1/* 2 * Crypto wrapper functions for NSS 3 * Copyright (c) 2009, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9#include "includes.h" 10#include <nspr/prtypes.h> 11#include <nspr/plarenas.h> 12#include <nspr/plhash.h> 13#include <nspr/prtime.h> 14#include <nspr/prinrval.h> 15#include <nspr/prclist.h> 16#include <nspr/prlock.h> 17#include <nss/sechash.h> 18#include <nss/pk11pub.h> 19 20#include "common.h" 21#include "crypto.h" 22 23 24static int nss_hash(HASH_HashType type, unsigned int max_res_len, 25 size_t num_elem, const u8 *addr[], const size_t *len, 26 u8 *mac) 27{ 28 HASHContext *ctx; 29 size_t i; 30 unsigned int reslen; 31 32 ctx = HASH_Create(type); 33 if (ctx == NULL) 34 return -1; 35 36 HASH_Begin(ctx); 37 for (i = 0; i < num_elem; i++) 38 HASH_Update(ctx, addr[i], len[i]); 39 HASH_End(ctx, mac, &reslen, max_res_len); 40 HASH_Destroy(ctx); 41 42 return 0; 43} 44 45 46void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) 47{ 48 PK11Context *ctx = NULL; 49 PK11SlotInfo *slot; 50 SECItem *param = NULL; 51 PK11SymKey *symkey = NULL; 52 SECItem item; 53 int olen; 54 u8 pkey[8], next, tmp; 55 int i; 56 57 /* Add parity bits to the key */ 58 next = 0; 59 for (i = 0; i < 7; i++) { 60 tmp = key[i]; 61 pkey[i] = (tmp >> i) | next | 1; 62 next = tmp << (7 - i); 63 } 64 pkey[i] = next | 1; 65 66 slot = PK11_GetBestSlot(CKM_DES_ECB, NULL); 67 if (slot == NULL) { 68 wpa_printf(MSG_ERROR, "NSS: PK11_GetBestSlot failed"); 69 goto out; 70 } 71 72 item.type = siBuffer; 73 item.data = pkey; 74 item.len = 8; 75 symkey = PK11_ImportSymKey(slot, CKM_DES_ECB, PK11_OriginDerive, 76 CKA_ENCRYPT, &item, NULL); 77 if (symkey == NULL) { 78 wpa_printf(MSG_ERROR, "NSS: PK11_ImportSymKey failed"); 79 goto out; 80 } 81 82 param = PK11_GenerateNewParam(CKM_DES_ECB, symkey); 83 if (param == NULL) { 84 wpa_printf(MSG_ERROR, "NSS: PK11_GenerateNewParam failed"); 85 goto out; 86 } 87 88 ctx = PK11_CreateContextBySymKey(CKM_DES_ECB, CKA_ENCRYPT, 89 symkey, param); 90 if (ctx == NULL) { 91 wpa_printf(MSG_ERROR, "NSS: PK11_CreateContextBySymKey(" 92 "CKM_DES_ECB) failed"); 93 goto out; 94 } 95 96 if (PK11_CipherOp(ctx, cypher, &olen, 8, (void *) clear, 8) != 97 SECSuccess) { 98 wpa_printf(MSG_ERROR, "NSS: PK11_CipherOp failed"); 99 goto out; 100 } 101 102out: 103 if (ctx) 104 PK11_DestroyContext(ctx, PR_TRUE); 105 if (symkey) 106 PK11_FreeSymKey(symkey); 107 if (param) 108 SECITEM_FreeItem(param, PR_TRUE); 109} 110 111 112int rc4_skip(const u8 *key, size_t keylen, size_t skip, 113 u8 *data, size_t data_len) 114{ 115 return -1; 116} 117 118 119int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) 120{ 121 return nss_hash(HASH_AlgMD5, 16, num_elem, addr, len, mac); 122} 123 124 125int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) 126{ 127 return nss_hash(HASH_AlgSHA1, 20, num_elem, addr, len, mac); 128} 129 130 131int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, 132 u8 *mac) 133{ 134 return nss_hash(HASH_AlgSHA256, 32, num_elem, addr, len, mac); 135} 136 137 138void * aes_encrypt_init(const u8 *key, size_t len) 139{ 140 return NULL; 141} 142 143 144void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) 145{ 146} 147 148 149void aes_encrypt_deinit(void *ctx) 150{ 151} 152 153 154void * aes_decrypt_init(const u8 *key, size_t len) 155{ 156 return NULL; 157} 158 159 160void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) 161{ 162} 163 164 165void aes_decrypt_deinit(void *ctx) 166{ 167} 168 169 170int crypto_mod_exp(const u8 *base, size_t base_len, 171 const u8 *power, size_t power_len, 172 const u8 *modulus, size_t modulus_len, 173 u8 *result, size_t *result_len) 174{ 175 return -1; 176} 177 178 179struct crypto_cipher { 180}; 181 182 183struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, 184 const u8 *iv, const u8 *key, 185 size_t key_len) 186{ 187 return NULL; 188} 189 190 191int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain, 192 u8 *crypt, size_t len) 193{ 194 return -1; 195} 196 197 198int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt, 199 u8 *plain, size_t len) 200{ 201 return -1; 202} 203 204 205void crypto_cipher_deinit(struct crypto_cipher *ctx) 206{ 207} 208