search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
hostapd: Update vendor branch to 0.6.10
[dragonfly.git] / contrib / hostapd / src / crypto / crypto_openssl.c
bloba4c3415c4d18bc89053f8a70413a5a2c65099711
1 /*
2 * WPA Supplicant / wrapper functions for libcrypto
3 * Copyright (c) 2004-2005, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
15 #include "includes.h"
16 #include <openssl/opensslv.h>
17 #include <openssl/md4.h>
18 #include <openssl/md5.h>
19 #include <openssl/sha.h>
20 #include <openssl/des.h>
21 #include <openssl/aes.h>
22 #include <openssl/bn.h>
23 #include <openssl/evp.h>
24
25 #include "common.h"
26 #include "crypto.h"
27
28 #if OPENSSL_VERSION_NUMBER < 0x00907000
29 #define DES_key_schedule des_key_schedule
30 #define DES_cblock des_cblock
31 #define DES_set_key(key, schedule) des_set_key((key), *(schedule))
32 #define DES_ecb_encrypt(input, output, ks, enc) \
33 des_ecb_encrypt((input), (output), *(ks), (enc))
34 #endif /* openssl < 0.9.7 */
35
36
37 void md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
38 {
39 MD4_CTX ctx;
40 size_t i;
41
42 MD4_Init(&ctx);
43 for (i = 0; i < num_elem; i++)
44 MD4_Update(&ctx, addr[i], len[i]);
45 MD4_Final(mac, &ctx);
46 }
47
48
49 void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
50 {
51 u8 pkey[8], next, tmp;
52 int i;
53 DES_key_schedule ks;
54
55 /* Add parity bits to the key */
56 next = 0;
57 for (i = 0; i < 7; i++) {
58 tmp = key[i];
59 pkey[i] = (tmp >> i) | next | 1;
60 next = tmp << (7 - i);
61 }
62 pkey[i] = next | 1;
63
64 DES_set_key(&pkey, &ks);
65 DES_ecb_encrypt((DES_cblock *) clear, (DES_cblock *) cypher, &ks,
66 DES_ENCRYPT);
67 }
68
69
70 void md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
71 {
72 MD5_CTX ctx;
73 size_t i;
74
75 MD5_Init(&ctx);
76 for (i = 0; i < num_elem; i++)
77 MD5_Update(&ctx, addr[i], len[i]);
78 MD5_Final(mac, &ctx);
79 }
80
81
82 void sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
83 {
84 SHA_CTX ctx;
85 size_t i;
86
87 SHA1_Init(&ctx);
88 for (i = 0; i < num_elem; i++)
89 SHA1_Update(&ctx, addr[i], len[i]);
90 SHA1_Final(mac, &ctx);
91 }
92
93
94 #ifndef CONFIG_NO_FIPS186_2_PRF
95 static void sha1_transform(u8 *state, const u8 data[64])
96 {
97 SHA_CTX context;
98 os_memset(&context, 0, sizeof(context));
99 os_memcpy(&context.h0, state, 5 * 4);
100 SHA1_Transform(&context, data);
101 os_memcpy(state, &context.h0, 5 * 4);
102 }
103
104
105 int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
106 {
107 u8 xkey[64];
108 u32 t[5], _t[5];
109 int i, j, m, k;
110 u8 *xpos = x;
111 u32 carry;
112
113 if (seed_len > sizeof(xkey))
114 seed_len = sizeof(xkey);
115
116 /* FIPS 186-2 + change notice 1 */
117
118 os_memcpy(xkey, seed, seed_len);
119 os_memset(xkey + seed_len, 0, 64 - seed_len);
120 t[0] = 0x67452301;
121 t[1] = 0xEFCDAB89;
122 t[2] = 0x98BADCFE;
123 t[3] = 0x10325476;
124 t[4] = 0xC3D2E1F0;
125
126 m = xlen / 40;
127 for (j = 0; j < m; j++) {
128 /* XSEED_j = 0 */
129 for (i = 0; i < 2; i++) {
130 /* XVAL = (XKEY + XSEED_j) mod 2^b */
131
132 /* w_i = G(t, XVAL) */
133 os_memcpy(_t, t, 20);
134 sha1_transform((u8 *) _t, xkey);
135 _t[0] = host_to_be32(_t[0]);
136 _t[1] = host_to_be32(_t[1]);
137 _t[2] = host_to_be32(_t[2]);
138 _t[3] = host_to_be32(_t[3]);
139 _t[4] = host_to_be32(_t[4]);
140 os_memcpy(xpos, _t, 20);
141
142 /* XKEY = (1 + XKEY + w_i) mod 2^b */
143 carry = 1;
144 for (k = 19; k >= 0; k--) {
145 carry += xkey[k] + xpos[k];
146 xkey[k] = carry & 0xff;
147 carry >>= 8;
148 }
149
150 xpos += 20;
151 }
152 /* x_j = w_0|w_1 */
153 }
154
155 return 0;
156 }
157 #endif /* CONFIG_NO_FIPS186_2_PRF */
158
159
160 void * aes_encrypt_init(const u8 *key, size_t len)
161 {
162 AES_KEY *ak;
163 ak = os_malloc(sizeof(*ak));
164 if (ak == NULL)
165 return NULL;
166 if (AES_set_encrypt_key(key, 8 * len, ak) < 0) {
167 os_free(ak);
168 return NULL;
169 }
170 return ak;
171 }
172
173
174 void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
175 {
176 AES_encrypt(plain, crypt, ctx);
177 }
178
179
180 void aes_encrypt_deinit(void *ctx)
181 {
182 os_free(ctx);
183 }
184
185
186 void * aes_decrypt_init(const u8 *key, size_t len)
187 {
188 AES_KEY *ak;
189 ak = os_malloc(sizeof(*ak));
190 if (ak == NULL)
191 return NULL;
192 if (AES_set_decrypt_key(key, 8 * len, ak) < 0) {
193 os_free(ak);
194 return NULL;
195 }
196 return ak;
197 }
198
199
200 void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
201 {
202 AES_decrypt(crypt, plain, ctx);
203 }
204
205
206 void aes_decrypt_deinit(void *ctx)
207 {
208 os_free(ctx);
209 }
210
211
212 int crypto_mod_exp(const u8 *base, size_t base_len,
213 const u8 *power, size_t power_len,
214 const u8 *modulus, size_t modulus_len,
215 u8 *result, size_t *result_len)
216 {
217 BIGNUM *bn_base, *bn_exp, *bn_modulus, *bn_result;
218 int ret = -1;
219 BN_CTX *ctx;
220
221 ctx = BN_CTX_new();
222 if (ctx == NULL)
223 return -1;
224
225 bn_base = BN_bin2bn(base, base_len, NULL);
226 bn_exp = BN_bin2bn(power, power_len, NULL);
227 bn_modulus = BN_bin2bn(modulus, modulus_len, NULL);
228 bn_result = BN_new();
229
230 if (bn_base == NULL || bn_exp == NULL || bn_modulus == NULL ||
231 bn_result == NULL)
232 goto error;
233
234 if (BN_mod_exp(bn_result, bn_base, bn_exp, bn_modulus, ctx) != 1)
235 goto error;
236
237 *result_len = BN_bn2bin(bn_result, result);
238 ret = 0;
239
240 error:
241 BN_free(bn_base);
242 BN_free(bn_exp);
243 BN_free(bn_modulus);
244 BN_free(bn_result);
245 BN_CTX_free(ctx);
246 return ret;
247 }
248
249
250 struct crypto_cipher {
251 EVP_CIPHER_CTX enc;
252 EVP_CIPHER_CTX dec;
253 };
254
255
256 struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
257 const u8 *iv, const u8 *key,
258 size_t key_len)
259 {
260 struct crypto_cipher *ctx;
261 const EVP_CIPHER *cipher;
262
263 ctx = os_zalloc(sizeof(*ctx));
264 if (ctx == NULL)
265 return NULL;
266
267 switch (alg) {
268 #ifndef OPENSSL_NO_RC4
269 case CRYPTO_CIPHER_ALG_RC4:
270 cipher = EVP_rc4();
271 break;
272 #endif /* OPENSSL_NO_RC4 */
273 #ifndef OPENSSL_NO_AES
274 case CRYPTO_CIPHER_ALG_AES:
275 switch (key_len) {
276 case 16:
277 cipher = EVP_aes_128_cbc();
278 break;
279 case 24:
280 cipher = EVP_aes_192_cbc();
281 break;
282 case 32:
283 cipher = EVP_aes_256_cbc();
284 break;
285 default:
286 os_free(ctx);
287 return NULL;
288 }
289 break;
290 #endif /* OPENSSL_NO_AES */
291 #ifndef OPENSSL_NO_DES
292 case CRYPTO_CIPHER_ALG_3DES:
293 cipher = EVP_des_ede3_cbc();
294 break;
295 case CRYPTO_CIPHER_ALG_DES:
296 cipher = EVP_des_cbc();
297 break;
298 #endif /* OPENSSL_NO_DES */
299 #ifndef OPENSSL_NO_RC2
300 case CRYPTO_CIPHER_ALG_RC2:
301 cipher = EVP_rc2_ecb();
302 break;
303 #endif /* OPENSSL_NO_RC2 */
304 default:
305 os_free(ctx);
306 return NULL;
307 }
308
309 EVP_CIPHER_CTX_init(&ctx->enc);
310 EVP_CIPHER_CTX_set_padding(&ctx->enc, 0);
311 if (!EVP_EncryptInit_ex(&ctx->enc, cipher, NULL, NULL, NULL) ||
312 !EVP_CIPHER_CTX_set_key_length(&ctx->enc, key_len) ||
313 !EVP_EncryptInit_ex(&ctx->enc, cipher, NULL, key, iv)) {
314 EVP_CIPHER_CTX_cleanup(&ctx->enc);
315 os_free(ctx);
316 return NULL;
317 }
318
319 EVP_CIPHER_CTX_init(&ctx->dec);
320 EVP_CIPHER_CTX_set_padding(&ctx->dec, 0);
321 if (!EVP_DecryptInit_ex(&ctx->dec, cipher, NULL, NULL, NULL) ||
322 !EVP_CIPHER_CTX_set_key_length(&ctx->dec, key_len) ||
323 !EVP_DecryptInit_ex(&ctx->dec, cipher, NULL, key, iv)) {
324 EVP_CIPHER_CTX_cleanup(&ctx->enc);
325 EVP_CIPHER_CTX_cleanup(&ctx->dec);
326 os_free(ctx);
327 return NULL;
328 }
329
330 return ctx;
331 }
332
333
334 int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain,
335 u8 *crypt, size_t len)
336 {
337 int outl;
338 if (!EVP_EncryptUpdate(&ctx->enc, crypt, &outl, plain, len))
339 return -1;
340 return 0;
341 }
342
343
344 int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
345 u8 *plain, size_t len)
346 {
347 int outl;
348 outl = len;
349 if (!EVP_DecryptUpdate(&ctx->dec, plain, &outl, crypt, len))
350 return -1;
351 return 0;
352 }
353
354
355 void crypto_cipher_deinit(struct crypto_cipher *ctx)
356 {
357 EVP_CIPHER_CTX_cleanup(&ctx->enc);
358 EVP_CIPHER_CTX_cleanup(&ctx->dec);
359 os_free(ctx);
360 }
DragonFly BSD