Home | History | Annotate | Download | only in crypto 
      1 /*
      2  * Crypto wrapper functions for NSS
      3  * Copyright (c) 2009, Jouni Malinen <j (at) w1.fi>
      4  *
      5  * This program is free software; you can redistribute it and/or modify
      6  * it under the terms of the GNU General Public License version 2 as
      7  * published by the Free Software Foundation.
      8  *
      9  * Alternatively, this software may be distributed under the terms of BSD
     10  * license.
     11  *
     12  * See README and COPYING for more details.
     13  */
     14 
     15 #include "includes.h"
     16 #include <nspr/prtypes.h>
     17 #include <nspr/plarenas.h>
     18 #include <nspr/plhash.h>
     19 #include <nspr/prtime.h>
     20 #include <nspr/prinrval.h>
     21 #include <nspr/prclist.h>
     22 #include <nspr/prlock.h>
     23 #include <nss/sechash.h>
     24 #include <nss/pk11pub.h>
     25 
     26 #include "common.h"
     27 #include "crypto.h"
     28 
     29 
     30 static int nss_hash(HASH_HashType type, unsigned int max_res_len,
     31 		    size_t num_elem, const u8 *addr[], const size_t *len,
     32 		    u8 *mac)
     33 {
     34 	HASHContext *ctx;
     35 	size_t i;
     36 	unsigned int reslen;
     37 
     38 	ctx = HASH_Create(type);
     39 	if (ctx == NULL)
     40 		return -1;
     41 
     42 	HASH_Begin(ctx);
     43 	for (i = 0; i < num_elem; i++)
     44 		HASH_Update(ctx, addr[i], len[i]);
     45 	HASH_End(ctx, mac, &reslen, max_res_len);
     46 	HASH_Destroy(ctx);
     47 
     48 	return 0;
     49 }
     50 
     51 
     52 void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
     53 {
     54 	PK11Context *ctx = NULL;
     55 	PK11SlotInfo *slot;
     56 	SECItem *param = NULL;
     57 	PK11SymKey *symkey = NULL;
     58 	SECItem item;
     59 	int olen;
     60 	u8 pkey[8], next, tmp;
     61 	int i;
     62 
     63 	/* Add parity bits to the key */
     64 	next = 0;
     65 	for (i = 0; i < 7; i++) {
     66 		tmp = key[i];
     67 		pkey[i] = (tmp >> i) | next | 1;
     68 		next = tmp << (7 - i);
     69 	}
     70 	pkey[i] = next | 1;
     71 
     72 	slot = PK11_GetBestSlot(CKM_DES_ECB, NULL);
     73 	if (slot == NULL) {
     74 		wpa_printf(MSG_ERROR, "NSS: PK11_GetBestSlot failed");
     75 		goto out;
     76 	}
     77 
     78 	item.type = siBuffer;
     79 	item.data = pkey;
     80 	item.len = 8;
     81 	symkey = PK11_ImportSymKey(slot, CKM_DES_ECB, PK11_OriginDerive,
     82 				   CKA_ENCRYPT, &item, NULL);
     83 	if (symkey == NULL) {
     84 		wpa_printf(MSG_ERROR, "NSS: PK11_ImportSymKey failed");
     85 		goto out;
     86 	}
     87 
     88 	param = PK11_GenerateNewParam(CKM_DES_ECB, symkey);
     89 	if (param == NULL) {
     90 		wpa_printf(MSG_ERROR, "NSS: PK11_GenerateNewParam failed");
     91 		goto out;
     92 	}
     93 
     94 	ctx = PK11_CreateContextBySymKey(CKM_DES_ECB, CKA_ENCRYPT,
     95 					 symkey, param);
     96 	if (ctx == NULL) {
     97 		wpa_printf(MSG_ERROR, "NSS: PK11_CreateContextBySymKey("
     98 			   "CKM_DES_ECB) failed");
     99 		goto out;
    100 	}
    101 
    102 	if (PK11_CipherOp(ctx, cypher, &olen, 8, (void *) clear, 8) !=
    103 	    SECSuccess) {
    104 		wpa_printf(MSG_ERROR, "NSS: PK11_CipherOp failed");
    105 		goto out;
    106 	}
    107 
    108 out:
    109 	if (ctx)
    110 		PK11_DestroyContext(ctx, PR_TRUE);
    111 	if (symkey)
    112 		PK11_FreeSymKey(symkey);
    113 	if (param)
    114 		SECITEM_FreeItem(param, PR_TRUE);
    115 }
    116 
    117 
    118 int rc4_skip(const u8 *key, size_t keylen, size_t skip,
    119 	     u8 *data, size_t data_len)
    120 {
    121 	return -1;
    122 }
    123 
    124 
    125 int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
    126 {
    127 	return nss_hash(HASH_AlgMD5, 16, num_elem, addr, len, mac);
    128 }
    129 
    130 
    131 int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
    132 {
    133 	return nss_hash(HASH_AlgSHA1, 20, num_elem, addr, len, mac);
    134 }
    135 
    136 
    137 int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len,
    138 		  u8 *mac)
    139 {
    140 	return nss_hash(HASH_AlgSHA256, 32, num_elem, addr, len, mac);
    141 }
    142 
    143 
    144 void * aes_encrypt_init(const u8 *key, size_t len)
    145 {
    146 	return NULL;
    147 }
    148 
    149 
    150 void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
    151 {
    152 }
    153 
    154 
    155 void aes_encrypt_deinit(void *ctx)
    156 {
    157 }
    158 
    159 
    160 void * aes_decrypt_init(const u8 *key, size_t len)
    161 {
    162 	return NULL;
    163 }
    164 
    165 
    166 void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
    167 {
    168 }
    169 
    170 
    171 void aes_decrypt_deinit(void *ctx)
    172 {
    173 }
    174 
    175 
    176 int crypto_mod_exp(const u8 *base, size_t base_len,
    177 		   const u8 *power, size_t power_len,
    178 		   const u8 *modulus, size_t modulus_len,
    179 		   u8 *result, size_t *result_len)
    180 {
    181 	return -1;
    182 }
    183 
    184 
    185 struct crypto_cipher {
    186 };
    187 
    188 
    189 struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
    190 					  const u8 *iv, const u8 *key,
    191 					  size_t key_len)
    192 {
    193 	return NULL;
    194 }
    195 
    196 
    197 int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain,
    198 			  u8 *crypt, size_t len)
    199 {
    200 	return -1;
    201 }
    202 
    203 
    204 int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
    205 			  u8 *plain, size_t len)
    206 {
    207 	return -1;
    208 }
    209 
    210 
    211 void crypto_cipher_deinit(struct crypto_cipher *ctx)
    212 {
    213 }
    214