Outline ![]()
Files ![]()
loading...
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
/*
* Wrapper functions for crypto libraries
* Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*
* This file defines the cryptographic functions that need to be implemented
* for wpa_supplicant and hostapd. When TLS is not used, internal
* implementation of MD5, SHA1, and AES is used and no external libraries are
* required. When TLS is enabled (e.g., by enabling EAP-TLS or EAP-PEAP), the
* crypto library used by the TLS implementation is expected to be used for
* non-TLS needs, too, in order to save space by not implementing these
* functions twice.
*
* Wrapper code for using each crypto library is in its own file (crypto*.c)
* and one of these files is build and linked in to provide the functions
* defined here.
*/
#ifndef CRYPTO_H
#define CRYPTO_H
#include "utils/common.h"
/**
* md4_vector - MD4 hash for data vector
* @num_elem: Number of elements in the data vector
* @addr: Pointers to the data areas
* @len: Lengths of the data blocks
* @mac: Buffer for the hash
* Returns: 0 on success, -1 on failure
*/
int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac);
/**
* md5_vector - MD5 hash for data vector
* @num_elem: Number of elements in the data vector
* @addr: Pointers to the data areas
* @len: Lengths of the data blocks
* @mac: Buffer for the hash
* Returns: 0 on success, -1 on failure
*/
int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac);
/**
* sha1_vector - SHA-1 hash for data vector
* @num_elem: Number of elements in the data vector
* @addr: Pointers to the data areas
* @len: Lengths of the data blocks
* @mac: Buffer for the hash
* Returns: 0 on success, -1 on failure
*/
int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len,
u8 *mac);
/**
* fips186_2-prf - NIST FIPS Publication 186-2 change notice 1 PRF
* @seed: Seed/key for the PRF
* @seed_len: Seed length in bytes
* @x: Buffer for PRF output
* @xlen: Output length in bytes
* Returns: 0 on success, -1 on failure
*
* This function implements random number generation specified in NIST FIPS
* Publication 186-2 for EAP-SIM. This PRF uses a function that is similar to
* SHA-1, but has different message padding.
*/
int __must_check fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x,
size_t xlen);
/**
* sha256_vector - SHA256 hash for data vector
* @num_elem: Number of elements in the data vector
* @addr: Pointers to the data areas
* @len: Lengths of the data blocks
* @mac: Buffer for the hash
* Returns: 0 on success, -1 on failure
*/
int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len,
u8 *mac);
/**
* sha384_vector - SHA384 hash for data vector
* @num_elem: Number of elements in the data vector
* @addr: Pointers to the data areas
* @len: Lengths of the data blocks
* @mac: Buffer for the hash
* Returns: 0 on success, -1 on failure
*/
int sha384_vector(size_t num_elem, const u8 *addr[], const size_t *len,
u8 *mac);
/**
* sha512_vector - SHA512 hash for data vector
* @num_elem: Number of elements in the data vector
* @addr: Pointers to the data areas
* @len: Lengths of the data blocks
* @mac: Buffer for the hash
* Returns: 0 on success, -1 on failure
*/
int sha512_vector(size_t num_elem, const u8 *addr[], const size_t *len,
u8 *mac);
/**
* des_encrypt - Encrypt one block with DES
* @clear: 8 octets (in)
* @key: 7 octets (in) (no parity bits included)
* @cypher: 8 octets (out)
* Returns: 0 on success, -1 on failure
*/
int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher);
/**
* aes_encrypt_init - Initialize AES for encryption
* @key: Encryption key
* @len: Key length in bytes (usually 16, i.e., 128 bits)
* Returns: Pointer to context data or %NULL on failure
*/
void * aes_encrypt_init(const u8 *key, size_t len);
/**
* aes_encrypt - Encrypt one AES block
* @ctx: Context pointer from aes_encrypt_init()
* @plain: Plaintext data to be encrypted (16 bytes)
* @crypt: Buffer for the encrypted data (16 bytes)
* Returns: 0 on success, -1 on failure
*/
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt);
/**
* aes_encrypt_deinit - Deinitialize AES encryption
* @ctx: Context pointer from aes_encrypt_init()
*/
void aes_encrypt_deinit(void *ctx);
/**
* aes_decrypt_init - Initialize AES for decryption
* @key: Decryption key
* @len: Key length in bytes (usually 16, i.e., 128 bits)
* Returns: Pointer to context data or %NULL on failure
*/
void * aes_decrypt_init(const u8 *key, size_t len);
/**
* aes_decrypt - Decrypt one AES block
* @ctx: Context pointer from aes_encrypt_init()
* @crypt: Encrypted data (16 bytes)
* @plain: Buffer for the decrypted data (16 bytes)
* Returns: 0 on success, -1 on failure
*/
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain);
/**
* aes_decrypt_deinit - Deinitialize AES decryption
* @ctx: Context pointer from aes_encrypt_init()
*/
void aes_decrypt_deinit(void *ctx);
enum crypto_hash_alg {
CRYPTO_HASH_ALG_MD5, CRYPTO_HASH_ALG_SHA1,
CRYPTO_HASH_ALG_HMAC_MD5, CRYPTO_HASH_ALG_HMAC_SHA1,
CRYPTO_HASH_ALG_SHA256, CRYPTO_HASH_ALG_HMAC_SHA256,
CRYPTO_HASH_ALG_SHA384, CRYPTO_HASH_ALG_SHA512
};
struct crypto_hash;
/**
* crypto_hash_init - Initialize hash/HMAC function
* @alg: Hash algorithm
* @key: Key for keyed hash (e.g., HMAC) or %NULL if not needed
* @key_len: Length of the key in bytes
* Returns: Pointer to hash context to use with other hash functions or %NULL
* on failure
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key,
size_t key_len);
/**
* crypto_hash_update - Add data to hash calculation
* @ctx: Context pointer from crypto_hash_init()
* @data: Data buffer to add
* @len: Length of the buffer
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
void crypto_hash_update(struct crypto_hash *ctx, const u8 *data, size_t len);
/**
* crypto_hash_finish - Complete hash calculation
* @ctx: Context pointer from crypto_hash_init()
* @hash: Buffer for hash value or %NULL if caller is just freeing the hash
* context
* @len: Pointer to length of the buffer or %NULL if caller is just freeing the
* hash context; on return, this is set to the actual length of the hash value
* Returns: 0 on success, -1 if buffer is too small (len set to needed length),
* or -2 on other failures (including failed crypto_hash_update() operations)
*
* This function calculates the hash value and frees the context buffer that
* was used for hash calculation.
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
int crypto_hash_finish(struct crypto_hash *ctx, u8 *hash, size_t *len);
enum crypto_cipher_alg {
CRYPTO_CIPHER_NULL = 0, CRYPTO_CIPHER_ALG_AES, CRYPTO_CIPHER_ALG_3DES,
CRYPTO_CIPHER_ALG_DES, CRYPTO_CIPHER_ALG_RC2, CRYPTO_CIPHER_ALG_RC4
};
struct crypto_cipher;
/**
* crypto_cipher_init - Initialize block/stream cipher function
* @alg: Cipher algorithm
* @iv: Initialization vector for block ciphers or %NULL for stream ciphers
* @key: Cipher key
* @key_len: Length of key in bytes
* Returns: Pointer to cipher context to use with other cipher functions or
* %NULL on failure
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
const u8 *iv, const u8 *key,
size_t key_len);
/**
* crypto_cipher_encrypt - Cipher encrypt
* @ctx: Context pointer from crypto_cipher_init()
* @plain: Plaintext to cipher
* @crypt: Resulting ciphertext
* @len: Length of the plaintext
* Returns: 0 on success, -1 on failure
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
int __must_check crypto_cipher_encrypt(struct crypto_cipher *ctx,
const u8 *plain, u8 *crypt, size_t len);
/**
* crypto_cipher_decrypt - Cipher decrypt
* @ctx: Context pointer from crypto_cipher_init()
* @crypt: Ciphertext to decrypt
* @plain: Resulting plaintext
* @len: Length of the cipher text
* Returns: 0 on success, -1 on failure
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
int __must_check crypto_cipher_decrypt(struct crypto_cipher *ctx,
const u8 *crypt, u8 *plain, size_t len);
/**
* crypto_cipher_decrypt - Free cipher context
* @ctx: Context pointer from crypto_cipher_init()
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
void crypto_cipher_deinit(struct crypto_cipher *ctx);
struct crypto_public_key;
struct crypto_private_key;
/**
* crypto_public_key_import - Import an RSA public key
* @key: Key buffer (DER encoded RSA public key)
* @len: Key buffer length in bytes
* Returns: Pointer to the public key or %NULL on failure
*
* This function can just return %NULL if the crypto library supports X.509
* parsing. In that case, crypto_public_key_from_cert() is used to import the
* public key from a certificate.
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
struct crypto_public_key * crypto_public_key_import(const u8 *key, size_t len);
struct crypto_public_key *
crypto_public_key_import_parts(const u8 *n, size_t n_len,
const u8 *e, size_t e_len);
/**
* crypto_private_key_import - Import an RSA private key
* @key: Key buffer (DER encoded RSA private key)
* @len: Key buffer length in bytes
* @passwd: Key encryption password or %NULL if key is not encrypted
* Returns: Pointer to the private key or %NULL on failure
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
struct crypto_private_key * crypto_private_key_import(const u8 *key,
size_t len,
const char *passwd);
/**
* crypto_public_key_from_cert - Import an RSA public key from a certificate
* @buf: DER encoded X.509 certificate
* @len: Certificate buffer length in bytes
* Returns: Pointer to public key or %NULL on failure
*
* This function can just return %NULL if the crypto library does not support
* X.509 parsing. In that case, internal code will be used to parse the
* certificate and public key is imported using crypto_public_key_import().
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
struct crypto_public_key * crypto_public_key_from_cert(const u8 *buf,
size_t len);
/**
* crypto_public_key_encrypt_pkcs1_v15 - Public key encryption (PKCS #1 v1.5)
* @key: Public key
* @in: Plaintext buffer
* @inlen: Length of plaintext buffer in bytes
* @out: Output buffer for encrypted data
* @outlen: Length of output buffer in bytes; set to used length on success
* Returns: 0 on success, -1 on failure
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
int __must_check crypto_public_key_encrypt_pkcs1_v15(
struct crypto_public_key *key, const u8 *in, size_t inlen,
u8 *out, size_t *outlen);
/**
* crypto_private_key_decrypt_pkcs1_v15 - Private key decryption (PKCS #1 v1.5)
* @key: Private key
* @in: Encrypted buffer
* @inlen: Length of encrypted buffer in bytes
* @out: Output buffer for encrypted data
* @outlen: Length of output buffer in bytes; set to used length on success
* Returns: 0 on success, -1 on failure
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
int __must_check crypto_private_key_decrypt_pkcs1_v15(
struct crypto_private_key *key, const u8 *in, size_t inlen,
u8 *out, size_t *outlen);
/**
* crypto_private_key_sign_pkcs1 - Sign with private key (PKCS #1)
* @key: Private key from crypto_private_key_import()
* @in: Plaintext buffer
* @inlen: Length of plaintext buffer in bytes
* @out: Output buffer for encrypted (signed) data
* @outlen: Length of output buffer in bytes; set to used length on success
* Returns: 0 on success, -1 on failure
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
int __must_check crypto_private_key_sign_pkcs1(struct crypto_private_key *key,
const u8 *in, size_t inlen,
u8 *out, size_t *outlen);
/**
* crypto_public_key_free - Free public key
* @key: Public key
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
void crypto_public_key_free(struct crypto_public_key *key);
/**
* crypto_private_key_free - Free private key
* @key: Private key from crypto_private_key_import()
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
void crypto_private_key_free(struct crypto_private_key *key);
/**
* crypto_public_key_decrypt_pkcs1 - Decrypt PKCS #1 signature
* @key: Public key
* @crypt: Encrypted signature data (using the private key)
* @crypt_len: Encrypted signature data length
* @plain: Buffer for plaintext (at least crypt_len bytes)
* @plain_len: Plaintext length (max buffer size on input, real len on output);
* Returns: 0 on success, -1 on failure
*/
int __must_check crypto_public_key_decrypt_pkcs1(
struct crypto_public_key *key, const u8 *crypt, size_t crypt_len,
u8 *plain, size_t *plain_len);
int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey,
u8 *pubkey);
int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len,
const u8 *order, size_t order_len,
const u8 *privkey, size_t privkey_len,
const u8 *pubkey, size_t pubkey_len,
u8 *secret, size_t *len);
/**
* crypto_global_init - Initialize crypto wrapper
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
int __must_check crypto_global_init(void);
/**
* crypto_global_deinit - Deinitialize crypto wrapper
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
void crypto_global_deinit(void);
/**
* crypto_mod_exp - Modular exponentiation of large integers
* @base: Base integer (big endian byte array)
* @base_len: Length of base integer in bytes
* @power: Power integer (big endian byte array)
* @power_len: Length of power integer in bytes
* @modulus: Modulus integer (big endian byte array)
* @modulus_len: Length of modulus integer in bytes
* @result: Buffer for the result
* @result_len: Result length (max buffer size on input, real len on output)
* Returns: 0 on success, -1 on failure
*
* This function calculates result = base ^ power mod modulus. modules_len is
* used as the maximum size of modulus buffer. It is set to the used size on
* success.
*
* This function is only used with internal TLSv1 implementation
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
int __must_check crypto_mod_exp(const u8 *base, size_t base_len,
const u8 *power, size_t power_len,
const u8 *modulus, size_t modulus_len,
u8 *result, size_t *result_len);
/**
* rc4_skip - XOR RC4 stream to given data with skip-stream-start
* @key: RC4 key
* @keylen: RC4 key length
* @skip: number of bytes to skip from the beginning of the RC4 stream
* @data: data to be XOR'ed with RC4 stream
* @data_len: buf length
* Returns: 0 on success, -1 on failure
*
* Generate RC4 pseudo random stream for the given key, skip beginning of the
* stream, and XOR the end result with the data buffer to perform RC4
* encryption/decryption.
*/
int rc4_skip(const u8 *key, size_t keylen, size_t skip,
u8 *data, size_t data_len);
/**
* crypto_get_random - Generate cryptographically strong pseudo-random bytes
* @buf: Buffer for data
* @len: Number of bytes to generate
* Returns: 0 on success, -1 on failure
*
* If the PRNG does not have enough entropy to ensure unpredictable byte
* sequence, this functions must return -1.
*/
int crypto_get_random(void *buf, size_t len);
/**
* struct crypto_bignum - bignum
*
* Internal data structure for bignum implementation. The contents is specific
* to the used crypto library.
*/
struct crypto_bignum;
/**
* struct crypto_key - key
*
* Internal data structure for ssl key. The contents is specific
* to the used crypto library.
*/
struct crypto_key;
/**
* crypto_bignum_init - Allocate memory for bignum
* Returns: Pointer to allocated bignum or %NULL on failure
*/
struct crypto_bignum * crypto_bignum_init(void);
/**
* crypto_bignum_init_set - Allocate memory for bignum and set the value
* @buf: Buffer with unsigned binary value
* @len: Length of buf in octets
* Returns: Pointer to allocated bignum or %NULL on failure
*/
struct crypto_bignum * crypto_bignum_init_set(const u8 *buf, size_t len);
/**
* crypto_bignum_init_set - Allocate memory for bignum and set the value (uint)
* @val: Value to set
* Returns: Pointer to allocated bignum or %NULL on failure
*/
struct crypto_bignum * crypto_bignum_init_uint(unsigned int val);
/**
* crypto_bignum_deinit - Free bignum
* @n: Bignum from crypto_bignum_init() or crypto_bignum_init_set()
* @clear: Whether to clear the value from memory
*/
void crypto_bignum_deinit(struct crypto_bignum *n, int clear);
/**
* crypto_bignum_to_bin - Set binary buffer to unsigned bignum
* @a: Bignum
* @buf: Buffer for the binary number
* @len: Length of @buf in octets
* @padlen: Length in octets to pad the result to or 0 to indicate no padding
* Returns: Number of octets written on success, -1 on failure
*/
int crypto_bignum_to_bin(const struct crypto_bignum *a,
u8 *buf, size_t buflen, size_t padlen);
/**
* crypto_bignum_rand - Create a random number in range of modulus
* @r: Bignum; set to a random value
* @m: Bignum; modulus
* Returns: 0 on success, -1 on failure
*/
int crypto_bignum_rand(struct crypto_bignum *r, const struct crypto_bignum *m);
/**
* crypto_bignum_add - c = a + b
* @a: Bignum
* @b: Bignum
* @c: Bignum; used to store the result of a + b
* Returns: 0 on success, -1 on failure
*/
int crypto_bignum_add(const struct crypto_bignum *a,
const struct crypto_bignum *b,
struct crypto_bignum *c);
/**
* crypto_bignum_mod - c = a % b
* @a: Bignum
* @b: Bignum
* @c: Bignum; used to store the result of a % b
* Returns: 0 on success, -1 on failure
*/
int crypto_bignum_mod(const struct crypto_bignum *a,
const struct crypto_bignum *b,
struct crypto_bignum *c);
/**
* crypto_bignum_exptmod - Modular exponentiation: d = a^b (mod c)
* @a: Bignum; base
* @b: Bignum; exponent
* @c: Bignum; modulus
* @d: Bignum; used to store the result of a^b (mod c)
* Returns: 0 on success, -1 on failure
*/
int crypto_bignum_exptmod(const struct crypto_bignum *a,
const struct crypto_bignum *b,
const struct crypto_bignum *c,
struct crypto_bignum *d);
/**
* crypto_bignum_inverse - Inverse a bignum so that a * c = 1 (mod b)
* @a: Bignum
* @b: Bignum
* @c: Bignum; used to store the result
* Returns: 0 on success, -1 on failure
*/
int crypto_bignum_inverse(const struct crypto_bignum *a,
const struct crypto_bignum *b,
struct crypto_bignum *c);
/**
* crypto_bignum_sub - c = a - b
* @a: Bignum
* @b: Bignum
* @c: Bignum; used to store the result of a - b
* Returns: 0 on success, -1 on failure
*/
int crypto_bignum_sub(const struct crypto_bignum *a,
const struct crypto_bignum *b,
struct crypto_bignum *c);
/**
* crypto_bignum_div - c = a / b
* @a: Bignum
* @b: Bignum
* @c: Bignum; used to store the result of a / b
* Returns: 0 on success, -1 on failure
*/
int crypto_bignum_div(const struct crypto_bignum *a,
const struct crypto_bignum *b,
struct crypto_bignum *c);
/**
* crypto_bignum_addmod - d = a + b (mod c)
* @a: Bignum
* @b: Bignum
* @c: Bignum
* @d: Bignum; used to store the result of (a + b) % c
* Returns: 0 on success, -1 on failure
*/
int crypto_bignum_addmod(const struct crypto_bignum *a,
const struct crypto_bignum *b,
const struct crypto_bignum *c,
struct crypto_bignum *d);
/**
* crypto_bignum_mulmod - d = a * b (mod c)
* @a: Bignum
* @b: Bignum
* @c: Bignum
* @d: Bignum; used to store the result of (a * b) % c
* Returns: 0 on success, -1 on failure
*/
int crypto_bignum_mulmod(const struct crypto_bignum *a,
const struct crypto_bignum *b,
const struct crypto_bignum *c,
struct crypto_bignum *d);
/**
* crypto_bignum_sqrmod - c = a^2 (mod b)
* @a: Bignum
* @b: Bignum
* @c: Bignum; used to store the result of a^2 % b
* Returns: 0 on success, -1 on failure
*/
int crypto_bignum_sqrmod(const struct crypto_bignum *a,
const struct crypto_bignum *b,
struct crypto_bignum *c);
/**
* crypto_bignum_sqrtmod - returns sqrt(a) (mod b)
* @a: Bignum
* @b: Bignum
* @c: Bignum; used to store the result
* Returns: 0 on success, -1 on failure
*/
int crypto_bignum_sqrtmod(const struct crypto_bignum *a,
const struct crypto_bignum *b,
struct crypto_bignum *c);
/**
* crypto_bignum_rshift - r = a >> n
* @a: Bignum
* @n: Number of bits
* @r: Bignum; used to store the result of a >> n
* Returns: 0 on success, -1 on failure
*/
int crypto_bignum_rshift(const struct crypto_bignum *a, int n,
struct crypto_bignum *r);
/**
* crypto_bignum_cmp - Compare two bignums
* @a: Bignum
* @b: Bignum
* Returns: -1 if a < b, 0 if a == b, or 1 if a > b
*/
int crypto_bignum_cmp(const struct crypto_bignum *a,
const struct crypto_bignum *b);
/**
* crypto_bignum_bits - Get size of a bignum in bits
* @a: Bignum
* Returns: Number of bits in the bignum
*/
int crypto_bignum_bits(const struct crypto_bignum *a);
/**
* crypto_bignum_is_zero - Is the given bignum zero
* @a: Bignum
* Returns: 1 if @a is zero or 0 if not
*/
int crypto_bignum_is_zero(const struct crypto_bignum *a);
/**
* crypto_bignum_is_one - Is the given bignum one
* @a: Bignum
* Returns: 1 if @a is one or 0 if not
*/
int crypto_bignum_is_one(const struct crypto_bignum *a);
/**
* crypto_bignum_is_odd - Is the given bignum odd
* @a: Bignum
* Returns: 1 if @a is odd or 0 if not
*/
int crypto_bignum_is_odd(const struct crypto_bignum *a);
/**
* crypto_bignum_legendre - Compute the Legendre symbol (a/p)
* @a: Bignum
* @p: Bignum
* Returns: Legendre symbol -1,0,1 on success; -2 on calculation failure
*/
int crypto_bignum_legendre(const struct crypto_bignum *a,
const struct crypto_bignum *p);
/**
* struct crypto_ec - Elliptic curve context
*
* Internal data structure for EC implementation. The contents is specific
* to the used crypto library.
*/
struct crypto_ec;
/**
* crypto_ec_init - Initialize elliptic curve context
* @group: Identifying number for the ECC group (IANA "Group Description"
* attribute registrty for RFC 2409)
* Returns: Pointer to EC context or %NULL on failure
*/
struct crypto_ec * crypto_ec_init(int group);
/**
* crypto_ec_deinit - Deinitialize elliptic curve context
* @e: EC context from crypto_ec_init()
*/
void crypto_ec_deinit(struct crypto_ec *e);
/**
* crypto_ec_prime_len - Get length of the prime in octets
* @e: EC context from crypto_ec_init()
* Returns: Length of the prime defining the group
*/
size_t crypto_ec_prime_len(struct crypto_ec *e);
/**
* crypto_ec_prime_len_bits - Get length of the prime in bits
* @e: EC context from crypto_ec_init()
* Returns: Length of the prime defining the group in bits
*/
size_t crypto_ec_prime_len_bits(struct crypto_ec *e);
/**
* crypto_ec_order_len - Get length of the order in octets
* @e: EC context from crypto_ec_init()
* Returns: Length of the order defining the group
*/
size_t crypto_ec_order_len(struct crypto_ec *e);
/**
* crypto_ec_get_prime - Get prime defining an EC group
* @e: EC context from crypto_ec_init()
* Returns: Prime (bignum) defining the group
*/
const struct crypto_bignum * crypto_ec_get_prime(struct crypto_ec *e);
/**
* crypto_ec_get_order - Get order of an EC group
* @e: EC context from crypto_ec_init()
* Returns: Order (bignum) of the group
*/
const struct crypto_bignum * crypto_ec_get_order(struct crypto_ec *e);
/**
* struct crypto_ec_point - Elliptic curve point
*
* Internal data structure for EC implementation to represent a point. The
* contents is specific to the used crypto library.
*/
/**
* crypto_ec_get_b - Get 'b' coefficient of an EC group's curve
* @e: EC context from crypto_ec_init()
* Returns: 'b' coefficient (bignum) of the group
*/
const struct crypto_bignum * crypto_ec_get_b(struct crypto_ec *e);
struct crypto_ec_point;
/**
* crypto_ec_point_init - Initialize data for an EC point
* @e: EC context from crypto_ec_init()
* Returns: Pointer to EC point data or %NULL on failure
*/
struct crypto_ec_point * crypto_ec_point_init(struct crypto_ec *e);
/**
* crypto_ec_point_deinit - Deinitialize EC point data
* @p: EC point data from crypto_ec_point_init()
* @clear: Whether to clear the EC point value from memory
*/
void crypto_ec_point_deinit(struct crypto_ec_point *p, int clear);
/**
* crypto_ec_point_to_bin - Write EC point value as binary data
* @e: EC context from crypto_ec_init()
* @p: EC point data from crypto_ec_point_init()
* @x: Buffer for writing the binary data for x coordinate or %NULL if not used
* @y: Buffer for writing the binary data for y coordinate or %NULL if not used
* Returns: 0 on success, -1 on failure
*
* This function can be used to write an EC point as binary data in a format
* that has the x and y coordinates in big endian byte order fields padded to
* the length of the prime defining the group.
*/
int crypto_ec_point_to_bin(struct crypto_ec *e,
const struct crypto_ec_point *point, u8 *x, u8 *y);
/**
* crypto_ec_point_from_bin - Create EC point from binary data
* @e: EC context from crypto_ec_init()
* @val: Binary data to read the EC point from
* Returns: Pointer to EC point data or %NULL on failure
*
* This function readers x and y coordinates of the EC point from the provided
* buffer assuming the values are in big endian byte order with fields padded to
* the length of the prime defining the group.
*/
struct crypto_ec_point * crypto_ec_point_from_bin(struct crypto_ec *e,
const u8 *val);
/**
* crypto_bignum_add - c = a + b
* @e: EC context from crypto_ec_init()
* @a: Bignum
* @b: Bignum
* @c: Bignum; used to store the result of a + b
* Returns: 0 on success, -1 on failure
*/
int crypto_ec_point_add(struct crypto_ec *e, const struct crypto_ec_point *a,
const struct crypto_ec_point *b,
struct crypto_ec_point *c);
/**
* crypto_bignum_mul - res = b * p
* @e: EC context from crypto_ec_init()
* @p: EC point
* @b: Bignum
* @res: EC point; used to store the result of b * p
* Returns: 0 on success, -1 on failure
*/
int crypto_ec_point_mul(struct crypto_ec *e, const struct crypto_ec_point *p,
const struct crypto_bignum *b,
struct crypto_ec_point *res);
/**
* crypto_ec_point_invert - Compute inverse of an EC point
* @e: EC context from crypto_ec_init()
* @p: EC point to invert (and result of the operation)
* Returns: 0 on success, -1 on failure
*/
int crypto_ec_point_invert(struct crypto_ec *e, struct crypto_ec_point *p);
/**
* crypto_ec_point_solve_y_coord - Solve y coordinate for an x coordinate
* @e: EC context from crypto_ec_init()
* @p: EC point to use for the returning the result
* @x: x coordinate
* @y_bit: y-bit (0 or 1) for selecting the y value to use
* Returns: 0 on success, -1 on failure
*/
int crypto_ec_point_solve_y_coord(struct crypto_ec *e,
struct crypto_ec_point *p,
const struct crypto_bignum *x, int y_bit);
/**
* crypto_ec_point_compute_y_sqr - Compute y^2 = x^3 + ax + b
* @e: EC context from crypto_ec_init()
* @x: x coordinate
* Returns: y^2 on success, %NULL failure
*/
struct crypto_bignum *
crypto_ec_point_compute_y_sqr(struct crypto_ec *e,
const struct crypto_bignum *x);
/**
* crypto_ec_point_is_at_infinity - Check whether EC point is neutral element
* @e: EC context from crypto_ec_init()
* @p: EC point
* Returns: 1 if the specified EC point is the neutral element of the group or
* 0 if not
*/
int crypto_ec_point_is_at_infinity(struct crypto_ec *e,
const struct crypto_ec_point *p);
/**
* crypto_ec_point_is_on_curve - Check whether EC point is on curve
* @e: EC context from crypto_ec_init()
* @p: EC point
* Returns: 1 if the specified EC point is on the curve or 0 if not
*/
int crypto_ec_point_is_on_curve(struct crypto_ec *e,
const struct crypto_ec_point *p);
/**
* crypto_ec_point_cmp - Compare two EC points
* @e: EC context from crypto_ec_init()
* @a: EC point
* @b: EC point
* Returns: 0 on equal, non-zero otherwise
*/
int crypto_ec_point_cmp(const struct crypto_ec *e,
const struct crypto_ec_point *a,
const struct crypto_ec_point *b);
struct crypto_ec_key;
/**
* crypto_ec_get_publickey_buf - Write EC public key to buffer
* @key: crypto key
* @key_buf: key buffer
* @len: length of buffer
* Returns: 0 on success, non-zero otherwise
*/
int crypto_ec_get_publickey_buf(struct crypto_ec_key *key, u8 *key_buf, int len);
/**
* crypto_ec_get_group_from_key - Write EC group from key
* @key: crypto key
* Returns: EC group
*/
struct crypto_ec_group *crypto_ec_get_group_from_key(struct crypto_ec_key *key);
/**
* crypto_ec_key_get_private_key - Get EC private key (in bignum format)
* @key: crypto key
* Returns: Private key
*/
struct crypto_bignum *crypto_ec_key_get_private_key(struct crypto_ec_key *key);
/**
* crypto_ec_key_parse_priv - Read key from character stream
* @privkey: Private key
* @privkey_len: private key len
* Returns: Crypto key
*/
struct crypto_ec_key *crypto_ec_key_parse_priv(const u8 *privkey, size_t privkey_len);
/**
* crypto_ec_get_mbedtls_to_nist_group_id - get nist group from mbedtls internal group
* @id: mbedtls group
* Returns: NIST group
*/
unsigned int crypto_ec_get_mbedtls_to_nist_group_id(int id);
/**
* crypto_ec_get_curve_id - get curve id from ec group
* @group: EC group
* Returns: curve ID
*/
int crypto_ec_get_curve_id(const struct crypto_ec_group *group);
/**
* crypto_ecdh: crypto ecdh
* @key_own: own key
* @key_peer: peer key
* @secret: secret
* @secret_len: secret len
* Returns: 0 if success else negative value
*/
int crypto_ecdh(struct crypto_ec_key *key_own, struct crypto_ec_key *key_peer,
u8 *secret, size_t *secret_len);
/**
* crypto_ecdsa_get_sign: get crypto ecdsa signed hash
* @hash: signed hash
* @r: ecdsa r
* @s: ecdsa s
* @csign: csign
* @hash_len: length of hash
* Return: 0 if success else negative value
*/
int crypto_ecdsa_get_sign(unsigned char *hash,
const struct crypto_bignum *r, const struct crypto_bignum *s,
struct crypto_ec_key *csign, int hash_len);
/**
* crypto_ec_key_verify_signature_r_s: verify ec key signature
* @csign: csign
* @hash: signed hash
* @hlen: length of hash
* @r: ecdsa r
* @s: ecdsa s
* @r_len: Length of @r buffer
* @s_len: Length of @s buffer
* Return: 0 if success else negative value
*/
int crypto_ec_key_verify_signature_r_s(struct crypto_ec_key *csign,
const unsigned char *hash, int hlen,
const u8 *r, size_t r_len,
const u8 *s, size_t s_len);
/**
* crypto_ec_parse_subpub_key: get EC key context from sub public key
* @p: data
* @len: data len
* Return: crypto_ec_key
*/
struct crypto_ec_key *crypto_ec_parse_subpub_key(const unsigned char *p, size_t len);
/**
* crypto_is_ec_key: check whether a key is EC key or not
* @key: crypto key
* Return: true if key else false
*/
int crypto_is_ec_key(struct crypto_ec_key *key);
/**
* crypto_ec_key_gen: generate crypto ec keypair
* @ike_group: grpup
* Return: crypto key
*/
struct crypto_ec_key * crypto_ec_key_gen(u16 ike_group);
/**
* crypto_ec_write_pub_key: return public key in character buffer
* @key: crypto key
* @der_len: buffer len
* Return: public key buffer
*/
int crypto_ec_write_pub_key(struct crypto_ec_key *key, unsigned char **key_buf);
/**
* crypto_ec_key_get_subject_public_key - Get SubjectPublicKeyInfo ASN.1 for an EC key
* @key: EC key from crypto_ec_key_parse/set_pub/priv() or crypto_ec_key_gen()
* Returns: Buffer with DER encoding of ASN.1 SubjectPublicKeyInfo or %NULL on failure
*/
struct wpabuf * crypto_ec_key_get_subject_public_key(struct crypto_ec_key *key);
/**
* crypto_ec_key_set_pub: set bignum point on ec curve
* @group: ec group
* @buf: x,y coordinate
* @len: length of x and y coordinate
* Return : crypto key or NULL on failure
*/
struct crypto_ec_key * crypto_ec_key_set_pub(const struct crypto_ec_group *group,
const u8 *buf, size_t len);
/**
* crypto_ec_key_debug_print: print ec key
* @key: crypto key
* @title: title
* Return: None
*/
void crypto_ec_key_debug_print(struct crypto_ec_key *key, const char *title);
/**
* crypto_ec_key_get_public_key: Public key from crypto key
* @key: crypto key
* Return : Public key
*/
struct crypto_ec_point *crypto_ec_key_get_public_key(struct crypto_ec_key *key);
/**
* crypto_get_order: free crypto key
* Return : None
*/
int crypto_get_order(struct crypto_ec_group *group, struct crypto_bignum *x);
/**
* crypto_ec_get_affine_coordinates : get affine coordinate of ec curve
* @e: ec curve
* @pt: point
* @x: x coordinate
* @y: y coordinate
* Return : 0 if success
*/
int crypto_ec_get_affine_coordinates(struct crypto_ec *e, struct crypto_ec_point *pt,
struct crypto_bignum *x, struct crypto_bignum *y);
/**
* crypto_ec_get_group_byname: get ec curve group by name
* @name: ec curve name
* Return : EC group
*/
struct crypto_ec_group *crypto_ec_get_group_byname(const char *name);
/**
* crypto_ec_key_compare: check whether two keys belong to same
* Return : 1 if yes else 0
*/
int crypto_ec_key_compare(struct crypto_ec_key *key1, struct crypto_ec_key *key2);
/*
* crypto_write_pubkey_der: get public key in der format
* @csign: key
* @key_buf: key buffer in character format
* Return : len of char buffer if success
*/
int crypto_write_pubkey_der(struct crypto_ec_key *csign, unsigned char **key_buf);
/**
* crypto_free_buffer: free buffer allocated by crypto API
* @buf: buffer pointer
* Return : None
*/
void crypto_free_buffer(unsigned char *buf);
/**
* @crypto_ec_get_priv_key_der: get private key in der format
* @key: key structure
* @key_data: key data in character buffer
* @key_len = key length of character buffer
* Return : 0 if success
*/
int crypto_ec_get_priv_key_der(struct crypto_ec_key *key, unsigned char **key_data, int *key_len);
/**
* crypto_bignum_to_string: get big number in ascii format
* @a: big number
* @buf: buffer in which number will written to
* @buflen: buffer length
* @padlen: padding length
* Return : 0 if success
*/
int crypto_bignum_to_string(const struct crypto_bignum *a,
u8 *buf, size_t buflen, size_t padlen);
struct crypto_ecdh;
void crypto_ecdh_deinit(struct crypto_ecdh *ecdh);
struct crypto_ecdh * crypto_ecdh_init(int group);
struct wpabuf * crypto_ecdh_get_pubkey(struct crypto_ecdh *ecdh,int y);
struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y,
const u8 *key, size_t len);
/**
* crypto_ec_key_parse_pub - Initialize EC key pair from SubjectPublicKeyInfo ASN.1
* @der: DER encoding of ASN.1 SubjectPublicKeyInfo
* @der_len: Length of @der buffer
* Returns: EC key or %NULL on failure
*/
struct crypto_ec_key * crypto_ec_key_parse_pub(const u8 *der, size_t der_len);
/**
* crypto_ec_key_group - Get IANA group identifier for an EC key
* @key: EC key from crypto_ec_key_parse/set_pub/priv() or crypto_ec_key_gen()
* Returns: IANA group identifier and -1 on failure
*/
int crypto_ec_key_group(struct crypto_ec_key *key);
/**
* crypto_ec_key_deinit - Free EC key
* @key: EC key from crypto_ec_key_parse_pub/priv() or crypto_ec_key_gen()
*/
void crypto_ec_key_deinit(struct crypto_ec_key *key);
/**
* crypto_ec_key_verify_signature - Verify ECDSA signature
* @key: EC key from crypto_ec_key_parse/set_pub() or crypto_ec_key_gen()
* @data: Data to be signed
* @len: Length of @data buffer
* @sig: DER encoding of ASN.1 Ecdsa-Sig-Value
* @sig_len: Length of @sig buffer
* Returns: 1 if signature is valid, 0 if signature is invalid and -1 on failure
*/
int crypto_ec_key_verify_signature(struct crypto_ec_key *key, const u8 *data,
size_t len, const u8 *sig, size_t sig_len);
#endif /* CRYPTO_H */
Details ![]()
Show: from Types: Columns: ![]( "Show Project Names")
![]( "Show Locations")
![]( "Show Referring Symbols")
![]( "Show Scope")
This file uses the notable symbols shown below. Click anywhere in the file to view more details.