1/*
2 * Crypto wrapper functions for NSS
3 * Copyright (c) 2009, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9#include "includes.h"
10#include <nspr/prtypes.h>
11#include <nspr/plarenas.h>
12#include <nspr/plhash.h>
13#include <nspr/prtime.h>
14#include <nspr/prinrval.h>
15#include <nspr/prclist.h>
16#include <nspr/prlock.h>
17#include <nss/sechash.h>
18#include <nss/pk11pub.h>
19
20#include "common.h"
21#include "crypto.h"
22
23
24static int nss_hash(HASH_HashType type, unsigned int max_res_len,
25		    size_t num_elem, const u8 *addr[], const size_t *len,
26		    u8 *mac)
27{
28	HASHContext *ctx;
29	size_t i;
30	unsigned int reslen;
31
32	ctx = HASH_Create(type);
33	if (ctx == NULL)
34		return -1;
35
36	HASH_Begin(ctx);
37	for (i = 0; i < num_elem; i++)
38		HASH_Update(ctx, addr[i], len[i]);
39	HASH_End(ctx, mac, &reslen, max_res_len);
40	HASH_Destroy(ctx);
41
42	return 0;
43}
44
45
46void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
47{
48	PK11Context *ctx = NULL;
49	PK11SlotInfo *slot;
50	SECItem *param = NULL;
51	PK11SymKey *symkey = NULL;
52	SECItem item;
53	int olen;
54	u8 pkey[8], next, tmp;
55	int i;
56
57	/* Add parity bits to the key */
58	next = 0;
59	for (i = 0; i < 7; i++) {
60		tmp = key[i];
61		pkey[i] = (tmp >> i) | next | 1;
62		next = tmp << (7 - i);
63	}
64	pkey[i] = next | 1;
65
66	slot = PK11_GetBestSlot(CKM_DES_ECB, NULL);
67	if (slot == NULL) {
68		wpa_printf(MSG_ERROR, "NSS: PK11_GetBestSlot failed");
69		goto out;
70	}
71
72	item.type = siBuffer;
73	item.data = pkey;
74	item.len = 8;
75	symkey = PK11_ImportSymKey(slot, CKM_DES_ECB, PK11_OriginDerive,
76				   CKA_ENCRYPT, &item, NULL);
77	if (symkey == NULL) {
78		wpa_printf(MSG_ERROR, "NSS: PK11_ImportSymKey failed");
79		goto out;
80	}
81
82	param = PK11_GenerateNewParam(CKM_DES_ECB, symkey);
83	if (param == NULL) {
84		wpa_printf(MSG_ERROR, "NSS: PK11_GenerateNewParam failed");
85		goto out;
86	}
87
88	ctx = PK11_CreateContextBySymKey(CKM_DES_ECB, CKA_ENCRYPT,
89					 symkey, param);
90	if (ctx == NULL) {
91		wpa_printf(MSG_ERROR, "NSS: PK11_CreateContextBySymKey("
92			   "CKM_DES_ECB) failed");
93		goto out;
94	}
95
96	if (PK11_CipherOp(ctx, cypher, &olen, 8, (void *) clear, 8) !=
97	    SECSuccess) {
98		wpa_printf(MSG_ERROR, "NSS: PK11_CipherOp failed");
99		goto out;
100	}
101
102out:
103	if (ctx)
104		PK11_DestroyContext(ctx, PR_TRUE);
105	if (symkey)
106		PK11_FreeSymKey(symkey);
107	if (param)
108		SECITEM_FreeItem(param, PR_TRUE);
109}
110
111
112int rc4_skip(const u8 *key, size_t keylen, size_t skip,
113	     u8 *data, size_t data_len)
114{
115	return -1;
116}
117
118
119int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
120{
121	return nss_hash(HASH_AlgMD5, 16, num_elem, addr, len, mac);
122}
123
124
125int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
126{
127	return nss_hash(HASH_AlgSHA1, 20, num_elem, addr, len, mac);
128}
129
130
131int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len,
132		  u8 *mac)
133{
134	return nss_hash(HASH_AlgSHA256, 32, num_elem, addr, len, mac);
135}
136
137
138void * aes_encrypt_init(const u8 *key, size_t len)
139{
140	return NULL;
141}
142
143
144void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
145{
146}
147
148
149void aes_encrypt_deinit(void *ctx)
150{
151}
152
153
154void * aes_decrypt_init(const u8 *key, size_t len)
155{
156	return NULL;
157}
158
159
160void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
161{
162}
163
164
165void aes_decrypt_deinit(void *ctx)
166{
167}
168
169
170int crypto_mod_exp(const u8 *base, size_t base_len,
171		   const u8 *power, size_t power_len,
172		   const u8 *modulus, size_t modulus_len,
173		   u8 *result, size_t *result_len)
174{
175	return -1;
176}
177
178
179struct crypto_cipher {
180};
181
182
183struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
184					  const u8 *iv, const u8 *key,
185					  size_t key_len)
186{
187	return NULL;
188}
189
190
191int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain,
192			  u8 *crypt, size_t len)
193{
194	return -1;
195}
196
197
198int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
199			  u8 *plain, size_t len)
200{
201	return -1;
202}
203
204
205void crypto_cipher_deinit(struct crypto_cipher *ctx)
206{
207}
208