commit 6e9ea2e77aa9e85eed700a568cbc3260276c8c0d Author: Yuriy Glukhov Date: Mon Sep 30 21:23:06 2019 +0300 Initial commit (copied from nim-libp2p) diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..d004ab1 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "bearssl/csources"] + path = bearssl/csources + url = https://www.bearssl.org/git/BearSSL diff --git a/LICENSE-APACHEv2 b/LICENSE-APACHEv2 new file mode 100644 index 0000000..22464dc --- /dev/null +++ b/LICENSE-APACHEv2 @@ -0,0 +1,205 @@ +web3 is licensed under the Apache License version 2 +Copyright (c) 2018 Status Research & Development GmbH +----------------------------------------------------- + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018 Status Research & Development GmbH + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/LICENSE-MIT b/LICENSE-MIT new file mode 100644 index 0000000..03123fc --- /dev/null +++ b/LICENSE-MIT @@ -0,0 +1,25 @@ +web3 is licensed under the MIT License +Copyright (c) 2018 Status Research & Development GmbH +----------------------------------------------------- + +The MIT License (MIT) + +Copyright (c) 2018 Status Research & Development GmbH + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..bd12075 --- /dev/null +++ b/README.md @@ -0,0 +1,28 @@ +# bearssl + +[![Build Status (Travis)](https://img.shields.io/travis/status-im/nim-bearssl/master.svg?label=Linux%20/%20macOS "Linux/macOS build status (Travis)")](https://travis-ci.org/status-im/nim-bearssl) +[![Windows build status (Appveyor)](https://img.shields.io/appveyor/ci/nimbus/nim-bearssl/master.svg?label=Windows "Windows build status (Appveyor)")](https://ci.appveyor.com/project/nimbus/nim-bearssl) +[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT) +[![License: Apache](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) +![Stability: experimental](https://img.shields.io/badge/stability-experimental-orange.svg) + +[BearSSL](https://bearssl.org/) wrapper. + +## Installation + +You can install the developement version of the library through nimble with the following command +``` +nimble install https://github.com/status-im/nim-bearssl@#master +``` + +## License + +Licensed and distributed under either of + +* MIT license: [LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT + +or + +* Apache License, Version 2.0, ([LICENSE-APACHEv2](LICENSE-APACHEv2) or http://www.apache.org/licenses/LICENSE-2.0) + +at your option. This file may not be copied, modified, or distributed except according to those terms. diff --git a/bearssl.nim b/bearssl.nim new file mode 100644 index 0000000..ff42080 --- /dev/null +++ b/bearssl.nim @@ -0,0 +1,486 @@ +## Nim-Libp2p +## Copyright (c) 2018 Status Research & Development GmbH +## Licensed under either of +## * Apache License, version 2.0, ([LICENSE-APACHE](LICENSE-APACHE)) +## * MIT license ([LICENSE-MIT](LICENSE-MIT)) +## at your option. +## This file may not be copied, modified, or distributed except according to +## those terms. + +## This module implements interface with BearSSL library sources. +import strutils +from os import DirSep + +const + bearPath = currentSourcePath.rsplit(DirSep, 1)[0] & DirSep & + "bearssl" & DirSep & "csources" & DirSep + bearSrcPath = bearPath & "src" + bearIncPath = bearPath & "inc" + bearIntPath = bearSrcPath & DirSep & "int" & DirSep + bearCodecPath = bearSrcPath & DirSep & "codec" & DirSep + bearRandPath = bearSrcPath & DirSep & "rand" & DirSep + bearRsaPath = bearSrcPath & DirSep & "rsa" & DirSep + bearEcPath = bearSrcPath & DirSep & "ec" & DirSep + bearX509Path = bearSrcPath & DirSep & "x509" & DirSep + bearMacPath = bearSrcPath & DirSep & "mac" & DirSep + bearHashPath = bearSrcPath & DirSep & "hash" & DirSep + +static: + echo bearPath + +{.passC: "-I" & bearSrcPath} +{.passC: "-I" & bearIncPath} + +when defined(windows): + {.passC: "-DBR_USE_WIN32_TIME=1".} + {.passC: "-DBR_USE_WIN32_RAND=1".} +else: + {.passC: "-DBR_USE_UNIX_TIME=1".} + {.passC: "-DBR_USE_URANDOM=1".} + +when system.cpuEndian == bigEndian: + {.passC: "-DBR_BE_UNALIGNED=1".} +else: + {.passC: "-DBR_LE_UNALIGNED=1".} + +{.pragma: bearssl_func, importc, cdecl.} + +when sizeof(int) == 8: + {.passC: "-DBR_64=1".} + {.passC:" -DBR_amd64=1".} + when defined(vcc): + {.passC: "-DBR_UMUL128=1".} + else: + {.passC: "-DBR_INT128=1".} + + ## Codec sources + {.compile: bearCodecPath & "ccopy.c".} + {.compile: bearCodecPath & "enc64be.c".} + {.compile: bearCodecPath & "dec64be.c".} + {.compile: bearCodecPath & "enc32be.c".} + {.compile: bearCodecPath & "dec32be.c".} + {.compile: bearCodecPath & "pemenc.c".} + {.compile: bearCodecPath & "pemdec.c".} + + ## Big integer sources + {.compile: bearIntPath & "i31_add.c".} + {.compile: bearIntPath & "i31_bitlen.c".} + {.compile: bearIntPath & "i31_decmod.c".} + {.compile: bearIntPath & "i31_decode.c".} + {.compile: bearIntPath & "i31_decred.c".} + {.compile: bearIntPath & "i31_encode.c".} + {.compile: bearIntPath & "i31_fmont.c".} + {.compile: bearIntPath & "i31_iszero.c".} + {.compile: bearIntPath & "i31_moddiv.c".} + {.compile: bearIntPath & "i31_modpow.c".} + {.compile: bearIntPath & "i31_modpow2.c".} + {.compile: bearIntPath & "i31_montmul.c".} + {.compile: bearIntPath & "i31_mulacc.c".} + {.compile: bearIntPath & "i31_muladd.c".} + {.compile: bearIntPath & "i31_ninv31.c".} + {.compile: bearIntPath & "i31_reduce.c".} + {.compile: bearIntPath & "i31_rshift.c".} + {.compile: bearIntPath & "i31_sub.c".} + {.compile: bearIntPath & "i31_tmont.c".} + + ## Additional integer sources + {.compile: bearIntPath & "i32_div32.c".} + {.compile: bearIntPath & "i62_modpow2.c".} + + ## Random generator sources + {.compile: bearRandPath & "sysrng.c".} + {.compile: bearRandPath & "hmac_drbg.c".} + {.compile: bearRandPath & "aesctr_drbg.c".} + + ## HMAC sources + {.compile: bearMacPath & "hmac.c".} + {.compile: bearMacPath & "hmac_ct.c".} + + ## HASH sources + {.compile: bearHashPath & "mgf1.c".} + {.compile: bearHashPath & "ghash_ctmul64.c".} + {.compile: bearHashPath & "sha2small.c".} # SHA2-224/256 + {.compile: bearHashPath & "sha2big.c".} # SHA2-384/512 + + ## RSA sources + {.compile: bearRsaPath & "rsa_i31_keygen_inner.c".} + {.compile: bearRsaPath & "rsa_i62_keygen.c".} + {.compile: bearRsaPath & "rsa_i62_oaep_decrypt.c".} + {.compile: bearRsaPath & "rsa_i62_oaep_encrypt.c".} + {.compile: bearRsaPath & "rsa_i62_pkcs1_sign.c".} + {.compile: bearRsaPath & "rsa_i62_pkcs1_vrfy.c".} + {.compile: bearRsaPath & "rsa_i62_priv.c".} + {.compile: bearRsaPath & "rsa_i62_pub.c".} + {.compile: bearRsaPath & "rsa_oaep_pad.c".} + {.compile: bearRsaPath & "rsa_oaep_unpad.c".} + {.compile: bearRsaPath & "rsa_pkcs1_sig_pad.c".} + {.compile: bearRsaPath & "rsa_pkcs1_sig_unpad.c".} + {.compile: bearRsaPath & "rsa_ssl_decrypt.c".} + {.compile: bearRsaPath & "rsa_default_keygen.c".} + {.compile: bearRsaPath & "rsa_i31_modulus.c".} + {.compile: bearRsaPath & "rsa_i31_privexp.c".} + {.compile: bearRsaPath & "rsa_i31_pubexp.c".} + {.compile: bearRsaPath & "rsa_default_modulus.c".} + {.compile: bearRsaPath & "rsa_default_privexp.c".} + {.compile: bearRsaPath & "rsa_default_pubexp.c".} + {.compile: bearRsaPath & "rsa_default_pkcs1_sign.c".} + {.compile: bearRsaPath & "rsa_default_pkcs1_vrfy.c".} + + ## Elliptic Curve sources + {.compile: bearEcPath & "ec_all_m31.c".} + {.compile: bearEcPath & "ec_default.c".} + {.compile: bearEcPath & "ec_keygen.c".} + {.compile: bearEcPath & "ec_c25519_m31.c".} + {.compile: bearEcPath & "ec_c25519_m64.c".} + {.compile: bearEcPath & "ec_p256_m31.c".} + {.compile: bearEcPath & "ec_p256_m64.c".} + {.compile: bearEcPath & "ec_curve25519.c".} + {.compile: bearEcPath & "ec_prime_i31.c".} + {.compile: bearEcPath & "ec_pubkey.c".} + {.compile: bearEcPath & "ec_secp256r1.c".} + {.compile: bearEcPath & "ec_secp384r1.c".} + {.compile: bearEcPath & "ec_secp521r1.c".} + {.compile: bearEcPath & "ecdsa_i31_bits.c".} + {.compile: bearEcPath & "ecdsa_i31_sign_raw.c".} + {.compile: bearEcPath & "ecdsa_i31_sign_asn1.c".} + {.compile: bearEcPath & "ecdsa_i31_vrfy_asn1.c".} + {.compile: bearEcPath & "ecdsa_i31_vrfy_raw.c".} + {.compile: bearEcPath & "ecdsa_rta.c".} + {.compile: bearEcPath & "ecdsa_atr.c".} + +elif sizeof(int) == 4: + + ## Codec sources + {.compile: bearCodecPath & "ccopy.c".} + {.compile: bearCodecPath & "enc64be.c".} + {.compile: bearCodecPath & "dec64be.c".} + {.compile: bearCodecPath & "enc32be.c".} + {.compile: bearCodecPath & "dec32be.c".} + {.compile: bearCodecPath & "pemenc.c".} + {.compile: bearCodecPath & "pemdec.c".} + + ## Big integer sources + {.compile: bearIntPath & "i31_add.c".} + {.compile: bearIntPath & "i31_bitlen.c".} + {.compile: bearIntPath & "i31_decmod.c".} + {.compile: bearIntPath & "i31_decode.c".} + {.compile: bearIntPath & "i31_decred.c".} + {.compile: bearIntPath & "i31_encode.c".} + {.compile: bearIntPath & "i31_fmont.c".} + {.compile: bearIntPath & "i31_iszero.c".} + {.compile: bearIntPath & "i31_moddiv.c".} + {.compile: bearIntPath & "i31_modpow.c".} + {.compile: bearIntPath & "i31_modpow2.c".} + {.compile: bearIntPath & "i31_montmul.c".} + {.compile: bearIntPath & "i31_mulacc.c".} + {.compile: bearIntPath & "i31_muladd.c".} + {.compile: bearIntPath & "i31_ninv31.c".} + {.compile: bearIntPath & "i31_reduce.c".} + {.compile: bearIntPath & "i31_rshift.c".} + {.compile: bearIntPath & "i31_sub.c".} + {.compile: bearIntPath & "i31_tmont.c".} + + ## Additional integer sources + {.compile: bearIntPath & "i32_div32.c".} + + ## Random generator sources + {.compile: bearRandPath & "sysrng.c".} + {.compile: bearRandPath & "hmac_drbg.c".} + {.compile: bearRandPath & "aesctr_drbg.c".} + + ## HMAC sources + {.compile: bearMacPath & "hmac.c".} + {.compile: bearMacPath & "hmac_ct.c".} + + ## HASH sources + {.compile: bearHashPath & "mgf1.c".} + {.compile: bearHashPath & "ghash_ctmul.c".} + {.compile: bearHashPath & "sha2small.c".} # SHA2-224/256 + {.compile: bearHashPath & "sha2big.c".} # SHA2-384/512 + + ## RSA sources + {.compile: bearRsaPath & "rsa_i31_keygen_inner.c".} + {.compile: bearRsaPath & "rsa_i31_keygen.c".} + {.compile: bearRsaPath & "rsa_i31_oaep_decrypt.c".} + {.compile: bearRsaPath & "rsa_i31_oaep_encrypt.c".} + {.compile: bearRsaPath & "rsa_i31_pkcs1_sign.c".} + {.compile: bearRsaPath & "rsa_i31_pkcs1_vrfy.c".} + {.compile: bearRsaPath & "rsa_i31_priv.c".} + {.compile: bearRsaPath & "rsa_i31_pub.c".} + {.compile: bearRsaPath & "rsa_oaep_pad.c".} + {.compile: bearRsaPath & "rsa_oaep_unpad.c".} + {.compile: bearRsaPath & "rsa_pkcs1_sig_pad.c".} + {.compile: bearRsaPath & "rsa_pkcs1_sig_unpad.c".} + {.compile: bearRsaPath & "rsa_ssl_decrypt.c".} + {.compile: bearRsaPath & "rsa_default_keygen.c".} + {.compile: bearRsaPath & "rsa_i31_modulus.c".} + {.compile: bearRsaPath & "rsa_i31_privexp.c".} + {.compile: bearRsaPath & "rsa_i31_pubexp.c".} + {.compile: bearRsaPath & "rsa_default_modulus.c".} + {.compile: bearRsaPath & "rsa_default_privexp.c".} + {.compile: bearRsaPath & "rsa_default_pubexp.c".} + {.compile: bearRsaPath & "rsa_default_pkcs1_sign.c".} + {.compile: bearRsaPath & "rsa_default_pkcs1_vrfy.c".} + + ## Elliptic Curve sources + {.compile: bearEcPath & "ec_all_m31.c".} + {.compile: bearEcPath & "ec_default.c".} + {.compile: bearEcPath & "ec_keygen.c".} + {.compile: bearEcPath & "ec_c25519_m31.c".} + {.compile: bearEcPath & "ec_p256_m31.c".} + {.compile: bearEcPath & "ec_curve25519.c".} + {.compile: bearEcPath & "ec_prime_i31.c".} + {.compile: bearEcPath & "ec_pubkey.c".} + {.compile: bearEcPath & "ec_secp256r1.c".} + {.compile: bearEcPath & "ec_secp384r1.c".} + {.compile: bearEcPath & "ec_secp521r1.c".} + {.compile: bearEcPath & "ecdsa_i31_bits.c".} + {.compile: bearEcPath & "ecdsa_i31_sign_raw.c".} + {.compile: bearEcPath & "ecdsa_i31_sign_asn1.c".} + {.compile: bearEcPath & "ecdsa_i31_vrfy_asn1.c".} + {.compile: bearEcPath & "ecdsa_i31_vrfy_raw.c".} + {.compile: bearEcPath & "ecdsa_rta.c".} + {.compile: bearEcPath & "ecdsa_atr.c".} + +else: + error("Sorry, your target architecture is not supported!") + +const + BR_EC_SECP256R1* = 23 + BR_EC_SECP384R1* = 24 + BR_EC_SECP521R1* = 25 + + BR_EC_KBUF_PRIV_MAX_SIZE* = 72 + BR_EC_KBUF_PUB_MAX_SIZE* = 145 + +type + BrHashClass* {.importc: "br_hash_class", + header: "bearssl_hash.h", bycopy.} = object + contextSize* {.importc: "context_size".}: int + desc* {.importc: "desc".}: uint32 + init* {.importc: "init".}: proc (ctx: ptr ptr BrHashClass) {.cdecl.} + update* {.importc: "update".}: proc (ctx: ptr ptr BrHashClass, + data: pointer, len: int) {.cdecl.} + output* {.importc: "out".}: proc (ctx: ptr ptr BrHashClass, + dst: pointer) {.cdecl.} + state* {.importc: "state".}: proc (ctx: ptr ptr BrHashClass, + dst: pointer): uint64 {.cdecl.} + setState* {.importc: "set_state".}: proc (ctx: ptr ptr BrHashClass, + stb: pointer, + count: uint64) {.cdecl.} + + BrMd5Context* {.importc: "br_md5_context", + header: "bearssl_hash.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BrHashClass + buf* {.importc: "buf".}: array[64, cuchar] + count* {.importc: "count".}: uint64 + val* {.importc: "val".}: array[4, uint32] + + BrMd5sha1Context* {.importc: "br_md5sha1_context", + header: "bearssl_hash.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BrHashClass + buf* {.importc: "buf".}: array[64, cuchar] + count* {.importc: "count".}: uint64 + valMd5* {.importc: "val_md5".}: array[4, uint32] + valSha1* {.importc: "val_sha1".}: array[5, uint32] + + Sha1Context* {.importc: "br_sha1_context", + header: "bearssl_hash.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BrHashClass + buf* {.importc: "buf".}: array[64, cuchar] + count* {.importc: "count".}: uint64 + val* {.importc: "val".}: array[5, uint32] + + BrSha512Context* = BrSha384Context + BrSha384Context* {.importc: "br_sha384_context", + header: "bearssl_hash.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BrHashClass + buf* {.importc: "buf".}: array[128, cuchar] + count* {.importc: "count".}: uint64 + val* {.importc: "val".}: array[8, uint64] + + BrSha256Context* = BrSha224Context + BrSha224Context* {.importc: "br_sha224_context", + header: "bearssl_hash.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BrHashClass + buf* {.importc: "buf".}: array[64, cuchar] + count* {.importc: "count".}: uint64 + val* {.importc: "val".}: array[8, uint32] + + BrHashCompatContext* {.importc: "br_hash_compat_context", + header: "bearssl_hash.h", bycopy.} = object {.union.} + vtable* {.importc: "vtable".}: ptr BrHashClass + md5* {.importc: "md5".}: BrMd5Context + sha1* {.importc: "sha1".}: Sha1Context + sha224* {.importc: "sha224".}: BrSha224Context + sha256* {.importc: "sha256".}: BrSha256Context + sha384* {.importc: "sha384".}: BrSha384Context + sha512* {.importc: "sha512".}: BrSha512Context + md5sha1* {.importc: "md5sha1".}: BrMd5sha1Context + + BrPrngClass* {.importc: "br_prng_class", + header: "bearssl_rand.h", bycopy.} = object + contextSize* {.importc: "context_size".}: int + init* {.importc: "init".}: proc (ctx: ptr ptr BrPrngClass, params: pointer, + seed: pointer, seedLen: int) {.cdecl.} + generate* {.importc: "generate".}: proc (ctx: ptr ptr BrPrngClass, + output: pointer, + length: int) {.cdecl.} + update* {.importc: "update".}: proc (ctx: ptr ptr BrPrngClass, + seed: pointer, seedLen: int) {.cdecl.} + + BrHmacDrbgContext* {.importc: "br_hmac_drbg_context", + header: "bearssl_rand.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BrPrngClass + k* {.importc: "K".}: array[64, cuchar] + v* {.importc: "V".}: array[64, cuchar] + digestClass* {.importc: "digest_class".}: ptr BrHashClass + + BrRsaPublicKey* {.importc: "br_rsa_public_key", + header: "bearssl_rsa.h", bycopy.} = object + n* {.importc: "n".}: ptr cuchar + nlen* {.importc: "nlen".}: int + e* {.importc: "e".}: ptr cuchar + elen* {.importc: "elen".}: int + + BrRsaPrivateKey* {.importc: "br_rsa_private_key", + header: "bearssl_rsa.h", bycopy.} = object + nBitlen* {.importc: "n_bitlen".}: uint32 + p* {.importc: "p".}: ptr cuchar + plen* {.importc: "plen".}: int + q* {.importc: "q".}: ptr cuchar + qlen* {.importc: "qlen".}: int + dp* {.importc: "dp".}: ptr cuchar + dplen* {.importc: "dplen".}: int + dq* {.importc: "dq".}: ptr cuchar + dqlen* {.importc: "dqlen".}: int + iq* {.importc: "iq".}: ptr cuchar + iqlen* {.importc: "iqlen".}: int + + BrEcPublicKey* {.importc: "br_ec_public_key", header: "bearssl_ec.h", + bycopy.} = object + curve* {.importc: "curve".}: cint + q* {.importc: "q".}: ptr cuchar + qlen* {.importc: "qlen".}: int + + BrEcPrivateKey* {.importc: "br_ec_private_key", header: "bearssl_ec.h", + bycopy.} = object + curve* {.importc: "curve".}: cint + x* {.importc: "x".}: ptr cuchar + xlen* {.importc: "xlen".}: int + + BrEcImplementation* {.importc: "br_ec_impl", header: "bearssl_ec.h", + bycopy.} = object + supportedCurves* {.importc: "supported_curves".}: uint32 + generator* {.importc: "generator".}: proc (curve: cint, + length: ptr int): ptr cuchar {.cdecl, gcsafe.} + order* {.importc: "order".}: proc (curve: cint, + length: ptr int): ptr cuchar {.cdecl, gcsafe.} + xoff* {.importc: "xoff".}: proc (curve: cint, + length: ptr int): int {.cdecl, gcsafe.} + mul* {.importc: "mul".}: proc (g: ptr cuchar, glen: int, + x: ptr cuchar, xlen: int, + curve: cint): uint32 {.cdecl, gcsafe.} + mulgen* {.importc: "mulgen".}: proc (r: ptr cuchar, + x: ptr cuchar, xlen: int, + curve: cint): int {.cdecl, gcsafe.} + muladd* {.importc: "muladd".}: proc (a: ptr cuchar, b: ptr cuchar, + length: int, x: ptr cuchar, xlen: int, + y: ptr cuchar, ylen: int, + curve: cint): uint32 {.cdecl, gcsafe.} + + BrPrngSeeder* = proc (ctx: ptr ptr BrPrngClass): cint {.cdecl.} + BrRsaKeygen* = proc (ctx: ptr ptr BrPrngClass, + sk: ptr BrRsaPrivateKey, bufsec: ptr byte, + pk: ptr BrRsaPublicKey, bufpub: ptr byte, + size: cuint, pubexp: uint32): uint32 {.cdecl.} + BrRsaComputeModulus* = proc (n: pointer, + sk: ptr BrRsaPrivateKey): int {.cdecl.} + BrRsaComputePubexp* = proc (sk: ptr BrRsaPrivateKey): uint32 {.cdecl.} + BrRsaComputePrivexp* = proc (d: pointer, + sk: ptr BrRsaPrivateKey, + pubexp: uint32): int {.cdecl.} + BrRsaPkcs1Verify* = proc (x: ptr cuchar, xlen: int, + hash_oid: ptr cuchar, hash_len: int, + pk: ptr BrRsaPublicKey, + hash_out: ptr cuchar): uint32 {.cdecl.} + BrPemDecoderProc* = proc (destctx: pointer, src: pointer, + length: int) {.cdecl.} + BrRsaPkcs1Sign* = proc (hash_oid: ptr cuchar, hash: ptr cuchar, hash_len: int, + pk: ptr BrRsaPrivateKey, + x: ptr cuchar): uint32 {.cdecl.} + +proc brPrngSeederSystem*(name: cstringArray): BrPrngSeeder {.cdecl, + importc: "br_prng_seeder_system", header: "bearssl_rand.h".} + +proc brHmacDrbgInit*(ctx: ptr BrHmacDrbgContext, digestClass: ptr BrHashClass, + seed: pointer, seedLen: int) {. + cdecl, importc: "br_hmac_drbg_init", header: "bearssl_rand.h".} + +proc brRsaKeygenGetDefault*(): BrRsaKeygen {. + cdecl, importc: "br_rsa_keygen_get_default", header: "bearssl_rsa.h".} + +proc BrRsaPkcs1SignGetDefault*(): BrRsaPkcs1Sign {. + cdecl, importc: "br_rsa_pkcs1_sign_get_default", header: "bearssl_rsa.h".} + +proc BrRsaPkcs1VrfyGetDefault*(): BrRsaPkcs1Verify {. + cdecl, importc: "br_rsa_pkcs1_vrfy_get_default", header: "bearssl_rsa.h".} + +proc brRsaComputeModulusGetDefault*(): BrRsaComputeModulus {. + cdecl, importc: "br_rsa_compute_modulus_get_default", + header: "bearssl_rsa.h".} + +proc brRsaComputePubexpGetDefault*(): BrRsaComputePubexp {. + cdecl, importc: "br_rsa_compute_pubexp_get_default", + header: "bearssl_rsa.h".} + +proc brRsaComputePrivexpGetDefault*(): BrRsaComputePrivexp {. + cdecl, importc: "br_rsa_compute_privexp_get_default", + header: "bearssl_rsa.h".} + +proc brEcGetDefault*(): ptr BrEcImplementation {. + cdecl, importc: "br_ec_get_default", header: "bearssl_ec.h".} + +proc brEcKeygen*(ctx: ptr ptr BrPrngClass, impl: ptr BrEcImplementation, + sk: ptr BrEcPrivateKey, keybuf: ptr byte, + curve: cint): int {.cdecl, + importc: "br_ec_keygen", header: "bearssl_ec.h".} + +proc brEcComputePublicKey*(impl: ptr BrEcImplementation, pk: ptr BrEcPublicKey, + kbuf: ptr byte, sk: ptr BrEcPrivateKey): int {. + cdecl, importc: "br_ec_compute_pub", header: "bearssl_ec.h".} + +proc brEcdsaSignRaw*(impl: ptr BrEcImplementation, hf: ptr BrHashClass, + value: pointer, sk: ptr BrEcPrivateKey, + sig: pointer): int {. + cdecl, importc: "br_ecdsa_i31_sign_raw", header: "bearssl_ec.h".} + +proc brEcdsaVerifyRaw*(impl: ptr BrEcImplementation, hash: pointer, + hashlen: int, pk: ptr BrEcPublicKey, sig: pointer, + siglen: int): uint32 {. + cdecl, importc: "br_ecdsa_i31_vrfy_raw", header: "bearssl_ec.h".} + +proc brEcdsaSignAsn1*(impl: ptr BrEcImplementation, hf: ptr BrHashClass, + value: pointer, sk: ptr BrEcPrivateKey, + sig: pointer): int {. + cdecl, importc: "br_ecdsa_i31_sign_asn1", header: "bearssl_ec.h".} + +proc brEcdsaVerifyAsn1*(impl: ptr BrEcImplementation, hash: pointer, + hashlen: int, pk: ptr BrEcPublicKey, sig: pointer, + siglen: int): uint32 {. + cdecl, importc: "br_ecdsa_i31_vrfy_asn1", header: "bearssl_ec.h".} + +var sha256Vtable* {.importc: "br_sha256_vtable", + header: "bearssl_hash.h".}: BrHashClass +var sha384Vtable* {.importc: "br_sha384_vtable", + header: "bearssl_hash.h".}: BrHashClass +var sha512Vtable* {.importc: "br_sha512_vtable", + header: "bearssl_hash.h".}: BrHashClass + +template brRsaPrivateKeyBufferSize*(size: int): int = + # BR_RSA_KBUF_PRIV_SIZE(size) + (5 * ((size + 15) shr 4)) + +template brRsaPublicKeyBufferSize*(size: int): int = + # BR_RSA_KBUF_PUB_SIZE(size) + (4 + ((size + 7) shr 3)) diff --git a/bearssl.nimble b/bearssl.nimble new file mode 100644 index 0000000..24288a5 --- /dev/null +++ b/bearssl.nimble @@ -0,0 +1,12 @@ +# Package + +version = "0.1.0" +author = "Status Research & Development GmbH" +description = "BearSSL wrapper" +license = "MIT or Apache License 2.0" + + + +# Dependencies + +requires "nim >= 0.19.6" diff --git a/bearssl/csources b/bearssl/csources new file mode 160000 index 0000000..c1bb535 --- /dev/null +++ b/bearssl/csources @@ -0,0 +1 @@ +Subproject commit c1bb5356bb52984178c269886b6835b532ef30c2 diff --git a/tests/config.nims b/tests/config.nims new file mode 100644 index 0000000..3bb69f8 --- /dev/null +++ b/tests/config.nims @@ -0,0 +1 @@ +switch("path", "$projectDir/../src") \ No newline at end of file diff --git a/tests/test1.nim b/tests/test1.nim new file mode 100644 index 0000000..d4578d9 --- /dev/null +++ b/tests/test1.nim @@ -0,0 +1,13 @@ +# This is just an example to get you started. You may wish to put all of your +# tests into a single file, or separate them into multiple `test1`, `test2` +# etc. files (better names are recommended, just make sure the name starts with +# the letter 't'). +# +# To run these tests, simply execute `nimble test`. + +import unittest + +import bearssl + +test "dummy": + check true