Home | History | Annotate | Download | only in wpa_supplicant 
      1 /*
      2  * WPA Supplicant / wrapper functions for libcrypto
      3  * Copyright (c) 2004-2005, Jouni Malinen <j (at) w1.fi>
      4  *
      5  * This program is free software; you can redistribute it and/or modify
      6  * it under the terms of the GNU General Public License version 2 as
      7  * published by the Free Software Foundation.
      8  *
      9  * Alternatively, this software may be distributed under the terms of BSD
     10  * license.
     11  *
     12  * See README and COPYING for more details.
     13  */
     14 
     15 #include "includes.h"
     16 #include <openssl/opensslv.h>
     17 #include <openssl/md4.h>
     18 #include <openssl/md5.h>
     19 #include <openssl/sha.h>
     20 #include <openssl/des.h>
     21 #include <openssl/aes.h>
     22 
     23 #include "common.h"
     24 #include "crypto.h"
     25 
     26 #if OPENSSL_VERSION_NUMBER < 0x00907000
     27 #define DES_key_schedule des_key_schedule
     28 #define DES_cblock des_cblock
     29 #define DES_set_key(key, schedule) des_set_key((key), *(schedule))
     30 #define DES_ecb_encrypt(input, output, ks, enc) \
     31 	des_ecb_encrypt((input), (output), *(ks), (enc))
     32 #endif /* openssl < 0.9.7 */
     33 
     34 
     35 void md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
     36 {
     37 	MD4_CTX ctx;
     38 	size_t i;
     39 
     40 	MD4_Init(&ctx);
     41 	for (i = 0; i < num_elem; i++)
     42 		MD4_Update(&ctx, addr[i], len[i]);
     43 	MD4_Final(mac, &ctx);
     44 }
     45 
     46 
     47 void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
     48 {
     49 	u8 pkey[8], next, tmp;
     50 	int i;
     51 	DES_key_schedule ks;
     52 
     53 	/* Add parity bits to the key */
     54 	next = 0;
     55 	for (i = 0; i < 7; i++) {
     56 		tmp = key[i];
     57 		pkey[i] = (tmp >> i) | next | 1;
     58 		next = tmp << (7 - i);
     59 	}
     60 	pkey[i] = next | 1;
     61 
     62 	DES_set_key(&pkey, &ks);
     63 	DES_ecb_encrypt((DES_cblock *) clear, (DES_cblock *) cypher, &ks,
     64 			DES_ENCRYPT);
     65 }
     66 
     67 
     68 #ifdef EAP_TLS_FUNCS
     69 void md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
     70 {
     71 	MD5_CTX ctx;
     72 	size_t i;
     73 
     74 	MD5_Init(&ctx);
     75 	for (i = 0; i < num_elem; i++)
     76 		MD5_Update(&ctx, addr[i], len[i]);
     77 	MD5_Final(mac, &ctx);
     78 }
     79 
     80 
     81 void sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
     82 {
     83 	SHA_CTX ctx;
     84 	size_t i;
     85 
     86 	SHA1_Init(&ctx);
     87 	for (i = 0; i < num_elem; i++)
     88 		SHA1_Update(&ctx, addr[i], len[i]);
     89 	SHA1_Final(mac, &ctx);
     90 }
     91 
     92 
     93 static void sha1_transform(u8 *state, const u8 data[64])
     94 {
     95 	SHA_CTX context;
     96 	os_memset(&context, 0, sizeof(context));
     97 	os_memcpy(&context.h0, state, 5 * 4);
     98 	SHA1_Transform(&context, data);
     99 	os_memcpy(state, &context.h0, 5 * 4);
    100 }
    101 
    102 
    103 int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
    104 {
    105 	u8 xkey[64];
    106 	u32 t[5], _t[5];
    107 	int i, j, m, k;
    108 	u8 *xpos = x;
    109 	u32 carry;
    110 
    111 	if (seed_len > sizeof(xkey))
    112 		seed_len = sizeof(xkey);
    113 
    114 	/* FIPS 186-2 + change notice 1 */
    115 
    116 	os_memcpy(xkey, seed, seed_len);
    117 	os_memset(xkey + seed_len, 0, 64 - seed_len);
    118 	t[0] = 0x67452301;
    119 	t[1] = 0xEFCDAB89;
    120 	t[2] = 0x98BADCFE;
    121 	t[3] = 0x10325476;
    122 	t[4] = 0xC3D2E1F0;
    123 
    124 	m = xlen / 40;
    125 	for (j = 0; j < m; j++) {
    126 		/* XSEED_j = 0 */
    127 		for (i = 0; i < 2; i++) {
    128 			/* XVAL = (XKEY + XSEED_j) mod 2^b */
    129 
    130 			/* w_i = G(t, XVAL) */
    131 			os_memcpy(_t, t, 20);
    132 			sha1_transform((u8 *) _t, xkey);
    133 			_t[0] = host_to_be32(_t[0]);
    134 			_t[1] = host_to_be32(_t[1]);
    135 			_t[2] = host_to_be32(_t[2]);
    136 			_t[3] = host_to_be32(_t[3]);
    137 			_t[4] = host_to_be32(_t[4]);
    138 			os_memcpy(xpos, _t, 20);
    139 
    140 			/* XKEY = (1 + XKEY + w_i) mod 2^b */
    141 			carry = 1;
    142 			for (k = 19; k >= 0; k--) {
    143 				carry += xkey[k] + xpos[k];
    144 				xkey[k] = carry & 0xff;
    145 				carry >>= 8;
    146 			}
    147 
    148 			xpos += 20;
    149 		}
    150 		/* x_j = w_0|w_1 */
    151 	}
    152 
    153 	return 0;
    154 }
    155 
    156 
    157 void * aes_encrypt_init(const u8 *key, size_t len)
    158 {
    159 	AES_KEY *ak;
    160 	ak = os_malloc(sizeof(*ak));
    161 	if (ak == NULL)
    162 		return NULL;
    163 	if (AES_set_encrypt_key(key, 8 * len, ak) < 0) {
    164 		os_free(ak);
    165 		return NULL;
    166 	}
    167 	return ak;
    168 }
    169 
    170 
    171 void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
    172 {
    173 	AES_encrypt(plain, crypt, ctx);
    174 }
    175 
    176 
    177 void aes_encrypt_deinit(void *ctx)
    178 {
    179 	os_free(ctx);
    180 }
    181 
    182 
    183 void * aes_decrypt_init(const u8 *key, size_t len)
    184 {
    185 	AES_KEY *ak;
    186 	ak = os_malloc(sizeof(*ak));
    187 	if (ak == NULL)
    188 		return NULL;
    189 	if (AES_set_decrypt_key(key, 8 * len, ak) < 0) {
    190 		os_free(ak);
    191 		return NULL;
    192 	}
    193 	return ak;
    194 }
    195 
    196 
    197 void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
    198 {
    199 	AES_decrypt(crypt, plain, ctx);
    200 }
    201 
    202 
    203 void aes_decrypt_deinit(void *ctx)
    204 {
    205 	os_free(ctx);
    206 }
    207 #endif /* EAP_TLS_FUNCS */
    208