search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix standalone libtasn1.
[shishi.git] / lib / crypto-aes.c
blobaf3ac1fcd2c8ad4a69fcf7a0c18e71b292f2b26f
1 /* crypto-aes.c AES crypto functions
2 * Copyright (C) 2002, 2003 Simon Josefsson
3 *
4 * This file is part of Shishi.
5 *
6 * Shishi is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * Shishi is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 *
20 */
21
22 #include "internal.h"
23
24 #include "crypto.h"
25
26 static int
27 aes128_encrypt (Shishi * handle,
28 Shishi_key * key,
29 int keyusage,
30 const char *iv, size_t ivlen,
31 char **ivout, size_t * ivoutlen,
32 const char *in, size_t inlen, char **out, size_t * outlen)
33 {
34 return _shishi_simplified_encrypt (handle, key, keyusage, iv, ivlen, ivout,
35 ivoutlen, in, inlen, out, outlen);
36 }
37
38 static int
39 aes128_decrypt (Shishi * handle,
40 Shishi_key * key,
41 int keyusage,
42 const char *iv, size_t ivlen,
43 char **ivout, size_t * ivoutlen,
44 const char *in, size_t inlen, char **out, size_t * outlen)
45 {
46 return _shishi_simplified_decrypt (handle, key, keyusage, iv, ivlen, ivout,
47 ivoutlen, in, inlen, out, outlen);
48 }
49
50 static int
51 aes256_encrypt (Shishi * handle,
52 Shishi_key * key,
53 int keyusage,
54 const char *iv, size_t ivlen,
55 char **ivout, size_t * ivoutlen,
56 const char *in, size_t inlen, char **out, size_t * outlen)
57 {
58 return _shishi_simplified_encrypt (handle, key, keyusage, iv, ivlen, ivout,
59 ivoutlen, in, inlen, out, outlen);
60 }
61
62 static int
63 aes256_decrypt (Shishi * handle,
64 Shishi_key * key,
65 int keyusage,
66 const char *iv, size_t ivlen,
67 char **ivout, size_t * ivoutlen,
68 const char *in, size_t inlen, char **out, size_t * outlen)
69 {
70 return _shishi_simplified_decrypt (handle, key, keyusage, iv, ivlen, ivout,
71 ivoutlen, in, inlen, out, outlen);
72 }
73
74 static int
75 aes_string_to_key (Shishi * handle,
76 const char *password,
77 size_t passwordlen,
78 const char *salt,
79 size_t saltlen, const char *parameter, Shishi_key * outkey)
80 {
81 unsigned char key[256 / 8];
82 int keylen = shishi_key_length (outkey);
83 Shishi_key *tmpkey;
84 int iterations = 0x0000b000;
85 int res;
86
87 if (parameter)
88 {
89 iterations = (parameter[0] & 0xFF) << 24;
90 iterations |= (parameter[1] & 0xFF) << 16;
91 iterations |= (parameter[2] & 0xFF) << 8;
92 iterations |= parameter[3] & 0xFF;
93 }
94
95 if (VERBOSECRYPTO (handle))
96 {
97 printf ("aes_string_to_key (password, salt)\n");
98 printf ("\t ;; Password:\n");
99 _shishi_escapeprint (password, passwordlen);
100 _shishi_hexprint (password, passwordlen);
101 printf ("\t ;; Salt:\n");
102 _shishi_escapeprint (salt, saltlen);
103 _shishi_hexprint (salt, saltlen);
104 printf ("\t ;; Iteration count %d (%08x):\n", iterations, iterations);
105 }
106
107 /* tkey = random2key(PBKDF2(passphrase, salt, iter_count, keylength)) */
108 res = shishi_pbkdf2_sha1 (handle, password, passwordlen, salt, saltlen,
109 iterations, keylen, key);
110 if (res != SHISHI_OK)
111 return res;
112
113 res = shishi_key_from_value (handle, shishi_key_type (outkey),
114 key, &tmpkey);
115 if (res != SHISHI_OK)
116 return res;
117
118 /* key = DK(tkey, "kerberos") */
119 res = shishi_dk (handle, tmpkey, "kerberos", strlen ("kerberos"), outkey);
120
121 shishi_key_done (tmpkey);
122
123 if (res != SHISHI_OK)
124 return res;
125
126 if (VERBOSECRYPTO (handle))
127 {
128 printf ("aes_string_to_key (password, salt)\n");
129 printf ("\t ;; Key:\n");
130 _shishi_hexprint (shishi_key_value (outkey),
131 shishi_key_length (outkey));
132 _shishi_binprint (shishi_key_value (outkey),
133 shishi_key_length (outkey));
134 }
135
136 return SHISHI_OK;
137 }
138
139 static int
140 aes128_string_to_key (Shishi * handle,
141 const char *password,
142 size_t passwordlen,
143 const char *salt,
144 size_t saltlen,
145 const char *parameter, Shishi_key * outkey)
146 {
147 return aes_string_to_key (handle, password, passwordlen,
148 salt, saltlen, parameter, outkey);
149 }
150
151 static int
152 aes256_string_to_key (Shishi * handle,
153 const char *password,
154 size_t passwordlen,
155 const char *salt,
156 size_t saltlen,
157 const char *parameter, Shishi_key * outkey)
158 {
159 return aes_string_to_key (handle, password, passwordlen,
160 salt, saltlen, parameter, outkey);
161 }
162
163 static int
164 aes128_random_to_key (Shishi * handle,
165 const char *random,
166 size_t randomlen, Shishi_key * outkey)
167 {
168 if (randomlen < shishi_key_length (outkey))
169 return SHISHI_CRYPTO_ERROR;
170
171 shishi_key_value_set (outkey, random);
172
173 return SHISHI_OK;
174 }
175
176 static int
177 aes256_random_to_key (Shishi * handle,
178 const char *random,
179 size_t randomlen, Shishi_key * outkey)
180 {
181 if (randomlen < shishi_key_length (outkey))
182 return SHISHI_CRYPTO_ERROR;
183
184 shishi_key_value_set (outkey, random);
185
186 return SHISHI_OK;
187 }
188
189 static int
190 aes128_checksum (Shishi * handle,
191 Shishi_key * key,
192 int keyusage,
193 int cksumtype,
194 const char *in, size_t inlen, char **out, size_t * outlen)
195 {
196 return _shishi_simplified_checksum (handle, key, keyusage, cksumtype,
197 in, inlen, out, outlen);
198 }
199
200 static int
201 aes256_checksum (Shishi * handle,
202 Shishi_key * key,
203 int keyusage,
204 int cksumtype,
205 const char *in, size_t inlen, char **out, size_t * outlen)
206 {
207 return _shishi_simplified_checksum (handle, key, keyusage, cksumtype,
208 in, inlen, out, outlen);
209 }
210
211 cipherinfo aes128_cts_hmac_sha1_96_info = {
212 SHISHI_AES128_CTS_HMAC_SHA1_96,
213 "aes128-cts-hmac-sha1-96",
214 16,
215 0,
216 16,
217 128 / 8,
218 128 / 8,
219 SHISHI_HMAC_SHA1_96_AES128,
220 aes128_random_to_key,
221 aes128_string_to_key,
222 aes128_encrypt,
223 aes128_decrypt
224 };
225
226 cipherinfo aes256_cts_hmac_sha1_96_info = {
227 SHISHI_AES256_CTS_HMAC_SHA1_96,
228 "aes256-cts-hmac-sha1-96",
229 16,
230 0,
231 16,
232 256 / 8,
233 256 / 8,
234 SHISHI_HMAC_SHA1_96_AES256,
235 aes256_random_to_key,
236 aes256_string_to_key,
237 aes256_encrypt,
238 aes256_decrypt
239 };
240
241 checksuminfo hmac_sha1_96_aes128_info = {
242 SHISHI_HMAC_SHA1_96_AES128,
243 "hmac-sha1-96-aes128",
244 96 / 8,
245 aes128_checksum
246 };
247
248 checksuminfo hmac_sha1_96_aes256_info = {
249 SHISHI_HMAC_SHA1_96_AES256,
250 "hmac-sha1-96-aes256",
251 96 / 8,
252 aes256_checksum
253 };
Free Kerberos V5 implementation