other streams */
-} srtp_ctx_t;
-
-
-
-/*
- * srtp_handle_event(srtp, srtm, evnt) calls the event handling
- * function, if there is one.
- *
- * This macro is not included in the documentation as it is
- * an internal-only function.
- */
-
-#define srtp_handle_event(srtp, strm, evnt) \
- if(srtp_event_handler) { \
- srtp_event_data_t data; \
- data.session = srtp; \
- data.stream = strm; \
- data.event = evnt; \
- srtp_event_handler(&data); \
-}
-
-
-#endif /* SRTP_PRIV_H */
diff --git a/include/ut_sim.h b/include/ut_sim.h
deleted file mode 100644
index c25feeb..0000000
--- a/include/ut_sim.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * ut-sim.h
- *
- * an unreliable transport simulator
- * (for testing replay databases and suchlike)
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-
-#ifndef UT_SIM_H
-#define UT_SIM_H
-
-#include "integers.h" /* for uint32_t */
-
-#define UT_BUF 160 /* maximum amount of packet reorder */
-
-typedef struct {
- uint32_t index;
- uint32_t buffer[UT_BUF];
-} ut_connection;
-
-/*
- * ut_init(&u) initializes the ut_connection
- *
- * this function should always be the first one called on a new
- * ut_connection
- */
-
-void
-ut_init(ut_connection *utc);
-
-/*
- * ut_next_index(&u) returns the next index from the simulated
- * unreliable connection
- */
-
-uint32_t
-ut_next_index(ut_connection *utc);
-
-
-#endif /* UT_SIM_H */
diff --git a/install-sh b/install-sh
deleted file mode 100755
index e9de238..0000000
--- a/install-sh
+++ /dev/null
@@ -1,251 +0,0 @@
-#!/bin/sh
-#
-# install - install a program, script, or datafile
-# This comes from X11R5 (mit/util/scripts/install.sh).
-#
-# Copyright 1991 by the Massachusetts Institute of Technology
-#
-# Permission to use, copy, modify, distribute, and sell this software and its
-# documentation for any purpose is hereby granted without fee, provided that
-# the above copyright notice appear in all copies and that both that
-# copyright notice and this permission notice appear in supporting
-# documentation, and that the name of M.I.T. not be used in advertising or
-# publicity pertaining to distribution of the software without specific,
-# written prior permission. M.I.T. makes no representations about the
-# suitability of this software for any purpose. It is provided "as is"
-# without express or implied warranty.
-#
-# Calling this script install-sh is preferred over install.sh, to prevent
-# `make' implicit rules from creating a file called install from it
-# when there is no Makefile.
-#
-# This script is compatible with the BSD install script, but was written
-# from scratch. It can only install one file at a time, a restriction
-# shared with many OS's install programs.
-
-
-# set DOITPROG to echo to test this script
-
-# Don't use :- since 4.3BSD and earlier shells don't like it.
-doit="${DOITPROG-}"
-
-
-# put in absolute paths if you don't have them in your path; or use env. vars.
-
-mvprog="${MVPROG-mv}"
-cpprog="${CPPROG-cp}"
-chmodprog="${CHMODPROG-chmod}"
-chownprog="${CHOWNPROG-chown}"
-chgrpprog="${CHGRPPROG-chgrp}"
-stripprog="${STRIPPROG-strip}"
-rmprog="${RMPROG-rm}"
-mkdirprog="${MKDIRPROG-mkdir}"
-
-transformbasename=""
-transform_arg=""
-instcmd="$mvprog"
-chmodcmd="$chmodprog 0755"
-chowncmd=""
-chgrpcmd=""
-stripcmd=""
-rmcmd="$rmprog -f"
-mvcmd="$mvprog"
-src=""
-dst=""
-dir_arg=""
-
-while [ x"$1" != x ]; do
- case $1 in
- -c) instcmd="$cpprog"
- shift
- continue;;
-
- -d) dir_arg=true
- shift
- continue;;
-
- -m) chmodcmd="$chmodprog $2"
- shift
- shift
- continue;;
-
- -o) chowncmd="$chownprog $2"
- shift
- shift
- continue;;
-
- -g) chgrpcmd="$chgrpprog $2"
- shift
- shift
- continue;;
-
- -s) stripcmd="$stripprog"
- shift
- continue;;
-
- -t=*) transformarg=`echo $1 | sed 's/-t=//'`
- shift
- continue;;
-
- -b=*) transformbasename=`echo $1 | sed 's/-b=//'`
- shift
- continue;;
-
- *) if [ x"$src" = x ]
- then
- src=$1
- else
- # this colon is to work around a 386BSD /bin/sh bug
- :
- dst=$1
- fi
- shift
- continue;;
- esac
-done
-
-if [ x"$src" = x ]
-then
- echo "install: no input file specified"
- exit 1
-else
- true
-fi
-
-if [ x"$dir_arg" != x ]; then
- dst=$src
- src=""
-
- if [ -d $dst ]; then
- instcmd=:
- chmodcmd=""
- else
- instcmd=mkdir
- fi
-else
-
-# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
-# might cause directories to be created, which would be especially bad
-# if $src (and thus $dsttmp) contains '*'.
-
- if [ -f $src -o -d $src ]
- then
- true
- else
- echo "install: $src does not exist"
- exit 1
- fi
-
- if [ x"$dst" = x ]
- then
- echo "install: no destination specified"
- exit 1
- else
- true
- fi
-
-# If destination is a directory, append the input filename; if your system
-# does not like double slashes in filenames, you may need to add some logic
-
- if [ -d $dst ]
- then
- dst="$dst"/`basename $src`
- else
- true
- fi
-fi
-
-## this sed command emulates the dirname command
-dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
-
-# Make sure that the destination directory exists.
-# this part is taken from Noah Friedman's mkinstalldirs script
-
-# Skip lots of stat calls in the usual case.
-if [ ! -d "$dstdir" ]; then
-defaultIFS='
-'
-IFS="${IFS-${defaultIFS}}"
-
-oIFS="${IFS}"
-# Some sh's can't handle IFS=/ for some reason.
-IFS='%'
-set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
-IFS="${oIFS}"
-
-pathcomp=''
-
-while [ $# -ne 0 ] ; do
- pathcomp="${pathcomp}${1}"
- shift
-
- if [ ! -d "${pathcomp}" ] ;
- then
- $mkdirprog "${pathcomp}"
- else
- true
- fi
-
- pathcomp="${pathcomp}/"
-done
-fi
-
-if [ x"$dir_arg" != x ]
-then
- $doit $instcmd $dst &&
-
- if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
- if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
- if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
- if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
-else
-
-# If we're going to rename the final executable, determine the name now.
-
- if [ x"$transformarg" = x ]
- then
- dstfile=`basename $dst`
- else
- dstfile=`basename $dst $transformbasename |
- sed $transformarg`$transformbasename
- fi
-
-# don't allow the sed command to completely eliminate the filename
-
- if [ x"$dstfile" = x ]
- then
- dstfile=`basename $dst`
- else
- true
- fi
-
-# Make a temp file name in the proper directory.
-
- dsttmp=$dstdir/#inst.$$#
-
-# Move or copy the file name to the temp name
-
- $doit $instcmd $src $dsttmp &&
-
- trap "rm -f ${dsttmp}" 0 &&
-
-# and set any options; do chmod last to preserve setuid bits
-
-# If any of these fail, we abort the whole thing. If we want to
-# ignore errors from any of these, just make sure not to ignore
-# errors from the above "$doit $instcmd $src $dsttmp" command.
-
- if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
- if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
- if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
- if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
-
-# Now rename the file to the real destination.
-
- $doit $rmcmd -f $dstdir/$dstfile &&
- $doit $mvcmd $dsttmp $dstdir/$dstfile
-
-fi &&
-
-
-exit 0
diff --git a/srtp.def b/srtp.def
deleted file mode 100644
index 6fc94da..0000000
--- a/srtp.def
+++ /dev/null
@@ -1,91 +0,0 @@
-EXPORTS
-srtp_init
-srtp_protect
-srtp_unprotect
-srtp_create
-srtp_add_stream
-srtp_remove_stream
-crypto_policy_set_rtp_default
-crypto_policy_set_rtcp_default
-crypto_policy_set_aes_cm_128_hmac_sha1_32
-crypto_policy_set_aes_cm_128_null_auth
-crypto_policy_set_null_cipher_hmac_sha1_80
-srtp_dealloc
-srtp_get_stream
-srtp_protect_rtcp
-srtp_unprotect_rtcp
-srtp_install_event_handler
-crypto_kernel_init
-crypto_kernel_shutdown
-crypto_kernel_status
-crypto_kernel_list_debug_modules
-crypto_kernel_load_cipher_type
-crypto_kernel_load_auth_type
-crypto_kernel_load_debug_module
-crypto_kernel_alloc_cipher
-crypto_kernel_alloc_auth
-crypto_kernel_set_debug_module
-crypto_get_random
-rand_source_init
-rand_source_get_octet_string
-rand_source_deinit
-x917_prng_init
-x917_prng_get_octet_string
-ctr_prng_init
-ctr_prng_get_octet_string
-cipher_output
-cipher_get_key_length
-cipher_type_self_test
-cipher_bits_per_second
-auth_get_key_length
-auth_get_tag_length
-auth_get_prefix_length
-auth_type_self_test
-auth_type_get_ref_count
-stat_test_monobit
-stat_test_poker
-stat_test_runs
-stat_test_rand_source
-stat_test_rand_source_with_repetition
-err_reporting_init
-err_report
-key_limit_set
-key_limit_clone
-key_limit_check
-key_limit_update
-rdbx_init
-rdbx_estimate_index
-rdbx_check
-rdbx_add_index
-index_init
-index_advance
-index_guess
-octet_get_weight
-octet_string_hex_string
-v128_bit_string
-v128_hex_string
-nibble_to_hex_char
-hex_string_to_octet_string
-v128_copy_octet_string
-v128_left_shift
-v128_right_shift
-octet_string_is_eq
-octet_string_set_to_zero
-rdb_init
-rdb_check
-rdb_add_index
-rdb_increment
-rdb_get_value
-aes_expand_encryption_key
-aes_expand_decryption_key
-aes_encrypt
-aes_decrypt
-aes_icm_context_init
-aes_icm_set_iv
-aes_icm_encrypt
-aes_icm_output
-aes_icm_dealloc
-aes_icm_encrypt_ismacryp
-aes_icm_alloc_ismacryp
-crypto_alloc
-crypto_free
diff --git a/srtp.vcproj b/srtp.vcproj
deleted file mode 100644
index d781746..0000000
--- a/srtp.vcproj
+++ /dev/null
@@ -1,588 +0,0 @@
-<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="8.00"
- Name="srtp"
- ProjectGUID="{EEF031CB-FED8-451E-A471-91EC8D4F6750}"
- RootNamespace="srtp"
- Keyword="Win32Proj"
- >
- <Platforms>
- <Platform
- Name="Win32"
- />
- </Platforms>
- <ToolFiles>
- </ToolFiles>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="4"
- CharacterSet="1"
- >
- <Tool
- Name="VCPreBuildEventTool"
- Description="Creating config.h from config.hw"
- CommandLine="copy /Y "$(InputDir)config.hw" "$(InputDir)crypto\include\config.h" > NUL"
- />
- <Tool
- Name="VCCustomBuildTool"
- Description=""
- CommandLine=""
- Outputs=""
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- AdditionalIncludeDirectories="crypto/include;include"
- PreprocessorDefinitions="WIN32;_DEBUG;_LIB;HAVE_CONFIG_H"
- MinimalRebuild="true"
- BasicRuntimeChecks="3"
- RuntimeLibrary="1"
- StructMemberAlignment="0"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="4"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLibrarianTool"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="4"
- CharacterSet="1"
- WholeProgramOptimization="1"
- >
- <Tool
- Name="VCPreBuildEventTool"
- Description="Creating config.h from config.hw"
- CommandLine="copy /Y "$(InputDir)config.hw" "$(InputDir)crypto\include\config.h" > NUL"
- />
- <Tool
- Name="VCCustomBuildTool"
- Description=""
- CommandLine=""
- Outputs=""
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories="crypto/include;include"
- PreprocessorDefinitions="WIN32;NDEBUG;_LIB;HAVE_CONFIG_H"
- RuntimeLibrary="0"
- StructMemberAlignment="0"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="3"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLibrarianTool"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- <Configuration
- Name="Debug Dll|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="2"
- CharacterSet="1"
- >
- <Tool
- Name="VCPreBuildEventTool"
- Description="Creating config.h from config.hw"
- CommandLine="copy /Y "$(InputDir)config.hw" "$(InputDir)crypto\include\config.h" > NUL"
- />
- <Tool
- Name="VCCustomBuildTool"
- Description=""
- CommandLine=""
- Outputs=""
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- EnableIntrinsicFunctions="true"
- AdditionalIncludeDirectories="crypto/include;include"
- PreprocessorDefinitions="WIN32;_DEBUG;_LIB;HAVE_CONFIG_H"
- MinimalRebuild="true"
- BasicRuntimeChecks="3"
- RuntimeLibrary="3"
- StructMemberAlignment="0"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="4"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="Ws2_32.lib"
- ModuleDefinitionFile="srtp.def"
- OptimizeReferences="1"
- EnableCOMDATFolding="1"
- OptimizeForWindows98="1"
- LinkTimeCodeGeneration="0"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- <Configuration
- Name="Release Dll|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="2"
- CharacterSet="1"
- WholeProgramOptimization="1"
- >
- <Tool
- Name="VCPreBuildEventTool"
- Description="Creating config.h from config.hw"
- CommandLine="copy /Y "$(InputDir)config.hw" "$(InputDir)crypto\include\config.h" > NUL"
- />
- <Tool
- Name="VCCustomBuildTool"
- Description=""
- CommandLine=""
- Outputs=""
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories="crypto/include;include"
- PreprocessorDefinitions="WIN32;NDEBUG;_LIB;HAVE_CONFIG_H"
- RuntimeLibrary="2"
- StructMemberAlignment="0"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="3"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="Ws2_32.lib"
- ModuleDefinitionFile="srtp.def"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- </Configurations>
- <References>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
- >
- <File
- RelativePath=".\srtp\ekt.c"
- >
- </File>
- <File
- RelativePath=".\srtp\srtp.c"
- >
- </File>
- <Filter
- Name="Kernel"
- >
- <File
- RelativePath=".\crypto\kernel\alloc.c"
- >
- </File>
- <File
- RelativePath=".\crypto\kernel\crypto_kernel.c"
- >
- </File>
- <File
- RelativePath=".\crypto\rng\ctr_prng.c"
- >
- </File>
- <File
- RelativePath=".\crypto\kernel\err.c"
- >
- </File>
- <File
- RelativePath=".\crypto\kernel\key.c"
- >
- </File>
- <File
- RelativePath=".\crypto\rng\prng.c"
- >
- </File>
- <File
- RelativePath=".\crypto\rng\rand_source.c"
- >
- </File>
- </Filter>
- <Filter
- Name="Ciphers"
- >
- <File
- RelativePath=".\crypto\cipher\aes.c"
- >
- <FileConfiguration
- Name="Debug Dll|Win32"
- >
- <Tool
- Name="VCCLCompilerTool"
- InlineFunctionExpansion="0"
- EnableIntrinsicFunctions="false"
- EnableFunctionLevelLinking="false"
- />
- </FileConfiguration>
- </File>
- <File
- RelativePath=".\crypto\cipher\aes_cbc.c"
- >
- </File>
- <File
- RelativePath=".\crypto\cipher\aes_icm.c"
- >
- </File>
- <File
- RelativePath=".\crypto\cipher\cipher.c"
- >
- </File>
- <File
- RelativePath=".\crypto\cipher\null_cipher.c"
- >
- </File>
- </Filter>
- <Filter
- Name="Hashes"
- >
- <File
- RelativePath=".\crypto\hash\auth.c"
- >
- </File>
- <File
- RelativePath=".\crypto\hash\hmac.c"
- >
- </File>
- <File
- RelativePath=".\crypto\hash\null_auth.c"
- >
- </File>
- <File
- RelativePath=".\crypto\hash\sha1.c"
- >
- </File>
- </Filter>
- <Filter
- Name="Replay"
- >
- <File
- RelativePath=".\crypto\replay\rdb.c"
- >
- </File>
- <File
- RelativePath=".\crypto\replay\rdbx.c"
- >
- </File>
- <File
- RelativePath=".\crypto\replay\ut_sim.c"
- >
- </File>
- </Filter>
- <Filter
- Name="Math"
- >
- <File
- RelativePath=".\crypto\math\datatypes.c"
- >
- </File>
- <File
- RelativePath=".\crypto\math\stat.c"
- >
- </File>
- </Filter>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
- >
- <File
- RelativePath=".\crypto\include\aes.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\aes_cbc.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\aes_icm.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\alloc.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\auth.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\cipher.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\config.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\crypto.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\crypto_kernel.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\crypto_types.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\cryptoalg.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\datatypes.h"
- >
- </File>
- <File
- RelativePath=".\include\ekt.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\err.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\gf2_8.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\hmac.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\integers.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\key.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\null_auth.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\null_cipher.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\prng.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\rand_source.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\rdb.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\rdbx.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\sha1.h"
- >
- </File>
- <File
- RelativePath=".\include\srtp.h"
- >
- </File>
- <File
- RelativePath=".\include\srtp_priv.h"
- >
- </File>
- <File
- RelativePath=".\crypto\include\stat.h"
- >
- </File>
- <File
- RelativePath=".\include\ut_sim.h"
- >
- </File>
- </Filter>
- <Filter
- Name="Resource Files"
- Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
- UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
- >
- </Filter>
- <File
- RelativePath=".\config.hw"
- >
- </File>
- <File
- RelativePath=".\srtp.def"
- >
- </File>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/srtp/ekt.c b/srtp/ekt.c
deleted file mode 100644
index 4f81f59..0000000
--- a/srtp/ekt.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/*
- * ekt.c
- *
- * Encrypted Key Transport for SRTP
- *
- * David McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "err.h"
-#include "srtp_priv.h"
-#include "ekt.h"
-
-extern debug_module_t mod_srtp;
-
-/*
- * The EKT Authentication Tag format.
- *
- * 0 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * : Base Authentication Tag :
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * : Encrypted Master Key :
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Rollover Counter |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Initial Sequence Number | Security Parameter Index |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- */
-
-#define EKT_OCTETS_AFTER_BASE_TAG 24
-#define EKT_OCTETS_AFTER_EMK 8
-#define EKT_OCTETS_AFTER_ROC 4
-#define EKT_SPI_LEN 2
-
-unsigned
-ekt_octets_after_base_tag(ekt_stream_t ekt) {
- /*
- * if the pointer ekt is NULL, then EKT is not in effect, so we
- * indicate this by returning zero
- */
- if (!ekt)
- return 0;
-
- switch(ekt->data->ekt_cipher_type) {
- case EKT_CIPHER_AES_128_ECB:
- return 16 + EKT_OCTETS_AFTER_EMK;
- break;
- default:
- break;
- }
- return 0;
-}
-
-static inline ekt_spi_t
-srtcp_packet_get_ekt_spi(const uint8_t *packet_start, unsigned pkt_octet_len) {
- const uint8_t *spi_location;
-
- spi_location = packet_start + (pkt_octet_len - EKT_SPI_LEN);
-
- return *((const ekt_spi_t *)spi_location);
-}
-
-static inline uint32_t
-srtcp_packet_get_ekt_roc(const uint8_t *packet_start, unsigned pkt_octet_len) {
- const uint8_t *roc_location;
-
- roc_location = packet_start + (pkt_octet_len - EKT_OCTETS_AFTER_ROC);
-
- return *((const uint32_t *)roc_location);
-}
-
-static inline const uint8_t *
-srtcp_packet_get_emk_location(const uint8_t *packet_start,
- unsigned pkt_octet_len) {
- const uint8_t *location;
-
- location = packet_start + (pkt_octet_len - EKT_OCTETS_AFTER_BASE_TAG);
-
- return location;
-}
-
-
-err_status_t
-ekt_alloc(ekt_stream_t *stream_data, ekt_policy_t policy) {
-
- /*
- * if the policy pointer is NULL, then EKT is not in use
- * so we just set the EKT stream data pointer to NULL
- */
- if (!policy) {
- *stream_data = NULL;
- return err_status_ok;
- }
-
- /* TODO */
- *stream_data = NULL;
-
- return err_status_ok;
-}
-
-err_status_t
-ekt_stream_init_from_policy(ekt_stream_t stream_data, ekt_policy_t policy) {
- if (!stream_data)
- return err_status_ok;
-
- return err_status_ok;
-}
-
-
-void
-aes_decrypt_with_raw_key(void *ciphertext, const void *key) {
- aes_expanded_key_t expanded_key;
-
- aes_expand_decryption_key(key, expanded_key);
- aes_decrypt(ciphertext, expanded_key);
-}
-
-/*
- * The function srtp_stream_init_from_ekt() initializes a stream using
- * the EKT data from an SRTCP trailer.
- */
-
-err_status_t
-srtp_stream_init_from_ekt(srtp_stream_t stream,
- const void *srtcp_hdr,
- unsigned pkt_octet_len) {
- err_status_t err;
- const uint8_t *master_key;
- srtp_policy_t srtp_policy;
- unsigned master_key_len;
- uint32_t roc;
-
- /*
- * NOTE: at present, we only support a single ekt_policy at a time.
- */
- if (stream->ekt->data->spi !=
- srtcp_packet_get_ekt_spi(srtcp_hdr, pkt_octet_len))
- return err_status_no_ctx;
-
- if (stream->ekt->data->ekt_cipher_type != EKT_CIPHER_AES_128_ECB)
- return err_status_bad_param;
- master_key_len = 16;
-
- /* decrypt the Encrypted Master Key field */
- master_key = srtcp_packet_get_emk_location(srtcp_hdr, pkt_octet_len);
- aes_decrypt_with_raw_key((void*)master_key, stream->ekt->data->ekt_dec_key);
-
- /* set the SRTP ROC */
- roc = srtcp_packet_get_ekt_roc(srtcp_hdr, pkt_octet_len);
- err = rdbx_set_roc(&stream->rtp_rdbx, roc);
- if (err) return err;
-
- err = srtp_stream_init(stream, &srtp_policy);
- if (err) return err;
-
- return err_status_ok;
-}
-
-void
-ekt_write_data(ekt_stream_t ekt,
- void *base_tag,
- unsigned base_tag_len,
- int *packet_len,
- xtd_seq_num_t pkt_index) {
- uint32_t roc;
- uint16_t isn;
- unsigned emk_len;
- uint8_t *packet;
-
- /* if the pointer ekt is NULL, then EKT is not in effect */
- if (!ekt) {
- debug_print(mod_srtp, "EKT not in use", NULL);
- return;
- }
-
- /* write zeros into the location of the base tag */
- octet_string_set_to_zero(base_tag, base_tag_len);
- packet = (uint8_t*)base_tag + base_tag_len;
-
- /* copy encrypted master key into packet */
- emk_len = ekt_octets_after_base_tag(ekt);
- memcpy(packet, ekt->encrypted_master_key, emk_len);
- debug_print(mod_srtp, "writing EKT EMK: %s,",
- octet_string_hex_string(packet, emk_len));
- packet += emk_len;
-
- /* copy ROC into packet */
- roc = (uint32_t)(pkt_index >> 16);
- *((uint32_t *)packet) = be32_to_cpu(roc);
- debug_print(mod_srtp, "writing EKT ROC: %s,",
- octet_string_hex_string(packet, sizeof(roc)));
- packet += sizeof(roc);
-
- /* copy ISN into packet */
- isn = (uint16_t)pkt_index;
- *((uint16_t *)packet) = htons(isn);
- debug_print(mod_srtp, "writing EKT ISN: %s,",
- octet_string_hex_string(packet, sizeof(isn)));
- packet += sizeof(isn);
-
- /* copy SPI into packet */
- *((uint16_t *)packet) = htons(ekt->data->spi);
- debug_print(mod_srtp, "writing EKT SPI: %s,",
- octet_string_hex_string(packet, sizeof(ekt->data->spi)));
-
- /* increase packet length appropriately */
- *packet_len += EKT_OCTETS_AFTER_EMK + emk_len;
-}
-
-
-/*
- * The function call srtcp_ekt_trailer(ekt, auth_len, auth_tag )
- *
- * If the pointer ekt is NULL, then the other inputs are unaffected.
- *
- * auth_tag is a pointer to the pointer to the location of the
- * authentication tag in the packet. If EKT is in effect, then the
- * auth_tag pointer is set to the location
- */
-
-void
-srtcp_ekt_trailer(ekt_stream_t ekt,
- unsigned *auth_len,
- void **auth_tag,
- void *tag_copy) {
-
- /*
- * if there is no EKT policy, then the other inputs are unaffected
- */
- if (!ekt)
- return;
-
- /* copy auth_tag into temporary location */
-
-}
-
diff --git a/srtp/srtp.c b/srtp/srtp.c
deleted file mode 100644
index 314c3e4..0000000
--- a/srtp/srtp.c
+++ /dev/null
@@ -1,1986 +0,0 @@
-/*
- * srtp.c
- *
- * the secure real-time transport protocol
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "srtp.h"
-#include "ekt.h" /* for SRTP Encrypted Key Transport */
-#include "aes_icm.h" /* aes_icm is used in the KDF */
-#include "alloc.h" /* for crypto_alloc() */
-
-#ifndef SRTP_KERNEL
-# include <limits.h>
-# ifdef HAVE_NETINET_IN_H
-# include <netinet/in.h>
-# elif defined(HAVE_WINSOCK2_H)
-# include <winsock2.h>
-# endif
-#endif /* ! SRTP_KERNEL */
-
-
-extern cipher_type_t aes_icm;
-extern auth_type_t tmmhv2;
-
-/* the debug module for srtp */
-
-debug_module_t mod_srtp = {
- 0, /* debugging is off by default */
- "srtp" /* printable name for module */
-};
-
-#define octets_in_rtp_header 12
-#define uint32s_in_rtp_header 3
-#define octets_in_rtcp_header 8
-#define uint32s_in_rtcp_header 2
-
-
-err_status_t
-srtp_stream_alloc(srtp_stream_ctx_t **str_ptr,
- const srtp_policy_t *p) {
- srtp_stream_ctx_t *str;
- err_status_t stat;
-
- /*
- * This function allocates the stream context, rtp and rtcp ciphers
- * and auth functions, and key limit structure. If there is a
- * failure during allocation, we free all previously allocated
- * memory and return a failure code. The code could probably
- * be improved, but it works and should be clear.
- */
-
- /* allocate srtp stream and set str_ptr */
- str = (srtp_stream_ctx_t *) crypto_alloc(sizeof(srtp_stream_ctx_t));
- if (str == NULL)
- return err_status_alloc_fail;
- *str_ptr = str;
-
- /* allocate cipher */
- stat = crypto_kernel_alloc_cipher(p->rtp.cipher_type,
- &str->rtp_cipher,
- p->rtp.cipher_key_len);
- if (stat) {
- goto err_rtp_cipher_alloc;
- }
-
- /* allocate auth function */
- stat = crypto_kernel_alloc_auth(p->rtp.auth_type,
- &str->rtp_auth,
- p->rtp.auth_key_len,
- p->rtp.auth_tag_len);
-
- if (stat) {
- goto err_rtp_auth_alloc;
- }
-
- /* allocate key limit structure */
- str->limit = (key_limit_ctx_t*) crypto_alloc(sizeof(key_limit_ctx_t));
- if (str->limit == NULL) {
- stat = err_status_alloc_fail;
- goto err_limit_alloc;
- }
-
- /*
- * ...and now the RTCP-specific initialization - first, allocate
- * the cipher
- */
- stat = crypto_kernel_alloc_cipher(p->rtcp.cipher_type,
- &str->rtcp_cipher,
- p->rtcp.cipher_key_len);
- if (stat) {
- goto err_rtcp_cipher_alloc;
- }
-
- /* allocate auth function */
- stat = crypto_kernel_alloc_auth(p->rtcp.auth_type,
- &str->rtcp_auth,
- p->rtcp.auth_key_len,
- p->rtcp.auth_tag_len);
- if (stat) {
- goto err_rtcp_auth_alloc;
- }
-
- /* allocate ekt data associated with stream */
- stat = ekt_alloc(&str->ekt, p->ekt);
- if (stat) {
- goto err_ekt_alloc;
- }
-
- return err_status_ok;
-
-err_ekt_alloc:
- auth_dealloc(str->rtcp_auth);
-err_rtcp_auth_alloc:
- cipher_dealloc(str->rtcp_cipher);
-err_rtcp_cipher_alloc:
- crypto_free(str->limit);
-err_limit_alloc:
- auth_dealloc(str->rtp_auth);
-err_rtp_auth_alloc:
- cipher_dealloc(str->rtp_cipher);
-err_rtp_cipher_alloc:
- crypto_free(str);
- return stat;
-}
-
-err_status_t
-srtp_stream_dealloc(srtp_stream_ctx_t *stream,
- srtp_stream_ctx_t *stream_template) {
- err_status_t status;
-
- /*
- * we use a conservative deallocation strategy - if any deallocation
- * fails, then we report that fact without trying to deallocate
- * anything else
- */
-
- /* deallocate cipher, if it is not the same as that in template */
- if (!stream_template || stream->rtp_cipher != stream_template->rtp_cipher) {
- status = cipher_dealloc(stream->rtp_cipher);
- if (status)
- return status;
- }
-
- /* deallocate auth function, if it is not the same as that in template */
- if (!stream_template || stream->rtp_auth != stream_template->rtp_auth) {
- status = auth_dealloc(stream->rtp_auth);
- if (status)
- return status;
- }
-
- /* deallocate key usage limit, if it is not the same as that in template */
- if (!stream_template || stream->limit != stream_template->limit) {
- crypto_free(stream->limit);
- }
-
- /*
- * deallocate rtcp cipher, if it is not the same as that in
- * template
- */
- if (!stream_template || stream->rtcp_cipher != stream_template->rtcp_cipher) {
- status = cipher_dealloc(stream->rtcp_cipher);
- if (status)
- return status;
- }
-
- /*
- * deallocate rtcp auth function, if it is not the same as that in
- * template
- */
- if (!stream_template || stream->rtcp_auth != stream_template->rtcp_auth) {
- status = auth_dealloc(stream->rtcp_auth);
- if (status)
- return status;
- }
-
- /* DAM - need to deallocate EKT here */
-
- /* deallocate srtp stream context */
- crypto_free(stream);
-
- return err_status_ok;
-}
-
-
-/*
- * srtp_stream_clone(stream_template, new) allocates a new stream and
- * initializes it using the cipher and auth of the stream_template
- *
- * the only unique data in a cloned stream is the replay database and
- * the SSRC
- */
-
-err_status_t
-srtp_stream_clone(const srtp_stream_ctx_t *stream_template,
- uint32_t ssrc,
- srtp_stream_ctx_t **str_ptr) {
- err_status_t status;
- srtp_stream_ctx_t *str;
-
- debug_print(mod_srtp, "cloning stream (SSRC: 0x%08x)", ssrc);
-
- /* allocate srtp stream and set str_ptr */
- str = (srtp_stream_ctx_t *) crypto_alloc(sizeof(srtp_stream_ctx_t));
- if (str == NULL)
- return err_status_alloc_fail;
- *str_ptr = str;
-
- /* set cipher and auth pointers to those of the template */
- str->rtp_cipher = stream_template->rtp_cipher;
- str->rtp_auth = stream_template->rtp_auth;
- str->rtcp_cipher = stream_template->rtcp_cipher;
- str->rtcp_auth = stream_template->rtcp_auth;
-
- /* set key limit to point to that of the template */
- status = key_limit_clone(stream_template->limit, &str->limit);
- if (status)
- return status;
-
- /* initialize replay databases */
- status = rdbx_init(&str->rtp_rdbx,
- rdbx_get_window_size(&stream_template->rtp_rdbx));
- if (status)
- return status;
- rdb_init(&str->rtcp_rdb);
- str->allow_repeat_tx = stream_template->allow_repeat_tx;
-
- /* set ssrc to that provided */
- str->ssrc = ssrc;
-
- /* set direction and security services */
- str->direction = stream_template->direction;
- str->rtp_services = stream_template->rtp_services;
- str->rtcp_services = stream_template->rtcp_services;
-
- /* set pointer to EKT data associated with stream */
- str->ekt = stream_template->ekt;
-
- /* defensive coding */
- str->next = NULL;
-
- return err_status_ok;
-}
-
-
-/*
- * key derivation functions, internal to libSRTP
- *
- * srtp_kdf_t is a key derivation context
- *
- * srtp_kdf_init(&kdf, k) initializes kdf with the key k
- *
- * srtp_kdf_generate(&kdf, l, kl, keylen) derives the key
- * corresponding to label l and puts it into kl; the length
- * of the key in octets is provided as keylen. this function
- * should be called once for each subkey that is derived.
- *
- * srtp_kdf_clear(&kdf) zeroizes the kdf state
- */
-
-typedef enum {
- label_rtp_encryption = 0x00,
- label_rtp_msg_auth = 0x01,
- label_rtp_salt = 0x02,
- label_rtcp_encryption = 0x03,
- label_rtcp_msg_auth = 0x04,
- label_rtcp_salt = 0x05
-} srtp_prf_label;
-
-
-/*
- * srtp_kdf_t represents a key derivation function. The SRTP
- * default KDF is the only one implemented at present.
- */
-
-typedef struct {
- aes_icm_ctx_t c; /* cipher used for key derivation */
-} srtp_kdf_t;
-
-err_status_t
-srtp_kdf_init(srtp_kdf_t *kdf, const uint8_t key[30]) {
-
- aes_icm_context_init(&kdf->c, key);
-
- return err_status_ok;
-}
-
-err_status_t
-srtp_kdf_generate(srtp_kdf_t *kdf, srtp_prf_label label,
- uint8_t *key, int length) {
-
- v128_t nonce;
-
- /* set eigth octet of nonce to <label>, set the rest of it to zero */
- v128_set_to_zero(&nonce);
- nonce.v8[7] = label;
-
- aes_icm_set_iv(&kdf->c, &nonce);
-
- /* generate keystream output */
- aes_icm_output(&kdf->c, key, length);
-
- return err_status_ok;
-}
-
-err_status_t
-srtp_kdf_clear(srtp_kdf_t *kdf) {
-
- /* zeroize aes context */
- octet_string_set_to_zero((uint8_t *)kdf, sizeof(srtp_kdf_t));
-
- return err_status_ok;
-}
-
-/*
- * end of key derivation functions
- */
-
-#define MAX_SRTP_KEY_LEN 256
-
-
-err_status_t
-srtp_stream_init_keys(srtp_stream_ctx_t *srtp, const void *key) {
- err_status_t stat;
- srtp_kdf_t kdf;
- uint8_t tmp_key[MAX_SRTP_KEY_LEN];
-
- /* initialize KDF state */
- srtp_kdf_init(&kdf, (const uint8_t *)key);
-
- /* generate encryption key */
- srtp_kdf_generate(&kdf, label_rtp_encryption,
- tmp_key, cipher_get_key_length(srtp->rtp_cipher));
- /*
- * if the cipher in the srtp context is aes_icm, then we need
- * to generate the salt value
- */
- if (srtp->rtp_cipher->type == &aes_icm) {
- /* FIX!!! this is really the cipher key length; rest is salt */
- int base_key_len = 16;
- int salt_len = cipher_get_key_length(srtp->rtp_cipher) - base_key_len;
-
- debug_print(mod_srtp, "found aes_icm, generating salt", NULL);
-
- /* generate encryption salt, put after encryption key */
- srtp_kdf_generate(&kdf, label_rtp_salt,
- tmp_key + base_key_len, salt_len);
- }
- debug_print(mod_srtp, "cipher key: %s",
- octet_string_hex_string(tmp_key,
- cipher_get_key_length(srtp->rtp_cipher)));
-
- /* initialize cipher */
- stat = cipher_init(srtp->rtp_cipher, tmp_key, direction_any);
- if (stat) {
- /* zeroize temp buffer */
- octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
- return err_status_init_fail;
- }
-
- /* generate authentication key */
- srtp_kdf_generate(&kdf, label_rtp_msg_auth,
- tmp_key, auth_get_key_length(srtp->rtp_auth));
- debug_print(mod_srtp, "auth key: %s",
- octet_string_hex_string(tmp_key,
- auth_get_key_length(srtp->rtp_auth)));
-
- /* initialize auth function */
- stat = auth_init(srtp->rtp_auth, tmp_key);
- if (stat) {
- /* zeroize temp buffer */
- octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
- return err_status_init_fail;
- }
-
- /*
- * ...now initialize SRTCP keys
- */
-
- /* generate encryption key */
- srtp_kdf_generate(&kdf, label_rtcp_encryption,
- tmp_key, cipher_get_key_length(srtp->rtcp_cipher));
- /*
- * if the cipher in the srtp context is aes_icm, then we need
- * to generate the salt value
- */
- if (srtp->rtcp_cipher->type == &aes_icm) {
- /* FIX!!! this is really the cipher key length; rest is salt */
- int base_key_len = 16;
- int salt_len = cipher_get_key_length(srtp->rtcp_cipher) - base_key_len;
-
- debug_print(mod_srtp, "found aes_icm, generating rtcp salt", NULL);
-
- /* generate encryption salt, put after encryption key */
- srtp_kdf_generate(&kdf, label_rtcp_salt,
- tmp_key + base_key_len, salt_len);
- }
- debug_print(mod_srtp, "rtcp cipher key: %s",
- octet_string_hex_string(tmp_key,
- cipher_get_key_length(srtp->rtcp_cipher)));
-
- /* initialize cipher */
- stat = cipher_init(srtp->rtcp_cipher, tmp_key, direction_any);
- if (stat) {
- /* zeroize temp buffer */
- octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
- return err_status_init_fail;
- }
-
- /* generate authentication key */
- srtp_kdf_generate(&kdf, label_rtcp_msg_auth,
- tmp_key, auth_get_key_length(srtp->rtcp_auth));
- debug_print(mod_srtp, "rtcp auth key: %s",
- octet_string_hex_string(tmp_key,
- auth_get_key_length(srtp->rtcp_auth)));
-
- /* initialize auth function */
- stat = auth_init(srtp->rtcp_auth, tmp_key);
- if (stat) {
- /* zeroize temp buffer */
- octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
- return err_status_init_fail;
- }
-
- /* clear memory then return */
- srtp_kdf_clear(&kdf);
- octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
-
- return err_status_ok;
-}
-
-err_status_t
-srtp_stream_init(srtp_stream_ctx_t *srtp,
- const srtp_policy_t *p) {
- err_status_t err;
-
- debug_print(mod_srtp, "initializing stream (SSRC: 0x%08x)",
- p->ssrc.value);
-
- /* initialize replay database */
- err = rdbx_init(&srtp->rtp_rdbx, p->window_size);
- if (err) return err;
-
- /* initialize key limit to maximum value */
-#ifdef NO_64BIT_MATH
-{
- uint64_t temp;
- temp = make64(UINT_MAX,UINT_MAX);
- key_limit_set(srtp->limit, temp);
-}
-#else
- key_limit_set(srtp->limit, 0xffffffffffffLL);
-#endif
-
- /* set the SSRC value */
- srtp->ssrc = htonl(p->ssrc.value);
-
- /* set the security service flags */
- srtp->rtp_services = p->rtp.sec_serv;
- srtp->rtcp_services = p->rtcp.sec_serv;
-
- /*
- * set direction to unknown - this flag gets checked in srtp_protect(),
- * srtp_unprotect(), srtp_protect_rtcp(), and srtp_unprotect_rtcp(), and
- * gets set appropriately if it is set to unknown.
- */
- srtp->direction = dir_unknown;
-
- /* initialize SRTCP replay database */
- rdb_init(&srtp->rtcp_rdb);
-
- /* initialize allow_repeat_tx */
- srtp->allow_repeat_tx = p->allow_repeat_tx;
-
- /* DAM - no RTCP key limit at present */
-
- /* initialize keys */
- err = srtp_stream_init_keys(srtp, p->key);
- if (err) {
- rdbx_uninit(&srtp->rtp_rdbx);
- return err;
- }
-
- /*
- * if EKT is in use, then initialize the EKT data associated with
- * the stream
- */
- err = ekt_stream_init_from_policy(srtp->ekt, p->ekt);
- if (err) {
- rdbx_uninit(&srtp->rtp_rdbx);
- return err;
- }
-
- return err_status_ok;
-}
-
-err_status_t
-srtp_stream_uninit(srtp_stream_ctx_t *srtp) {
- return rdbx_uninit(&srtp->rtp_rdbx);
-}
-
-
- /*
- * srtp_event_reporter is an event handler function that merely
- * reports the events that are reported by the callbacks
- */
-
- void
- srtp_event_reporter(srtp_event_data_t *data) {
-
- err_report(err_level_warning, "srtp: in stream 0x%x: ",
- data->stream->ssrc);
-
- switch(data->event) {
- case event_ssrc_collision:
- err_report(err_level_warning, "\tSSRC collision\n");
- break;
- case event_key_soft_limit:
- err_report(err_level_warning, "\tkey usage soft limit reached\n");
- break;
- case event_key_hard_limit:
- err_report(err_level_warning, "\tkey usage hard limit reached\n");
- break;
- case event_packet_index_limit:
- err_report(err_level_warning, "\tpacket index limit reached\n");
- break;
- default:
- err_report(err_level_warning, "\tunknown event reported to handler\n");
- }
- }
-
- /*
- * srtp_event_handler is a global variable holding a pointer to the
- * event handler function; this function is called for any unexpected
- * event that needs to be handled out of the SRTP data path. see
- * srtp_event_t in srtp.h for more info
- *
- * it is okay to set srtp_event_handler to NULL, but we set
- * it to the srtp_event_reporter.
- */
-
- static srtp_event_handler_func_t *srtp_event_handler = srtp_event_reporter;
-
- err_status_t
- srtp_install_event_handler(srtp_event_handler_func_t func) {
-
- /*
- * note that we accept NULL arguments intentionally - calling this
- * function with a NULL arguments removes an event handler that's
- * been previously installed
- */
-
- /* set global event handling function */
- srtp_event_handler = func;
- return err_status_ok;
- }
-
- err_status_t
- srtp_protect(srtp_ctx_t *ctx, void *rtp_hdr, int *pkt_octet_len) {
- srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr;
- uint32_t *enc_start; /* pointer to start of encrypted portion */
- uint32_t *auth_start; /* pointer to start of auth. portion */
- unsigned enc_octet_len = 0; /* number of octets in encrypted portion */
- xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */
- int delta; /* delta of local pkt idx and that in hdr */
- uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
- err_status_t status;
- int tag_len;
- srtp_stream_ctx_t *stream;
- int prefix_len;
-
- debug_print(mod_srtp, "function srtp_protect", NULL);
-
- /* we assume the hdr is 32-bit aligned to start */
-
- /* check the packet length - it must at least contain a full header */
- if (*pkt_octet_len < octets_in_rtp_header)
- return err_status_bad_param;
-
- /*
- * look up ssrc in srtp_stream list, and process the packet with
- * the appropriate stream. if we haven't seen this stream before,
- * there's a template key for this srtp_session, and the cipher
- * supports key-sharing, then we assume that a new stream using
- * that key has just started up
- */
- stream = srtp_get_stream(ctx, hdr->ssrc);
- if (stream == NULL) {
- if (ctx->stream_template != NULL) {
- srtp_stream_ctx_t *new_stream;
-
- /* allocate and initialize a new stream */
- status = srtp_stream_clone(ctx->stream_template,
- hdr->ssrc, &new_stream);
- if (status)
- return status;
-
- /* add new stream to the head of the stream_list */
- new_stream->next = ctx->stream_list;
- ctx->stream_list = new_stream;
-
- /* set direction to outbound */
- new_stream->direction = dir_srtp_sender;
-
- /* set stream (the pointer used in this function) */
- stream = new_stream;
- } else {
- /* no template stream, so we return an error */
- return err_status_no_ctx;
- }
- }
-
- /*
- * verify that stream is for sending traffic - this check will
- * detect SSRC collisions, since a stream that appears in both
- * srtp_protect() and srtp_unprotect() will fail this test in one of
- * those functions.
- */
- if (stream->direction != dir_srtp_sender) {
- if (stream->direction == dir_unknown) {
- stream->direction = dir_srtp_sender;
- } else {
- srtp_handle_event(ctx, stream, event_ssrc_collision);
- }
- }
-
- /*
- * update the key usage limit, and check it to make sure that we
- * didn't just hit either the soft limit or the hard limit, and call
- * the event handler if we hit either.
- */
- switch(key_limit_update(stream->limit)) {
- case key_event_normal:
- break;
- case key_event_soft_limit:
- srtp_handle_event(ctx, stream, event_key_soft_limit);
- break;
- case key_event_hard_limit:
- srtp_handle_event(ctx, stream, event_key_hard_limit);
- return err_status_key_expired;
- default:
- break;
- }
-
- /* get tag length from stream */
- tag_len = auth_get_tag_length(stream->rtp_auth);
-
- /*
- * find starting point for encryption and length of data to be
- * encrypted - the encrypted portion starts after the rtp header
- * extension, if present; otherwise, it starts after the last csrc,
- * if any are present
- *
- * if we're not providing confidentiality, set enc_start to NULL
- */
- if (stream->rtp_services & sec_serv_conf) {
- enc_start = (uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc;
- if (hdr->x == 1) {
- srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
- enc_start += (ntohs(xtn_hdr->length) + 1);
- }
- enc_octet_len = (unsigned int)(*pkt_octet_len
- - ((enc_start - (uint32_t *)hdr) << 2));
- } else {
- enc_start = NULL;
- }
-
- /*
- * if we're providing authentication, set the auth_start and auth_tag
- * pointers to the proper locations; otherwise, set auth_start to NULL
- * to indicate that no authentication is needed
- */
- if (stream->rtp_services & sec_serv_auth) {
- auth_start = (uint32_t *)hdr;
- auth_tag = (uint8_t *)hdr + *pkt_octet_len;
- } else {
- auth_start = NULL;
- auth_tag = NULL;
- }
-
- /*
- * estimate the packet index using the start of the replay window
- * and the sequence number from the header
- */
- delta = rdbx_estimate_index(&stream->rtp_rdbx, &est, ntohs(hdr->seq));
- status = rdbx_check(&stream->rtp_rdbx, delta);
- if (status) {
- if (status != err_status_replay_fail || !stream->allow_repeat_tx)
- return status; /* we've been asked to reuse an index */
- }
- else
- rdbx_add_index(&stream->rtp_rdbx, delta);
-
-#ifdef NO_64BIT_MATH
- debug_print2(mod_srtp, "estimated packet index: %08x%08x",
- high32(est),low32(est));
-#else
- debug_print(mod_srtp, "estimated packet index: %016llx", est);
-#endif
-
- /*
- * if we're using rindael counter mode, set nonce and seq
- */
- if (stream->rtp_cipher->type == &aes_icm) {
- v128_t iv;
-
- iv.v32[0] = 0;
- iv.v32[1] = hdr->ssrc;
-#ifdef NO_64BIT_MATH
- iv.v64[1] = be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16),
- low32(est) << 16));
-#else
- iv.v64[1] = be64_to_cpu(est << 16);
-#endif
- status = cipher_set_iv(stream->rtp_cipher, &iv);
-
- } else {
- v128_t iv;
-
- /* otherwise, set the index to est */
-#ifdef NO_64BIT_MATH
- iv.v32[0] = 0;
- iv.v32[1] = 0;
-#else
- iv.v64[0] = 0;
-#endif
- iv.v64[1] = be64_to_cpu(est);
- status = cipher_set_iv(stream->rtp_cipher, &iv);
- }
- if (status)
- return err_status_cipher_fail;
-
- /* shift est, put into network byte order */
-#ifdef NO_64BIT_MATH
- est = be64_to_cpu(make64((high32(est) << 16) |
- (low32(est) >> 16),
- low32(est) << 16));
-#else
- est = be64_to_cpu(est << 16);
-#endif
-
- /*
- * if we're authenticating using a universal hash, put the keystream
- * prefix into the authentication tag
- */
- if (auth_start) {
-
- prefix_len = auth_get_prefix_length(stream->rtp_auth);
- if (prefix_len) {
- status = cipher_output(stream->rtp_cipher, auth_tag, prefix_len);
- if (status)
- return err_status_cipher_fail;
- debug_print(mod_srtp, "keystream prefix: %s",
- octet_string_hex_string(auth_tag, prefix_len));
- }
- }
-
- /* if we're encrypting, exor keystream into the message */
- if (enc_start) {
- status = cipher_encrypt(stream->rtp_cipher,
- (uint8_t *)enc_start, &enc_octet_len);
- if (status)
- return err_status_cipher_fail;
- }
-
- /*
- * if we're authenticating, run authentication function and put result
- * into the auth_tag
- */
- if (auth_start) {
-
- /* initialize auth func context */
- status = auth_start(stream->rtp_auth);
- if (status) return status;
-
- /* run auth func over packet */
- status = auth_update(stream->rtp_auth,
- (uint8_t *)auth_start, *pkt_octet_len);
- if (status) return status;
-
- /* run auth func over ROC, put result into auth_tag */
- debug_print(mod_srtp, "estimated packet index: %016llx", est);
- status = auth_compute(stream->rtp_auth, (uint8_t *)&est, 4, auth_tag);
- debug_print(mod_srtp, "srtp auth tag: %s",
- octet_string_hex_string(auth_tag, tag_len));
- if (status)
- return err_status_auth_fail;
-
- }
-
- if (auth_tag) {
-
- /* increase the packet length by the length of the auth tag */
- *pkt_octet_len += tag_len;
- }
-
- return err_status_ok;
-}
-
-
-err_status_t
-srtp_unprotect(srtp_ctx_t *ctx, void *srtp_hdr, int *pkt_octet_len) {
- srtp_hdr_t *hdr = (srtp_hdr_t *)srtp_hdr;
- uint32_t *enc_start; /* pointer to start of encrypted portion */
- uint32_t *auth_start; /* pointer to start of auth. portion */
- unsigned enc_octet_len = 0;/* number of octets in encrypted portion */
- uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
- xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */
- int delta; /* delta of local pkt idx and that in hdr */
- v128_t iv;
- err_status_t status;
- srtp_stream_ctx_t *stream;
- uint8_t tmp_tag[SRTP_MAX_TAG_LEN];
- int tag_len, prefix_len;
-
- debug_print(mod_srtp, "function srtp_unprotect", NULL);
-
- /* we assume the hdr is 32-bit aligned to start */
-
- /* check the packet length - it must at least contain a full header */
- if (*pkt_octet_len < octets_in_rtp_header)
- return err_status_bad_param;
-
- /*
- * look up ssrc in srtp_stream list, and process the packet with
- * the appropriate stream. if we haven't seen this stream before,
- * there's only one key for this srtp_session, and the cipher
- * supports key-sharing, then we assume that a new stream using
- * that key has just started up
- */
- stream = srtp_get_stream(ctx, hdr->ssrc);
- if (stream == NULL) {
- if (ctx->stream_template != NULL) {
- stream = ctx->stream_template;
- debug_print(mod_srtp, "using provisional stream (SSRC: 0x%08x)",
- hdr->ssrc);
-
- /*
- * set estimated packet index to sequence number from header,
- * and set delta equal to the same value
- */
-#ifdef NO_64BIT_MATH
- est = (xtd_seq_num_t) make64(0,ntohs(hdr->seq));
- delta = low32(est);
-#else
- est = (xtd_seq_num_t) ntohs(hdr->seq);
- delta = (int)est;
-#endif
- } else {
-
- /*
- * no stream corresponding to SSRC found, and we don't do
- * key-sharing, so return an error
- */
- return err_status_no_ctx;
- }
- } else {
-
- /* estimate packet index from seq. num. in header */
- delta = rdbx_estimate_index(&stream->rtp_rdbx, &est, ntohs(hdr->seq));
-
- /* check replay database */
- status = rdbx_check(&stream->rtp_rdbx, delta);
- if (status)
- return status;
- }
-
-#ifdef NO_64BIT_MATH
- debug_print2(mod_srtp, "estimated u_packet index: %08x%08x", high32(est),low32(est));
-#else
- debug_print(mod_srtp, "estimated u_packet index: %016llx", est);
-#endif
-
- /* get tag length from stream */
- tag_len = auth_get_tag_length(stream->rtp_auth);
-
- /*
- * set the cipher's IV properly, depending on whatever cipher we
- * happen to be using
- */
- if (stream->rtp_cipher->type == &aes_icm) {
-
- /* aes counter mode */
- iv.v32[0] = 0;
- iv.v32[1] = hdr->ssrc; /* still in network order */
-#ifdef NO_64BIT_MATH
- iv.v64[1] = be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16),
- low32(est) << 16));
-#else
- iv.v64[1] = be64_to_cpu(est << 16);
-#endif
- status = aes_icm_set_iv((aes_icm_ctx_t*)stream->rtp_cipher->state, &iv);
- } else {
-
- /* no particular format - set the iv to the pakcet index */
-#ifdef NO_64BIT_MATH
- iv.v32[0] = 0;
- iv.v32[1] = 0;
-#else
- iv.v64[0] = 0;
-#endif
- iv.v64[1] = be64_to_cpu(est);
- status = cipher_set_iv(stream->rtp_cipher, &iv);
- }
- if (status)
- return err_status_cipher_fail;
-
- /* shift est, put into network byte order */
-#ifdef NO_64BIT_MATH
- est = be64_to_cpu(make64((high32(est) << 16) |
- (low32(est) >> 16),
- low32(est) << 16));
-#else
- est = be64_to_cpu(est << 16);
-#endif
-
- /*
- * find starting point for decryption and length of data to be
- * decrypted - the encrypted portion starts after the rtp header
- * extension, if present; otherwise, it starts after the last csrc,
- * if any are present
- *
- * if we're not providing confidentiality, set enc_start to NULL
- */
- if (stream->rtp_services & sec_serv_conf) {
- enc_start = (uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc;
- if (hdr->x == 1) {
- srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
- enc_start += (ntohs(xtn_hdr->length) + 1);
- }
- enc_octet_len = (uint32_t)(*pkt_octet_len - tag_len
- - ((enc_start - (uint32_t *)hdr) << 2));
- } else {
- enc_start = NULL;
- }
-
- /*
- * if we're providing authentication, set the auth_start and auth_tag
- * pointers to the proper locations; otherwise, set auth_start to NULL
- * to indicate that no authentication is needed
- */
- if (stream->rtp_services & sec_serv_auth) {
- auth_start = (uint32_t *)hdr;
- auth_tag = (uint8_t *)hdr + *pkt_octet_len - tag_len;
- } else {
- auth_start = NULL;
- auth_tag = NULL;
- }
-
- /*
- * if we expect message authentication, run the authentication
- * function and compare the result with the value of the auth_tag
- */
- if (auth_start) {
-
- /*
- * if we're using a universal hash, then we need to compute the
- * keystream prefix for encrypting the universal hash output
- *
- * if the keystream prefix length is zero, then we know that
- * the authenticator isn't using a universal hash function
- */
- if (stream->rtp_auth->prefix_len != 0) {
-
- prefix_len = auth_get_prefix_length(stream->rtp_auth);
- status = cipher_output(stream->rtp_cipher, tmp_tag, prefix_len);
- debug_print(mod_srtp, "keystream prefix: %s",
- octet_string_hex_string(tmp_tag, prefix_len));
- if (status)
- return err_status_cipher_fail;
- }
-
- /* initialize auth func context */
- status = auth_start(stream->rtp_auth);
- if (status) return status;
-
- /* now compute auth function over packet */
- status = auth_update(stream->rtp_auth, (uint8_t *)auth_start,
- *pkt_octet_len - tag_len);
-
- /* run auth func over ROC, then write tmp tag */
- status = auth_compute(stream->rtp_auth, (uint8_t *)&est, 4, tmp_tag);
-
- debug_print(mod_srtp, "computed auth tag: %s",
- octet_string_hex_string(tmp_tag, tag_len));
- debug_print(mod_srtp, "packet auth tag: %s",
- octet_string_hex_string(auth_tag, tag_len));
- if (status)
- return err_status_auth_fail;
-
- if (octet_string_is_eq(tmp_tag, auth_tag, tag_len))
- return err_status_auth_fail;
- }
-
- /*
- * update the key usage limit, and check it to make sure that we
- * didn't just hit either the soft limit or the hard limit, and call
- * the event handler if we hit either.
- */
- switch(key_limit_update(stream->limit)) {
- case key_event_normal:
- break;
- case key_event_soft_limit:
- srtp_handle_event(ctx, stream, event_key_soft_limit);
- break;
- case key_event_hard_limit:
- srtp_handle_event(ctx, stream, event_key_hard_limit);
- return err_status_key_expired;
- default:
- break;
- }
-
- /* if we're encrypting, add keystream into ciphertext */
- if (enc_start) {
- status = cipher_encrypt(stream->rtp_cipher,
- (uint8_t *)enc_start, &enc_octet_len);
- if (status)
- return err_status_cipher_fail;
- }
-
- /*
- * verify that stream is for received traffic - this check will
- * detect SSRC collisions, since a stream that appears in both
- * srtp_protect() and srtp_unprotect() will fail this test in one of
- * those functions.
- *
- * we do this check *after* the authentication check, so that the
- * latter check will catch any attempts to fool us into thinking
- * that we've got a collision
- */
- if (stream->direction != dir_srtp_receiver) {
- if (stream->direction == dir_unknown) {
- stream->direction = dir_srtp_receiver;
- } else {
- srtp_handle_event(ctx, stream, event_ssrc_collision);
- }
- }
-
- /*
- * if the stream is a 'provisional' one, in which the template context
- * is used, then we need to allocate a new stream at this point, since
- * the authentication passed
- */
- if (stream == ctx->stream_template) {
- srtp_stream_ctx_t *new_stream;
-
- /*
- * allocate and initialize a new stream
- *
- * note that we indicate failure if we can't allocate the new
- * stream, and some implementations will want to not return
- * failure here
- */
- status = srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream);
- if (status)
- return status;
-
- /* add new stream to the head of the stream_list */
- new_stream->next = ctx->stream_list;
- ctx->stream_list = new_stream;
-
- /* set stream (the pointer used in this function) */
- stream = new_stream;
- }
-
- /*
- * the message authentication function passed, so add the packet
- * index into the replay database
- */
- rdbx_add_index(&stream->rtp_rdbx, delta);
-
- /* decrease the packet length by the length of the auth tag */
- *pkt_octet_len -= tag_len;
-
- return err_status_ok;
-}
-
-err_status_t
-srtp_init() {
- err_status_t status;
-
- /* initialize crypto kernel */
- status = crypto_kernel_init();
- if (status)
- return status;
-
- /* load srtp debug module into the kernel */
- status = crypto_kernel_load_debug_module(&mod_srtp);
- if (status)
- return status;
-
- return err_status_ok;
-}
-
-/*
- * The following code is under consideration for removal. See
- * SRTP_MAX_TRAILER_LEN
- */
-#if 0
-
-/*
- * srtp_get_trailer_length(&a) returns the number of octets that will
- * be added to an RTP packet by the SRTP processing. This value
- * is constant for a given srtp_stream_t (i.e. between initializations).
- */
-
-int
-srtp_get_trailer_length(const srtp_stream_t s) {
- return auth_get_tag_length(s->rtp_auth);
-}
-
-#endif
-
-/*
- * srtp_get_stream(ssrc) returns a pointer to the stream corresponding
- * to ssrc, or NULL if no stream exists for that ssrc
- *
- * this is an internal function
- */
-
-srtp_stream_ctx_t *
-srtp_get_stream(srtp_t srtp, uint32_t ssrc) {
- srtp_stream_ctx_t *stream;
-
- /* walk down list until ssrc is found */
- stream = srtp->stream_list;
- while (stream != NULL) {
- if (stream->ssrc == ssrc)
- return stream;
- stream = stream->next;
- }
-
- /* we haven't found our ssrc, so return a null */
- return NULL;
-}
-
-err_status_t
-srtp_dealloc(srtp_t session) {
- srtp_stream_ctx_t *stream;
- err_status_t status;
-
- /*
- * we take a conservative deallocation strategy - if we encounter an
- * error deallocating a stream, then we stop trying to deallocate
- * memory and just return an error
- */
-
- /* walk list of streams, deallocating as we go */
- stream = session->stream_list;
- while (stream != NULL) {
- srtp_stream_t next = stream->next;
- status = srtp_stream_uninit_and_dealloc(stream, session->stream_template);
- if (status) {
- return status;
- }
- stream = next;
- }
-
- /* deallocate stream template, if there is one */
- if (session->stream_template != NULL) {
- status = srtp_stream_uninit_and_dealloc(session->stream_template, NULL);
- }
-
- /* deallocate session context */
- crypto_free(session);
-
- return err_status_ok;
-}
-
-
-err_status_t
-srtp_add_stream(srtp_t session,
- const srtp_policy_t *policy) {
- err_status_t status;
- srtp_stream_t tmp;
-
- /* sanity check arguments */
- if ((session == NULL) || (policy == NULL) || (policy->key == NULL))
- return err_status_bad_param;
-
- /* allocate stream */
- status = srtp_stream_alloc(&tmp, policy);
- if (status) {
- return status;
- }
-
- /* initialize stream */
- status = srtp_stream_init(tmp, policy);
- if (status) {
- crypto_free(tmp);
- return status;
- }
-
- /*
- * set the head of the stream list or the template to point to the
- * stream that we've just alloced and init'ed, depending on whether
- * or not it has a wildcard SSRC value or not
- *
- * if the template stream has already been set, then the policy is
- * inconsistent, so we return a bad_param error code
- */
- switch (policy->ssrc.type) {
- case (ssrc_any_outbound):
- if (session->stream_template) {
- return err_status_bad_param;
- }
- session->stream_template = tmp;
- session->stream_template->direction = dir_srtp_sender;
- break;
- case (ssrc_any_inbound):
- if (session->stream_template) {
- return err_status_bad_param;
- }
- session->stream_template = tmp;
- session->stream_template->direction = dir_srtp_receiver;
- break;
- case (ssrc_specific):
- tmp->next = session->stream_list;
- session->stream_list = tmp;
- break;
- case (ssrc_undefined):
- default:
- crypto_free(tmp);
- return err_status_bad_param;
- }
- return err_status_ok;
-}
-
-
-err_status_t
-srtp_create(srtp_t *session, /* handle for session */
- const srtp_policy_t *policy) { /* SRTP policy (list) */
- err_status_t stat;
- srtp_ctx_t *ctx;
-
- /* sanity check arguments */
- if (session == NULL)
- return err_status_bad_param;
-
- /* allocate srtp context and set ctx_ptr */
- ctx = (srtp_ctx_t *) crypto_alloc(sizeof(srtp_ctx_t));
- if (ctx == NULL)
- return err_status_alloc_fail;
- *session = ctx;
-
- /*
- * loop over elements in the policy list, allocating and
- * initializing a stream for each element
- */
- ctx->stream_template = NULL;
- ctx->stream_list = NULL;
- while (policy != NULL) {
-
- stat = srtp_add_stream(ctx, policy);
- if (stat) {
- /* clean up everything */
- srtp_dealloc(*session);
- return stat;
- }
-
- /* set policy to next item in list */
- policy = policy->next;
- }
-
- return err_status_ok;
-}
-
-
-err_status_t
-srtp_remove_stream(srtp_t session, uint32_t ssrc) {
- srtp_stream_ctx_t *stream, *last_stream;
-
- /* sanity check arguments */
- if (session == NULL)
- return err_status_bad_param;
-
- /* find stream in list; complain if not found */
- last_stream = stream = session->stream_list;
- while ((stream != NULL) && (ssrc != stream->ssrc)) {
- last_stream = stream;
- stream = stream->next;
- }
- if (stream == NULL)
- return err_status_no_ctx;
-
- /* remove stream from the list */
- last_stream->next = stream->next;
-
- return srtp_stream_uninit_and_dealloc(stream, session->stream_template);
-}
-
-err_status_t
-srtp_stream_uninit_and_dealloc(srtp_stream_ctx_t *stream,
- srtp_stream_ctx_t *stream_template) {
- err_status_t status;
- /* deallocate rdbx data */
- status = srtp_stream_uninit(stream);
- if (status)
- return status;
-
- /* deallocate the stream */
- status = srtp_stream_dealloc(stream, stream_template);
- if (status)
- return status;
-
- return err_status_ok;
-}
-
-
-/*
- * the default policy - provides a convenient way for callers to use
- * the default security policy
- *
- * this policy is that defined in the current SRTP internet draft.
- *
- */
-
-/*
- * NOTE: cipher_key_len is really key len (128 bits) plus salt len
- * (112 bits)
- */
-/* There are hard-coded 16's for base_key_len in the key generation code */
-
-void
-crypto_policy_set_rtp_default(crypto_policy_t *p) {
-
- p->cipher_type = AES_128_ICM;
- p->cipher_key_len = 30; /* default 128 bits per RFC 3711 */
- p->auth_type = HMAC_SHA1;
- p->auth_key_len = 20; /* default 160 bits per RFC 3711 */
- p->auth_tag_len = 10; /* default 80 bits per RFC 3711 */
- p->sec_serv = sec_serv_conf_and_auth;
-
-}
-
-void
-crypto_policy_set_rtcp_default(crypto_policy_t *p) {
-
- p->cipher_type = AES_128_ICM;
- p->cipher_key_len = 30; /* default 128 bits per RFC 3711 */
- p->auth_type = HMAC_SHA1;
- p->auth_key_len = 20; /* default 160 bits per RFC 3711 */
- p->auth_tag_len = 10; /* default 80 bits per RFC 3711 */
- p->sec_serv = sec_serv_conf_and_auth;
-
-}
-
-void
-crypto_policy_set_aes_cm_128_hmac_sha1_32(crypto_policy_t *p) {
-
- /*
- * corresponds to draft-ietf-mmusic-sdescriptions-12.txt
- *
- * note that this crypto policy is intended for SRTP, but not SRTCP
- */
-
- p->cipher_type = AES_128_ICM;
- p->cipher_key_len = 30; /* 128 bit key, 112 bit salt */
- p->auth_type = HMAC_SHA1;
- p->auth_key_len = 20; /* 160 bit key */
- p->auth_tag_len = 4; /* 32 bit tag */
- p->sec_serv = sec_serv_conf_and_auth;
-
-}
-
-
-void
-crypto_policy_set_aes_cm_128_null_auth(crypto_policy_t *p) {
-
- /*
- * corresponds to draft-ietf-mmusic-sdescriptions-12.txt
- *
- * note that this crypto policy is intended for SRTP, but not SRTCP
- */
-
- p->cipher_type = AES_128_ICM;
- p->cipher_key_len = 30; /* 128 bit key, 112 bit salt */
- p->auth_type = NULL_AUTH;
- p->auth_key_len = 0;
- p->auth_tag_len = 0;
- p->sec_serv = sec_serv_conf;
-
-}
-
-
-void
-crypto_policy_set_null_cipher_hmac_sha1_80(crypto_policy_t *p) {
-
- /*
- * corresponds to draft-ietf-mmusic-sdescriptions-12.txt
- */
-
- p->cipher_type = NULL_CIPHER;
- p->cipher_key_len = 0;
- p->auth_type = HMAC_SHA1;
- p->auth_key_len = 20;
- p->auth_tag_len = 10;
- p->sec_serv = sec_serv_auth;
-
-}
-
-
-/*
- * secure rtcp functions
- */
-
-err_status_t
-srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len) {
- srtcp_hdr_t *hdr = (srtcp_hdr_t *)rtcp_hdr;
- uint32_t *enc_start; /* pointer to start of encrypted portion */
- uint32_t *auth_start; /* pointer to start of auth. portion */
- uint32_t *trailer; /* pointer to start of trailer */
- unsigned enc_octet_len = 0;/* number of octets in encrypted portion */
- uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
- err_status_t status;
- int tag_len;
- srtp_stream_ctx_t *stream;
- int prefix_len;
- uint32_t seq_num;
-
- /* we assume the hdr is 32-bit aligned to start */
- /*
- * look up ssrc in srtp_stream list, and process the packet with
- * the appropriate stream. if we haven't seen this stream before,
- * there's only one key for this srtp_session, and the cipher
- * supports key-sharing, then we assume that a new stream using
- * that key has just started up
- */
- stream = srtp_get_stream(ctx, hdr->ssrc);
- if (stream == NULL) {
- if (ctx->stream_template != NULL) {
- srtp_stream_ctx_t *new_stream;
-
- /* allocate and initialize a new stream */
- status = srtp_stream_clone(ctx->stream_template,
- hdr->ssrc, &new_stream);
- if (status)
- return status;
-
- /* add new stream to the head of the stream_list */
- new_stream->next = ctx->stream_list;
- ctx->stream_list = new_stream;
-
- /* set stream (the pointer used in this function) */
- stream = new_stream;
- } else {
- /* no template stream, so we return an error */
- return err_status_no_ctx;
- }
- }
-
- /*
- * verify that stream is for sending traffic - this check will
- * detect SSRC collisions, since a stream that appears in both
- * srtp_protect() and srtp_unprotect() will fail this test in one of
- * those functions.
- */
- if (stream->direction != dir_srtp_sender) {
- if (stream->direction == dir_unknown) {
- stream->direction = dir_srtp_sender;
- } else {
- srtp_handle_event(ctx, stream, event_ssrc_collision);
- }
- }
-
- /* get tag length from stream context */
- tag_len = auth_get_tag_length(stream->rtcp_auth);
-
- /*
- * set encryption start and encryption length - if we're not
- * providing confidentiality, set enc_start to NULL
- */
- enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header;
- enc_octet_len = *pkt_octet_len - octets_in_rtcp_header;
-
- /* all of the packet, except the header, gets encrypted */
- /* NOTE: hdr->length is not usable - it refers to only the first
- RTCP report in the compound packet! */
- /* NOTE: trailer is 32-bit aligned because RTCP 'packets' are always
- multiples of 32-bits (RFC 3550 6.1) */
- trailer = (uint32_t *) ((char *)enc_start + enc_octet_len);
-
- if (stream->rtcp_services & sec_serv_conf) {
- *trailer = htonl(SRTCP_E_BIT); /* set encrypt bit */
- } else {
- enc_start = NULL;
- enc_octet_len = 0;
- /* 0 is network-order independant */
- *trailer = 0x00000000; /* set encrypt bit */
- }
-
- /*
- * set the auth_start and auth_tag pointers to the proper locations
- * (note that srtpc *always* provides authentication, unlike srtp)
- */
- /* Note: This would need to change for optional mikey data */
- auth_start = (uint32_t *)hdr;
- auth_tag = (uint8_t *)hdr + *pkt_octet_len + sizeof(srtcp_trailer_t);
-
- /* perform EKT processing if needed */
- ekt_write_data(stream->ekt, auth_tag, tag_len, pkt_octet_len,
- rdbx_get_packet_index(&stream->rtp_rdbx));
-
- /*
- * check sequence number for overruns, and copy it into the packet
- * if its value isn't too big
- */
- status = rdb_increment(&stream->rtcp_rdb);
- if (status)
- return status;
- seq_num = rdb_get_value(&stream->rtcp_rdb);
- *trailer |= htonl(seq_num);
- debug_print(mod_srtp, "srtcp index: %x", seq_num);
-
- /*
- * if we're using rindael counter mode, set nonce and seq
- */
- if (stream->rtcp_cipher->type == &aes_icm) {
- v128_t iv;
-
- iv.v32[0] = 0;
- iv.v32[1] = hdr->ssrc; /* still in network order! */
- iv.v32[2] = htonl(seq_num >> 16);
- iv.v32[3] = htonl(seq_num << 16);
- status = aes_icm_set_iv((aes_icm_ctx_t*)stream->rtcp_cipher->state, &iv);
-
- } else {
- v128_t iv;
-
- /* otherwise, just set the index to seq_num */
- iv.v32[0] = 0;
- iv.v32[1] = 0;
- iv.v32[2] = 0;
- iv.v32[3] = htonl(seq_num);
- status = cipher_set_iv(stream->rtcp_cipher, &iv);
- }
- if (status)
- return err_status_cipher_fail;
-
- /*
- * if we're authenticating using a universal hash, put the keystream
- * prefix into the authentication tag
- */
-
- /* if auth_start is non-null, then put keystream into tag */
- if (auth_start) {
-
- /* put keystream prefix into auth_tag */
- prefix_len = auth_get_prefix_length(stream->rtcp_auth);
- status = cipher_output(stream->rtcp_cipher, auth_tag, prefix_len);
-
- debug_print(mod_srtp, "keystream prefix: %s",
- octet_string_hex_string(auth_tag, prefix_len));
-
- if (status)
- return err_status_cipher_fail;
- }
-
- /* if we're encrypting, exor keystream into the message */
- if (enc_start) {
- status = cipher_encrypt(stream->rtcp_cipher,
- (uint8_t *)enc_start, &enc_octet_len);
- if (status)
- return err_status_cipher_fail;
- }
-
- /* initialize auth func context */
- auth_start(stream->rtcp_auth);
-
- /*
- * run auth func over packet (including trailer), and write the
- * result at auth_tag
- */
- status = auth_compute(stream->rtcp_auth,
- (uint8_t *)auth_start,
- (*pkt_octet_len) + sizeof(srtcp_trailer_t),
- auth_tag);
- debug_print(mod_srtp, "srtcp auth tag: %s",
- octet_string_hex_string(auth_tag, tag_len));
- if (status)
- return err_status_auth_fail;
-
- /* increase the packet length by the length of the auth tag and seq_num*/
- *pkt_octet_len += (tag_len + sizeof(srtcp_trailer_t));
-
- return err_status_ok;
-}
-
-
-err_status_t
-srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) {
- srtcp_hdr_t *hdr = (srtcp_hdr_t *)srtcp_hdr;
- uint32_t *enc_start; /* pointer to start of encrypted portion */
- uint32_t *auth_start; /* pointer to start of auth. portion */
- uint32_t *trailer; /* pointer to start of trailer */
- unsigned enc_octet_len = 0;/* number of octets in encrypted portion */
- uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
- uint8_t tmp_tag[SRTP_MAX_TAG_LEN];
- uint8_t tag_copy[SRTP_MAX_TAG_LEN];
- err_status_t status;
- unsigned auth_len;
- int tag_len;
- srtp_stream_ctx_t *stream;
- int prefix_len;
- uint32_t seq_num;
- int e_bit_in_packet; /* whether the E-bit was found in the packet */
- int sec_serv_confidentiality; /* whether confidentiality was requested */
-
- /* we assume the hdr is 32-bit aligned to start */
- /*
- * look up ssrc in srtp_stream list, and process the packet with
- * the appropriate stream. if we haven't seen this stream before,
- * there's only one key for this srtp_session, and the cipher
- * supports key-sharing, then we assume that a new stream using
- * that key has just started up
- */
- stream = srtp_get_stream(ctx, hdr->ssrc);
- if (stream == NULL) {
- if (ctx->stream_template != NULL) {
- stream = ctx->stream_template;
-
- /*
- * check to see if stream_template has an EKT data structure, in
- * which case we initialize the template using the EKT policy
- * referenced by that data (which consists of decrypting the
- * master key from the EKT field)
- *
- * this function initializes a *provisional* stream, and this
- * stream should not be accepted until and unless the packet
- * passes its authentication check
- */
- if (stream->ekt != NULL) {
- status = srtp_stream_init_from_ekt(stream, srtcp_hdr, *pkt_octet_len);
- if (status)
- return status;
- }
-
- debug_print(mod_srtp, "srtcp using provisional stream (SSRC: 0x%08x)",
- hdr->ssrc);
- } else {
- /* no template stream, so we return an error */
- return err_status_no_ctx;
- }
- }
-
- sec_serv_confidentiality = stream->rtcp_services == sec_serv_conf ||
- stream->rtcp_services == sec_serv_conf_and_auth;
-
- /* get tag length from stream context */
- tag_len = auth_get_tag_length(stream->rtcp_auth);
-
- /*
- * set encryption start, encryption length, and trailer
- */
- enc_octet_len = *pkt_octet_len -
- (octets_in_rtcp_header + tag_len + sizeof(srtcp_trailer_t));
- /* index & E (encryption) bit follow normal data. hdr->len
- is the number of words (32-bit) in the normal packet minus 1 */
- /* This should point trailer to the word past the end of the
- normal data. */
- /* This would need to be modified for optional mikey data */
- /*
- * NOTE: trailer is 32-bit aligned because RTCP 'packets' are always
- * multiples of 32-bits (RFC 3550 6.1)
- */
- trailer = (uint32_t *) ((char *) hdr +
- *pkt_octet_len -(tag_len + sizeof(srtcp_trailer_t)));
- e_bit_in_packet = (*((unsigned char *) trailer) & SRTCP_E_BYTE_BIT) == SRTCP_E_BYTE_BIT;
- if (e_bit_in_packet != sec_serv_confidentiality) {
- return err_status_cant_check;
- }
- if (sec_serv_confidentiality) {
- enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header;
- } else {
- enc_octet_len = 0;
- enc_start = NULL; /* this indicates that there's no encryption */
- }
-
- /*
- * set the auth_start and auth_tag pointers to the proper locations
- * (note that srtcp *always* uses authentication, unlike srtp)
- */
- auth_start = (uint32_t *)hdr;
- auth_len = *pkt_octet_len - tag_len;
- auth_tag = (uint8_t *)hdr + auth_len;
-
- /*
- * if EKT is in use, then we make a copy of the tag from the packet,
- * and then zeroize the location of the base tag
- *
- * we first re-position the auth_tag pointer so that it points to
- * the base tag
- */
- if (stream->ekt) {
- auth_tag -= ekt_octets_after_base_tag(stream->ekt);
- memcpy(tag_copy, auth_tag, tag_len);
- octet_string_set_to_zero(auth_tag, tag_len);
- auth_tag = tag_copy;
- auth_len += tag_len;
- }
-
- /*
- * check the sequence number for replays
- */
- /* this is easier than dealing with bitfield access */
- seq_num = ntohl(*trailer) & SRTCP_INDEX_MASK;
- debug_print(mod_srtp, "srtcp index: %x", seq_num);
- status = rdb_check(&stream->rtcp_rdb, seq_num);
- if (status)
- return status;
-
- /*
- * if we're using aes counter mode, set nonce and seq
- */
- if (stream->rtcp_cipher->type == &aes_icm) {
- v128_t iv;
-
- iv.v32[0] = 0;
- iv.v32[1] = hdr->ssrc; /* still in network order! */
- iv.v32[2] = htonl(seq_num >> 16);
- iv.v32[3] = htonl(seq_num << 16);
- status = aes_icm_set_iv((aes_icm_ctx_t*)stream->rtcp_cipher->state, &iv);
-
- } else {
- v128_t iv;
-
- /* otherwise, just set the index to seq_num */
- iv.v32[0] = 0;
- iv.v32[1] = 0;
- iv.v32[2] = 0;
- iv.v32[3] = htonl(seq_num);
- status = cipher_set_iv(stream->rtcp_cipher, &iv);
-
- }
- if (status)
- return err_status_cipher_fail;
-
- /* initialize auth func context */
- auth_start(stream->rtcp_auth);
-
- /* run auth func over packet, put result into tmp_tag */
- status = auth_compute(stream->rtcp_auth, (uint8_t *)auth_start,
- auth_len, tmp_tag);
- debug_print(mod_srtp, "srtcp computed tag: %s",
- octet_string_hex_string(tmp_tag, tag_len));
- if (status)
- return err_status_auth_fail;
-
- /* compare the tag just computed with the one in the packet */
- debug_print(mod_srtp, "srtcp tag from packet: %s",
- octet_string_hex_string(auth_tag, tag_len));
- if (octet_string_is_eq(tmp_tag, auth_tag, tag_len))
- return err_status_auth_fail;
-
- /*
- * if we're authenticating using a universal hash, put the keystream
- * prefix into the authentication tag
- */
- prefix_len = auth_get_prefix_length(stream->rtcp_auth);
- if (prefix_len) {
- status = cipher_output(stream->rtcp_cipher, auth_tag, prefix_len);
- debug_print(mod_srtp, "keystream prefix: %s",
- octet_string_hex_string(auth_tag, prefix_len));
- if (status)
- return err_status_cipher_fail;
- }
-
- /* if we're decrypting, exor keystream into the message */
- if (enc_start) {
- status = cipher_encrypt(stream->rtcp_cipher,
- (uint8_t *)enc_start, &enc_octet_len);
- if (status)
- return err_status_cipher_fail;
- }
-
- /* decrease the packet length by the length of the auth tag and seq_num */
- *pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t));
-
- /*
- * if EKT is in effect, subtract the EKT data out of the packet
- * length
- */
- *pkt_octet_len -= ekt_octets_after_base_tag(stream->ekt);
-
- /*
- * verify that stream is for received traffic - this check will
- * detect SSRC collisions, since a stream that appears in both
- * srtp_protect() and srtp_unprotect() will fail this test in one of
- * those functions.
- *
- * we do this check *after* the authentication check, so that the
- * latter check will catch any attempts to fool us into thinking
- * that we've got a collision
- */
- if (stream->direction != dir_srtp_receiver) {
- if (stream->direction == dir_unknown) {
- stream->direction = dir_srtp_receiver;
- } else {
- srtp_handle_event(ctx, stream, event_ssrc_collision);
- }
- }
-
- /*
- * if the stream is a 'provisional' one, in which the template context
- * is used, then we need to allocate a new stream at this point, since
- * the authentication passed
- */
- if (stream == ctx->stream_template) {
- srtp_stream_ctx_t *new_stream;
-
- /*
- * allocate and initialize a new stream
- *
- * note that we indicate failure if we can't allocate the new
- * stream, and some implementations will want to not return
- * failure here
- */
- status = srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream);
- if (status)
- return status;
-
- /* add new stream to the head of the stream_list */
- new_stream->next = ctx->stream_list;
- ctx->stream_list = new_stream;
-
- /* set stream (the pointer used in this function) */
- stream = new_stream;
- }
-
- /* we've passed the authentication check, so add seq_num to the rdb */
- rdb_add_index(&stream->rtcp_rdb, seq_num);
-
-
- return err_status_ok;
-}
-
-
-
-/*
- * dtls keying for srtp
- */
-
-err_status_t
-crypto_policy_set_from_profile_for_rtp(crypto_policy_t *policy,
- srtp_profile_t profile) {
-
- /* set SRTP policy from the SRTP profile in the key set */
- switch(profile) {
- case srtp_profile_aes128_cm_sha1_80:
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
- break;
- case srtp_profile_aes128_cm_sha1_32:
- crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
- break;
- case srtp_profile_null_sha1_80:
- crypto_policy_set_null_cipher_hmac_sha1_80(policy);
- crypto_policy_set_null_cipher_hmac_sha1_80(policy);
- break;
- /* the following profiles are not (yet) supported */
- case srtp_profile_null_sha1_32:
- case srtp_profile_aes256_cm_sha1_80:
- case srtp_profile_aes256_cm_sha1_32:
- default:
- return err_status_bad_param;
- }
-
- return err_status_ok;
-}
-
-err_status_t
-crypto_policy_set_from_profile_for_rtcp(crypto_policy_t *policy,
- srtp_profile_t profile) {
-
- /* set SRTP policy from the SRTP profile in the key set */
- switch(profile) {
- case srtp_profile_aes128_cm_sha1_80:
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
- break;
- case srtp_profile_aes128_cm_sha1_32:
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
- break;
- case srtp_profile_null_sha1_80:
- crypto_policy_set_null_cipher_hmac_sha1_80(policy);
- break;
- /* the following profiles are not (yet) supported */
- case srtp_profile_null_sha1_32:
- case srtp_profile_aes256_cm_sha1_80:
- case srtp_profile_aes256_cm_sha1_32:
- default:
- return err_status_bad_param;
- }
-
- return err_status_ok;
-}
-
-void
-append_salt_to_key(uint8_t *key, unsigned int bytes_in_key,
- uint8_t *salt, unsigned int bytes_in_salt) {
-
- memcpy(key + bytes_in_key, salt, bytes_in_salt);
-
-}
-
-unsigned int
-srtp_profile_get_master_key_length(srtp_profile_t profile) {
-
- switch(profile) {
- case srtp_profile_aes128_cm_sha1_80:
- return 16;
- break;
- case srtp_profile_aes128_cm_sha1_32:
- return 16;
- break;
- case srtp_profile_null_sha1_80:
- return 16;
- break;
- /* the following profiles are not (yet) supported */
- case srtp_profile_null_sha1_32:
- case srtp_profile_aes256_cm_sha1_80:
- case srtp_profile_aes256_cm_sha1_32:
- default:
- return 0; /* indicate error by returning a zero */
- }
-}
-
-unsigned int
-srtp_profile_get_master_salt_length(srtp_profile_t profile) {
-
- switch(profile) {
- case srtp_profile_aes128_cm_sha1_80:
- return 14;
- break;
- case srtp_profile_aes128_cm_sha1_32:
- return 14;
- break;
- case srtp_profile_null_sha1_80:
- return 14;
- break;
- /* the following profiles are not (yet) supported */
- case srtp_profile_null_sha1_32:
- case srtp_profile_aes256_cm_sha1_80:
- case srtp_profile_aes256_cm_sha1_32:
- default:
- return 0; /* indicate error by returning a zero */
- }
-}
diff --git a/srtp7.sln b/srtp7.sln
deleted file mode 100644
index c006391..0000000
--- a/srtp7.sln
+++ /dev/null
@@ -1,21 +0,0 @@
-Microsoft Visual Studio Solution File, Format Version 8.00
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libSRTP", "srtp7.vcproj", "{7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}"
- ProjectSection(ProjectDependencies) = postProject
- EndProjectSection
-EndProject
-Global
- GlobalSection(SolutionConfiguration) = preSolution
- Debug = Debug
- Release = Release
- EndGlobalSection
- GlobalSection(ProjectConfiguration) = postSolution
- {7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}.Debug.ActiveCfg = Debug|Win32
- {7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}.Debug.Build.0 = Debug|Win32
- {7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}.Release.ActiveCfg = Release|Win32
- {7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}.Release.Build.0 = Release|Win32
- EndGlobalSection
- GlobalSection(ExtensibilityGlobals) = postSolution
- EndGlobalSection
- GlobalSection(ExtensibilityAddIns) = postSolution
- EndGlobalSection
-EndGlobal
diff --git a/srtp7.vcproj b/srtp7.vcproj
deleted file mode 100644
index 49b60c5..0000000
--- a/srtp7.vcproj
+++ /dev/null
@@ -1,298 +0,0 @@
-<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="7.10"
- Name="libSRTP"
- ProjectGUID="{7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}"
- Keyword="Win32Proj">
- <Platforms>
- <Platform
- Name="Win32"/>
- </Platforms>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="Debug"
- IntermediateDirectory="Debug"
- ConfigurationType="1"
- CharacterSet="2">
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- InlineFunctionExpansion="0"
- AdditionalIncludeDirectories="C:\dev\foo\srtp;"$(SolutionDir)";.\include;.\crypto\include;"..\..\OpenSSL\openssl-0.9.7i\inc32";"C:Library\OpenSSL\openssl-0.9.8\inc32""
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;DEBUG"
- ExceptionHandling="FALSE"
- BasicRuntimeChecks="0"
- RuntimeLibrary="1"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="TRUE"
- DebugInformationFormat="4"
- CompileAs="1"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="Ws2_32.lib libeay32.lib ssleay32.lib"
- AdditionalLibraryDirectories=""Library\OpenSSL\openssl-0.9.8\libs""
- GenerateDebugInformation="TRUE"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCWebDeploymentTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="Release"
- IntermediateDirectory="Release"
- ConfigurationType="4"
- CharacterSet="2">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories="".\include";".\crypto\include";"..\..\OpenSSL\openssl-0.9.7i\inc32""
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
- BasicRuntimeChecks="0"
- RuntimeLibrary="0"
- UsePrecompiledHeader="0"
- ObjectFile="$(IntDir)/"
- WarningLevel="3"
- Detect64BitPortabilityProblems="TRUE"
- DebugInformationFormat="3"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLibrarianTool"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- </Configurations>
- <References>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
- <File
- RelativePath=".\test\getopt.c">
- </File>
- <File
- RelativePath=".\srtp\srtp.c">
- </File>
- <File
- RelativePath=".\test\srtp_driver.c">
- </File>
- <Filter
- Name="Kernel">
- <File
- RelativePath=".\crypto\kernel\alloc.c">
- </File>
- <File
- RelativePath=".\crypto\kernel\crypto_kernel.c">
- </File>
- <File
- RelativePath=".\crypto\rng\ctr_prng.c">
- </File>
- <File
- RelativePath=".\crypto\kernel\err.c">
- </File>
- <File
- RelativePath=".\crypto\kernel\key.c">
- </File>
- <File
- RelativePath=".\crypto\rng\prng.c">
- </File>
- <File
- RelativePath=".\crypto\rng\rand_source.c">
- </File>
- </Filter>
- <Filter
- Name="Ciphers">
- <File
- RelativePath=".\crypto\cipher\aes.c">
- </File>
- <File
- RelativePath=".\crypto\cipher\aes_cbc.c">
- </File>
- <File
- RelativePath=".\crypto\cipher\aes_icm.c">
- </File>
- <File
- RelativePath=".\crypto\cipher\cipher.c">
- </File>
- <File
- RelativePath=".\crypto\cipher\null_cipher.c">
- </File>
- </Filter>
- <Filter
- Name="Hashes">
- <File
- RelativePath=".\crypto\hash\auth.c">
- </File>
- <File
- RelativePath=".\crypto\hash\hmac.c">
- </File>
- <File
- RelativePath=".\crypto\hash\null_auth.c">
- </File>
- <File
- RelativePath=".\crypto\hash\sha1.c">
- </File>
- </Filter>
- <Filter
- Name="Replay">
- <File
- RelativePath=".\crypto\replay\rdb.c">
- </File>
- <File
- RelativePath=".\crypto\replay\rdbx.c">
- </File>
- <File
- RelativePath=".\crypto\replay\ut_sim.c">
- </File>
- </Filter>
- <Filter
- Name="Math">
- <File
- RelativePath=".\crypto\math\datatypes.c">
- </File>
- <File
- RelativePath=".\crypto\math\stat.c">
- </File>
- </Filter>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
- <File
- RelativePath=".\crypto\include\aes.h">
- </File>
- <File
- RelativePath=".\crypto\include\aes_cbc.h">
- </File>
- <File
- RelativePath=".\crypto\include\aes_icm.h">
- </File>
- <File
- RelativePath=".\crypto\include\alloc.h">
- </File>
- <File
- RelativePath=".\crypto\include\auth.h">
- </File>
- <File
- RelativePath=".\crypto\include\cipher.h">
- </File>
- <File
- RelativePath=".\crypto\include\config.h">
- </File>
- <File
- RelativePath=".\crypto\include\crypto.h">
- </File>
- <File
- RelativePath=".\crypto\include\crypto_kernel.h">
- </File>
- <File
- RelativePath=".\crypto\include\crypto_math.h">
- </File>
- <File
- RelativePath=".\crypto\include\crypto_types.h">
- </File>
- <File
- RelativePath=".\crypto\include\cryptoalg.h">
- </File>
- <File
- RelativePath=".\crypto\include\datatypes.h">
- </File>
- <File
- RelativePath=".\crypto\include\err.h">
- </File>
- <File
- RelativePath=".\crypto\include\gf2_8.h">
- </File>
- <File
- RelativePath=".\crypto\include\hmac.h">
- </File>
- <File
- RelativePath=".\crypto\include\integers.h">
- </File>
- <File
- RelativePath=".\crypto\include\kernel_compat.h">
- </File>
- <File
- RelativePath=".\crypto\include\key.h">
- </File>
- <File
- RelativePath=".\crypto\include\null_auth.h">
- </File>
- <File
- RelativePath=".\crypto\include\null_cipher.h">
- </File>
- <File
- RelativePath=".\crypto\include\prng.h">
- </File>
- <File
- RelativePath=".\crypto\include\rand_source.h">
- </File>
- <File
- RelativePath=".\crypto\include\rdb.h">
- </File>
- <File
- RelativePath=".\crypto\include\rdbx.h">
- </File>
- <File
- RelativePath=".\include\rtp.h">
- </File>
- <File
- RelativePath=".\crypto\include\sha1.h">
- </File>
- <File
- RelativePath=".\include\srtp.h">
- </File>
- <File
- RelativePath=".\crypto\include\stat.h">
- </File>
- <File
- RelativePath=".\include\ut_sim.h">
- </File>
- <File
- RelativePath=".\crypto\include\xfm.h">
- </File>
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/tables/aes_tables.c b/tables/aes_tables.c
deleted file mode 100644
index bc5f312..0000000
--- a/tables/aes_tables.c
+++ /dev/null
@@ -1,350 +0,0 @@
-/*
- * aes_tables.c
- *
- * generate tables for the AES cipher
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright(c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <stdio.h>
-#include "gf2_8.h"
-#include "crypto_math.h"
-
-
-unsigned char aes_sbox[256];
-
-unsigned char aes_inv_sbox[256];
-
-uint32_t T0[256], T1[256], T2[256], T3[256], T4[256];
-
-
-#define AES_INVERSE_TEST 0 /* set to 1 to test forward/backwards aes */
-
-/* functions for precomputing AES values */
-
-/*
- * A[] is the 8 x 8 binary matrix (represented as an array of columns,
- * where each column is an octet) which defines the affine
- * transformation used in the AES substitution table (Section
- * 4.2.1 of the spec).
- */
-
-uint8_t A[8] = { 31, 62, 124, 248, 241, 227, 199, 143 };
-
-/*
- * b is the 8 bit vector (represented as an octet) used in the affine
- * transform described above.
- */
-
-uint8_t b = 99;
-
-
-void
-aes_init_sbox(void) {
- unsigned int i;
- uint8_t x;
-
- for (i=0; i < 256; i++) {
- x = gf2_8_compute_inverse((gf2_8)i);
- x = A_times_x_plus_b(A, x, b);
- aes_sbox[i] = x;
- aes_inv_sbox[x] = i;
- }
-}
-
-void
-aes_compute_tables(void) {
- int i;
- uint32_t x1, x2, x3;
- v32_t tmp;
-
- /* initialize substitution table */
- aes_init_sbox();
-
- /* combine sbox with linear operations to form 8-bit to 32-bit tables */
- for (i=0; i < 256; i++) {
- x1 = aes_sbox[i];
- x2 = gf2_8_shift(x1);
- x3 = x2 ^ x1;
-
- tmp.v8[0] = x2;
- tmp.v8[1] = x1;
- tmp.v8[2] = x1;
- tmp.v8[3] = x3;
- T0[i] = tmp.value;
-
- tmp.v8[0] = x3;
- tmp.v8[1] = x2;
- tmp.v8[2] = x1;
- tmp.v8[3] = x1;
- T1[i] = tmp.value;
-
- tmp.v8[0] = x1;
- tmp.v8[1] = x3;
- tmp.v8[2] = x2;
- tmp.v8[3] = x1;
- T2[i] = tmp.value;
-
- tmp.v8[0] = x1;
- tmp.v8[1] = x1;
- tmp.v8[2] = x3;
- tmp.v8[3] = x2;
- T3[i] = tmp.value;
-
- }
-}
-
-
-/*
- * the tables U0, U1, U2, U3 implement the aes operations invSubBytes,
- * invMixColumns, and invShiftRows
- */
-
-uint32_t U0[256], U1[256], U2[256], U3[256], U4[256];
-
-extern uint8_t aes_inv_sbox[256];
-
-void
-aes_compute_inv_tables(void) {
- int i;
- uint8_t x, xe, x9, xd, xb;
- v32_t tmp;
-
- /* combine sbox with linear operations to form 8-bit to 32-bit tables */
- for (i=0; i < 256; i++) {
- x = aes_inv_sbox[i];
-
- xe = gf2_8_multiply(0x0e, x);
- x9 = gf2_8_multiply(0x09, x);
- xd = gf2_8_multiply(0x0d, x);
- xb = gf2_8_multiply(0x0b, x);
-
- tmp.v8[0] = xe;
- tmp.v8[1] = x9;
- tmp.v8[2] = xd;
- tmp.v8[3] = xb;
- U0[i] = tmp.value;
-
- tmp.v8[0] = xb;
- tmp.v8[1] = xe;
- tmp.v8[2] = x9;
- tmp.v8[3] = xd;
- U1[i] = tmp.value;
-
- tmp.v8[0] = xd;
- tmp.v8[1] = xb;
- tmp.v8[2] = xe;
- tmp.v8[3] = x9;
- U2[i] = tmp.value;
-
- tmp.v8[0] = x9;
- tmp.v8[1] = xd;
- tmp.v8[2] = xb;
- tmp.v8[3] = xe;
- U3[i] = tmp.value;
-
- tmp.v8[0] = tmp.v8[1] = tmp.v8[2] = tmp.v8[3] = x;
- U4[i] = tmp.value;
- }
-}
-
-
-/*
- * aes_test_inverse() returns err_status_ok if aes
- * encryption and decryption are true inverses of each other, and
- * returns err_status_algo_fail otherwise
- */
-
-#include "err.h"
-
-err_status_t
-aes_test_inverse(void);
-
-#define TABLES_32BIT 1
-
-#ifndef HIDE_AES_TABLES_MAIN
-
-int
-main(void) {
- int i;
-
- aes_init_sbox();
- aes_compute_inv_tables();
-
-#if TABLES_32BIT
- printf("uint32_t U0 = {");
- for (i=0; i < 256; i++) {
- if ((i % 4) == 0)
- printf("\n");
- printf("0x%0x, ", U0[i]);
- }
- printf("\n}\n");
-
- printf("uint32_t U1 = {");
- for (i=0; i < 256; i++) {
- if ((i % 4) == 0)
- printf("\n");
- printf("0x%x, ", U1[i]);
- }
- printf("\n}\n");
-
- printf("uint32_t U2 = {");
- for (i=0; i < 256; i++) {
- if ((i % 4) == 0)
- printf("\n");
- printf("0x%x, ", U2[i]);
- }
- printf("\n}\n");
-
- printf("uint32_t U3 = {");
- for (i=0; i < 256; i++) {
- if ((i % 4) == 0)
- printf("\n");
- printf("0x%x, ", U3[i]);
- }
- printf("\n}\n");
-
- printf("uint32_t U4 = {");
- for (i=0; i < 256; i++) {
- if ((i % 4) == 0)
- printf("\n");
- printf("0x%x, ", U4[i]);
- }
- printf("\n}\n");
-
-#else
-
- printf("uint32_t U0 = {");
- for (i=0; i < 256; i++) {
- if ((i % 4) == 0)
- printf("\n");
- printf("0x%lx, ", U0[i]);
- }
- printf("\n}\n");
-
- printf("uint32_t U1 = {");
- for (i=0; i < 256; i++) {
- if ((i % 4) == 0)
- printf("\n");
- printf("0x%lx, ", U1[i]);
- }
- printf("\n}\n");
-
- printf("uint32_t U2 = {");
- for (i=0; i < 256; i++) {
- if ((i % 4) == 0)
- printf("\n");
- printf("0x%lx, ", U2[i]);
- }
- printf("\n}\n");
-
- printf("uint32_t U3 = {");
- for (i=0; i < 256; i++) {
- if ((i % 4) == 0)
- printf("\n");
- printf("0x%lx, ", U3[i]);
- }
- printf("\n}\n");
-
- printf("uint32_t U4 = {");
- for (i=0; i < 256; i++) {
- if ((i % 4) == 0)
- printf("\n");
- printf("0x%lx, ", U4[i]);
- }
- printf("\n}\n");
-
-
-#endif /* TABLES_32BIT */
-
-
-#if AES_INVERSE_TEST
- /*
- * test that aes_encrypt and aes_decrypt are actually
- * inverses of each other
- */
-
- printf("aes inverse test: ");
- if (aes_test_inverse() == err_status_ok)
- printf("passed\n");
- else {
- printf("failed\n");
- exit(1);
- }
-#endif
-
- return 0;
-}
-
-#endif // HIDE_AES_TABLES_MAIN
-
-#if AES_INVERSE_TEST
-
-err_status_t
-aes_test_inverse(void) {
- v128_t x, y;
- aes_expanded_key_t expanded_key, decrypt_key;
- uint8_t plaintext[16] = {
- 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
- 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
- };
- uint8_t key[16] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
- };
- v128_t k;
- v128_set_to_zero(&x);
-
- v128_copy_octet_string(&k, key);
- v128_copy_octet_string(&x, plaintext);
- aes_expand_encryption_key(k, expanded_key);
- aes_expand_decryption_key(k, decrypt_key);
- aes_encrypt(&x, expanded_key);
- aes_decrypt(&x, decrypt_key);
-
- /* compare to expected value then report */
- v128_copy_octet_string(&y, plaintext);
-
- if (v128_is_eq(&x, &y))
- return err_status_ok;
- return err_status_algo_fail;
-
-}
-
-#endif
diff --git a/test/dtls_srtp_driver.c b/test/dtls_srtp_driver.c
deleted file mode 100644
index 87058d2..0000000
--- a/test/dtls_srtp_driver.c
+++ /dev/null
@@ -1,248 +0,0 @@
-/*
- * dtls_srtp_driver.c
- *
- * test driver for DTLS-SRTP functions
- *
- * David McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <stdio.h> /* for printf() */
-#include "getopt_s.h" /* for local getopt() */
-#include "srtp_priv.h"
-
-err_status_t
-test_dtls_srtp();
-
-srtp_hdr_t *
-srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc);
-
-void
-usage(char *prog_name) {
- printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n"
- " -d <mod> turn on debugging module <mod>\n"
- " -l list debugging modules\n", prog_name);
- exit(1);
-}
-
-int
-main(int argc, char *argv[]) {
- unsigned do_list_mods = 0;
- char q;
- err_status_t err;
-
- printf("dtls_srtp_driver\n");
-
- /* initialize srtp library */
- err = srtp_init();
- if (err) {
- printf("error: srtp init failed with error code %d\n", err);
- exit(1);
- }
-
- /* process input arguments */
- while (1) {
- q = getopt_s(argc, argv, "ld:");
- if (q == -1)
- break;
- switch (q) {
- case 'l':
- do_list_mods = 1;
- break;
- case 'd':
- err = crypto_kernel_set_debug_module(optarg_s, 1);
- if (err) {
- printf("error: set debug module (%s) failed\n", optarg_s);
- exit(1);
- }
- break;
- default:
- usage(argv[0]);
- }
- }
-
- if (do_list_mods) {
- err = crypto_kernel_list_debug_modules();
- if (err) {
- printf("error: list of debug modules failed\n");
- exit(1);
- }
- }
-
- printf("testing dtls_srtp...");
- err = test_dtls_srtp();
- if (err) {
- printf("\nerror (code %d)\n", err);
- exit(1);
- }
- printf("passed\n");
-
- return 0;
-}
-
-
-err_status_t
-test_dtls_srtp() {
- srtp_hdr_t *test_packet;
- int test_packet_len = 80;
- srtp_t s;
- srtp_policy_t policy;
- uint8_t key[SRTP_MAX_KEY_LEN];
- uint8_t salt[SRTP_MAX_KEY_LEN];
- unsigned int key_len, salt_len;
- srtp_profile_t profile;
- err_status_t err;
-
- /* create a 'null' SRTP session */
- err = srtp_create(&s, NULL);
- if (err)
- return err;
-
- /*
- * verify that packet-processing functions behave properly - we
- * expect that these functions will return err_status_no_ctx
- */
- test_packet = srtp_create_test_packet(80, 0xa5a5a5a5);
- if (test_packet == NULL)
- return err_status_alloc_fail;
- err = srtp_protect(s, test_packet, &test_packet_len);
- if (err != err_status_no_ctx) {
- printf("wrong return value from srtp_protect() (got code %d)\n",
- err);
- return err_status_fail;
- }
- err = srtp_unprotect(s, test_packet, &test_packet_len);
- if (err != err_status_no_ctx) {
- printf("wrong return value from srtp_unprotect() (got code %d)\n",
- err);
- return err_status_fail;
- }
- err = srtp_protect_rtcp(s, test_packet, &test_packet_len);
- if (err != err_status_no_ctx) {
- printf("wrong return value from srtp_protect_rtcp() (got code %d)\n",
- err);
- return err_status_fail;
- }
- err = srtp_unprotect_rtcp(s, test_packet, &test_packet_len);
- if (err != err_status_no_ctx) {
- printf("wrong return value from srtp_unprotect_rtcp() (got code %d)\n",
- err);
- return err_status_fail;
- }
-
-
- /*
- * set keys to known values for testing
- */
- profile = srtp_profile_aes128_cm_sha1_80;
- key_len = srtp_profile_get_master_key_length(profile);
- salt_len = srtp_profile_get_master_salt_length(profile);
- memset(key, 0xff, key_len);
- memset(salt, 0xee, salt_len);
- append_salt_to_key(key, key_len, salt, salt_len);
- policy.key = key;
-
- /* initialize SRTP policy from profile */
- err = crypto_policy_set_from_profile_for_rtp(&policy.rtp, profile);
- if (err) return err;
- err = crypto_policy_set_from_profile_for_rtcp(&policy.rtcp, profile);
- if (err) return err;
- policy.ssrc.type = ssrc_any_inbound;
- policy.ekt = NULL;
- policy.window_size = 128;
- policy.allow_repeat_tx = 0;
- policy.next = NULL;
-
- err = srtp_add_stream(s, &policy);
- if (err)
- return err;
-
- return err_status_ok;
-}
-
-
-
-/*
- * srtp_create_test_packet(len, ssrc) returns a pointer to a
- * (malloced) example RTP packet whose data field has the length given
- * by pkt_octet_len and the SSRC value ssrc. The total length of the
- * packet is twelve octets longer, since the header is at the
- * beginning. There is room at the end of the packet for a trailer,
- * and the four octets following the packet are filled with 0xff
- * values to enable testing for overwrites.
- *
- * note that the location of the test packet can (and should) be
- * deallocated with the free() call once it is no longer needed.
- */
-
-srtp_hdr_t *
-srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc) {
- int i;
- uint8_t *buffer;
- srtp_hdr_t *hdr;
- int bytes_in_hdr = 12;
-
- /* allocate memory for test packet */
- hdr = malloc(pkt_octet_len + bytes_in_hdr
- + SRTP_MAX_TRAILER_LEN + 4);
- if (!hdr)
- return NULL;
-
- hdr->version = 2; /* RTP version two */
- hdr->p = 0; /* no padding needed */
- hdr->x = 0; /* no header extension */
- hdr->cc = 0; /* no CSRCs */
- hdr->m = 0; /* marker bit */
- hdr->pt = 0xf; /* payload type */
- hdr->seq = htons(0x1234); /* sequence number */
- hdr->ts = htonl(0xdecafbad); /* timestamp */
- hdr->ssrc = htonl(ssrc); /* synch. source */
-
- buffer = (uint8_t *)hdr;
- buffer += bytes_in_hdr;
-
- /* set RTP data to 0xab */
- for (i=0; i < pkt_octet_len; i++)
- *buffer++ = 0xab;
-
- /* set post-data value to 0xffff to enable overrun checking */
- for (i=0; i < SRTP_MAX_TRAILER_LEN+4; i++)
- *buffer++ = 0xff;
-
- return hdr;
-}
diff --git a/test/getopt_s.c b/test/getopt_s.c
deleted file mode 100644
index 243ad6e..0000000
--- a/test/getopt_s.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * getopt.c
- *
- * a minimal implementation of the getopt() function, written so that
- * test applications that use that function can run on non-POSIX
- * platforms
- *
- */
-/*
- *
- * Copyright (c) 2001-2006 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <stdlib.h> /* for NULL */
-
-int optind_s = 0;
-
-char *optarg_s;
-
-#define GETOPT_FOUND_WITHOUT_ARGUMENT 2
-#define GETOPT_FOUND_WITH_ARGUMENT 1
-#define GETOPT_NOT_FOUND 0
-
-static int
-getopt_check_character(char c, const char *string) {
- unsigned int max_string_len = 128;
-
- while (*string != 0) {
- if (max_string_len == 0) {
- return '?';
- }
- if (*string++ == c) {
- if (*string == ':') {
- return GETOPT_FOUND_WITH_ARGUMENT;
- } else {
- return GETOPT_FOUND_WITHOUT_ARGUMENT;
- }
- }
- }
- return GETOPT_NOT_FOUND;
-}
-
-int
-getopt_s(int argc,
- char * const argv[],
- const char *optstring) {
-
-
- while (optind_s + 1 < argc) {
- char *string;
-
- /* move 'string' on to next argument */
- optind_s++;
- string = argv[optind_s];
-
- if (string == NULL)
- return '?'; /* NULL argument string */
-
- if (string[0] != '-')
- return -1; /* found an unexpected character */
-
- switch(getopt_check_character(string[1], optstring)) {
- case GETOPT_FOUND_WITH_ARGUMENT:
- if (optind_s + 1 < argc) {
- optind_s++;
- optarg_s = argv[optind_s];
- return string[1];
- } else {
- return '?'; /* argument missing */
- }
- case GETOPT_FOUND_WITHOUT_ARGUMENT:
- return string[1];
- case GETOPT_NOT_FOUND:
- default:
- return '?'; /* didn't find expected character */
- break;
- }
- }
-
- return -1;
-}
diff --git a/test/lfsr.c b/test/lfsr.c
deleted file mode 100644
index 28ea02e..0000000
--- a/test/lfsr.c
+++ /dev/null
@@ -1,310 +0,0 @@
-/*
- * lfsr.c
- *
- */
-
-
-#include <stdio.h>
-#include "datatypes.h"
-
-uint32_t
-parity(uint32_t x) {
-
- x ^= (x >> 16);
- x ^= (x >> 8);
- x ^= (x >> 4);
- x ^= (x >> 2);
- x ^= (x >> 1);
-
- return x & 1;
-}
-
-
-/* typedef struct { */
-/* uint32_t register[8]; */
-/* } lfsr_t; */
-
-void
-compute_period(uint32_t feedback_polynomial) {
- int i;
- v32_t lfsr;
- v32_t mask;
-
- mask.value = feedback_polynomial;
- lfsr.value = 1;
-
- printf("polynomial: %s\t", v32_bit_string(mask));
-
- for (i=0; i < 256; i++) {
-/* printf("%s\n", v32_bit_string(lfsr)); */
- if (parity(mask.value & lfsr.value))
- lfsr.value = ((lfsr.value << 1) | 1) & 0xff;
- else
- lfsr.value = (lfsr.value << 1) & 0xff;
-
- /* now halt if we're back at the initial state */
- if (lfsr.value == 1) {
- printf("period: %d\n", i);
- break;
- }
- }
-}
-
-uint32_t poly0 = 223;
-
-
-uint32_t polynomials[39] = {
-31,
-47,
-55,
-59,
-61,
-79,
-87,
-91,
-103,
-107,
-109,
-115,
-117,
-121,
-143,
-151,
-157,
-167,
-171,
-173,
-179,
-181,
-185,
-199,
-203,
-205,
-211,
-213,
-227,
-229,
-233,
-241,
-127,
-191,
-223,
-239,
-247,
-251,
-253
-};
-
-char binary_string[32];
-
-char *
-u32_bit_string(uint32_t x, unsigned int length) {
- unsigned int mask;
- int index;
-
- mask = 1 << length;
- index = 0;
- for (; mask > 0; mask >>= 1)
- if ((x & mask) == 0)
- binary_string[index++] = '0';
- else
- binary_string[index++] = '1';
-
- binary_string[index++] = 0; /* NULL terminate string */
- return binary_string;
-}
-
-extern int octet_weight[256];
-
-unsigned int
-weight(uint32_t poly) {
- int wt = 0;
-
- /* note: endian-ness makes no difference */
- wt += octet_weight[poly & 0xff];
- wt += octet_weight[(poly >> 8) & 0xff];
- wt += octet_weight[(poly >> 16) & 0xff];
- wt += octet_weight[(poly >> 24)];
-
- return wt;
-}
-
-#define MAX_PERIOD 65535
-
-#define debug_print 0
-
-int
-period(uint32_t poly) {
- int i;
- uint32_t x;
-
-
- /* set lfsr to 1 */
- x = 1;
-#if debug_print
- printf("%d:\t%s\n", 0, u32_bit_string(x,8));
-#endif
- for (i=1; i < MAX_PERIOD; i++) {
- if (x & 1)
- x = (x >> 1) ^ poly;
- else
- x = (x >> 1);
-
-#if debug_print
- /* print for a sanity check */
- printf("%d:\t%s\n", i, u32_bit_string(x,8));
-#endif
-
- /* check for return to original value */
- if (x == 1)
- return i;
- }
- return i;
-}
-
-/*
- * weight distribution computes the weight distribution of the
- * code generated by the polynomial poly
- */
-
-#define MAX_LEN 8
-#define MAX_WEIGHT (1 << MAX_LEN)
-
-int A[MAX_WEIGHT+1];
-
-void
-weight_distribution2(uint32_t poly, int *A) {
- int i;
- uint32_t x;
-
- /* zeroize array */
- for (i=0; i < MAX_WEIGHT+1; i++)
- A[i] = 0;
-
- /* loop over all input sequences */
-
-
- /* set lfsr to 1 */
- x = 1;
-#if debug_print
- printf("%d:\t%s\n", 0, u32_bit_string(x,8));
-#endif
- for (i=1; i < MAX_PERIOD; i++) {
- if (x & 1)
- x = (x >> 1) ^ poly;
- else
- x = (x >> 1);
-
-#if debug_print
- /* print for a sanity check */
- printf("%d:\t%s\n", i, u32_bit_string(x,8));
-#endif
-
- /* increment weight */
- wt += (x & 1);
-
- /* check for return to original value */
- if (x == 1)
- break;
- }
-
- /* set zero */
- A[0] = 0;
-}
-
-
-void
-weight_distribution(uint32_t poly, int *A) {
- int i;
- uint32_t x;
-
- /* zeroize array */
- for (i=0; i < MAX_WEIGHT+1; i++)
- A[i] = 0;
-
- /* set lfsr to 1 */
- x = 1;
-#if debug_print
- printf("%d:\t%s\n", 0, u32_bit_string(x,8));
-#endif
- for (i=1; i < MAX_PERIOD; i++) {
- if (x & 1)
- x = (x >> 1) ^ poly;
- else
- x = (x >> 1);
-
-#if debug_print
- /* print for a sanity check */
- printf("%d:\t%s\n", i, u32_bit_string(x,8));
-#endif
-
- /* compute weight, increment proper element */
- A[weight(x)]++;
-
- /* check for return to original value */
- if (x == 1)
- break;
- }
-
- /* set zero */
- A[0] = 0;
-}
-
-
-
-
-int
-main () {
-
- int i,j;
- v32_t x;
- v32_t p;
-
- /* originally 0xaf */
- p.value = 0x9;
-
- printf("polynomial: %s\tperiod: %d\n",
- u32_bit_string(p.value,8), period(p.value));
-
- /* compute weight distribution */
- weight_distribution(p.value, A);
-
- /* print weight distribution */
- for (i=0; i <= 8; i++) {
- printf("A[%d]: %d\n", i, A[i]);
- }
-
-#if 0
- for (i=0; i < 39; i++) {
- printf("polynomial: %s\tperiod: %d\n",
- u32_bit_string(polynomials[i],8), period(polynomials[i]));
-
- /* compute weight distribution */
- weight_distribution(p.value, A);
-
- /* print weight distribution */
- for (j=0; j <= 8; j++) {
- printf("A[%d]: %d\n", j, A[j]);
- }
- }
-#endif
-
- {
- int bits = 8;
- uint32_t y;
- for (y=0; y < (1 << bits); y++) {
- printf("polynomial: %s\tweight: %d\tperiod: %d\n",
- u32_bit_string(y,bits), weight(y), period(y));
-
- /* compute weight distribution */
- weight_distribution(y, A);
-
- /* print weight distribution */
- for (j=0; j <= 8; j++) {
- printf("A[%d]: %d\n", j, A[j]);
- }
- }
- }
-
- return 0;
-}
diff --git a/test/rdbx_driver.c b/test/rdbx_driver.c
deleted file mode 100644
index 4991ba8..0000000
--- a/test/rdbx_driver.c
+++ /dev/null
@@ -1,345 +0,0 @@
-/*
- * rdbx_driver.c
- *
- * driver for the rdbx implementation (replay database with extended range)
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <stdio.h> /* for printf() */
-#include "getopt_s.h" /* for local getopt() */
-
-#include "rdbx.h"
-
-#ifdef ROC_TEST
-#error "rdbx_t won't work with ROC_TEST - bitmask same size as seq_median"
-#endif
-
-#include "ut_sim.h"
-
-err_status_t
-test_replay_dbx(int num_trials, unsigned long ws);
-
-double
-rdbx_check_adds_per_second(int num_trials, unsigned long ws);
-
-void
-usage(char *prog_name) {
- printf("usage: %s [ -t | -v ]\n", prog_name);
- exit(255);
-}
-
-int
-main (int argc, char *argv[]) {
- double rate;
- err_status_t status;
- char q;
- unsigned do_timing_test = 0;
- unsigned do_validation = 0;
-
- /* process input arguments */
- while (1) {
- q = getopt_s(argc, argv, "tv");
- if (q == -1)
- break;
- switch (q) {
- case 't':
- do_timing_test = 1;
- break;
- case 'v':
- do_validation = 1;
- break;
- default:
- usage(argv[0]);
- }
- }
-
- printf("rdbx (replay database w/ extended range) test driver\n"
- "David A. McGrew\n"
- "Cisco Systems, Inc.\n");
-
- if (!do_validation && !do_timing_test)
- usage(argv[0]);
-
- if (do_validation) {
- printf("testing rdbx_t (ws=128)...\n");
-
- status = test_replay_dbx(1 << 12, 128);
- if (status) {
- printf("failed\n");
- exit(1);
- }
- printf("passed\n");
-
- printf("testing rdbx_t (ws=1024)...\n");
-
- status = test_replay_dbx(1 << 12, 1024);
- if (status) {
- printf("failed\n");
- exit(1);
- }
- printf("passed\n");
- }
-
- if (do_timing_test) {
- rate = rdbx_check_adds_per_second(1 << 18, 128);
- printf("rdbx_check/replay_adds per second (ws=128): %e\n", rate);
- rate = rdbx_check_adds_per_second(1 << 18, 1024);
- printf("rdbx_check/replay_adds per second (ws=1024): %e\n", rate);
- }
-
- return 0;
-}
-
-void
-print_rdbx(rdbx_t *rdbx) {
- char buf[2048];
- printf("rdbx: {%llu, %s}\n",
- (unsigned long long)(rdbx->index),
- bitvector_bit_string(&rdbx->bitmask, buf, sizeof(buf))
-);
-}
-
-
-/*
- * rdbx_check_add(rdbx, idx) checks a known-to-be-good idx against
- * rdbx, then adds it. if a failure is detected (i.e., the check
- * indicates that the value is already in rdbx) then
- * err_status_algo_fail is returned.
- *
- */
-
-err_status_t
-rdbx_check_add(rdbx_t *rdbx, uint32_t idx) {
- int delta;
- xtd_seq_num_t est;
-
- delta = index_guess(&rdbx->index, &est, idx);
-
- if (rdbx_check(rdbx, delta) != err_status_ok) {
- printf("replay_check failed at index %u\n", idx);
- return err_status_algo_fail;
- }
-
- /*
- * in practice, we'd authenticate the packet containing idx, using
- * the estimated value est, at this point
- */
-
- if (rdbx_add_index(rdbx, delta) != err_status_ok) {
- printf("rdbx_add_index failed at index %u\n", idx);
- return err_status_algo_fail;
- }
-
- return err_status_ok;
-}
-
-/*
- * rdbx_check_expect_failure(rdbx_t *rdbx, uint32_t idx)
- *
- * checks that a sequence number idx is in the replay database
- * and thus will be rejected
- */
-
-err_status_t
-rdbx_check_expect_failure(rdbx_t *rdbx, uint32_t idx) {
- int delta;
- xtd_seq_num_t est;
- err_status_t status;
-
- delta = index_guess(&rdbx->index, &est, idx);
-
- status = rdbx_check(rdbx, delta);
- if (status == err_status_ok) {
- printf("delta: %d ", delta);
- printf("replay_check failed at index %u (false positive)\n", idx);
- return err_status_algo_fail;
- }
-
- return err_status_ok;
-}
-
-err_status_t
-rdbx_check_unordered(rdbx_t *rdbx, uint32_t idx) {
- err_status_t rstat;
-
- rstat = rdbx_check(rdbx, idx);
- if ((rstat != err_status_ok) && (rstat != err_status_replay_old)) {
- printf("replay_check_unordered failed at index %u\n", idx);
- return err_status_algo_fail;
- }
- return err_status_ok;
-}
-
-err_status_t
-test_replay_dbx(int num_trials, unsigned long ws) {
- rdbx_t rdbx;
- uint32_t idx, ircvd;
- ut_connection utc;
- err_status_t status;
- int num_fp_trials;
-
- status = rdbx_init(&rdbx, ws);
- if (status) {
- printf("replay_init failed with error code %d\n", status);
- exit(1);
- }
-
- /*
- * test sequential insertion
- */
- printf("\ttesting sequential insertion...");
- for (idx=0; idx < (uint32_t)num_trials; idx++) {
- status = rdbx_check_add(&rdbx, idx);
- if (status)
- return status;
- }
- printf("passed\n");
-
- /*
- * test for false positives by checking all of the index
- * values which we've just added
- *
- * note that we limit the number of trials here, since allowing the
- * rollover counter to roll over would defeat this test
- */
- num_fp_trials = num_trials % 0x10000;
- if (num_fp_trials == 0) {
- printf("warning: no false positive tests performed\n");
- }
- printf("\ttesting for false positives...");
- for (idx=0; idx < (uint32_t)num_fp_trials; idx++) {
- status = rdbx_check_expect_failure(&rdbx, idx);
- if (status)
- return status;
- }
- printf("passed\n");
-
- /* re-initialize */
- rdbx_uninit(&rdbx);
-
- if (rdbx_init(&rdbx, ws) != err_status_ok) {
- printf("replay_init failed\n");
- return err_status_init_fail;
- }
-
- /*
- * test non-sequential insertion
- *
- * this test covers only fase negatives, since the values returned
- * by ut_next_index(...) are distinct
- */
- ut_init(&utc);
-
- printf("\ttesting non-sequential insertion...");
- for (idx=0; idx < (uint32_t)num_trials; idx++) {
- ircvd = ut_next_index(&utc);
- status = rdbx_check_unordered(&rdbx, ircvd);
- if (status)
- return status;
- }
- printf("passed\n");
-
- /*
- * test a replay condition close to zero.
- */
- rdbx_uninit(&rdbx);
-
- if (rdbx_init(&rdbx, ws) != err_status_ok) {
- printf("replay_init failed\n");
- return err_status_init_fail;
- }
-
- printf("\ttesting replay close to zero...");
- status = rdbx_check_add(&rdbx, 1);
- if (status)
- return status;
- status = rdbx_check_expect_failure(&rdbx, 64500);
- if (status)
- return status;
- status = rdbx_check_add(&rdbx, 2);
- if (status)
- return status;
- printf("passed\n");
-
- rdbx_uninit(&rdbx);
-
- return err_status_ok;
-}
-
-
-
-#include <time.h> /* for clock() */
-#include <stdlib.h> /* for random() */
-
-double
-rdbx_check_adds_per_second(int num_trials, unsigned long ws) {
- uint32_t i;
- int delta;
- rdbx_t rdbx;
- xtd_seq_num_t est;
- clock_t timer;
- int failures; /* count number of failures */
-
- if (rdbx_init(&rdbx, ws) != err_status_ok) {
- printf("replay_init failed\n");
- exit(1);
- }
-
- failures = 0;
- timer = clock();
- for(i=0; i < (uint32_t)num_trials; i++) {
-
- delta = index_guess(&rdbx.index, &est, i);
-
- if (rdbx_check(&rdbx, delta) != err_status_ok)
- ++failures;
- else
- if (rdbx_add_index(&rdbx, delta) != err_status_ok)
- ++failures;
- }
- timer = clock() - timer;
-
- printf("number of failures: %d \n", failures);
-
- rdbx_uninit(&rdbx);
-
- return (double) CLOCKS_PER_SEC * num_trials / timer;
-}
diff --git a/test/replay_driver.c b/test/replay_driver.c
deleted file mode 100644
index 369a77a..0000000
--- a/test/replay_driver.c
+++ /dev/null
@@ -1,209 +0,0 @@
-/*
- * replay_driver.c
- *
- * A driver for the replay_database implementation
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <stdio.h>
-
-#include "rdb.h"
-#include "ut_sim.h"
-
-/*
- * num_trials defines the number of trials that are used in the
- * validation functions below
- */
-
-unsigned num_trials = 1 << 16;
-
-err_status_t
-test_rdb_db(void);
-
-double
-rdb_check_adds_per_second(void);
-
-int
-main (void) {
- err_status_t err;
-
- printf("testing anti-replay database (rdb_t)...\n");
- err = test_rdb_db();
- if (err) {
- printf("failed\n");
- exit(1);
- }
- printf("done\n");
-
- printf("rdb_check/rdb_adds per second: %e\n",
- rdb_check_adds_per_second());
-
- return 0;
-}
-
-
-void
-print_rdb(rdb_t *rdb) {
- printf("rdb: {%u, %s}\n", rdb->window_start, v128_bit_string(&rdb->bitmask));
-}
-
-err_status_t
-rdb_check_add(rdb_t *rdb, uint32_t idx) {
-
- if (rdb_check(rdb, idx) != err_status_ok) {
- printf("rdb_check failed at index %u\n", idx);
- return err_status_fail;
- }
- if (rdb_add_index(rdb, idx) != err_status_ok) {
- printf("rdb_add_index failed at index %u\n", idx);
- return err_status_fail;
- }
-
- return err_status_ok;
-}
-
-err_status_t
-rdb_check_expect_failure(rdb_t *rdb, uint32_t idx) {
- err_status_t err;
-
- err = rdb_check(rdb, idx);
- if ((err != err_status_replay_old) && (err != err_status_replay_fail)) {
- printf("rdb_check failed at index %u (false positive)\n", idx);
- return err_status_fail;
- }
-
- return err_status_ok;
-}
-
-err_status_t
-rdb_check_unordered(rdb_t *rdb, uint32_t idx) {
- err_status_t rstat;
-
- /* printf("index: %u\n", idx); */
- rstat = rdb_check(rdb, idx);
- if ((rstat != err_status_ok) && (rstat != err_status_replay_old)) {
- printf("rdb_check_unordered failed at index %u\n", idx);
- return rstat;
- }
- return err_status_ok;
-}
-
-err_status_t
-test_rdb_db() {
- rdb_t rdb;
- uint32_t idx, ircvd;
- ut_connection utc;
- err_status_t err;
-
- if (rdb_init(&rdb) != err_status_ok) {
- printf("rdb_init failed\n");
- return err_status_init_fail;
- }
-
- /* test sequential insertion */
- for (idx=0; idx < num_trials; idx++) {
- err = rdb_check_add(&rdb, idx);
- if (err)
- return err;
- }
-
- /* test for false positives */
- for (idx=0; idx < num_trials; idx++) {
- err = rdb_check_expect_failure(&rdb, idx);
- if (err)
- return err;
- }
-
- /* re-initialize */
- if (rdb_init(&rdb) != err_status_ok) {
- printf("rdb_init failed\n");
- return err_status_fail;
- }
-
- /* test non-sequential insertion */
- ut_init(&utc);
-
- for (idx=0; idx < num_trials; idx++) {
- ircvd = ut_next_index(&utc);
- err = rdb_check_unordered(&rdb, ircvd);
- if (err)
- return err;
- }
-
- return err_status_ok;
-}
-
-#include <time.h> /* for clock() */
-#include <stdlib.h> /* for random() */
-
-#define REPLAY_NUM_TRIALS 10000000
-
-double
-rdb_check_adds_per_second(void) {
- uint32_t i;
- rdb_t rdb;
- clock_t timer;
- int failures; /* count number of failures */
-
- if (rdb_init(&rdb) != err_status_ok) {
- printf("rdb_init failed\n");
- exit(1);
- }
-
- timer = clock();
- for(i=0; i < REPLAY_NUM_TRIALS; i+=3) {
- if (rdb_check(&rdb, i+2) != err_status_ok)
- ++failures;
- if (rdb_add_index(&rdb, i+2) != err_status_ok)
- ++failures;
- if (rdb_check(&rdb, i+1) != err_status_ok)
- ++failures;
- if (rdb_add_index(&rdb, i+1) != err_status_ok)
- ++failures;
- if (rdb_check(&rdb, i) != err_status_ok)
- ++failures;
- if (rdb_add_index(&rdb, i) != err_status_ok)
- ++failures;
- }
- timer = clock() - timer;
-
- return (double) CLOCKS_PER_SEC * REPLAY_NUM_TRIALS / timer;
-}
diff --git a/test/roc_driver.c b/test/roc_driver.c
deleted file mode 100644
index 396c9a7..0000000
--- a/test/roc_driver.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * roc_driver.c
- *
- * test driver for rollover counter replay implementation
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include <stdio.h>
-
-/*
- * defining ROC_TEST causes small datatypes to be used in
- * xtd_seq_num_t - this allows the functions to be exhaustively tested.
- */
-#if ROC_NEEDS_TO_BE_TESTED
-#define ROC_TEST
-#endif
-
-#include "rdbx.h"
-#include "ut_sim.h"
-
-err_status_t
-roc_test(int num_trials);
-
-int
-main (void) {
- err_status_t status;
-
- printf("rollover counter test driver\n"
- "David A. McGrew\n"
- "Cisco Systems, Inc.\n");
-
- printf("testing index functions...");
- status = roc_test(1 << 18);
- if (status) {
- printf("failed\n");
- exit(status);
- }
- printf("passed\n");
- return 0;
-}
-
-
-#define ROC_VERBOSE 0
-
-err_status_t
-roc_test(int num_trials) {
- xtd_seq_num_t local, est, ref;
- ut_connection utc;
- int i, num_bad_est = 0;
- int delta;
- uint32_t ircvd;
- double failure_rate;
-
- index_init(&local);
- index_init(&ref);
- index_init(&est);
-
- printf("\n\ttesting sequential insertion...");
- for (i=0; i < 2048; i++) {
- delta = index_guess(&local, &est, (uint16_t) ref);
-#if ROC_VERBOSE
- printf("%lld, %lld, %d\n", ref, est, i);
-#endif
- if (ref != est) {
-#if ROC_VERBOSE
- printf(" *bad estimate*\n");
-#endif
- ++num_bad_est;
- }
- index_advance(&ref, 1);
- }
- failure_rate = (double) num_bad_est / num_trials;
- if (failure_rate > 0.01) {
- printf("error: failure rate too high (%d bad estimates in %d trials)\n",
- num_bad_est, num_trials);
- return err_status_algo_fail;
- }
- printf("done\n");
-
-
- printf("\ttesting non-sequential insertion...");
- index_init(&local);
- index_init(&ref);
- index_init(&est);
- ut_init(&utc);
-
- for (i=0; i < num_trials; i++) {
-
- /* get next seq num from unreliable transport simulator */
- ircvd = ut_next_index(&utc);
-
- /* set ref to value of ircvd */
- ref = ircvd;
-
- /* estimate index based on low bits of ircvd */
- delta = index_guess(&local, &est, (uint16_t) ref);
-#if ROC_VERBOSE
- printf("ref: %lld, local: %lld, est: %lld, ircvd: %d, delta: %d\n",
- ref, local, est, ircvd, delta);
-#endif
-
- /* now update local xtd_seq_num_t as necessary */
- if (delta > 0)
- index_advance(&local, delta);
-
- if (ref != est) {
-#if ROC_VERBOSE
- printf(" *bad estimate*\n");
-#endif
- /* record failure event */
- ++num_bad_est;
-
- /* reset local value to correct value */
- local = ref;
- }
- }
- failure_rate = (double) num_bad_est / num_trials;
- if (failure_rate > 0.01) {
- printf("error: failure rate too high (%d bad estimates in %d trials)\n",
- num_bad_est, num_trials);
- return err_status_algo_fail;
- }
- printf("done\n");
-
- return err_status_ok;
-}
diff --git a/test/rtp.c b/test/rtp.c
deleted file mode 100644
index 69968f3..0000000
--- a/test/rtp.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/*
- * rtp.c
- *
- * library functions for the real-time transport protocol
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-
-
-#include "rtp_priv.h"
-
-#include <stdio.h>
-#include <string.h>
-
-#include <sys/types.h>
-#ifdef HAVE_SYS_SOCKET_H
-# include <sys/socket.h>
-#endif
-
-#define PRINT_DEBUG 0 /* set to 1 to print out debugging data */
-#define VERBOSE_DEBUG 0 /* set to 1 to print out more data */
-
-unsigned int
-rtp_sendto(rtp_sender_t sender, const void* msg, int len) {
- int octets_sent;
- err_status_t stat;
- int pkt_len = len + RTP_HEADER_LEN;
-
- /* marshal data */
- strncpy(sender->message.body, msg, len);
-
- /* update header */
- sender->message.header.seq = ntohs(sender->message.header.seq) + 1;
- sender->message.header.seq = htons(sender->message.header.seq);
- sender->message.header.ts = ntohl(sender->message.header.ts) + 1;
- sender->message.header.ts = htonl(sender->message.header.ts);
-
- /* apply srtp */
- stat = srtp_protect(sender->srtp_ctx, &sender->message.header, &pkt_len);
- if (stat) {
-#if PRINT_DEBUG
- fprintf(stderr, "error: srtp protection failed with code %d\n", stat);
-#endif
- return -1;
- }
-#if VERBOSE_DEBUG
- srtp_print_packet(&sender->message.header, pkt_len);
-#endif
- octets_sent = sendto(sender->socket, (void*)&sender->message,
- pkt_len, 0, (struct sockaddr *)&sender->addr,
- sizeof (struct sockaddr_in));
-
- if (octets_sent != pkt_len) {
-#if PRINT_DEBUG
- fprintf(stderr, "error: couldn't send message %s", (char *)msg);
- perror("");
-#endif
- }
-
- return octets_sent;
-}
-
-unsigned int
-rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len) {
- int octets_recvd;
- err_status_t stat;
-
- octets_recvd = recvfrom(receiver->socket, (void *)&receiver->message,
- *len, 0, (struct sockaddr *) NULL, 0);
-
- /* verify rtp header */
- if (receiver->message.header.version != 2) {
- *len = 0;
- return -1;
- }
-
-#if PRINT_DEBUG
- fprintf(stderr, "%d octets received from SSRC %u\n",
- octets_recvd, receiver->message.header.ssrc);
-#endif
-#if VERBOSE_DEBUG
- srtp_print_packet(&receiver->message.header, octets_recvd);
-#endif
-
- /* apply srtp */
- stat = srtp_unprotect(receiver->srtp_ctx,
- &receiver->message.header, &octets_recvd);
- if (stat) {
- fprintf(stderr,
- "error: srtp unprotection failed with code %d%s\n", stat,
- stat == err_status_replay_fail ? " (replay check failed)" :
- stat == err_status_auth_fail ? " (auth check failed)" : "");
- return -1;
- }
- strncpy(msg, receiver->message.body, octets_recvd);
-
- return octets_recvd;
-}
-
-int
-rtp_sender_init(rtp_sender_t sender,
- int socket,
- struct sockaddr_in addr,
- unsigned int ssrc) {
-
- /* set header values */
- sender->message.header.ssrc = htonl(ssrc);
- sender->message.header.ts = 0;
- sender->message.header.seq = (uint16_t) rand();
- sender->message.header.m = 0;
- sender->message.header.pt = 0x1;
- sender->message.header.version = 2;
- sender->message.header.p = 0;
- sender->message.header.x = 0;
- sender->message.header.cc = 0;
-
- /* set other stuff */
- sender->socket = socket;
- sender->addr = addr;
-
- return 0;
-}
-
-int
-rtp_receiver_init(rtp_receiver_t rcvr,
- int socket,
- struct sockaddr_in addr,
- unsigned int ssrc) {
-
- /* set header values */
- rcvr->message.header.ssrc = htonl(ssrc);
- rcvr->message.header.ts = 0;
- rcvr->message.header.seq = 0;
- rcvr->message.header.m = 0;
- rcvr->message.header.pt = 0x1;
- rcvr->message.header.version = 2;
- rcvr->message.header.p = 0;
- rcvr->message.header.x = 0;
- rcvr->message.header.cc = 0;
-
- /* set other stuff */
- rcvr->socket = socket;
- rcvr->addr = addr;
-
- return 0;
-}
-
-int
-rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy) {
- return srtp_create(&sender->srtp_ctx, policy);
-}
-
-int
-rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy) {
- return srtp_create(&sender->srtp_ctx, policy);
-}
-
-rtp_sender_t
-rtp_sender_alloc() {
- return (rtp_sender_t)malloc(sizeof(rtp_sender_ctx_t));
-}
-
-rtp_receiver_t
-rtp_receiver_alloc() {
- return (rtp_receiver_t)malloc(sizeof(rtp_receiver_ctx_t));
-}
diff --git a/test/rtpw.c b/test/rtpw.c
deleted file mode 100644
index b0cc048..0000000
--- a/test/rtpw.c
+++ /dev/null
@@ -1,523 +0,0 @@
-/*
- * rtpw.c
- *
- * rtp word sender/receiver
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- *
- * This app is a simple RTP application intended only for testing
- * libsrtp. It reads one word at a time from /usr/dict/words (or
- * whatever file is specified as DICT_FILE), and sends one word out
- * each USEC_RATE microseconds. Secure RTP protections can be
- * applied. See the usage() function for more details.
- *
- */
-
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include "datatypes.h"
-#include "getopt_s.h" /* for local getopt() */
-
-#include <stdio.h> /* for printf, fprintf */
-#include <stdlib.h> /* for atoi() */
-#include <errno.h>
-#include <unistd.h> /* for close() */
-
-#include <string.h> /* for strncpy() */
-#include <time.h> /* for usleep() */
-#ifdef HAVE_SYS_SOCKET_H
-# include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#elif defined HAVE_WINSOCK2_H
-# include <winsock2.h>
-# include <ws2tcpip.h>
-# define RTPW_USE_WINSOCK2 1
-#endif
-#ifdef HAVE_ARPA_INET_H
-# include <arpa/inet.h>
-#endif
-
-#include "srtp.h"
-#include "rtp.h"
-
-#ifdef RTPW_USE_WINSOCK2
-# define DICT_FILE "words.txt"
-#else
-# define DICT_FILE "/usr/share/dict/words"
-#endif
-#define USEC_RATE (5e5)
-#define MAX_WORD_LEN 128
-#define ADDR_IS_MULTICAST(a) IN_MULTICAST(htonl(a))
-#define MAX_KEY_LEN 64
-#define MASTER_KEY_LEN 30
-
-
-#ifndef HAVE_USLEEP
-# ifdef HAVE_WINDOWS_H
-# define usleep(us) Sleep((us)/1000)
-# else
-# define usleep(us) sleep((us)/1000000)
-# endif
-#endif
-
-
-/*
- * the function usage() prints an error message describing how this
- * program should be called, then calls exit()
- */
-
-void
-usage(char *prog_name);
-
-/*
- * leave_group(...) de-registers from a multicast group
- */
-
-void
-leave_group(int sock, struct ip_mreq mreq, char *name);
-
-
-/*
- * program_type distinguishes the [s]rtp sender and receiver cases
- */
-
-typedef enum { sender, receiver, unknown } program_type;
-
-int
-main (int argc, char *argv[]) {
- char *dictfile = DICT_FILE;
- FILE *dict;
- char word[MAX_WORD_LEN];
- int sock, ret;
- struct in_addr rcvr_addr;
- struct sockaddr_in name;
- struct ip_mreq mreq;
-#if BEW
- struct sockaddr_in local;
-#endif
- program_type prog_type = unknown;
- sec_serv_t sec_servs = sec_serv_none;
- unsigned char ttl = 5;
- int c;
- char *input_key = NULL;
- char *address = NULL;
- char key[MAX_KEY_LEN];
- unsigned short port = 0;
- rtp_sender_t snd;
- srtp_policy_t policy;
- err_status_t status;
- int len;
- int do_list_mods = 0;
- uint32_t ssrc = 0xdeadbeef; /* ssrc value hardcoded for now */
-#ifdef RTPW_USE_WINSOCK2
- WORD wVersionRequested = MAKEWORD(2, 0);
- WSADATA wsaData;
-
- ret = WSAStartup(wVersionRequested, &wsaData);
- if (ret != 0) {
- fprintf(stderr, "error: WSAStartup() failed: %d\n", ret);
- exit(1);
- }
-#endif
-
- /* initialize srtp library */
- status = srtp_init();
- if (status) {
- printf("error: srtp initialization failed with error code %d\n", status);
- exit(1);
- }
-
- /* check args */
- while (1) {
- c = getopt_s(argc, argv, "k:rsaeld:");
- if (c == -1) {
- break;
- }
- switch (c) {
- case 'k':
- input_key = optarg_s;
- break;
- case 'e':
- sec_servs |= sec_serv_conf;
- break;
- case 'a':
- sec_servs |= sec_serv_auth;
- break;
- case 'r':
- prog_type = receiver;
- break;
- case 's':
- prog_type = sender;
- break;
- case 'd':
- status = crypto_kernel_set_debug_module(optarg_s, 1);
- if (status) {
- printf("error: set debug module (%s) failed\n", optarg_s);
- exit(1);
- }
- break;
- case 'l':
- do_list_mods = 1;
- break;
- default:
- usage(argv[0]);
- }
- }
-
- if (prog_type == unknown) {
- if (do_list_mods) {
- status = crypto_kernel_list_debug_modules();
- if (status) {
- printf("error: list of debug modules failed\n");
- exit(1);
- }
- return 0;
- } else {
- printf("error: neither sender [-s] nor receiver [-r] specified\n");
- usage(argv[0]);
- }
- }
-
- if ((sec_servs && !input_key) || (!sec_servs && input_key)) {
- /*
- * a key must be provided if and only if security services have
- * been requested
- */
- usage(argv[0]);
- }
-
- if (argc != optind_s + 2) {
- /* wrong number of arguments */
- usage(argv[0]);
- }
-
- /* get address from arg */
- address = argv[optind_s++];
-
- /* get port from arg */
- port = atoi(argv[optind_s++]);
-
- /* set address */
-#ifdef HAVE_INET_ATON
- if (0 == inet_aton(address, &rcvr_addr)) {
- fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], address);
- exit(1);
- }
- if (rcvr_addr.s_addr == INADDR_NONE) {
- fprintf(stderr, "%s: address error", argv[0]);
- exit(1);
- }
-#else
- rcvr_addr.s_addr = inet_addr(address);
- if (0xffffffff == rcvr_addr.s_addr) {
- fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], address);
- exit(1);
- }
-#endif
-
- /* open socket */
- sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
- if (sock < 0) {
- int err;
-#ifdef RTPW_USE_WINSOCK2
- err = WSAGetLastError();
-#else
- err = errno;
-#endif
- fprintf(stderr, "%s: couldn't open socket: %d\n", argv[0], err);
- exit(1);
- }
-
- name.sin_addr = rcvr_addr;
- name.sin_family = PF_INET;
- name.sin_port = htons(port);
-
- if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) {
- if (prog_type == sender) {
- ret = setsockopt(sock, IPPROTO_IP, IP_MULTICAST_TTL, &ttl,
- sizeof(ttl));
- if (ret < 0) {
- fprintf(stderr, "%s: Failed to set TTL for multicast group", argv[0]);
- perror("");
- exit(1);
- }
- }
-
- mreq.imr_multiaddr.s_addr = rcvr_addr.s_addr;
- mreq.imr_interface.s_addr = htonl(INADDR_ANY);
- ret = setsockopt(sock, IPPROTO_IP, IP_ADD_MEMBERSHIP, (void*)&mreq,
- sizeof(mreq));
- if (ret < 0) {
- fprintf(stderr, "%s: Failed to join multicast group", argv[0]);
- perror("");
- exit(1);
- }
- }
-
- /* report security services selected on the command line */
- printf("security services: ");
- if (sec_servs & sec_serv_conf)
- printf("confidentiality ");
- if (sec_servs & sec_serv_auth)
- printf("message authentication");
- if (sec_servs == sec_serv_none)
- printf("none");
- printf("\n");
-
- /* set up the srtp policy and master key */
- if (sec_servs) {
- /*
- * create policy structure, using the default mechanisms but
- * with only the security services requested on the command line,
- * using the right SSRC value
- */
- switch (sec_servs) {
- case sec_serv_conf_and_auth:
- crypto_policy_set_rtp_default(&policy.rtp);
- crypto_policy_set_rtcp_default(&policy.rtcp);
- break;
- case sec_serv_conf:
- crypto_policy_set_aes_cm_128_null_auth(&policy.rtp);
- crypto_policy_set_rtcp_default(&policy.rtcp);
- break;
- case sec_serv_auth:
- crypto_policy_set_null_cipher_hmac_sha1_80(&policy.rtp);
- crypto_policy_set_rtcp_default(&policy.rtcp);
- break;
- default:
- printf("error: unknown security service requested\n");
- return -1;
- }
- policy.ssrc.type = ssrc_specific;
- policy.ssrc.value = ssrc;
- policy.key = (uint8_t *) key;
- policy.next = NULL;
- policy.window_size = 128;
- policy.allow_repeat_tx = 0;
- policy.rtp.sec_serv = sec_servs;
- policy.rtcp.sec_serv = sec_serv_none; /* we don't do RTCP anyway */
-
- /*
- * read key from hexadecimal on command line into an octet string
- */
- len = hex_string_to_octet_string(key, input_key, MASTER_KEY_LEN*2);
-
- /* check that hex string is the right length */
- if (len < MASTER_KEY_LEN*2) {
- fprintf(stderr,
- "error: too few digits in key/salt "
- "(should be %d hexadecimal digits, found %d)\n",
- MASTER_KEY_LEN*2, len);
- exit(1);
- }
- if (strlen(input_key) > MASTER_KEY_LEN*2) {
- fprintf(stderr,
- "error: too many digits in key/salt "
- "(should be %d hexadecimal digits, found %u)\n",
- MASTER_KEY_LEN*2, (unsigned)strlen(input_key));
- exit(1);
- }
-
- printf("set master key/salt to %s/", octet_string_hex_string(key, 16));
- printf("%s\n", octet_string_hex_string(key+16, 14));
-
- } else {
- /*
- * we're not providing security services, so set the policy to the
- * null policy
- *
- * Note that this policy does not conform to the SRTP
- * specification, since RTCP authentication is required. However,
- * the effect of this policy is to turn off SRTP, so that this
- * application is now a vanilla-flavored RTP application.
- */
- policy.key = (uint8_t *)key;
- policy.ssrc.type = ssrc_specific;
- policy.ssrc.value = ssrc;
- policy.rtp.cipher_type = NULL_CIPHER;
- policy.rtp.cipher_key_len = 0;
- policy.rtp.auth_type = NULL_AUTH;
- policy.rtp.auth_key_len = 0;
- policy.rtp.auth_tag_len = 0;
- policy.rtp.sec_serv = sec_serv_none;
- policy.rtcp.cipher_type = NULL_CIPHER;
- policy.rtcp.cipher_key_len = 0;
- policy.rtcp.auth_type = NULL_AUTH;
- policy.rtcp.auth_key_len = 0;
- policy.rtcp.auth_tag_len = 0;
- policy.rtcp.sec_serv = sec_serv_none;
- policy.window_size = 0;
- policy.allow_repeat_tx = 0;
- policy.next = NULL;
- }
-
- if (prog_type == sender) {
-
-#if BEW
- /* bind to local socket (to match crypto policy, if need be) */
- memset(&local, 0, sizeof(struct sockaddr_in));
- local.sin_addr.s_addr = htonl(INADDR_ANY);
- local.sin_port = htons(port);
- ret = bind(sock, (struct sockaddr *) &local, sizeof(struct sockaddr_in));
- if (ret < 0) {
- fprintf(stderr, "%s: bind failed\n", argv[0]);
- perror("");
- exit(1);
- }
-#endif /* BEW */
-
- /* initialize sender's rtp and srtp contexts */
- snd = rtp_sender_alloc();
- if (snd == NULL) {
- fprintf(stderr, "error: malloc() failed\n");
- exit(1);
- }
- rtp_sender_init(snd, sock, name, ssrc);
- status = rtp_sender_init_srtp(snd, &policy);
- if (status) {
- fprintf(stderr,
- "error: srtp_create() failed with code %d\n",
- status);
- exit(1);
- }
-
- /* open dictionary */
- dict = fopen (dictfile, "r");
- if (dict == NULL) {
- fprintf(stderr, "%s: couldn't open file %s\n", argv[0], dictfile);
- if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) {
- leave_group(sock, mreq, argv[0]);
- }
- exit(1);
- }
-
- /* read words from dictionary, then send them off */
- while (fgets(word, MAX_WORD_LEN, dict) != NULL) {
- len = strlen(word) + 1; /* plus one for null */
-
- if (len > MAX_WORD_LEN)
- printf("error: word %s too large to send\n", word);
- else {
- rtp_sendto(snd, word, len);
- printf("sending word: %s", word);
- }
- usleep(USEC_RATE);
- }
-
- } else { /* prog_type == receiver */
- rtp_receiver_t rcvr;
-
- if (bind(sock, (struct sockaddr *)&name, sizeof(name)) < 0) {
- close(sock);
- fprintf(stderr, "%s: socket bind error\n", argv[0]);
- perror(NULL);
- if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) {
- leave_group(sock, mreq, argv[0]);
- }
- exit(1);
- }
-
- rcvr = rtp_receiver_alloc();
- if (rcvr == NULL) {
- fprintf(stderr, "error: malloc() failed\n");
- exit(1);
- }
- rtp_receiver_init(rcvr, sock, name, ssrc);
- status = rtp_receiver_init_srtp(rcvr, &policy);
- if (status) {
- fprintf(stderr,
- "error: srtp_create() failed with code %d\n",
- status);
- exit(1);
- }
-
- /* get next word and loop */
- while (1) {
- len = MAX_WORD_LEN;
- if (rtp_recvfrom(rcvr, word, &len) > -1)
- printf("\tword: %s", word);
- }
-
- }
-
- if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) {
- leave_group(sock, mreq, argv[0]);
- }
-
-#ifdef RTPW_USE_WINSOCK2
- WSACleanup();
-#endif
-
- return 0;
-}
-
-
-void
-usage(char *string) {
-
- printf("usage: %s [-d <debug>]* [-k <key> [-a][-e]] "
- "[-s | -r] dest_ip dest_port\n"
- "or %s -l\n"
- "where -a use message authentication\n"
- " -e use encryption\n"
- " -k <key> sets the srtp master key\n"
- " -s act as rtp sender\n"
- " -r act as rtp receiver\n"
- " -l list debug modules\n"
- " -d <debug> turn on debugging for module <debug>\n",
- string, string);
- exit(1);
-
-}
-
-
-void
-leave_group(int sock, struct ip_mreq mreq, char *name) {
- int ret;
-
- ret = setsockopt(sock, IPPROTO_IP, IP_DROP_MEMBERSHIP, (void*)&mreq,
- sizeof(mreq));
- if (ret < 0) {
- fprintf(stderr, "%s: Failed to leave multicast group", name);
- perror("");
- }
-}
-
diff --git a/test/rtpw_test.sh b/test/rtpw_test.sh
deleted file mode 100644
index 6587bf5..0000000
--- a/test/rtpw_test.sh
+++ /dev/null
@@ -1,77 +0,0 @@
-#!/bin/sh
-#
-# usage: rtpw_test <rtpw_commands>
-#
-# tests the rtpw sender and receiver functions
-
-RTPW=./rtpw
-DEST_PORT=9999
-DURATION=3
-
-key=2b2edc5034f61a72345ca5986d7bfd0189aa6dc2ecab32fd9af74df6dfc6
-
-ARGS="-k $key -ae"
-
-# First, we run "killall" to get rid of all existing rtpw processes.
-# This step also enables this script to clean up after itself; if this
-# script is interrupted after the rtpw processes are started but before
-# they are killed, those processes will linger. Re-running the script
-# will get rid of them.
-
-killall rtpw 2>/dev/null
-
-if test -x $RTPW; then
-
-echo $0 ": starting rtpw receiver process... "
-
-$RTPW $* $ARGS -r 0.0.0.0 $DEST_PORT &
-
-receiver_pid=$!
-
-echo $0 ": receiver PID = $receiver_pid"
-
-sleep 1
-
-# verify that the background job is running
-ps | grep -q $receiver_pid
-retval=$?
-echo $retval
-if [ $retval != 0 ]; then
- echo $0 ": error"
- exit 254
-fi
-
-echo $0 ": starting rtpw sender process..."
-
-$RTPW $* $ARGS -s 127.0.0.1 $DEST_PORT &
-
-sender_pid=$!
-
-echo $0 ": sender PID = $sender_pid"
-
-# verify that the background job is running
-ps | grep -q $sender_pid
-retval=$?
-echo $retval
-if [ $retval != 0 ]; then
- echo $0 ": error"
- exit 255
-fi
-
-sleep $DURATION
-
-kill $receiver_pid
-kill $sender_pid
-
-echo $0 ": done (test passed)"
-
-else
-
-echo "error: can't find executable" $RTPW
-exit 1
-
-fi
-
-# EOF
-
-
diff --git a/test/srtp_driver.c b/test/srtp_driver.c
deleted file mode 100644
index 3c97072..0000000
--- a/test/srtp_driver.c
+++ /dev/null
@@ -1,1566 +0,0 @@
-/*
- * srtp_driver.c
- *
- * a test driver for libSRTP
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
-/*
- *
- * Copyright (c) 2001-2006, Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-
-#include <string.h> /* for memcpy() */
-#include <time.h> /* for clock() */
-#include <stdlib.h> /* for malloc(), free() */
-#include <stdio.h> /* for print(), fflush() */
-#include "getopt_s.h" /* for local getopt() */
-
-#include "srtp_priv.h"
-
-#ifdef HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#elif defined HAVE_WINSOCK2_H
-# include <winsock2.h>
-#endif
-
-#define PRINT_REFERENCE_PACKET 1
-
-err_status_t
-srtp_validate(void);
-
-err_status_t
-srtp_create_big_policy(srtp_policy_t **list);
-
-err_status_t
-srtp_test_remove_stream(void);
-
-double
-srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy);
-
-double
-srtp_rejections_per_second(int msg_len_octets, const srtp_policy_t *policy);
-
-void
-srtp_do_timing(const srtp_policy_t *policy);
-
-void
-srtp_do_rejection_timing(const srtp_policy_t *policy);
-
-err_status_t
-srtp_test(const srtp_policy_t *policy);
-
-err_status_t
-srtcp_test(const srtp_policy_t *policy);
-
-err_status_t
-srtp_session_print_policy(srtp_t srtp);
-
-err_status_t
-srtp_print_policy(const srtp_policy_t *policy);
-
-char *
-srtp_packet_to_string(srtp_hdr_t *hdr, int packet_len);
-
-double
-mips_estimate(int num_trials, int *ignore);
-
-extern uint8_t test_key[30];
-
-void
-usage(char *prog_name) {
- printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n"
- " -t run timing test\n"
- " -r run rejection timing test\n"
- " -c run codec timing test\n"
- " -v run validation tests\n"
- " -d <mod> turn on debugging module <mod>\n"
- " -l list debugging modules\n", prog_name);
- exit(1);
-}
-
-/*
- * The policy_array is a null-terminated array of policy structs. it
- * is declared at the end of this file
- */
-
-extern const srtp_policy_t *policy_array[];
-
-
-/* the wildcard_policy is declared below; it has a wildcard ssrc */
-
-extern const srtp_policy_t wildcard_policy;
-
-/*
- * mod_driver debug module - debugging module for this test driver
- *
- * we use the crypto_kernel debugging system in this driver, which
- * makes the interface uniform and increases portability
- */
-
-debug_module_t mod_driver = {
- 0, /* debugging is off by default */
- "driver" /* printable name for module */
-};
-
-int
-main (int argc, char *argv[]) {
- int q;
- unsigned do_timing_test = 0;
- unsigned do_rejection_test = 0;
- unsigned do_codec_timing = 0;
- unsigned do_validation = 0;
- unsigned do_list_mods = 0;
- err_status_t status;
-
- /*
- * verify that the compiler has interpreted the header data
- * structure srtp_hdr_t correctly
- */
- if (sizeof(srtp_hdr_t) != 12) {
- printf("error: srtp_hdr_t has incorrect size"
- "(size is %ld bytes, expected 12)\n",
- (long)sizeof(srtp_hdr_t));
- exit(1);
- }
-
- /* initialize srtp library */
- status = srtp_init();
- if (status) {
- printf("error: srtp init failed with error code %d\n", status);
- exit(1);
- }
-
- /* load srtp_driver debug module */
- status = crypto_kernel_load_debug_module(&mod_driver);
- if (status) {
- printf("error: load of srtp_driver debug module failed "
- "with error code %d\n", status);
- exit(1);
- }
-
- /* process input arguments */
- while (1) {
- q = getopt_s(argc, argv, "trcvld:");
- if (q == -1)
- break;
- switch (q) {
- case 't':
- do_timing_test = 1;
- break;
- case 'r':
- do_rejection_test = 1;
- break;
- case 'c':
- do_codec_timing = 1;
- break;
- case 'v':
- do_validation = 1;
- break;
- case 'l':
- do_list_mods = 1;
- break;
- case 'd':
- status = crypto_kernel_set_debug_module(optarg_s, 1);
- if (status) {
- printf("error: set debug module (%s) failed\n", optarg_s);
- exit(1);
- }
- break;
- default:
- usage(argv[0]);
- }
- }
-
- if (!do_validation && !do_timing_test && !do_codec_timing
- && !do_list_mods && !do_rejection_test)
- usage(argv[0]);
-
- if (do_list_mods) {
- status = crypto_kernel_list_debug_modules();
- if (status) {
- printf("error: list of debug modules failed\n");
- exit(1);
- }
- }
-
- if (do_validation) {
- const srtp_policy_t **policy = policy_array;
- srtp_policy_t *big_policy;
-
- /* loop over policy array, testing srtp and srtcp for each policy */
- while (*policy != NULL) {
- printf("testing srtp_protect and srtp_unprotect\n");
- if (srtp_test(*policy) == err_status_ok)
- printf("passed\n\n");
- else {
- printf("failed\n");
- exit(1);
- }
- printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp\n");
- if (srtcp_test(*policy) == err_status_ok)
- printf("passed\n\n");
- else {
- printf("failed\n");
- exit(1);
- }
- policy++;
- }
-
- /* create a big policy list and run tests on it */
- status = srtp_create_big_policy(&big_policy);
- if (status) {
- printf("unexpected failure with error code %d\n", status);
- exit(1);
- }
- printf("testing srtp_protect and srtp_unprotect with big policy\n");
- if (srtp_test(big_policy) == err_status_ok)
- printf("passed\n\n");
- else {
- printf("failed\n");
- exit(1);
- }
-
- /* run test on wildcard policy */
- printf("testing srtp_protect and srtp_unprotect on "
- "wildcard ssrc policy\n");
- if (srtp_test(&wildcard_policy) == err_status_ok)
- printf("passed\n\n");
- else {
- printf("failed\n");
- exit(1);
- }
-
- /*
- * run validation test against the reference packets - note
- * that this test only covers the default policy
- */
- printf("testing srtp_protect and srtp_unprotect against "
- "reference packets\n");
- if (srtp_validate() == err_status_ok)
- printf("passed\n\n");
- else {
- printf("failed\n");
- exit(1);
- }
-
- /*
- * test the function srtp_remove_stream()
- */
- printf("testing srtp_remove_stream()...");
- if (srtp_test_remove_stream() == err_status_ok)
- printf("passed\n");
- else {
- printf("failed\n");
- exit(1);
- }
- }
-
- if (do_timing_test) {
- const srtp_policy_t **policy = policy_array;
-
- /* loop over policies, run timing test for each */
- while (*policy != NULL) {
- srtp_print_policy(*policy);
- srtp_do_timing(*policy);
- policy++;
- }
- }
-
- if (do_rejection_test) {
- const srtp_policy_t **policy = policy_array;
-
- /* loop over policies, run rejection timing test for each */
- while (*policy != NULL) {
- srtp_print_policy(*policy);
- srtp_do_rejection_timing(*policy);
- policy++;
- }
- }
-
- if (do_codec_timing) {
- srtp_policy_t policy;
- int ignore;
- double mips = mips_estimate(1000000000, &ignore);
-
- crypto_policy_set_rtp_default(&policy.rtp);
- crypto_policy_set_rtcp_default(&policy.rtcp);
- policy.ssrc.type = ssrc_specific;
- policy.ssrc.value = 0xdecafbad;
- policy.key = test_key;
- policy.ekt = NULL;
- policy.window_size = 128;
- policy.allow_repeat_tx = 0;
- policy.next = NULL;
-
- printf("mips estimate: %e\n", mips);
-
- printf("testing srtp processing time for voice codecs:\n");
- printf("codec\t\tlength (octets)\t\tsrtp instructions/second\n");
- printf("G.711\t\t%d\t\t\t%e\n", 80,
- (double) mips * (80 * 8) /
- srtp_bits_per_second(80, &policy) / .01 );
- printf("G.711\t\t%d\t\t\t%e\n", 160,
- (double) mips * (160 * 8) /
- srtp_bits_per_second(160, &policy) / .02);
- printf("G.726-32\t%d\t\t\t%e\n", 40,
- (double) mips * (40 * 8) /
- srtp_bits_per_second(40, &policy) / .01 );
- printf("G.726-32\t%d\t\t\t%e\n", 80,
- (double) mips * (80 * 8) /
- srtp_bits_per_second(80, &policy) / .02);
- printf("G.729\t\t%d\t\t\t%e\n", 10,
- (double) mips * (10 * 8) /
- srtp_bits_per_second(10, &policy) / .01 );
- printf("G.729\t\t%d\t\t\t%e\n", 20,
- (double) mips * (20 * 8) /
- srtp_bits_per_second(20, &policy) / .02 );
- printf("Wideband\t%d\t\t\t%e\n", 320,
- (double) mips * (320 * 8) /
- srtp_bits_per_second(320, &policy) / .01 );
- printf("Wideband\t%d\t\t\t%e\n", 640,
- (double) mips * (640 * 8) /
- srtp_bits_per_second(640, &policy) / .02 );
- }
-
- return 0;
-}
-
-
-
-/*
- * srtp_create_test_packet(len, ssrc) returns a pointer to a
- * (malloced) example RTP packet whose data field has the length given
- * by pkt_octet_len and the SSRC value ssrc. The total length of the
- * packet is twelve octets longer, since the header is at the
- * beginning. There is room at the end of the packet for a trailer,
- * and the four octets following the packet are filled with 0xff
- * values to enable testing for overwrites.
- *
- * note that the location of the test packet can (and should) be
- * deallocated with the free() call once it is no longer needed.
- */
-
-srtp_hdr_t *
-srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc) {
- int i;
- uint8_t *buffer;
- srtp_hdr_t *hdr;
- int bytes_in_hdr = 12;
-
- /* allocate memory for test packet */
- hdr = (srtp_hdr_t*) malloc(pkt_octet_len + bytes_in_hdr
- + SRTP_MAX_TRAILER_LEN + 4);
- if (!hdr)
- return NULL;
-
- hdr->version = 2; /* RTP version two */
- hdr->p = 0; /* no padding needed */
- hdr->x = 0; /* no header extension */
- hdr->cc = 0; /* no CSRCs */
- hdr->m = 0; /* marker bit */
- hdr->pt = 0xf; /* payload type */
- hdr->seq = htons(0x1234); /* sequence number */
- hdr->ts = htonl(0xdecafbad); /* timestamp */
- hdr->ssrc = htonl(ssrc); /* synch. source */
-
- buffer = (uint8_t *)hdr;
- buffer += bytes_in_hdr;
-
- /* set RTP data to 0xab */
- for (i=0; i < pkt_octet_len; i++)
- *buffer++ = 0xab;
-
- /* set post-data value to 0xffff to enable overrun checking */
- for (i=0; i < SRTP_MAX_TRAILER_LEN+4; i++)
- *buffer++ = 0xff;
-
- return hdr;
-}
-
-void
-srtp_do_timing(const srtp_policy_t *policy) {
- int len;
-
- /*
- * note: the output of this function is formatted so that it
- * can be used in gnuplot. '#' indicates a comment, and "\r\n"
- * terminates a record
- */
-
- printf("# testing srtp throughput:\r\n");
- printf("# mesg length (octets)\tthroughput (megabits per second)\r\n");
-
- for (len=16; len <= 2048; len *= 2)
- printf("%d\t\t\t%f\r\n", len,
- srtp_bits_per_second(len, policy) / 1.0E6);
-
- /* these extra linefeeds let gnuplot know that a dataset is done */
- printf("\r\n\r\n");
-
-}
-
-void
-srtp_do_rejection_timing(const srtp_policy_t *policy) {
- int len;
-
- /*
- * note: the output of this function is formatted so that it
- * can be used in gnuplot. '#' indicates a comment, and "\r\n"
- * terminates a record
- */
-
- printf("# testing srtp rejection throughput:\r\n");
- printf("# mesg length (octets)\trejections per second\r\n");
-
- for (len=8; len <= 2048; len *= 2)
- printf("%d\t\t\t%e\r\n", len, srtp_rejections_per_second(len, policy));
-
- /* these extra linefeeds let gnuplot know that a dataset is done */
- printf("\r\n\r\n");
-
-}
-
-
-#define MAX_MSG_LEN 1024
-
-double
-srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy) {
- srtp_t srtp;
- srtp_hdr_t *mesg;
- int i;
- clock_t timer;
- int num_trials = 100000;
- int len;
- uint32_t ssrc;
- err_status_t status;
-
- /*
- * allocate and initialize an srtp session
- */
- status = srtp_create(&srtp, policy);
- if (status) {
- printf("error: srtp_create() failed with error code %d\n", status);
- exit(1);
- }
-
- /*
- * if the ssrc is unspecified, use a predetermined one
- */
- if (policy->ssrc.type != ssrc_specific) {
- ssrc = 0xdeadbeef;
- } else {
- ssrc = policy->ssrc.value;
- }
-
- /*
- * create a test packet
- */
- mesg = srtp_create_test_packet(msg_len_octets, ssrc);
- if (mesg == NULL)
- return 0.0; /* indicate failure by returning zero */
-
- timer = clock();
- for (i=0; i < num_trials; i++) {
- err_status_t status;
- len = msg_len_octets + 12; /* add in rtp header length */
-
- /* srtp protect message */
- status = srtp_protect(srtp, mesg, &len);
- if (status) {
- printf("error: srtp_protect() failed with error code %d\n", status);
- exit(1);
- }
-
- /* increment message number */
- mesg->seq = htons(ntohs(mesg->seq) + 1);
-
- }
- timer = clock() - timer;
-
- free(mesg);
-
- return (double) (msg_len_octets) * 8 *
- num_trials * CLOCKS_PER_SEC / timer;
-}
-
-double
-srtp_rejections_per_second(int msg_len_octets, const srtp_policy_t *policy) {
- srtp_ctx_t *srtp;
- srtp_hdr_t *mesg;
- int i;
- int len;
- clock_t timer;
- int num_trials = 1000000;
- uint32_t ssrc = policy->ssrc.value;
- err_status_t status;
-
- /*
- * allocate and initialize an srtp session
- */
- status = srtp_create(&srtp, policy);
- if (status) {
- printf("error: srtp_create() failed with error code %d\n", status);
- exit(1);
- }
-
- mesg = srtp_create_test_packet(msg_len_octets, ssrc);
- if (mesg == NULL)
- return 0.0; /* indicate failure by returning zero */
-
- len = msg_len_octets;
- srtp_protect(srtp, (srtp_hdr_t *)mesg, &len);
-
- timer = clock();
- for (i=0; i < num_trials; i++) {
- len = msg_len_octets;
- srtp_unprotect(srtp, (srtp_hdr_t *)mesg, &len);
- }
- timer = clock() - timer;
-
- free(mesg);
-
- return (double) num_trials * CLOCKS_PER_SEC / timer;
-}
-
-
-void
-err_check(err_status_t s) {
- if (s == err_status_ok)
- return;
- else
- fprintf(stderr, "error: unexpected srtp failure (code %d)\n", s);
- exit (1);
-}
-
-err_status_t
-srtp_test(const srtp_policy_t *policy) {
- int i;
- srtp_t srtp_sender;
- srtp_t srtp_rcvr;
- err_status_t status = err_status_ok;
- srtp_hdr_t *hdr, *hdr2;
- uint8_t hdr_enc[64];
- uint8_t *pkt_end;
- int msg_len_octets, msg_len_enc;
- int len;
- int tag_length = policy->rtp.auth_tag_len;
- uint32_t ssrc;
- srtp_policy_t *rcvr_policy;
-
- err_check(srtp_create(&srtp_sender, policy));
-
- /* print out policy */
- err_check(srtp_session_print_policy(srtp_sender));
-
- /*
- * initialize data buffer, using the ssrc in the policy unless that
- * value is a wildcard, in which case we'll just use an arbitrary
- * one
- */
- if (policy->ssrc.type != ssrc_specific)
- ssrc = 0xdecafbad;
- else
- ssrc = policy->ssrc.value;
- msg_len_octets = 28;
- hdr = srtp_create_test_packet(msg_len_octets, ssrc);
-
- if (hdr == NULL)
- return err_status_alloc_fail;
- hdr2 = srtp_create_test_packet(msg_len_octets, ssrc);
- if (hdr2 == NULL) {
- free(hdr);
- return err_status_alloc_fail;
- }
-
- /* set message length */
- len = msg_len_octets;
-
- debug_print(mod_driver, "before protection:\n%s",
- srtp_packet_to_string(hdr, len));
-
-#if PRINT_REFERENCE_PACKET
- debug_print(mod_driver, "reference packet before protection:\n%s",
- octet_string_hex_string((uint8_t *)hdr, len));
-#endif
- err_check(srtp_protect(srtp_sender, hdr, &len));
-
- debug_print(mod_driver, "after protection:\n%s",
- srtp_packet_to_string(hdr, len));
-#if PRINT_REFERENCE_PACKET
- debug_print(mod_driver, "after protection:\n%s",
- octet_string_hex_string((uint8_t *)hdr, len));
-#endif
-
- /* save protected message and length */
- memcpy(hdr_enc, hdr, len);
- msg_len_enc = len;
-
- /*
- * check for overrun of the srtp_protect() function
- *
- * The packet is followed by a value of 0xfffff; if the value of the
- * data following the packet is different, then we know that the
- * protect function is overwriting the end of the packet.
- */
- pkt_end = (uint8_t *)hdr + sizeof(srtp_hdr_t)
- + msg_len_octets + tag_length;
- for (i = 0; i < 4; i++)
- if (pkt_end[i] != 0xff) {
- fprintf(stdout, "overwrite in srtp_protect() function "
- "(expected %x, found %x in trailing octet %d)\n",
- 0xff, ((uint8_t *)hdr)[i], i);
- free(hdr);
- free(hdr2);
- return err_status_algo_fail;
- }
-
- /*
- * if the policy includes confidentiality, check that ciphertext is
- * different than plaintext
- *
- * Note that this check will give false negatives, with some small
- * probability, especially if the packets are short. For that
- * reason, we skip this check if the plaintext is less than four
- * octets long.
- */
- if ((policy->rtp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) {
- printf("testing that ciphertext is distinct from plaintext...");
- status = err_status_algo_fail;
- for (i=12; i < msg_len_octets+12; i++)
- if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) {
- status = err_status_ok;
- }
- if (status) {
- printf("failed\n");
- free(hdr);
- free(hdr2);
- return status;
- }
- printf("passed\n");
- }
-
- /*
- * if the policy uses a 'wildcard' ssrc, then we need to make a copy
- * of the policy that changes the direction to inbound
- *
- * we always copy the policy into the rcvr_policy, since otherwise
- * the compiler would fret about the constness of the policy
- */
- rcvr_policy = (srtp_policy_t*) malloc(sizeof(srtp_policy_t));
- if (rcvr_policy == NULL)
- return err_status_alloc_fail;
- memcpy(rcvr_policy, policy, sizeof(srtp_policy_t));
- if (policy->ssrc.type == ssrc_any_outbound) {
- rcvr_policy->ssrc.type = ssrc_any_inbound;
- }
-
- err_check(srtp_create(&srtp_rcvr, rcvr_policy));
-
- err_check(srtp_unprotect(srtp_rcvr, hdr, &len));
-
- debug_print(mod_driver, "after unprotection:\n%s",
- srtp_packet_to_string(hdr, len));
-
- /* verify that the unprotected packet matches the origial one */
- for (i=0; i < msg_len_octets; i++)
- if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) {
- fprintf(stdout, "mismatch at octet %d\n", i);
- status = err_status_algo_fail;
- }
- if (status) {
- free(hdr);
- free(hdr2);
- return status;
- }
-
- /*
- * if the policy includes authentication, then test for false positives
- */
- if (policy->rtp.sec_serv & sec_serv_auth) {
- char *data = ((char *)hdr) + 12;
-
- printf("testing for false positives in replay check...");
-
- /* set message length */
- len = msg_len_enc;
-
- /* unprotect a second time - should fail with a replay error */
- status = srtp_unprotect(srtp_rcvr, hdr_enc, &len);
- if (status != err_status_replay_fail) {
- printf("failed with error code %d\n", status);
- free(hdr);
- free(hdr2);
- return status;
- } else {
- printf("passed\n");
- }
-
- printf("testing for false positives in auth check...");
-
- /* increment sequence number in header */
- hdr->seq++;
-
- /* set message length */
- len = msg_len_octets;
-
- /* apply protection */
- err_check(srtp_protect(srtp_sender, hdr, &len));
-
- /* flip bits in packet */
- data[0] ^= 0xff;
-
- /* unprotect, and check for authentication failure */
- status = srtp_unprotect(srtp_rcvr, hdr, &len);
- if (status != err_status_auth_fail) {
- printf("failed\n");
- free(hdr);
- free(hdr2);
- return status;
- } else {
- printf("passed\n");
- }
-
- }
-
- err_check(srtp_dealloc(srtp_sender));
- err_check(srtp_dealloc(srtp_rcvr));
-
- free(hdr);
- free(hdr2);
- return err_status_ok;
-}
-
-
-err_status_t
-srtcp_test(const srtp_policy_t *policy) {
- int i;
- srtp_t srtcp_sender;
- srtp_t srtcp_rcvr;
- err_status_t status = err_status_ok;
- srtp_hdr_t *hdr, *hdr2;
- uint8_t hdr_enc[64];
- uint8_t *pkt_end;
- int msg_len_octets, msg_len_enc;
- int len;
- int tag_length = policy->rtp.auth_tag_len;
- uint32_t ssrc;
- srtp_policy_t *rcvr_policy;
-
- err_check(srtp_create(&srtcp_sender, policy));
-
- /* print out policy */
- err_check(srtp_session_print_policy(srtcp_sender));
-
- /*
- * initialize data buffer, using the ssrc in the policy unless that
- * value is a wildcard, in which case we'll just use an arbitrary
- * one
- */
- if (policy->ssrc.type != ssrc_specific)
- ssrc = 0xdecafbad;
- else
- ssrc = policy->ssrc.value;
- msg_len_octets = 28;
- hdr = srtp_create_test_packet(msg_len_octets, ssrc);
-
- if (hdr == NULL)
- return err_status_alloc_fail;
- hdr2 = srtp_create_test_packet(msg_len_octets, ssrc);
- if (hdr2 == NULL) {
- free(hdr);
- return err_status_alloc_fail;
- }
-
- /* set message length */
- len = msg_len_octets;
-
- debug_print(mod_driver, "before protection:\n%s",
- srtp_packet_to_string(hdr, len));
-
-#if PRINT_REFERENCE_PACKET
- debug_print(mod_driver, "reference packet before protection:\n%s",
- octet_string_hex_string((uint8_t *)hdr, len));
-#endif
- err_check(srtp_protect_rtcp(srtcp_sender, hdr, &len));
-
- debug_print(mod_driver, "after protection:\n%s",
- srtp_packet_to_string(hdr, len));
-#if PRINT_REFERENCE_PACKET
- debug_print(mod_driver, "after protection:\n%s",
- octet_string_hex_string((uint8_t *)hdr, len));
-#endif
-
- /* save protected message and length */
- memcpy(hdr_enc, hdr, len);
- msg_len_enc = len;
-
- /*
- * check for overrun of the srtp_protect() function
- *
- * The packet is followed by a value of 0xfffff; if the value of the
- * data following the packet is different, then we know that the
- * protect function is overwriting the end of the packet.
- */
- pkt_end = (uint8_t *)hdr + sizeof(srtp_hdr_t)
- + msg_len_octets + tag_length;
- for (i = 0; i < 4; i++)
- if (pkt_end[i] != 0xff) {
- fprintf(stdout, "overwrite in srtp_protect_rtcp() function "
- "(expected %x, found %x in trailing octet %d)\n",
- 0xff, ((uint8_t *)hdr)[i], i);
- free(hdr);
- free(hdr2);
- return err_status_algo_fail;
- }
-
- /*
- * if the policy includes confidentiality, check that ciphertext is
- * different than plaintext
- *
- * Note that this check will give false negatives, with some small
- * probability, especially if the packets are short. For that
- * reason, we skip this check if the plaintext is less than four
- * octets long.
- */
- if ((policy->rtp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) {
- printf("testing that ciphertext is distinct from plaintext...");
- status = err_status_algo_fail;
- for (i=12; i < msg_len_octets+12; i++)
- if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) {
- status = err_status_ok;
- }
- if (status) {
- printf("failed\n");
- free(hdr);
- free(hdr2);
- return status;
- }
- printf("passed\n");
- }
-
- /*
- * if the policy uses a 'wildcard' ssrc, then we need to make a copy
- * of the policy that changes the direction to inbound
- *
- * we always copy the policy into the rcvr_policy, since otherwise
- * the compiler would fret about the constness of the policy
- */
- rcvr_policy = (srtp_policy_t*) malloc(sizeof(srtp_policy_t));
- if (rcvr_policy == NULL)
- return err_status_alloc_fail;
- memcpy(rcvr_policy, policy, sizeof(srtp_policy_t));
- if (policy->ssrc.type == ssrc_any_outbound) {
- rcvr_policy->ssrc.type = ssrc_any_inbound;
- }
-
- err_check(srtp_create(&srtcp_rcvr, rcvr_policy));
-
- err_check(srtp_unprotect_rtcp(srtcp_rcvr, hdr, &len));
-
- debug_print(mod_driver, "after unprotection:\n%s",
- srtp_packet_to_string(hdr, len));
-
- /* verify that the unprotected packet matches the origial one */
- for (i=0; i < msg_len_octets; i++)
- if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) {
- fprintf(stdout, "mismatch at octet %d\n", i);
- status = err_status_algo_fail;
- }
- if (status) {
- free(hdr);
- free(hdr2);
- return status;
- }
-
- /*
- * if the policy includes authentication, then test for false positives
- */
- if (policy->rtp.sec_serv & sec_serv_auth) {
- char *data = ((char *)hdr) + 12;
-
- printf("testing for false positives in replay check...");
-
- /* set message length */
- len = msg_len_enc;
-
- /* unprotect a second time - should fail with a replay error */
- status = srtp_unprotect_rtcp(srtcp_rcvr, hdr_enc, &len);
- if (status != err_status_replay_fail) {
- printf("failed with error code %d\n", status);
- free(hdr);
- free(hdr2);
- return status;
- } else {
- printf("passed\n");
- }
-
- printf("testing for false positives in auth check...");
-
- /* increment sequence number in header */
- hdr->seq++;
-
- /* set message length */
- len = msg_len_octets;
-
- /* apply protection */
- err_check(srtp_protect_rtcp(srtcp_sender, hdr, &len));
-
- /* flip bits in packet */
- data[0] ^= 0xff;
-
- /* unprotect, and check for authentication failure */
- status = srtp_unprotect_rtcp(srtcp_rcvr, hdr, &len);
- if (status != err_status_auth_fail) {
- printf("failed\n");
- free(hdr);
- free(hdr2);
- return status;
- } else {
- printf("passed\n");
- }
-
- }
-
- err_check(srtp_dealloc(srtcp_sender));
- err_check(srtp_dealloc(srtcp_rcvr));
-
- free(hdr);
- free(hdr2);
- return err_status_ok;
-}
-
-
-err_status_t
-srtp_session_print_policy(srtp_t srtp) {
- char *serv_descr[4] = {
- "none",
- "confidentiality",
- "authentication",
- "confidentiality and authentication"
- };
- char *direction[3] = {
- "unknown",
- "outbound",
- "inbound"
- };
- srtp_stream_t stream;
-
- /* sanity checking */
- if (srtp == NULL)
- return err_status_fail;
-
- /* if there's a template stream, print it out */
- if (srtp->stream_template != NULL) {
- stream = srtp->stream_template;
- printf("# SSRC: any %s\r\n"
- "# rtp cipher: %s\r\n"
- "# rtp auth: %s\r\n"
- "# rtp services: %s\r\n"
- "# rtcp cipher: %s\r\n"
- "# rtcp auth: %s\r\n"
- "# rtcp services: %s\r\n"
- "# window size: %lu\r\n"
- "# tx rtx allowed:%s\r\n",
- direction[stream->direction],
- stream->rtp_cipher->type->description,
- stream->rtp_auth->type->description,
- serv_descr[stream->rtp_services],
- stream->rtcp_cipher->type->description,
- stream->rtcp_auth->type->description,
- serv_descr[stream->rtcp_services],
- rdbx_get_window_size(&stream->rtp_rdbx),
- stream->allow_repeat_tx ? "true" : "false");
- }
-
- /* loop over streams in session, printing the policy of each */
- stream = srtp->stream_list;
- while (stream != NULL) {
- if (stream->rtp_services > sec_serv_conf_and_auth)
- return err_status_bad_param;
-
- printf("# SSRC: 0x%08x\r\n"
- "# rtp cipher: %s\r\n"
- "# rtp auth: %s\r\n"
- "# rtp services: %s\r\n"
- "# rtcp cipher: %s\r\n"
- "# rtcp auth: %s\r\n"
- "# rtcp services: %s\r\n"
- "# window size: %lu\r\n"
- "# tx rtx allowed:%s\r\n",
- stream->ssrc,
- stream->rtp_cipher->type->description,
- stream->rtp_auth->type->description,
- serv_descr[stream->rtp_services],
- stream->rtcp_cipher->type->description,
- stream->rtcp_auth->type->description,
- serv_descr[stream->rtcp_services],
- rdbx_get_window_size(&stream->rtp_rdbx),
- stream->allow_repeat_tx ? "true" : "false");
-
- /* advance to next stream in the list */
- stream = stream->next;
- }
- return err_status_ok;
-}
-
-err_status_t
-srtp_print_policy(const srtp_policy_t *policy) {
- err_status_t status;
- srtp_t session;
-
- status = srtp_create(&session, policy);
- if (status)
- return status;
- status = srtp_session_print_policy(session);
- if (status)
- return status;
- status = srtp_dealloc(session);
- if (status)
- return status;
- return err_status_ok;
-}
-
-/*
- * srtp_print_packet(...) is for debugging only
- * it prints an RTP packet to the stdout
- *
- * note that this function is *not* threadsafe
- */
-
-#include <stdio.h>
-
-#define MTU 2048
-
-char packet_string[MTU];
-
-char *
-srtp_packet_to_string(srtp_hdr_t *hdr, int pkt_octet_len) {
- int octets_in_rtp_header = 12;
- uint8_t *data = ((uint8_t *)hdr)+octets_in_rtp_header;
- int hex_len = pkt_octet_len-octets_in_rtp_header;
-
- /* sanity checking */
- if ((hdr == NULL) || (pkt_octet_len > MTU))
- return NULL;
-
- /* write packet into string */
- sprintf(packet_string,
- "(s)rtp packet: {\n"
- " version:\t%d\n"
- " p:\t\t%d\n"
- " x:\t\t%d\n"
- " cc:\t\t%d\n"
- " m:\t\t%d\n"
- " pt:\t\t%x\n"
- " seq:\t\t%x\n"
- " ts:\t\t%x\n"
- " ssrc:\t%x\n"
- " data:\t%s\n"
- "} (%d octets in total)\n",
- hdr->version,
- hdr->p,
- hdr->x,
- hdr->cc,
- hdr->m,
- hdr->pt,
- hdr->seq,
- hdr->ts,
- hdr->ssrc,
- octet_string_hex_string(data, hex_len),
- pkt_octet_len);
-
- return packet_string;
-}
-
-/*
- * mips_estimate() is a simple function to estimate the number of
- * instructions per second that the host can perform. note that this
- * function can be grossly wrong; you may want to have a manual sanity
- * check of its output!
- *
- * the 'ignore' pointer is there to convince the compiler to not just
- * optimize away the function
- */
-
-double
-mips_estimate(int num_trials, int *ignore) {
- clock_t t;
- int i, sum;
-
- sum = 0;
- t = clock();
- for (i=0; i<num_trials; i++)
- sum += i;
- t = clock() - t;
-
-/* printf("%d\n", sum); */
- *ignore = sum;
-
- return (double) num_trials * CLOCKS_PER_SEC / t;
-}
-
-
-/*
- * srtp_validate() verifies the correctness of libsrtp by comparing
- * some computed packets against some pre-computed reference values.
- * These packets were made with the default SRTP policy.
- */
-
-
-err_status_t
-srtp_validate() {
- unsigned char test_key[30] = {
- 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
- 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
- 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
- 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
- };
- uint8_t srtp_plaintext_ref[28] = {
- 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
- 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
- 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
- 0xab, 0xab, 0xab, 0xab
- };
- uint8_t srtp_plaintext[38] = {
- 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
- 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
- 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
- 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
- };
- uint8_t srtp_ciphertext[38] = {
- 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
- 0xca, 0xfe, 0xba, 0xbe, 0x4e, 0x55, 0xdc, 0x4c,
- 0xe7, 0x99, 0x78, 0xd8, 0x8c, 0xa4, 0xd2, 0x15,
- 0x94, 0x9d, 0x24, 0x02, 0xb7, 0x8d, 0x6a, 0xcc,
- 0x99, 0xea, 0x17, 0x9b, 0x8d, 0xbb
- };
- srtp_t srtp_snd, srtp_recv;
- err_status_t status;
- int len;
- srtp_policy_t policy;
-
- /*
- * create a session with a single stream using the default srtp
- * policy and with the SSRC value 0xcafebabe
- */
- crypto_policy_set_rtp_default(&policy.rtp);
- crypto_policy_set_rtcp_default(&policy.rtcp);
- policy.ssrc.type = ssrc_specific;
- policy.ssrc.value = 0xcafebabe;
- policy.key = test_key;
- policy.ekt = NULL;
- policy.window_size = 128;
- policy.allow_repeat_tx = 0;
- policy.next = NULL;
-
- status = srtp_create(&srtp_snd, &policy);
- if (status)
- return status;
-
- /*
- * protect plaintext, then compare with ciphertext
- */
- len = 28;
- status = srtp_protect(srtp_snd, srtp_plaintext, &len);
- if (status || (len != 38))
- return err_status_fail;
-
- debug_print(mod_driver, "ciphertext:\n %s",
- octet_string_hex_string(srtp_plaintext, len));
- debug_print(mod_driver, "ciphertext reference:\n %s",
- octet_string_hex_string(srtp_ciphertext, len));
-
- if (octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len))
- return err_status_fail;
-
- /*
- * create a receiver session context comparable to the one created
- * above - we need to do this so that the replay checking doesn't
- * complain
- */
- status = srtp_create(&srtp_recv, &policy);
- if (status)
- return status;
-
- /*
- * unprotect ciphertext, then compare with plaintext
- */
- status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
- if (status || (len != 28))
- return status;
-
- if (octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len))
- return err_status_fail;
-
- return err_status_ok;
-}
-
-
-err_status_t
-srtp_create_big_policy(srtp_policy_t **list) {
- extern const srtp_policy_t *policy_array[];
- srtp_policy_t *p, *tmp;
- int i = 0;
- uint32_t ssrc = 0;
-
- /* sanity checking */
- if ((list == NULL) || (policy_array[0] == NULL))
- return err_status_bad_param;
-
- /*
- * loop over policy list, mallocing a new list and copying values
- * into it (and incrementing the SSRC value as we go along)
- */
- tmp = p = NULL;
- while (policy_array[i] != NULL) {
- p = (srtp_policy_t*) malloc(sizeof(srtp_policy_t));
- if (p == NULL)
- return err_status_bad_param;
- memcpy(p, policy_array[i], sizeof(srtp_policy_t));
- p->ssrc.type = ssrc_specific;
- p->ssrc.value = ssrc++;
- p->next = tmp;
- tmp = p;
- i++;
- }
- *list = p;
-
- return err_status_ok;
-}
-
-err_status_t
-srtp_test_remove_stream() {
- err_status_t status;
- srtp_policy_t *policy_list;
- srtp_t session;
- srtp_stream_t stream;
- /*
- * srtp_get_stream() is a libSRTP internal function that we declare
- * here so that we can use it to verify the correct operation of the
- * library
- */
- extern srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc);
-
-
- status = srtp_create_big_policy(&policy_list);
- if (status)
- return status;
-
- status = srtp_create(&session, policy_list);
- if (status)
- return status;
-
- /*
- * check for false positives by trying to remove a stream that's not
- * in the session
- */
- status = srtp_remove_stream(session, htonl(0xaaaaaaaa));
- if (status != err_status_no_ctx)
- return err_status_fail;
-
- /*
- * check for false negatives by removing stream 0x1, then
- * searching for streams 0x0 and 0x2
- */
- status = srtp_remove_stream(session, htonl(0x1));
- if (status != err_status_ok)
- return err_status_fail;
- stream = srtp_get_stream(session, htonl(0x0));
- if (stream == NULL)
- return err_status_fail;
- stream = srtp_get_stream(session, htonl(0x2));
- if (stream == NULL)
- return err_status_fail;
-
- return err_status_ok;
-}
-
-/*
- * srtp policy definitions - these definitions are used above
- */
-
-unsigned char test_key[30] = {
- 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
- 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
- 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
- 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
-};
-
-
-const srtp_policy_t default_policy = {
- { ssrc_any_outbound, 0 }, /* SSRC */
- { /* SRTP policy */
- AES_128_ICM, /* cipher type */
- 30, /* cipher key length in octets */
- HMAC_SHA1, /* authentication func type */
- 16, /* auth key length in octets */
- 10, /* auth tag length in octets */
- sec_serv_conf_and_auth /* security services flag */
- },
- { /* SRTCP policy */
- AES_128_ICM, /* cipher type */
- 30, /* cipher key length in octets */
- HMAC_SHA1, /* authentication func type */
- 16, /* auth key length in octets */
- 10, /* auth tag length in octets */
- sec_serv_conf_and_auth /* security services flag */
- },
- test_key,
- NULL, /* indicates that EKT is not in use */
- 128, /* replay window size */
- 0, /* retransmission not allowed */
- NULL
-};
-
-const srtp_policy_t aes_tmmh_policy = {
- { ssrc_any_outbound, 0 }, /* SSRC */
- {
- AES_128_ICM, /* cipher type */
- 30, /* cipher key length in octets */
- UST_TMMHv2, /* authentication func type */
- 94, /* auth key length in octets */
- 4, /* auth tag length in octets */
- sec_serv_conf_and_auth /* security services flag */
- },
- {
- AES_128_ICM, /* cipher type */
- 30, /* cipher key length in octets */
- UST_TMMHv2, /* authentication func type */
- 94, /* auth key length in octets */
- 4, /* auth tag length in octets */
- sec_serv_conf_and_auth /* security services flag */
- },
- test_key,
- NULL, /* indicates that EKT is not in use */
- 128, /* replay window size */
- 0, /* retransmission not allowed */
- NULL
-};
-
-const srtp_policy_t tmmh_only_policy = {
- { ssrc_any_outbound, 0 }, /* SSRC */
- {
- AES_128_ICM, /* cipher type */
- 30, /* cipher key length in octets */
- UST_TMMHv2, /* authentication func type */
- 94, /* auth key length in octets */
- 4, /* auth tag length in octets */
- sec_serv_auth /* security services flag */
- },
- {
- AES_128_ICM, /* cipher type */
- 30, /* cipher key length in octets */
- UST_TMMHv2, /* authentication func type */
- 94, /* auth key length in octets */
- 4, /* auth tag length in octets */
- sec_serv_auth /* security services flag */
- },
- test_key,
- NULL, /* indicates that EKT is not in use */
- 128, /* replay window size */
- 0, /* retransmission not allowed */
- NULL
-};
-
-const srtp_policy_t aes_only_policy = {
- { ssrc_any_outbound, 0 }, /* SSRC */
- {
- AES_128_ICM, /* cipher type */
- 30, /* cipher key length in octets */
- NULL_AUTH, /* authentication func type */
- 0, /* auth key length in octets */
- 0, /* auth tag length in octets */
- sec_serv_conf /* security services flag */
- },
- {
- AES_128_ICM, /* cipher type */
- 30, /* cipher key length in octets */
- NULL_AUTH, /* authentication func type */
- 0, /* auth key length in octets */
- 0, /* auth tag length in octets */
- sec_serv_conf /* security services flag */
- },
- test_key,
- NULL, /* indicates that EKT is not in use */
- 128, /* replay window size */
- 0, /* retransmission not allowed */
- NULL
-};
-
-const srtp_policy_t hmac_only_policy = {
- { ssrc_any_outbound, 0 }, /* SSRC */
- {
- NULL_CIPHER, /* cipher type */
- 0, /* cipher key length in octets */
- HMAC_SHA1, /* authentication func type */
- 20, /* auth key length in octets */
- 4, /* auth tag length in octets */
- sec_serv_auth /* security services flag */
- },
- {
- NULL_CIPHER, /* cipher type */
- 0, /* cipher key length in octets */
- HMAC_SHA1, /* authentication func type */
- 20, /* auth key length in octets */
- 4, /* auth tag length in octets */
- sec_serv_auth /* security services flag */
- },
- test_key,
- NULL, /* indicates that EKT is not in use */
- 128, /* replay window size */
- 0, /* retransmission not allowed */
- NULL
-};
-
-const srtp_policy_t null_policy = {
- { ssrc_any_outbound, 0 }, /* SSRC */
- {
- NULL_CIPHER, /* cipher type */
- 0, /* cipher key length in octets */
- NULL_AUTH, /* authentication func type */
- 0, /* auth key length in octets */
- 0, /* auth tag length in octets */
- sec_serv_none /* security services flag */
- },
- {
- NULL_CIPHER, /* cipher type */
- 0, /* cipher key length in octets */
- NULL_AUTH, /* authentication func type */
- 0, /* auth key length in octets */
- 0, /* auth tag length in octets */
- sec_serv_none /* security services flag */
- },
- test_key,
- NULL, /* indicates that EKT is not in use */
- 128, /* replay window size */
- 0, /* retransmission not allowed */
- NULL
-};
-
-uint8_t ekt_test_key[16] = {
- 0x77, 0x26, 0x9d, 0xac, 0x16, 0xa3, 0x28, 0xca,
- 0x8e, 0xc9, 0x68, 0x4b, 0xcc, 0xc4, 0xd2, 0x1b
-};
-
-#include "ekt.h"
-
-ekt_policy_ctx_t ekt_test_policy = {
- 0xa5a5, /* SPI */
- EKT_CIPHER_AES_128_ECB,
- ekt_test_key,
- NULL
-};
-
-const srtp_policy_t hmac_only_with_ekt_policy = {
- { ssrc_any_outbound, 0 }, /* SSRC */
- {
- NULL_CIPHER, /* cipher type */
- 0, /* cipher key length in octets */
- HMAC_SHA1, /* authentication func type */
- 20, /* auth key length in octets */
- 4, /* auth tag length in octets */
- sec_serv_auth /* security services flag */
- },
- {
- NULL_CIPHER, /* cipher type */
- 0, /* cipher key length in octets */
- HMAC_SHA1, /* authentication func type */
- 20, /* auth key length in octets */
- 4, /* auth tag length in octets */
- sec_serv_auth /* security services flag */
- },
- test_key,
- &ekt_test_policy, /* indicates that EKT is not in use */
- 128, /* replay window size */
- 0, /* retransmission not allowed */
- NULL
-};
-
-
-/*
- * an array of pointers to the policies listed above
- *
- * This array is used to test various aspects of libSRTP for
- * different cryptographic policies. The order of the elements
- * matters - the timing test generates output that can be used
- * in a plot (see the gnuplot script file 'timing'). If you
- * add to this list, you should do it at the end.
- */
-
-#define USE_TMMH 0
-
-const srtp_policy_t *
-policy_array[] = {
- &hmac_only_policy,
-#if USE_TMMH
- &tmmh_only_policy,
-#endif
- &aes_only_policy,
-#if USE_TMMH
- &aes_tmmh_policy,
-#endif
- &default_policy,
- &null_policy,
- &hmac_only_with_ekt_policy,
- NULL
-};
-
-const srtp_policy_t wildcard_policy = {
- { ssrc_any_outbound, 0 }, /* SSRC */
- { /* SRTP policy */
- AES_128_ICM, /* cipher type */
- 30, /* cipher key length in octets */
- HMAC_SHA1, /* authentication func type */
- 16, /* auth key length in octets */
- 10, /* auth tag length in octets */
- sec_serv_conf_and_auth /* security services flag */
- },
- { /* SRTCP policy */
- AES_128_ICM, /* cipher type */
- 30, /* cipher key length in octets */
- HMAC_SHA1, /* authentication func type */
- 16, /* auth key length in octets */
- 10, /* auth tag length in octets */
- sec_serv_conf_and_auth /* security services flag */
- },
- test_key,
- NULL,
- 128, /* replay window size */
- 0, /* retransmission not allowed */
- NULL
-};
diff --git a/timing b/timing
deleted file mode 100644
index 66b00c4..0000000
--- a/timing
+++ /dev/null
Binary files differ
diff --git a/undos.sh b/undos.sh
deleted file mode 100755
index db12064..0000000
--- a/undos.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-#
-# usage: undos <file>
-#
-# strips CRs from a file - useful when moving DOS-created files
-# onto UN*X machines
-
-cat $1 | tr -d "\r" > $1.tmp
-mv $1.tmp $1
-
diff --git a/update.sh b/update.sh
deleted file mode 100755
index 595b647..0000000
--- a/update.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/sh
-#
-# update.sh
-#
-# update copyright dates in files
-
-a=`find . -name "*.[ch]"`
-for x in $a; do
- sed 's/(c) 2001-2005/(c) 2001-2006/' $x > $x.tmp;
- mv $x.tmp $x;
-done
-
-
-
-