1 /*
2 * Crypto wrapper functions for NSS
3 * Copyright (c) 2009, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
15 #include "includes.h"
16 #include <nspr/prtypes.h>
17 #include <nspr/plarenas.h>
18 #include <nspr/plhash.h>
19 #include <nspr/prtime.h>
20 #include <nspr/prinrval.h>
21 #include <nspr/prclist.h>
22 #include <nspr/prlock.h>
23 #include <nss/sechash.h>
24 #include <nss/pk11pub.h>
25
26 #include "common.h"
27 #include "crypto.h"
28
29
nss_hash(HASH_HashType type,unsigned int max_res_len,size_t num_elem,const u8 * addr[],const size_t * len,u8 * mac)30 static int nss_hash(HASH_HashType type, unsigned int max_res_len,
31 size_t num_elem, const u8 *addr[], const size_t *len,
32 u8 *mac)
33 {
34 HASHContext *ctx;
35 size_t i;
36 unsigned int reslen;
37
38 ctx = HASH_Create(type);
39 if (ctx == NULL)
40 return -1;
41
42 HASH_Begin(ctx);
43 for (i = 0; i < num_elem; i++)
44 HASH_Update(ctx, addr[i], len[i]);
45 HASH_End(ctx, mac, &reslen, max_res_len);
46 HASH_Destroy(ctx);
47
48 return 0;
49 }
50
51
des_encrypt(const u8 * clear,const u8 * key,u8 * cypher)52 void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
53 {
54 PK11Context *ctx = NULL;
55 PK11SlotInfo *slot;
56 SECItem *param = NULL;
57 PK11SymKey *symkey = NULL;
58 SECItem item;
59 int olen;
60 u8 pkey[8], next, tmp;
61 int i;
62
63 /* Add parity bits to the key */
64 next = 0;
65 for (i = 0; i < 7; i++) {
66 tmp = key[i];
67 pkey[i] = (tmp >> i) | next | 1;
68 next = tmp << (7 - i);
69 }
70 pkey[i] = next | 1;
71
72 slot = PK11_GetBestSlot(CKM_DES_ECB, NULL);
73 if (slot == NULL) {
74 wpa_printf(MSG_ERROR, "NSS: PK11_GetBestSlot failed");
75 goto out;
76 }
77
78 item.type = siBuffer;
79 item.data = pkey;
80 item.len = 8;
81 symkey = PK11_ImportSymKey(slot, CKM_DES_ECB, PK11_OriginDerive,
82 CKA_ENCRYPT, &item, NULL);
83 if (symkey == NULL) {
84 wpa_printf(MSG_ERROR, "NSS: PK11_ImportSymKey failed");
85 goto out;
86 }
87
88 param = PK11_GenerateNewParam(CKM_DES_ECB, symkey);
89 if (param == NULL) {
90 wpa_printf(MSG_ERROR, "NSS: PK11_GenerateNewParam failed");
91 goto out;
92 }
93
94 ctx = PK11_CreateContextBySymKey(CKM_DES_ECB, CKA_ENCRYPT,
95 symkey, param);
96 if (ctx == NULL) {
97 wpa_printf(MSG_ERROR, "NSS: PK11_CreateContextBySymKey("
98 "CKM_DES_ECB) failed");
99 goto out;
100 }
101
102 if (PK11_CipherOp(ctx, cypher, &olen, 8, (void *) clear, 8) !=
103 SECSuccess) {
104 wpa_printf(MSG_ERROR, "NSS: PK11_CipherOp failed");
105 goto out;
106 }
107
108 out:
109 if (ctx)
110 PK11_DestroyContext(ctx, PR_TRUE);
111 if (symkey)
112 PK11_FreeSymKey(symkey);
113 if (param)
114 SECITEM_FreeItem(param, PR_TRUE);
115 }
116
117
rc4_skip(const u8 * key,size_t keylen,size_t skip,u8 * data,size_t data_len)118 int rc4_skip(const u8 *key, size_t keylen, size_t skip,
119 u8 *data, size_t data_len)
120 {
121 return -1;
122 }
123
124
md5_vector(size_t num_elem,const u8 * addr[],const size_t * len,u8 * mac)125 int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
126 {
127 return nss_hash(HASH_AlgMD5, 16, num_elem, addr, len, mac);
128 }
129
130
sha1_vector(size_t num_elem,const u8 * addr[],const size_t * len,u8 * mac)131 int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
132 {
133 return nss_hash(HASH_AlgSHA1, 20, num_elem, addr, len, mac);
134 }
135
136
sha256_vector(size_t num_elem,const u8 * addr[],const size_t * len,u8 * mac)137 int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len,
138 u8 *mac)
139 {
140 return nss_hash(HASH_AlgSHA256, 32, num_elem, addr, len, mac);
141 }
142
143
aes_encrypt_init(const u8 * key,size_t len)144 void * aes_encrypt_init(const u8 *key, size_t len)
145 {
146 return NULL;
147 }
148
149
aes_encrypt(void * ctx,const u8 * plain,u8 * crypt)150 void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
151 {
152 }
153
154
aes_encrypt_deinit(void * ctx)155 void aes_encrypt_deinit(void *ctx)
156 {
157 }
158
159
aes_decrypt_init(const u8 * key,size_t len)160 void * aes_decrypt_init(const u8 *key, size_t len)
161 {
162 return NULL;
163 }
164
165
aes_decrypt(void * ctx,const u8 * crypt,u8 * plain)166 void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
167 {
168 }
169
170
aes_decrypt_deinit(void * ctx)171 void aes_decrypt_deinit(void *ctx)
172 {
173 }
174
175
crypto_mod_exp(const u8 * base,size_t base_len,const u8 * power,size_t power_len,const u8 * modulus,size_t modulus_len,u8 * result,size_t * result_len)176 int crypto_mod_exp(const u8 *base, size_t base_len,
177 const u8 *power, size_t power_len,
178 const u8 *modulus, size_t modulus_len,
179 u8 *result, size_t *result_len)
180 {
181 return -1;
182 }
183
184
185 struct crypto_cipher {
186 };
187
188
crypto_cipher_init(enum crypto_cipher_alg alg,const u8 * iv,const u8 * key,size_t key_len)189 struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
190 const u8 *iv, const u8 *key,
191 size_t key_len)
192 {
193 return NULL;
194 }
195
196
crypto_cipher_encrypt(struct crypto_cipher * ctx,const u8 * plain,u8 * crypt,size_t len)197 int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain,
198 u8 *crypt, size_t len)
199 {
200 return -1;
201 }
202
203
crypto_cipher_decrypt(struct crypto_cipher * ctx,const u8 * crypt,u8 * plain,size_t len)204 int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
205 u8 *plain, size_t len)
206 {
207 return -1;
208 }
209
210
crypto_cipher_deinit(struct crypto_cipher * ctx)211 void crypto_cipher_deinit(struct crypto_cipher *ctx)
212 {
213 }
214