1 /* 2 * Copyright (c) 2007-2016, Cameron Rich 3 * 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions are met: 8 * 9 * * Redistributions of source code must retain the above copyright notice, 10 * this list of conditions and the following disclaimer. 11 * * Redistributions in binary form must reproduce the above copyright notice, 12 * this list of conditions and the following disclaimer in the documentation 13 * and/or other materials provided with the distribution. 14 * * Neither the name of the axTLS project nor the names of its contributors 15 * may be used to endorse or promote products derived from this software 16 * without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 22 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 23 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 24 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 25 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 26 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 27 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 28 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 /** 32 * @file crypto.h 33 */ 34 35 #ifndef HEADER_CRYPTO_H 36 #define HEADER_CRYPTO_H 37 38 #ifdef __cplusplus 39 extern "C" { 40 #endif 41 42 #include "../config/config.h" 43 #include "bigint_impl.h" 44 #include "bigint.h" 45 46 #ifndef STDCALL 47 #define STDCALL 48 #endif 49 #ifndef EXP_FUNC 50 #define EXP_FUNC 51 #endif 52 53 54 /* enable features based on a 'super-set' capbaility. */ 55 #if defined(CONFIG_SSL_FULL_MODE) 56 #define CONFIG_SSL_ENABLE_CLIENT 57 #define CONFIG_SSL_CERT_VERIFICATION 58 #elif defined(CONFIG_SSL_ENABLE_CLIENT) 59 #define CONFIG_SSL_CERT_VERIFICATION 60 #endif 61 62 /************************************************************************** 63 * AES declarations 64 **************************************************************************/ 65 66 #define AES_MAXROUNDS 14 67 #define AES_BLOCKSIZE 16 68 #define AES_IV_SIZE 16 69 70 typedef struct aes_key_st 71 { 72 uint16_t rounds; 73 uint16_t key_size; 74 uint32_t ks[(AES_MAXROUNDS+1)*8]; 75 uint8_t iv[AES_IV_SIZE]; 76 } AES_CTX; 77 78 typedef enum 79 { 80 AES_MODE_128, 81 AES_MODE_256 82 } AES_MODE; 83 84 void AES_set_key(AES_CTX *ctx, const uint8_t *key, 85 const uint8_t *iv, AES_MODE mode); 86 void AES_cbc_encrypt(AES_CTX *ctx, const uint8_t *msg, 87 uint8_t *out, int length); 88 void AES_cbc_decrypt(AES_CTX *ks, const uint8_t *in, uint8_t *out, int length); 89 void AES_convert_key(AES_CTX *ctx); 90 91 /************************************************************************** 92 * RC4 declarations 93 **************************************************************************/ 94 95 typedef struct 96 { 97 uint8_t x, y, m[256]; 98 } RC4_CTX; 99 100 void RC4_setup(RC4_CTX *s, const uint8_t *key, int length); 101 void RC4_crypt(RC4_CTX *s, const uint8_t *msg, uint8_t *data, int length); 102 103 /************************************************************************** 104 * SHA1 declarations 105 **************************************************************************/ 106 107 #define SHA1_SIZE 20 108 109 /* 110 * This structure will hold context information for the SHA-1 111 * hashing operation 112 */ 113 typedef struct 114 { 115 uint32_t Intermediate_Hash[SHA1_SIZE/4]; /* Message Digest */ 116 uint32_t Length_Low; /* Message length in bits */ 117 uint32_t Length_High; /* Message length in bits */ 118 uint16_t Message_Block_Index; /* Index into message block array */ 119 uint8_t Message_Block[64]; /* 512-bit message blocks */ 120 } SHA1_CTX; 121 122 void SHA1_Init(SHA1_CTX *); 123 void SHA1_Update(SHA1_CTX *, const uint8_t * msg, int len); 124 void SHA1_Final(uint8_t *digest, SHA1_CTX *); 125 126 /************************************************************************** 127 * SHA256 declarations 128 **************************************************************************/ 129 130 #define SHA256_SIZE 32 131 132 typedef struct 133 { 134 uint32_t total[2]; 135 uint32_t state[8]; 136 uint8_t buffer[64]; 137 } SHA256_CTX; 138 139 void SHA256_Init(SHA256_CTX *c); 140 void SHA256_Update(SHA256_CTX *, const uint8_t *input, int len); 141 void SHA256_Final(uint8_t *digest, SHA256_CTX *); 142 143 /************************************************************************** 144 * SHA512 declarations 145 **************************************************************************/ 146 147 #define SHA512_SIZE 64 148 149 typedef struct 150 { 151 union 152 { 153 uint64_t h[8]; 154 uint8_t digest[64]; 155 } h_dig; 156 union 157 { 158 uint64_t w[80]; 159 uint8_t buffer[128]; 160 } w_buf; 161 size_t size; 162 uint64_t totalSize; 163 } SHA512_CTX; 164 165 void SHA512_Init(SHA512_CTX *c); 166 void SHA512_Update(SHA512_CTX *, const uint8_t *input, int len); 167 void SHA512_Final(uint8_t *digest, SHA512_CTX *); 168 169 /************************************************************************** 170 * SHA384 declarations 171 **************************************************************************/ 172 173 #define SHA384_SIZE 48 174 175 typedef SHA512_CTX SHA384_CTX; 176 void SHA384_Init(SHA384_CTX *c); 177 void SHA384_Update(SHA384_CTX *, const uint8_t *input, int len); 178 void SHA384_Final(uint8_t *digest, SHA384_CTX *); 179 180 /************************************************************************** 181 * MD5 declarations 182 **************************************************************************/ 183 184 #define MD5_SIZE 16 185 186 typedef struct 187 { 188 uint32_t state[4]; /* state (ABCD) */ 189 uint32_t count[2]; /* number of bits, modulo 2^64 (lsb first) */ 190 uint8_t buffer[64]; /* input buffer */ 191 } MD5_CTX; 192 193 EXP_FUNC void STDCALL MD5_Init(MD5_CTX *); 194 EXP_FUNC void STDCALL MD5_Update(MD5_CTX *, const uint8_t *msg, int len); 195 EXP_FUNC void STDCALL MD5_Final(uint8_t *digest, MD5_CTX *); 196 197 /************************************************************************** 198 * HMAC declarations 199 **************************************************************************/ 200 void hmac_md5(const uint8_t *msg, int length, const uint8_t *key, 201 int key_len, uint8_t *digest); 202 void hmac_sha1(const uint8_t *msg, int length, const uint8_t *key, 203 int key_len, uint8_t *digest); 204 void hmac_sha256(const uint8_t *msg, int length, const uint8_t *key, 205 int key_len, uint8_t *digest); 206 207 /************************************************************************** 208 * RSA declarations 209 **************************************************************************/ 210 211 typedef struct 212 { 213 bigint *m; /* modulus */ 214 bigint *e; /* public exponent */ 215 bigint *d; /* private exponent */ 216 #ifdef CONFIG_BIGINT_CRT 217 bigint *p; /* p as in m = pq */ 218 bigint *q; /* q as in m = pq */ 219 bigint *dP; /* d mod (p-1) */ 220 bigint *dQ; /* d mod (q-1) */ 221 bigint *qInv; /* q^-1 mod p */ 222 #endif 223 int num_octets; 224 BI_CTX *bi_ctx; 225 } RSA_CTX; 226 227 void RSA_priv_key_new(RSA_CTX **rsa_ctx, 228 const uint8_t *modulus, int mod_len, 229 const uint8_t *pub_exp, int pub_len, 230 const uint8_t *priv_exp, int priv_len 231 #ifdef CONFIG_BIGINT_CRT 232 , const uint8_t *p, int p_len, 233 const uint8_t *q, int q_len, 234 const uint8_t *dP, int dP_len, 235 const uint8_t *dQ, int dQ_len, 236 const uint8_t *qInv, int qInv_len 237 #endif 238 ); 239 void RSA_pub_key_new(RSA_CTX **rsa_ctx, 240 const uint8_t *modulus, int mod_len, 241 const uint8_t *pub_exp, int pub_len); 242 void RSA_free(RSA_CTX *ctx); 243 int RSA_decrypt(const RSA_CTX *ctx, const uint8_t *in_data, uint8_t *out_data, 244 int out_len, int is_decryption); 245 bigint *RSA_private(const RSA_CTX *c, bigint *bi_msg); 246 #if defined(CONFIG_SSL_CERT_VERIFICATION) || defined(CONFIG_SSL_GENERATE_X509_CERT) 247 bigint *RSA_sign_verify(BI_CTX *ctx, const uint8_t *sig, int sig_len, 248 bigint *modulus, bigint *pub_exp); 249 bigint *RSA_public(const RSA_CTX * c, bigint *bi_msg); 250 int RSA_encrypt(const RSA_CTX *ctx, const uint8_t *in_data, uint16_t in_len, 251 uint8_t *out_data, int is_signing); 252 void RSA_print(const RSA_CTX *ctx); 253 #endif 254 255 /************************************************************************** 256 * RNG declarations 257 **************************************************************************/ 258 EXP_FUNC void STDCALL RNG_initialize(void); 259 EXP_FUNC void STDCALL RNG_custom_init(const uint8_t *seed_buf, int size); 260 EXP_FUNC void STDCALL RNG_terminate(void); 261 EXP_FUNC int STDCALL get_random(int num_rand_bytes, uint8_t *rand_data); 262 int get_random_NZ(int num_rand_bytes, uint8_t *rand_data); 263 264 #ifdef __cplusplus 265 } 266 #endif 267 268 #endif 269