search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix.
[gnutls.git] / lgl / gc-libgcrypt.c
blobd3ab73c22e291457d20bff03ad8f90f4b8c57f70
1 /* gc-libgcrypt.c --- Crypto wrappers around Libgcrypt for GC.
2 * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008 Simon Josefsson
3 *
4 * This file is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU Lesser General Public License as published
6 * by the Free Software Foundation; either version 2.1, or (at your
7 * option) any later version.
8 *
9 * This file is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public License
15 * along with this file; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17 * 02110-1301, USA.
18 *
19 */
20
21 /* Note: This file is only built if GC uses Libgcrypt. */
22
23 #include <config.h>
24
25 /* Get prototype. */
26 #include "gc.h"
27
28 #include <stdlib.h>
29 #include <string.h>
30
31 /* Get libgcrypt API. */
32 #include <gcrypt.h>
33 #ifdef GNULIB_GC_MD2
34 # include "md2.h"
35 #endif
36
37 #include <assert.h>
38
39 /* Initialization. */
40
41 Gc_rc
42 gc_init (void)
43 {
44 gcry_error_t err;
45
46 err = gcry_control (GCRYCTL_ANY_INITIALIZATION_P);
47 if (err == GPG_ERR_NO_ERROR)
48 {
49 if (gcry_control (GCRYCTL_DISABLE_SECMEM, NULL, 0))
50 return GC_INIT_ERROR;
51
52 if (gcry_check_version (GCRYPT_VERSION) == NULL)
53 return GC_INIT_ERROR;
54
55 err = gcry_control (GCRYCTL_INITIALIZATION_FINISHED, NULL, 0);
56 if (err != GPG_ERR_NO_ERROR)
57 return GC_INIT_ERROR;
58 }
59
60 return GC_OK;
61 }
62
63 void
64 gc_done (void)
65 {
66 return;
67 }
68
69 #ifdef GNULIB_GC_RANDOM
70
71 /* Randomness. */
72
73 Gc_rc
74 gc_nonce (char *data, size_t datalen)
75 {
76 gcry_create_nonce ((unsigned char *) data, datalen);
77 return GC_OK;
78 }
79
80 Gc_rc
81 gc_pseudo_random (char *data, size_t datalen)
82 {
83 gcry_randomize ((unsigned char *) data, datalen, GCRY_STRONG_RANDOM);
84 return GC_OK;
85 }
86
87 Gc_rc
88 gc_random (char *data, size_t datalen)
89 {
90 gcry_randomize ((unsigned char *) data, datalen, GCRY_VERY_STRONG_RANDOM);
91 return GC_OK;
92 }
93
94 #endif
95
96 /* Memory allocation. */
97
98 void
99 gc_set_allocators (gc_malloc_t func_malloc,
100 gc_malloc_t secure_malloc,
101 gc_secure_check_t secure_check,
102 gc_realloc_t func_realloc, gc_free_t func_free)
103 {
104 gcry_set_allocation_handler (func_malloc, secure_malloc, secure_check,
105 func_realloc, func_free);
106 }
107
108 /* Ciphers. */
109
110 Gc_rc
111 gc_cipher_open (Gc_cipher alg, Gc_cipher_mode mode,
112 gc_cipher_handle * outhandle)
113 {
114 int gcryalg, gcrymode;
115 gcry_error_t err;
116
117 switch (alg)
118 {
119 case GC_AES128:
120 gcryalg = GCRY_CIPHER_RIJNDAEL;
121 break;
122
123 case GC_AES192:
124 gcryalg = GCRY_CIPHER_RIJNDAEL;
125 break;
126
127 case GC_AES256:
128 gcryalg = GCRY_CIPHER_RIJNDAEL256;
129 break;
130
131 case GC_3DES:
132 gcryalg = GCRY_CIPHER_3DES;
133 break;
134
135 case GC_DES:
136 gcryalg = GCRY_CIPHER_DES;
137 break;
138
139 case GC_ARCFOUR128:
140 case GC_ARCFOUR40:
141 gcryalg = GCRY_CIPHER_ARCFOUR;
142 break;
143
144 case GC_ARCTWO40:
145 gcryalg = GCRY_CIPHER_RFC2268_40;
146 break;
147
148 #ifdef ENABLE_CAMELLIA
149 case GC_CAMELLIA128:
150 gcryalg = GCRY_CIPHER_CAMELLIA128;
151 break;
152
153 case GC_CAMELLIA256:
154 gcryalg = GCRY_CIPHER_CAMELLIA256;
155 break;
156 #endif
157
158 default:
159 return GC_INVALID_CIPHER;
160 }
161
162 switch (mode)
163 {
164 case GC_ECB:
165 gcrymode = GCRY_CIPHER_MODE_ECB;
166 break;
167
168 case GC_CBC:
169 gcrymode = GCRY_CIPHER_MODE_CBC;
170 break;
171
172 case GC_STREAM:
173 gcrymode = GCRY_CIPHER_MODE_STREAM;
174 break;
175
176 default:
177 return GC_INVALID_CIPHER;
178 }
179
180 err = gcry_cipher_open ((gcry_cipher_hd_t *) outhandle,
181 gcryalg, gcrymode, 0);
182 if (gcry_err_code (err))
183 return GC_INVALID_CIPHER;
184
185 return GC_OK;
186 }
187
188 Gc_rc
189 gc_cipher_setkey (gc_cipher_handle handle, size_t keylen, const char *key)
190 {
191 gcry_error_t err;
192
193 err = gcry_cipher_setkey ((gcry_cipher_hd_t) handle, key, keylen);
194 if (gcry_err_code (err))
195 return GC_INVALID_CIPHER;
196
197 return GC_OK;
198 }
199
200 Gc_rc
201 gc_cipher_setiv (gc_cipher_handle handle, size_t ivlen, const char *iv)
202 {
203 gcry_error_t err;
204
205 err = gcry_cipher_setiv ((gcry_cipher_hd_t) handle, iv, ivlen);
206 if (gcry_err_code (err))
207 return GC_INVALID_CIPHER;
208
209 return GC_OK;
210 }
211
212 Gc_rc
213 gc_cipher_encrypt_inline (gc_cipher_handle handle, size_t len, char *data)
214 {
215 if (gcry_cipher_encrypt ((gcry_cipher_hd_t) handle,
216 data, len, NULL, len) != 0)
217 return GC_INVALID_CIPHER;
218
219 return GC_OK;
220 }
221
222 Gc_rc
223 gc_cipher_decrypt_inline (gc_cipher_handle handle, size_t len, char *data)
224 {
225 if (gcry_cipher_decrypt ((gcry_cipher_hd_t) handle,
226 data, len, NULL, len) != 0)
227 return GC_INVALID_CIPHER;
228
229 return GC_OK;
230 }
231
232 Gc_rc
233 gc_cipher_close (gc_cipher_handle handle)
234 {
235 gcry_cipher_close (handle);
236
237 return GC_OK;
238 }
239
240 /* Hashes. */
241
242 typedef struct _gc_hash_ctx {
243 Gc_hash alg;
244 Gc_hash_mode mode;
245 gcry_md_hd_t gch;
246 #ifdef GNULIB_GC_MD2
247 char hash[GC_MD2_DIGEST_SIZE];
248 struct md2_ctx md2Context;
249 #endif
250 } _gc_hash_ctx;
251
252 Gc_rc
253 gc_hash_open (Gc_hash hash, Gc_hash_mode mode, gc_hash_handle * outhandle)
254 {
255 _gc_hash_ctx *ctx;
256 int gcryalg = 0, gcrymode = 0;
257 gcry_error_t err;
258 Gc_rc rc = GC_OK;
259
260 ctx = calloc (sizeof (*ctx), 1);
261 if (!ctx)
262 return GC_MALLOC_ERROR;
263
264 ctx->alg = hash;
265 ctx->mode = mode;
266
267 switch (hash)
268 {
269 case GC_MD2:
270 gcryalg = GCRY_MD_NONE;
271 break;
272
273 case GC_MD4:
274 gcryalg = GCRY_MD_MD4;
275 break;
276
277 case GC_MD5:
278 gcryalg = GCRY_MD_MD5;
279 break;
280
281 case GC_SHA1:
282 gcryalg = GCRY_MD_SHA1;
283 break;
284
285 case GC_SHA256:
286 gcryalg = GCRY_MD_SHA256;
287 break;
288
289 case GC_SHA384:
290 gcryalg = GCRY_MD_SHA384;
291 break;
292
293 case GC_SHA512:
294 gcryalg = GCRY_MD_SHA512;
295 break;
296
297 #ifdef ENABLE_CAMELLIA
298 case GC_SHA224:
299 gcryalg = GCRY_MD_SHA224;
300 break;
301 #endif
302
303 case GC_RMD160:
304 gcryalg = GCRY_MD_RMD160;
305 break;
306
307 default:
308 rc = GC_INVALID_HASH;
309 }
310
311 switch (mode)
312 {
313 case 0:
314 gcrymode = 0;
315 break;
316
317 case GC_HMAC:
318 gcrymode = GCRY_MD_FLAG_HMAC;
319 break;
320
321 default:
322 rc = GC_INVALID_HASH;
323 }
324
325 if (rc == GC_OK && gcryalg != GCRY_MD_NONE)
326 {
327 err = gcry_md_open (&ctx->gch, gcryalg, gcrymode);
328 if (gcry_err_code (err))
329 rc = GC_INVALID_HASH;
330 }
331
332 if (rc == GC_OK)
333 *outhandle = ctx;
334 else
335 free (ctx);
336
337 return rc;
338 }
339
340 Gc_rc
341 gc_hash_clone (gc_hash_handle handle, gc_hash_handle * outhandle)
342 {
343 _gc_hash_ctx *in = handle;
344 _gc_hash_ctx *out;
345 int err;
346
347 *outhandle = out = calloc (sizeof (*out), 1);
348 if (!out)
349 return GC_MALLOC_ERROR;
350
351 memcpy (out, in, sizeof (*out));
352
353 err = gcry_md_copy (&out->gch, in->gch);
354 if (err)
355 {
356 free (out);
357 return GC_INVALID_HASH;
358 }
359
360 return GC_OK;
361 }
362
363 size_t
364 gc_hash_digest_length (Gc_hash hash)
365 {
366 size_t len;
367
368 switch (hash)
369 {
370 case GC_MD2:
371 len = GC_MD2_DIGEST_SIZE;
372 break;
373
374 case GC_MD4:
375 len = GC_MD4_DIGEST_SIZE;
376 break;
377
378 case GC_MD5:
379 len = GC_MD5_DIGEST_SIZE;
380 break;
381
382 case GC_RMD160:
383 len = GC_RMD160_DIGEST_SIZE;
384 break;
385
386 case GC_SHA1:
387 len = GC_SHA1_DIGEST_SIZE;
388 break;
389
390 case GC_SHA256:
391 len = GC_SHA256_DIGEST_SIZE;
392 break;
393
394 case GC_SHA384:
395 len = GC_SHA384_DIGEST_SIZE;
396 break;
397
398 case GC_SHA512:
399 len = GC_SHA512_DIGEST_SIZE;
400 break;
401
402 #ifdef ENABLE_CAMELLIA
403 case GC_SHA224:
404 len = GC_SHA224_DIGEST_SIZE;
405 break;
406 #endif
407
408 default:
409 return 0;
410 }
411
412 return len;
413 }
414
415 void
416 gc_hash_hmac_setkey (gc_hash_handle handle, size_t len, const char *key)
417 {
418 _gc_hash_ctx *ctx = handle;
419 #ifdef GNULIB_GC_MD2
420 if (ctx->alg != GC_MD2)
421 #endif
422 gcry_md_setkey (ctx->gch, key, len);
423 }
424
425 void
426 gc_hash_write (gc_hash_handle handle, size_t len, const char *data)
427 {
428 _gc_hash_ctx *ctx = handle;
429
430 #ifdef GNULIB_GC_MD2
431 if (ctx->alg == GC_MD2)
432 md2_process_bytes (data, len, &ctx->md2Context);
433 else
434 #endif
435 gcry_md_write (ctx->gch, data, len);
436 }
437
438 const char *
439 gc_hash_read (gc_hash_handle handle)
440 {
441 _gc_hash_ctx *ctx = handle;
442 const char *digest;
443
444 #ifdef GNULIB_GC_MD2
445 if (ctx->alg == GC_MD2)
446 {
447 md2_finish_ctx (&ctx->md2Context, ctx->hash);
448 digest = ctx->hash;
449 }
450 else
451 #endif
452 {
453 gcry_md_final (ctx->gch);
454 digest = gcry_md_read (ctx->gch, 0);
455 }
456
457 return digest;
458 }
459
460 void
461 gc_hash_close (gc_hash_handle handle)
462 {
463 _gc_hash_ctx *ctx = handle;
464
465 #ifdef GNULIB_GC_MD2
466 if (ctx->alg != GC_MD2)
467 #endif
468 gcry_md_close (ctx->gch);
469
470 free (ctx);
471 }
472
473 Gc_rc
474 gc_hash_buffer (Gc_hash hash, const void *in, size_t inlen, char *resbuf)
475 {
476 int gcryalg;
477
478 switch (hash)
479 {
480 #ifdef GNULIB_GC_MD2
481 case GC_MD2:
482 md2_buffer (in, inlen, resbuf);
483 return GC_OK;
484 break;
485 #endif
486
487 #ifdef GNULIB_GC_MD4
488 case GC_MD4:
489 gcryalg = GCRY_MD_MD4;
490 break;
491 #endif
492
493 #ifdef GNULIB_GC_MD5
494 case GC_MD5:
495 gcryalg = GCRY_MD_MD5;
496 break;
497 #endif
498
499 #ifdef GNULIB_GC_SHA1
500 case GC_SHA1:
501 gcryalg = GCRY_MD_SHA1;
502 break;
503 #endif
504
505 #ifdef GNULIB_GC_SHA256
506 case GC_SHA256:
507 gcryalg = GCRY_MD_SHA256;
508 break;
509 #endif
510
511 #ifdef GNULIB_GC_SHA384
512 case GC_SHA384:
513 gcryalg = GCRY_MD_SHA384;
514 break;
515 #endif
516
517 #ifdef GNULIB_GC_SHA512
518 case GC_SHA512:
519 gcryalg = GCRY_MD_SHA512;
520 break;
521 #endif
522
523 #ifdef GNULIB_GC_SHA224
524 case GC_SHA224:
525 gcryalg = GCRY_MD_SHA224;
526 break;
527 #endif
528
529 #ifdef GNULIB_GC_RMD160
530 case GC_RMD160:
531 gcryalg = GCRY_MD_RMD160;
532 break;
533 #endif
534
535 default:
536 return GC_INVALID_HASH;
537 }
538
539 gcry_md_hash_buffer (gcryalg, resbuf, in, inlen);
540
541 return GC_OK;
542 }
543
544 /* One-call interface. */
545
546 #ifdef GNULIB_GC_MD2
547 Gc_rc
548 gc_md2 (const void *in, size_t inlen, void *resbuf)
549 {
550 md2_buffer (in, inlen, resbuf);
551 return GC_OK;
552 }
553 #endif
554
555 #ifdef GNULIB_GC_MD4
556 Gc_rc
557 gc_md4 (const void *in, size_t inlen, void *resbuf)
558 {
559 size_t outlen = gcry_md_get_algo_dlen (GCRY_MD_MD4);
560 gcry_md_hd_t hd;
561 gpg_error_t err;
562 unsigned char *p;
563
564 assert (outlen == GC_MD4_DIGEST_SIZE);
565
566 err = gcry_md_open (&hd, GCRY_MD_MD4, 0);
567 if (err != GPG_ERR_NO_ERROR)
568 return GC_INVALID_HASH;
569
570 gcry_md_write (hd, in, inlen);
571
572 p = gcry_md_read (hd, GCRY_MD_MD4);
573 if (p == NULL)
574 {
575 gcry_md_close (hd);
576 return GC_INVALID_HASH;
577 }
578
579 memcpy (resbuf, p, outlen);
580
581 gcry_md_close (hd);
582
583 return GC_OK;
584 }
585 #endif
586
587 #ifdef GNULIB_GC_MD5
588 Gc_rc
589 gc_md5 (const void *in, size_t inlen, void *resbuf)
590 {
591 size_t outlen = gcry_md_get_algo_dlen (GCRY_MD_MD5);
592 gcry_md_hd_t hd;
593 gpg_error_t err;
594 unsigned char *p;
595
596 assert (outlen == GC_MD5_DIGEST_SIZE);
597
598 err = gcry_md_open (&hd, GCRY_MD_MD5, 0);
599 if (err != GPG_ERR_NO_ERROR)
600 return GC_INVALID_HASH;
601
602 gcry_md_write (hd, in, inlen);
603
604 p = gcry_md_read (hd, GCRY_MD_MD5);
605 if (p == NULL)
606 {
607 gcry_md_close (hd);
608 return GC_INVALID_HASH;
609 }
610
611 memcpy (resbuf, p, outlen);
612
613 gcry_md_close (hd);
614
615 return GC_OK;
616 }
617 #endif
618
619 #ifdef GNULIB_GC_SHA1
620 Gc_rc
621 gc_sha1 (const void *in, size_t inlen, void *resbuf)
622 {
623 size_t outlen = gcry_md_get_algo_dlen (GCRY_MD_SHA1);
624 gcry_md_hd_t hd;
625 gpg_error_t err;
626 unsigned char *p;
627
628 assert (outlen == GC_SHA1_DIGEST_SIZE);
629
630 err = gcry_md_open (&hd, GCRY_MD_SHA1, 0);
631 if (err != GPG_ERR_NO_ERROR)
632 return GC_INVALID_HASH;
633
634 gcry_md_write (hd, in, inlen);
635
636 p = gcry_md_read (hd, GCRY_MD_SHA1);
637 if (p == NULL)
638 {
639 gcry_md_close (hd);
640 return GC_INVALID_HASH;
641 }
642
643 memcpy (resbuf, p, outlen);
644
645 gcry_md_close (hd);
646
647 return GC_OK;
648 }
649 #endif
650
651 #ifdef GNULIB_GC_HMAC_MD5
652 Gc_rc
653 gc_hmac_md5 (const void *key, size_t keylen,
654 const void *in, size_t inlen, char *resbuf)
655 {
656 size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_MD5);
657 gcry_md_hd_t mdh;
658 unsigned char *hash;
659 gpg_error_t err;
660
661 assert (hlen == 16);
662
663 err = gcry_md_open (&mdh, GCRY_MD_MD5, GCRY_MD_FLAG_HMAC);
664 if (err != GPG_ERR_NO_ERROR)
665 return GC_INVALID_HASH;
666
667 err = gcry_md_setkey (mdh, key, keylen);
668 if (err != GPG_ERR_NO_ERROR)
669 {
670 gcry_md_close (mdh);
671 return GC_INVALID_HASH;
672 }
673
674 gcry_md_write (mdh, in, inlen);
675
676 hash = gcry_md_read (mdh, GCRY_MD_MD5);
677 if (hash == NULL)
678 {
679 gcry_md_close (mdh);
680 return GC_INVALID_HASH;
681 }
682
683 memcpy (resbuf, hash, hlen);
684
685 gcry_md_close (mdh);
686
687 return GC_OK;
688 }
689 #endif
690
691 #ifdef GNULIB_GC_HMAC_SHA1
692 Gc_rc
693 gc_hmac_sha1 (const void *key, size_t keylen,
694 const void *in, size_t inlen, char *resbuf)
695 {
696 size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_SHA1);
697 gcry_md_hd_t mdh;
698 unsigned char *hash;
699 gpg_error_t err;
700
701 assert (hlen == GC_SHA1_DIGEST_SIZE);
702
703 err = gcry_md_open (&mdh, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC);
704 if (err != GPG_ERR_NO_ERROR)
705 return GC_INVALID_HASH;
706
707 err = gcry_md_setkey (mdh, key, keylen);
708 if (err != GPG_ERR_NO_ERROR)
709 {
710 gcry_md_close (mdh);
711 return GC_INVALID_HASH;
712 }
713
714 gcry_md_write (mdh, in, inlen);
715
716 hash = gcry_md_read (mdh, GCRY_MD_SHA1);
717 if (hash == NULL)
718 {
719 gcry_md_close (mdh);
720 return GC_INVALID_HASH;
721 }
722
723 memcpy (resbuf, hash, hlen);
724
725 gcry_md_close (mdh);
726
727 return GC_OK;
728 }
729 #endif
Implementation of the SSL/TLS protocol