crypto.h revision a54fa5fb807eaeff45464139b5a7759f060cec68
14b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis/* 24b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis * Wrapper functions for crypto libraries 34b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis * Copyright (c) 2004-2013, Jouni Malinen <j@w1.fi> 44b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis * 54b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis * This software may be distributed under the terms of the BSD license. 64b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis * See README for more details. 74b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis * 84b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis * This file defines the cryptographic functions that need to be implemented 94b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis * for wpa_supplicant and hostapd. When TLS is not used, internal 104b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis * implementation of MD5, SHA1, and AES is used and no external libraries are 114b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis * required. When TLS is enabled (e.g., by enabling EAP-TLS or EAP-PEAP), the 124b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis * crypto library used by the TLS implementation is expected to be used for 134b562cf889bc59e1914dd2c5d9fbd7e7bfa1ad77Argyrios Kyrtzidis * non-TLS needs, too, in order to save space by not implementing these 140853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis * functions twice. 150853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis * 160853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis * Wrapper code for using each crypto library is in its own file (crypto*.c) 1705a07605322dfef2b017781042043a261c5a89cdSebastian Redl * and one of these files is build and linked in to provide the functions 18914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregor * defined here. 190a2c5e256abb4dc031c21fe4dc92c4f3afe9947cJohn McCall */ 206aa52ec6b969faabf3764baf79d89810b8249a7eDouglas Gregor 214ae8f298b1ea51b4c2234f9148e2e4349c9bdd23Douglas Gregor#ifndef CRYPTO_H 22478851c3ed6bd784e7377dffd8e57b200c1b9ba9Benjamin Kramer#define CRYPTO_H 23d3b74d9ca4f239a7a90ad193378c494306c57352Ted Kremenek 2431b87d8006d4863dd9b17e515ac720941efc38e3Daniel Dunbar/** 25eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * md4_vector - MD4 hash for data vector 26389db16c63eec6ecfa9b235155252d8da766e94eArgyrios Kyrtzidis * @num_elem: Number of elements in the data vector 2787c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * @addr: Pointers to the data areas 2828019772db70d4547be05a042eb950bc910f134fDouglas Gregor * @len: Lengths of the data blocks 290853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis * @mac: Buffer for the hash 30a88084b78fd4ca5d3d858c14b02414f8cc399f02Douglas Gregor * Returns: 0 on success, -1 on failure 31cc5888d833caf90ebda37f24da40d2cd06b4d820Douglas Gregor */ 3203013fa9a0bf1ef4b907f5fec006c8f4000fdd21Michael J. Spencerint md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac); 33788f5a1242c04762f91eaa7565c07b9865846d88Douglas Gregor 340853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis/** 35f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar * md5_vector - MD5 hash for data vector 36f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar * @num_elem: Number of elements in the data vector 374db64a461cb3442934afe43c83ed3f17f7c11c1dDouglas Gregor * @addr: Pointers to the data areas 38cc5888d833caf90ebda37f24da40d2cd06b4d820Douglas Gregor * @len: Lengths of the data blocks 394db64a461cb3442934afe43c83ed3f17f7c11c1dDouglas Gregor * @mac: Buffer for the hash 404db64a461cb3442934afe43c83ed3f17f7c11c1dDouglas Gregor * Returns: 0 on success, -1 on failure 414db64a461cb3442934afe43c83ed3f17f7c11c1dDouglas Gregor */ 424db64a461cb3442934afe43c83ed3f17f7c11c1dDouglas Gregorint md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac); 430853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis 440853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis 45521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar/** 46f62d43d2afe1960755a1b5813cae1e5983bcac1bDouglas Gregor * sha1_vector - SHA-1 hash for data vector 471abc6bca3d7fb0e7b1e40fbcad6cfb5e10594548Douglas Gregor * @num_elem: Number of elements in the data vector 48521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar * @addr: Pointers to the data areas 49e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * @len: Lengths of the data blocks 50521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar * @mac: Buffer for the hash 51d6471f7c1921c7802804ce3ff6fe9768310f72b9David Blaikie * Returns: 0 on success, -1 on failure 52521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar */ 53521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbarint sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, 54521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar u8 *mac); 55521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar 56521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar/** 57521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar * fips186_2-prf - NIST FIPS Publication 186-2 change notice 1 PRF 58d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidis * @seed: Seed/key for the PRF 590853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis * @seed_len: Seed length in bytes 603c7f4134603d04b44f997b43c0a9def270f25386Sebastian Redl * @x: Buffer for PRF output 610853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis * @xlen: Output length in bytes 626aa52ec6b969faabf3764baf79d89810b8249a7eDouglas Gregor * Returns: 0 on success, -1 on failure 63788f5a1242c04762f91eaa7565c07b9865846d88Douglas Gregor * 64c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith * This function implements random number generation specified in NIST FIPS 65c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith * Publication 186-2 for EAP-SIM. This PRF uses a function that is similar to 66c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith * SHA-1, but has different message padding. 67c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith */ 68c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmithint __must_check fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, 69c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith size_t xlen); 70c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith 71c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith/** 7262ba9f61af6177992d8cd2e3306257e1213b1bd3Argyrios Kyrtzidis * sha256_vector - SHA256 hash for data vector 73389db16c63eec6ecfa9b235155252d8da766e94eArgyrios Kyrtzidis * @num_elem: Number of elements in the data vector 74389db16c63eec6ecfa9b235155252d8da766e94eArgyrios Kyrtzidis * @addr: Pointers to the data areas 75389db16c63eec6ecfa9b235155252d8da766e94eArgyrios Kyrtzidis * @len: Lengths of the data blocks 76914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregor * @mac: Buffer for the hash 77914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregor * Returns: 0 on success, -1 on failure 786f42b62b6194f53bcbc349f5d17388e1936535d7Dylan Noblesmith */ 79914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregorint sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, 80914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregor u8 *mac); 81914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregor 826f42b62b6194f53bcbc349f5d17388e1936535d7Dylan Noblesmith/** 83914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregor * des_encrypt - Encrypt one block with DES 84807b06157a1a5c050520fc194d32f16d22d423a8Daniel Dunbar * @clear: 8 octets (in) 85807b06157a1a5c050520fc194d32f16d22d423a8Daniel Dunbar * @key: 7 octets (in) (no parity bits included) 86c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith * @cypher: 8 octets (out) 87914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregor */ 881aa27307c462baaa9e5fda14ff6797dd39fe8b84Douglas Gregorvoid des_encrypt(const u8 *clear, const u8 *key, u8 *cypher); 891aa27307c462baaa9e5fda14ff6797dd39fe8b84Douglas Gregor 901aa27307c462baaa9e5fda14ff6797dd39fe8b84Douglas Gregor/** 911aa27307c462baaa9e5fda14ff6797dd39fe8b84Douglas Gregor * aes_encrypt_init - Initialize AES for encryption 921aa27307c462baaa9e5fda14ff6797dd39fe8b84Douglas Gregor * @key: Encryption key 931aa27307c462baaa9e5fda14ff6797dd39fe8b84Douglas Gregor * @len: Key length in bytes (usually 16, i.e., 128 bits) 941aa27307c462baaa9e5fda14ff6797dd39fe8b84Douglas Gregor * Returns: Pointer to context data or %NULL on failure 957d1d49d2971b20a97b3c2a301470b9eaaa130137Douglas Gregor */ 967d1d49d2971b20a97b3c2a301470b9eaaa130137Douglas Gregorvoid * aes_encrypt_init(const u8 *key, size_t len); 977d1d49d2971b20a97b3c2a301470b9eaaa130137Douglas Gregor 987d1d49d2971b20a97b3c2a301470b9eaaa130137Douglas Gregor/** 99c7822dbf3c01a2a5f837cff82ba7889ea755dacaDaniel Dunbar * aes_encrypt - Encrypt one AES block 100abc563f554951259bbe0315055cad92ee14d87e4Douglas Gregor * @ctx: Context pointer from aes_encrypt_init() 101abc563f554951259bbe0315055cad92ee14d87e4Douglas Gregor * @plain: Plaintext data to be encrypted (16 bytes) 102e47be3e9682e82da15059006f43c7f3c021e4fffDouglas Gregor * @crypt: Buffer for the encrypted data (16 bytes) 103df95a13ec73d2cdaea79555cb412d767f4963120Douglas Gregor */ 104c7822dbf3c01a2a5f837cff82ba7889ea755dacaDaniel Dunbarvoid aes_encrypt(void *ctx, const u8 *plain, u8 *crypt); 105c7822dbf3c01a2a5f837cff82ba7889ea755dacaDaniel Dunbar 106467dc88512b4ba4bb16e274ea3771dc1415d31daDouglas Gregor/** 107467dc88512b4ba4bb16e274ea3771dc1415d31daDouglas Gregor * aes_encrypt_deinit - Deinitialize AES encryption 108df95a13ec73d2cdaea79555cb412d767f4963120Douglas Gregor * @ctx: Context pointer from aes_encrypt_init() 109213f18b3d654de7d1c7cf4a329ea9d3db1c50b6aDouglas Gregor */ 110213f18b3d654de7d1c7cf4a329ea9d3db1c50b6aDouglas Gregorvoid aes_encrypt_deinit(void *ctx); 11115727ddb11405c45372150b5bfb07dbfa4c9960bArgyrios Kyrtzidis 11215727ddb11405c45372150b5bfb07dbfa4c9960bArgyrios Kyrtzidis/** 11315727ddb11405c45372150b5bfb07dbfa4c9960bArgyrios Kyrtzidis * aes_decrypt_init - Initialize AES for decryption 114213f18b3d654de7d1c7cf4a329ea9d3db1c50b6aDouglas Gregor * @key: Decryption key 115f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar * @len: Key length in bytes (usually 16, i.e., 128 bits) 116f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar * Returns: Pointer to context data or %NULL on failure 117f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar */ 118f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbarvoid * aes_decrypt_init(const u8 *key, size_t len); 119f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar 120f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar/** 121f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar * aes_decrypt - Decrypt one AES block 122f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar * @ctx: Context pointer from aes_encrypt_init() 123332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidis * @crypt: Encrypted data (16 bytes) 124332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidis * @plain: Buffer for the decrypted data (16 bytes) 125332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidis */ 126332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidisvoid aes_decrypt(void *ctx, const u8 *crypt, u8 *plain); 127332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidis 128332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidis/** 129332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidis * aes_decrypt_deinit - Deinitialize AES decryption 130332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidis * @ctx: Context pointer from aes_encrypt_init() 13189d9980bbc2e4a4ac86673e6ec16fb9f5babb63bDouglas Gregor */ 13268d40e2d16b9fadba386853d6bbb60089291fdc5Daniel Dunbarvoid aes_decrypt_deinit(void *ctx); 13368d40e2d16b9fadba386853d6bbb60089291fdc5Daniel Dunbar 13468d40e2d16b9fadba386853d6bbb60089291fdc5Daniel Dunbar 135f62d43d2afe1960755a1b5813cae1e5983bcac1bDouglas Gregorenum crypto_hash_alg { 136686775deca8b8685eb90801495880e3abdd844c2Chris Lattner CRYPTO_HASH_ALG_MD5, CRYPTO_HASH_ALG_SHA1, 137f62d43d2afe1960755a1b5813cae1e5983bcac1bDouglas Gregor CRYPTO_HASH_ALG_HMAC_MD5, CRYPTO_HASH_ALG_HMAC_SHA1, 138a88084b78fd4ca5d3d858c14b02414f8cc399f02Douglas Gregor CRYPTO_HASH_ALG_SHA256, CRYPTO_HASH_ALG_HMAC_SHA256 139a88084b78fd4ca5d3d858c14b02414f8cc399f02Douglas Gregor}; 140686775deca8b8685eb90801495880e3abdd844c2Chris Lattner 141a88084b78fd4ca5d3d858c14b02414f8cc399f02Douglas Gregorstruct crypto_hash; 142e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis 143e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis/** 144e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * crypto_hash_init - Initialize hash/HMAC function 145e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * @alg: Hash algorithm 1464cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor * @key: Key for keyed hash (e.g., HMAC) or %NULL if not needed 1474cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor * @key_len: Length of the key in bytes 1484cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor * Returns: Pointer to hash context to use with other hash functions or %NULL 1494cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor * on failure 1504cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor * 1514cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor * This function is only used with internal TLSv1 implementation 1524cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 153eababfbddb74d186f78783a9731a78ad371c9800Douglas Gregor * to implement this. 154eababfbddb74d186f78783a9731a78ad371c9800Douglas Gregor */ 155eababfbddb74d186f78783a9731a78ad371c9800Douglas Gregorstruct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key, 156eababfbddb74d186f78783a9731a78ad371c9800Douglas Gregor size_t key_len); 157eababfbddb74d186f78783a9731a78ad371c9800Douglas Gregor 158eababfbddb74d186f78783a9731a78ad371c9800Douglas Gregor/** 159eababfbddb74d186f78783a9731a78ad371c9800Douglas Gregor * crypto_hash_update - Add data to hash calculation 160eababfbddb74d186f78783a9731a78ad371c9800Douglas Gregor * @ctx: Context pointer from crypto_hash_init() 161eababfbddb74d186f78783a9731a78ad371c9800Douglas Gregor * @data: Data buffer to add 162eababfbddb74d186f78783a9731a78ad371c9800Douglas Gregor * @len: Length of the buffer 1631872b3153a388b3a548c9f699cbc348128059be9Ted Kremenek * 164ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * This function is only used with internal TLSv1 implementation 165507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 166507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * to implement this. 167507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis */ 168507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidisvoid crypto_hash_update(struct crypto_hash *ctx, const u8 *data, size_t len); 169507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis 170507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis/** 171507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * crypto_hash_finish - Complete hash calculation 172507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * @ctx: Context pointer from crypto_hash_init() 173507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * @hash: Buffer for hash value or %NULL if caller is just freeing the hash 174507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * context 175507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * @len: Pointer to length of the buffer or %NULL if caller is just freeing the 176507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * hash context; on return, this is set to the actual length of the hash value 177507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * Returns: 0 on success, -1 if buffer is too small (len set to needed length), 178507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * or -2 on other failures (including failed crypto_hash_update() operations) 179507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * 180507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * This function calculates the hash value and frees the context buffer that 181507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * was used for hash calculation. 182507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * 183507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * This function is only used with internal TLSv1 implementation 184507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 185507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * to implement this. 186507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis */ 187507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidisint crypto_hash_finish(struct crypto_hash *ctx, u8 *hash, size_t *len); 188507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis 189507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis 190507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidisenum crypto_cipher_alg { 191507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis CRYPTO_CIPHER_NULL = 0, CRYPTO_CIPHER_ALG_AES, CRYPTO_CIPHER_ALG_3DES, 192507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis CRYPTO_CIPHER_ALG_DES, CRYPTO_CIPHER_ALG_RC2, CRYPTO_CIPHER_ALG_RC4 193ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis}; 194ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis 195ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidisstruct crypto_cipher; 196ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis 197ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis/** 198507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * crypto_cipher_init - Initialize block/stream cipher function 199507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * @alg: Cipher algorithm 200507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * @iv: Initialization vector for block ciphers or %NULL for stream ciphers 201507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * @key: Cipher key 202ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * @key_len: Length of key in bytes 203ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * Returns: Pointer to cipher context to use with other cipher functions or 204ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * %NULL on failure 205ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * 206ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * This function is only used with internal TLSv1 implementation 207ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 208175c4a9aa61f4449f27b729737e4438684ac6d92Douglas Gregor * to implement this. 209175c4a9aa61f4449f27b729737e4438684ac6d92Douglas Gregor */ 210507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidisstruct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, 211175c4a9aa61f4449f27b729737e4438684ac6d92Douglas Gregor const u8 *iv, const u8 *key, 212f4f6c9db68465b886ec2e596feaa6ecc782395a4Douglas Gregor size_t key_len); 213f4f6c9db68465b886ec2e596feaa6ecc782395a4Douglas Gregor 214f4f6c9db68465b886ec2e596feaa6ecc782395a4Douglas Gregor/** 215f4f6c9db68465b886ec2e596feaa6ecc782395a4Douglas Gregor * crypto_cipher_encrypt - Cipher encrypt 216f4f6c9db68465b886ec2e596feaa6ecc782395a4Douglas Gregor * @ctx: Context pointer from crypto_cipher_init() 217f4f6c9db68465b886ec2e596feaa6ecc782395a4Douglas Gregor * @plain: Plaintext to cipher 218175c4a9aa61f4449f27b729737e4438684ac6d92Douglas Gregor * @crypt: Resulting ciphertext 219175c4a9aa61f4449f27b729737e4438684ac6d92Douglas Gregor * @len: Length of the plaintext 220175c4a9aa61f4449f27b729737e4438684ac6d92Douglas Gregor * Returns: 0 on success, -1 on failure 221cc5888d833caf90ebda37f24da40d2cd06b4d820Douglas Gregor * 222cc5888d833caf90ebda37f24da40d2cd06b4d820Douglas Gregor * This function is only used with internal TLSv1 implementation 223cc5888d833caf90ebda37f24da40d2cd06b4d820Douglas Gregor * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 224cc5888d833caf90ebda37f24da40d2cd06b4d820Douglas Gregor * to implement this. 225cc5888d833caf90ebda37f24da40d2cd06b4d820Douglas Gregor */ 226cc5888d833caf90ebda37f24da40d2cd06b4d820Douglas Gregorint __must_check crypto_cipher_encrypt(struct crypto_cipher *ctx, 227cc5888d833caf90ebda37f24da40d2cd06b4d820Douglas Gregor const u8 *plain, u8 *crypt, size_t len); 228cc5888d833caf90ebda37f24da40d2cd06b4d820Douglas Gregor 22928233428da1ebec20c893d6297ae3191318940ddDouglas Gregor/** 23028233428da1ebec20c893d6297ae3191318940ddDouglas Gregor * crypto_cipher_decrypt - Cipher decrypt 23128233428da1ebec20c893d6297ae3191318940ddDouglas Gregor * @ctx: Context pointer from crypto_cipher_init() 23228233428da1ebec20c893d6297ae3191318940ddDouglas Gregor * @crypt: Ciphertext to decrypt 233c0659ec614c428c7d15746fcad15d50a2703751dDouglas Gregor * @plain: Resulting plaintext 234671947b18dba342f9aba022ee992babef325a833Douglas Gregor * @len: Length of the cipher text 235671947b18dba342f9aba022ee992babef325a833Douglas Gregor * Returns: 0 on success, -1 on failure 236671947b18dba342f9aba022ee992babef325a833Douglas Gregor * 237671947b18dba342f9aba022ee992babef325a833Douglas Gregor * This function is only used with internal TLSv1 implementation 238671947b18dba342f9aba022ee992babef325a833Douglas Gregor * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 239c0659ec614c428c7d15746fcad15d50a2703751dDouglas Gregor * to implement this. 240c0659ec614c428c7d15746fcad15d50a2703751dDouglas Gregor */ 241d6471f7c1921c7802804ce3ff6fe9768310f72b9David Blaikieint __must_check crypto_cipher_decrypt(struct crypto_cipher *ctx, 242d6471f7c1921c7802804ce3ff6fe9768310f72b9David Blaikie const u8 *crypt, u8 *plain, size_t len); 243c0659ec614c428c7d15746fcad15d50a2703751dDouglas Gregor 244c0659ec614c428c7d15746fcad15d50a2703751dDouglas Gregor/** 245c0659ec614c428c7d15746fcad15d50a2703751dDouglas Gregor * crypto_cipher_decrypt - Free cipher context 246c0659ec614c428c7d15746fcad15d50a2703751dDouglas Gregor * @ctx: Context pointer from crypto_cipher_init() 2473c7f4134603d04b44f997b43c0a9def270f25386Sebastian Redl * 248eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * This function is only used with internal TLSv1 implementation 2498538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 25089d9980bbc2e4a4ac86673e6ec16fb9f5babb63bDouglas Gregor * to implement this. 25187c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor */ 252d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenkovoid crypto_cipher_deinit(struct crypto_cipher *ctx); 253d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenko 254d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenko 255d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenkostruct crypto_public_key; 256d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenkostruct crypto_private_key; 2573e3cd93b2fd9644e970c389e715c13883faf68b6Douglas Gregor 2583e3cd93b2fd9644e970c389e715c13883faf68b6Douglas Gregor/** 2593e3cd93b2fd9644e970c389e715c13883faf68b6Douglas Gregor * crypto_public_key_import - Import an RSA public key 2603e3cd93b2fd9644e970c389e715c13883faf68b6Douglas Gregor * @key: Key buffer (DER encoded RSA public key) 261c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith * @len: Key buffer length in bytes 2620b53cf834346d78985aaa9e7300445a39c245614Douglas Gregor * Returns: Pointer to the public key or %NULL on failure 263e47be3e9682e82da15059006f43c7f3c021e4fffDouglas Gregor * 264e47be3e9682e82da15059006f43c7f3c021e4fffDouglas Gregor * This function can just return %NULL if the crypto library supports X.509 265686775deca8b8685eb90801495880e3abdd844c2Chris Lattner * parsing. In that case, crypto_public_key_from_cert() is used to import the 266f62d43d2afe1960755a1b5813cae1e5983bcac1bDouglas Gregor * public key from a certificate. 267686775deca8b8685eb90801495880e3abdd844c2Chris Lattner * 268686775deca8b8685eb90801495880e3abdd844c2Chris Lattner * This function is only used with internal TLSv1 implementation 269f62d43d2afe1960755a1b5813cae1e5983bcac1bDouglas Gregor * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 270332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidis * to implement this. 271332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidis */ 27287c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregorstruct crypto_public_key * crypto_public_key_import(const u8 *key, size_t len); 27387c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor 27487c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor/** 27587c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * crypto_private_key_import - Import an RSA private key 27687c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * @key: Key buffer (DER encoded RSA private key) 27787c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * @len: Key buffer length in bytes 27887c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * @passwd: Key encryption password or %NULL if key is not encrypted 27987c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * Returns: Pointer to the private key or %NULL on failure 28087c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * 28187c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * This function is only used with internal TLSv1 implementation 28287c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 28387c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * to implement this. 28487c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor */ 28587c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregorstruct crypto_private_key * crypto_private_key_import(const u8 *key, 28687c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor size_t len, 28787c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor const char *passwd); 28887c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor 28987c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor/** 29087c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * crypto_public_key_from_cert - Import an RSA public key from a certificate 29187c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * @buf: DER encoded X.509 certificate 29287c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * @len: Certificate buffer length in bytes 29387c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * Returns: Pointer to public key or %NULL on failure 29487c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * 29587c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * This function can just return %NULL if the crypto library does not support 2961827e10051638770ad9ccf3e285caf95f995afd1Douglas Gregor * X.509 parsing. In that case, internal code will be used to parse the 29758ddb60f409125eda5436c4a1f070f7fa4744295Douglas Gregor * certificate and public key is imported using crypto_public_key_import(). 29858ddb60f409125eda5436c4a1f070f7fa4744295Douglas Gregor * 29958ddb60f409125eda5436c4a1f070f7fa4744295Douglas Gregor * This function is only used with internal TLSv1 implementation 3001827e10051638770ad9ccf3e285caf95f995afd1Douglas Gregor * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 3011827e10051638770ad9ccf3e285caf95f995afd1Douglas Gregor * to implement this. 302f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor */ 303f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregorstruct crypto_public_key * crypto_public_key_from_cert(const u8 *buf, 304f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor size_t len); 305f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor 306f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor/** 307f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * crypto_public_key_encrypt_pkcs1_v15 - Public key encryption (PKCS #1 v1.5) 308f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * @key: Public key 309f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * @in: Plaintext buffer 31087c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * @inlen: Length of plaintext buffer in bytes 31187c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * @out: Output buffer for encrypted data 312f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * @outlen: Length of output buffer in bytes; set to used length on success 313f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * Returns: 0 on success, -1 on failure 314f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * 315f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * This function is only used with internal TLSv1 implementation 316f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 317f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * to implement this. 31848601b32321496b07a18fb6631f8563275d8c5fbDouglas Gregor */ 319c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmithint __must_check crypto_public_key_encrypt_pkcs1_v15( 32048601b32321496b07a18fb6631f8563275d8c5fbDouglas Gregor struct crypto_public_key *key, const u8 *in, size_t inlen, 32148601b32321496b07a18fb6631f8563275d8c5fbDouglas Gregor u8 *out, size_t *outlen); 32248601b32321496b07a18fb6631f8563275d8c5fbDouglas Gregor 32328a83f57003469fb615ad27dd34bcf5b0a10da8cArgyrios Kyrtzidis/** 32428a83f57003469fb615ad27dd34bcf5b0a10da8cArgyrios Kyrtzidis * crypto_private_key_decrypt_pkcs1_v15 - Private key decryption (PKCS #1 v1.5) 32528a83f57003469fb615ad27dd34bcf5b0a10da8cArgyrios Kyrtzidis * @key: Private key 32628a83f57003469fb615ad27dd34bcf5b0a10da8cArgyrios Kyrtzidis * @in: Encrypted buffer 32728a83f57003469fb615ad27dd34bcf5b0a10da8cArgyrios Kyrtzidis * @inlen: Length of encrypted buffer in bytes 32828a83f57003469fb615ad27dd34bcf5b0a10da8cArgyrios Kyrtzidis * @out: Output buffer for encrypted data 3298fa0a80b4482ad94e82c4a19e23de17fd69140b5Douglas Gregor * @outlen: Length of output buffer in bytes; set to used length on success 33028a83f57003469fb615ad27dd34bcf5b0a10da8cArgyrios Kyrtzidis * Returns: 0 on success, -1 on failure 33187c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * 332218937c13ef5b0625a70aad41ca7a92da9278bd2Douglas Gregor * This function is only used with internal TLSv1 implementation 333c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 33448601b32321496b07a18fb6631f8563275d8c5fbDouglas Gregor * to implement this. 3358fa0a80b4482ad94e82c4a19e23de17fd69140b5Douglas Gregor */ 33628a83f57003469fb615ad27dd34bcf5b0a10da8cArgyrios Kyrtzidisint __must_check crypto_private_key_decrypt_pkcs1_v15( 337218937c13ef5b0625a70aad41ca7a92da9278bd2Douglas Gregor struct crypto_private_key *key, const u8 *in, size_t inlen, 33887c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor u8 *out, size_t *outlen); 33987c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor 34087c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor/** 341f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * crypto_private_key_sign_pkcs1 - Sign with private key (PKCS #1) 342f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * @key: Private key from crypto_private_key_import() 343f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * @in: Plaintext buffer 344f5586f6b311c98e1022a8fe0609053849b70d323Douglas Gregor * @inlen: Length of plaintext buffer in bytes 3459b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * @out: Output buffer for encrypted (signed) data 3469b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * @outlen: Length of output buffer in bytes; set to used length on success 347727d93ef49e18147149354fadd10e86b13bc4ab0Douglas Gregor * Returns: 0 on success, -1 on failure 3489b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * 3499b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * This function is only used with internal TLSv1 implementation 3509b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 351727d93ef49e18147149354fadd10e86b13bc4ab0Douglas Gregor * to implement this. 3529b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor */ 3539b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregorint __must_check crypto_private_key_sign_pkcs1(struct crypto_private_key *key, 354727d93ef49e18147149354fadd10e86b13bc4ab0Douglas Gregor const u8 *in, size_t inlen, 3559b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor u8 *out, size_t *outlen); 3569b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor 3579b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor/** 358ea94bbc4769697143e717df9b0310f874102b6c1Daniel Dunbar * crypto_public_key_free - Free public key 3599b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * @key: Public key 3609b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * 3619b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * This function is only used with internal TLSv1 implementation 3629b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 363ea94bbc4769697143e717df9b0310f874102b6c1Daniel Dunbar * to implement this. 364ea94bbc4769697143e717df9b0310f874102b6c1Daniel Dunbar */ 365ea94bbc4769697143e717df9b0310f874102b6c1Daniel Dunbarvoid crypto_public_key_free(struct crypto_public_key *key); 366ea94bbc4769697143e717df9b0310f874102b6c1Daniel Dunbar 367c4421e966d77a18f815284175b3fcbb46f36fa39Douglas Gregor/** 368c4421e966d77a18f815284175b3fcbb46f36fa39Douglas Gregor * crypto_private_key_free - Free private key 36987c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * @key: Private key from crypto_private_key_import() 37087c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * 37187c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * This function is only used with internal TLSv1 implementation 37287c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 37387c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * to implement this. 37431b87d8006d4863dd9b17e515ac720941efc38e3Daniel Dunbar */ 37531b87d8006d4863dd9b17e515ac720941efc38e3Daniel Dunbarvoid crypto_private_key_free(struct crypto_private_key *key); 376bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor 3773687e9d3a5dbfa9963af02a49a2b139d91310813Douglas Gregor/** 3788b96253907c47141af0b7b2a44a368748d006a87Douglas Gregor * crypto_public_key_decrypt_pkcs1 - Decrypt PKCS #1 signature 379abc563f554951259bbe0315055cad92ee14d87e4Douglas Gregor * @key: Public key 380754f3490c5b0f5d83361f001bc87944f23644abbDouglas Gregor * @crypt: Encrypted signature data (using the private key) 381175c4a9aa61f4449f27b729737e4438684ac6d92Douglas Gregor * @crypt_len: Encrypted signature data length 382f4f6c9db68465b886ec2e596feaa6ecc782395a4Douglas Gregor * @plain: Buffer for plaintext (at least crypt_len bytes) 383df95a13ec73d2cdaea79555cb412d767f4963120Douglas Gregor * @plain_len: Plaintext length (max buffer size on input, real len on output); 384df95a13ec73d2cdaea79555cb412d767f4963120Douglas Gregor * Returns: 0 on success, -1 on failure 385175c4a9aa61f4449f27b729737e4438684ac6d92Douglas Gregor */ 386df95a13ec73d2cdaea79555cb412d767f4963120Douglas Gregorint __must_check crypto_public_key_decrypt_pkcs1( 38701b6e31a62e2265849f4388b9be6be0a5d13348dDouglas Gregor struct crypto_public_key *key, const u8 *crypt, size_t crypt_len, 388df95a13ec73d2cdaea79555cb412d767f4963120Douglas Gregor u8 *plain, size_t *plain_len); 389df95a13ec73d2cdaea79555cb412d767f4963120Douglas Gregor 390eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor/** 391e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * crypto_global_init - Initialize crypto wrapper 392e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * 393e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * This function is only used with internal TLSv1 implementation 394e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 395e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * to implement this. 396a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis */ 397a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidisint __must_check crypto_global_init(void); 398a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis 399a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis/** 400a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * crypto_global_deinit - Deinitialize crypto wrapper 401a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * 402a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * This function is only used with internal TLSv1 implementation 403a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 404d3cb28bef1e1d397b35126029465f2b7e8e8dc1fBenjamin Kramer * to implement this. 405a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis */ 406d3cb28bef1e1d397b35126029465f2b7e8e8dc1fBenjamin Kramervoid crypto_global_deinit(void); 407a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis 408a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis/** 409a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * crypto_mod_exp - Modular exponentiation of large integers 410a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * @base: Base integer (big endian byte array) 411a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * @base_len: Length of base integer in bytes 412a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * @power: Power integer (big endian byte array) 413a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * @power_len: Length of power integer in bytes 414a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * @modulus: Modulus integer (big endian byte array) 415a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * @modulus_len: Length of modulus integer in bytes 416a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * @result: Buffer for the result 4170853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis * @result_len: Result length (max buffer size on input, real len on output) 418bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor * Returns: 0 on success, -1 on failure 419a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * 420bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor * This function calculates result = base ^ power mod modulus. modules_len is 421bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor * used as the maximum size of modulus buffer. It is set to the used size on 422bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor * success. 423bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor * 424bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor * This function is only used with internal TLSv1 implementation 425a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidis * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 426bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor * to implement this. 427bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor */ 428a696ece1ac449a2b77e7c0a693b55cb10e9e2068Argyrios Kyrtzidisint __must_check crypto_mod_exp(const u8 *base, size_t base_len, 429bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor const u8 *power, size_t power_len, 430bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor const u8 *modulus, size_t modulus_len, 431bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor u8 *result, size_t *result_len); 432bdf6062bc10aa3b73b16402b440b8073310acd06Douglas Gregor 4330853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis/** 4340853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis * rc4_skip - XOR RC4 stream to given data with skip-stream-start 435c7822dbf3c01a2a5f837cff82ba7889ea755dacaDaniel Dunbar * @key: RC4 key 436c7822dbf3c01a2a5f837cff82ba7889ea755dacaDaniel Dunbar * @keylen: RC4 key length 437ea94bbc4769697143e717df9b0310f874102b6c1Daniel Dunbar * @skip: number of bytes to skip from the beginning of the RC4 stream 438ea94bbc4769697143e717df9b0310f874102b6c1Daniel Dunbar * @data: data to be XOR'ed with RC4 stream 439ea94bbc4769697143e717df9b0310f874102b6c1Daniel Dunbar * @data_len: buf length 440d6471f7c1921c7802804ce3ff6fe9768310f72b9David Blaikie * Returns: 0 on success, -1 on failure 441d6471f7c1921c7802804ce3ff6fe9768310f72b9David Blaikie * 4423687e9d3a5dbfa9963af02a49a2b139d91310813Douglas Gregor * Generate RC4 pseudo random stream for the given key, skip beginning of the 443405634b215f19eec7183bd8005e34aa5a02f64a1Douglas Gregor * stream, and XOR the end result with the data buffer to perform RC4 444405634b215f19eec7183bd8005e34aa5a02f64a1Douglas Gregor * encryption/decryption. 4450853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis */ 4464f32786ac45210143654390177105eb749b614e9Ted Kremenekint rc4_skip(const u8 *key, size_t keylen, size_t skip, 4474f32786ac45210143654390177105eb749b614e9Ted Kremenek u8 *data, size_t data_len); 4481eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4494f32786ac45210143654390177105eb749b614e9Ted Kremenek/** 4504f32786ac45210143654390177105eb749b614e9Ted Kremenek * crypto_get_random - Generate cryptographically strong pseudy-random bytes 4510853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis * @buf: Buffer for data 452abb5afadd11b19568359880faa5d966a4e33551cArgyrios Kyrtzidis * @len: Number of bytes to generate 4537fe90f3bfa6bd7f779ecfd4ba201a296a3a1c8cbArgyrios Kyrtzidis * Returns: 0 on success, -1 on failure 454abb5afadd11b19568359880faa5d966a4e33551cArgyrios Kyrtzidis * 455914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregor * If the PRNG does not have enough entropy to ensure unpredictable byte 456914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregor * sequence, this functions must return -1. 457914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregor */ 458914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregorint crypto_get_random(void *buf, size_t len); 459914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregor 460914ed9d30e9abf829a62aa996b083b1e47c19ff6Douglas Gregor 461405634b215f19eec7183bd8005e34aa5a02f64a1Douglas Gregor/** 462405634b215f19eec7183bd8005e34aa5a02f64a1Douglas Gregor * struct crypto_bignum - bignum 463f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar * 464389db16c63eec6ecfa9b235155252d8da766e94eArgyrios Kyrtzidis * Internal data structure for bignum implementation. The contents is specific 465389db16c63eec6ecfa9b235155252d8da766e94eArgyrios Kyrtzidis * to the used crypto library. 46677accc11f04ed4ff9afd4e27d430144d4714be56Steve Naroff */ 467b85bca2676b433ae555db09de4dd2823ff13b856Zhongxing Xustruct crypto_bignum; 468313e26c4e81f0e467490a530548450f4c824a6c4Douglas Gregor 469313e26c4e81f0e467490a530548450f4c824a6c4Douglas Gregor/** 470313e26c4e81f0e467490a530548450f4c824a6c4Douglas Gregor * crypto_bignum_init - Allocate memory for bignum 4711872b3153a388b3a548c9f699cbc348128059be9Ted Kremenek * Returns: Pointer to allocated bignum or %NULL on failure 472313e26c4e81f0e467490a530548450f4c824a6c4Douglas Gregor */ 4737d1d49d2971b20a97b3c2a301470b9eaaa130137Douglas Gregorstruct crypto_bignum * crypto_bignum_init(void); 474f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar 47515727ddb11405c45372150b5bfb07dbfa4c9960bArgyrios Kyrtzidis/** 47615727ddb11405c45372150b5bfb07dbfa4c9960bArgyrios Kyrtzidis * crypto_bignum_init_set - Allocate memory for bignum and set the value 47715727ddb11405c45372150b5bfb07dbfa4c9960bArgyrios Kyrtzidis * @buf: Buffer with unsigned binary value 478686775deca8b8685eb90801495880e3abdd844c2Chris Lattner * @len: Length of buf in octets 479213f18b3d654de7d1c7cf4a329ea9d3db1c50b6aDouglas Gregor * Returns: Pointer to allocated bignum or %NULL on failure 480eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor */ 481eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregorstruct crypto_bignum * crypto_bignum_init_set(const u8 *buf, size_t len); 482eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor 483f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar/** 484eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * crypto_bignum_deinit - Free bignum 485eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * @n: Bignum from crypto_bignum_init() or crypto_bignum_init_set() 486eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * @clear: Whether to clear the value from memory 487f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar */ 488eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregorvoid crypto_bignum_deinit(struct crypto_bignum *n, int clear); 489eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor 490f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar/** 491eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * crypto_bignum_to_bin - Set binary buffer to unsigned bignum 492eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * @a: Bignum 493eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * @buf: Buffer for the binary number 494eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * @len: Length of @buf in octets 495eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * @padlen: Length in octets to pad the result to or 0 to indicate no padding 496eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * Returns: Number of octets written on success, -1 on failure 497eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor */ 498eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregorint crypto_bignum_to_bin(const struct crypto_bignum *a, 499eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor u8 *buf, size_t buflen, size_t padlen); 500eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor 501eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor/** 502eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * crypto_bignum_add - c = a + b 503eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * @a: Bignum 504eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * @b: Bignum 505eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * @c: Bignum; used to store the result of a + b 506eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor * Returns: 0 on success, -1 on failure 507eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor */ 508eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregorint crypto_bignum_add(const struct crypto_bignum *a, 509eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor const struct crypto_bignum *b, 510eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor struct crypto_bignum *c); 511332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidis 512332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidis/** 513332cb9be88fd2d1b294a2fbc299c354e93be673cArgyrios Kyrtzidis * crypto_bignum_mod - c = a % b 514dfb332d0081c6641d1dbae6a2aeff757c99cc740Argyrios Kyrtzidis * @a: Bignum 515dfb332d0081c6641d1dbae6a2aeff757c99cc740Argyrios Kyrtzidis * @b: Bignum 516dfb332d0081c6641d1dbae6a2aeff757c99cc740Argyrios Kyrtzidis * @c: Bignum; used to store the result of a % b 517dfb332d0081c6641d1dbae6a2aeff757c99cc740Argyrios Kyrtzidis * Returns: 0 on success, -1 on failure 518dfb332d0081c6641d1dbae6a2aeff757c99cc740Argyrios Kyrtzidis */ 519dfb332d0081c6641d1dbae6a2aeff757c99cc740Argyrios Kyrtzidisint crypto_bignum_mod(const struct crypto_bignum *a, 520eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor const struct crypto_bignum *b, 521eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor struct crypto_bignum *c); 5228538e8d43a3a9bd439c987c0de37bcbf035dd391Sebastian Redl 523eb8837b88c18631c69ac75f64ab1853762063180Douglas Gregor/** 524f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar * crypto_bignum_exptmod - Modular exponentiation: d = a^b (mod c) 525f772d1e2a5688572d07f42896a50ac57a4a41fe8Daniel Dunbar * @a: Bignum; base 5269b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * @b: Bignum; exponent 5279b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * @c: Bignum; modulus 5289b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * @d: Bignum; used to store the result of a^b (mod c) 5299b7db6200d366e4964d63ae1f33c7b9d7b9831cbDouglas Gregor * Returns: 0 on success, -1 on failure 530507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis */ 531507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidisint crypto_bignum_exptmod(const struct crypto_bignum *a, 532507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis const struct crypto_bignum *b, 533507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis const struct crypto_bignum *c, 534507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis struct crypto_bignum *d); 535507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis 536507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis/** 537507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * crypto_bignum_rshift - b = a >> n 538507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * @a: Bignum 539507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * @n: Number of bits to shift 540507097ec40105ed927cb5a744fad98f5875aacacArgyrios Kyrtzidis * @b: Bignum; used to store the result of a >> n 541ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * Returns: 0 on success, -1 on failure 542ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis */ 543ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidisint crypto_bignum_rshift(const struct crypto_bignum *a, int n, 544ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis struct crypto_bignum *b); 545ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis 546ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis/** 547ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * crypto_bignum_inverse - Inverse a bignum so that a * c = 1 (mod b) 548ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * @a: Bignum 549ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * @b: Bignum 550ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * @c: Bignum; used to store the result 551ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * Returns: 0 on success, -1 on failure 552f226ff9fe8c8db6c5b74a61ce649eda1491c3502Argyrios Kyrtzidis */ 553f226ff9fe8c8db6c5b74a61ce649eda1491c3502Argyrios Kyrtzidisint crypto_bignum_inverse(const struct crypto_bignum *a, 554f226ff9fe8c8db6c5b74a61ce649eda1491c3502Argyrios Kyrtzidis const struct crypto_bignum *b, 555f226ff9fe8c8db6c5b74a61ce649eda1491c3502Argyrios Kyrtzidis struct crypto_bignum *c); 556f226ff9fe8c8db6c5b74a61ce649eda1491c3502Argyrios Kyrtzidis 557ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis/** 558ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * crypto_bignum_sub - c = a - b 559ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * @a: Bignum 560ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * @b: Bignum 561ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * @c: Bignum; used to store the result of a - b 562ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis * Returns: 0 on success, -1 on failure 563ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis */ 564ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidisint crypto_bignum_sub(const struct crypto_bignum *a, 565ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis const struct crypto_bignum *b, 566ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis struct crypto_bignum *c); 567ee0f84fc84ed7de7975e102668d8e53a778f7a8cArgyrios Kyrtzidis 568788f5a1242c04762f91eaa7565c07b9865846d88Douglas Gregor/** 569a88084b78fd4ca5d3d858c14b02414f8cc399f02Douglas Gregor * crypto_bignum_div - c = a / b 5703e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis * @a: Bignum 5713e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis * @b: Bignum 5723e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis * @c: Bignum; used to store the result of a / b 573405634b215f19eec7183bd8005e34aa5a02f64a1Douglas Gregor * Returns: 0 on success, -1 on failure 574405634b215f19eec7183bd8005e34aa5a02f64a1Douglas Gregor */ 5753e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidisint crypto_bignum_div(const struct crypto_bignum *a, 5763e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis const struct crypto_bignum *b, 5773e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis struct crypto_bignum *c); 5783e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis 5793e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis/** 5803e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis * crypto_bignum_mulmod - d = a * b (mod c) 5813e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis * @a: Bignum 582405634b215f19eec7183bd8005e34aa5a02f64a1Douglas Gregor * @b: Bignum 583405634b215f19eec7183bd8005e34aa5a02f64a1Douglas Gregor * @c: Bignum 584405634b215f19eec7183bd8005e34aa5a02f64a1Douglas Gregor * @d: Bignum; used to store the result of (a * b) % c 5853e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis * Returns: 0 on success, -1 on failure 5863e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis */ 5873e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidisint crypto_bignum_mulmod(const struct crypto_bignum *a, 5883e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis const struct crypto_bignum *b, 5893e9d32656a8a3a787f64f9beeef66d2d700eb85dArgyrios Kyrtzidis const struct crypto_bignum *c, 590a88084b78fd4ca5d3d858c14b02414f8cc399f02Douglas Gregor struct crypto_bignum *d); 591a88084b78fd4ca5d3d858c14b02414f8cc399f02Douglas Gregor 59287c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor/** 59387c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * crypto_bignum_cmp - Compare two bignums 59487c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * @a: Bignum 59587c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * @b: Bignum 59687c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * Returns: -1 if a < b, 0 if a == b, or 1 if a > b 59787c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor */ 59887c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregorint crypto_bignum_cmp(const struct crypto_bignum *a, 59987c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor const struct crypto_bignum *b); 60087c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor 60187c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor/** 60287c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * crypto_bignum_bits - Get size of a bignum in bits 60387c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * @a: Bignum 60487c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor * Returns: Number of bits in the bignum 60587c08a5d6b9e1e44ae6f554df40139d3a6f60b33Douglas Gregor */ 606389db16c63eec6ecfa9b235155252d8da766e94eArgyrios Kyrtzidisint crypto_bignum_bits(const struct crypto_bignum *a); 607686775deca8b8685eb90801495880e3abdd844c2Chris Lattner 60875dfb65c38d51772df9a00ce2d2feeefd55667adChris Lattner/** 609389db16c63eec6ecfa9b235155252d8da766e94eArgyrios Kyrtzidis * crypto_bignum_is_zero - Is the given bignum zero 610467dc88512b4ba4bb16e274ea3771dc1415d31daDouglas Gregor * @a: Bignum 611467dc88512b4ba4bb16e274ea3771dc1415d31daDouglas Gregor * Returns: 1 if @a is zero or 0 if not 612df95a13ec73d2cdaea79555cb412d767f4963120Douglas Gregor */ 613b1c86492f9a9bef01a4567408c22f961bbd604feArgyrios Kyrtzidisint crypto_bignum_is_zero(const struct crypto_bignum *a); 614b1c86492f9a9bef01a4567408c22f961bbd604feArgyrios Kyrtzidis 6154db64a461cb3442934afe43c83ed3f17f7c11c1dDouglas Gregor/** 6164db64a461cb3442934afe43c83ed3f17f7c11c1dDouglas Gregor * crypto_bignum_is_one - Is the given bignum one 617b1c86492f9a9bef01a4567408c22f961bbd604feArgyrios Kyrtzidis * @a: Bignum 618b0f4b9a558933b307073f7cd7753602f94354ae9Argyrios Kyrtzidis * Returns: 1 if @a is one or 0 if not 619b0f4b9a558933b307073f7cd7753602f94354ae9Argyrios Kyrtzidis */ 620b0f4b9a558933b307073f7cd7753602f94354ae9Argyrios Kyrtzidisint crypto_bignum_is_one(const struct crypto_bignum *a); 621c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith 622991bf49f68e8caeb900dd9738712b861073363d9Argyrios Kyrtzidis/** 623b0f4b9a558933b307073f7cd7753602f94354ae9Argyrios Kyrtzidis * struct crypto_ec - Elliptic curve context 6243c7f4134603d04b44f997b43c0a9def270f25386Sebastian Redl * 6250853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis * Internal data structure for EC implementation. The contents is specific 6263c7f4134603d04b44f997b43c0a9def270f25386Sebastian Redl * to the used crypto library. 6270853a02c3b04d96a3c432b883e403175c954cd81Argyrios Kyrtzidis */ 6285262fda30b876c8aae95f2eb92e349418d6b14bbDaniel Dunbarstruct crypto_ec; 6295262fda30b876c8aae95f2eb92e349418d6b14bbDaniel Dunbar 63031b87d8006d4863dd9b17e515ac720941efc38e3Daniel Dunbar/** 6313c7f4134603d04b44f997b43c0a9def270f25386Sebastian Redl * crypto_ec_init - Initialize elliptic curve context 6323c7f4134603d04b44f997b43c0a9def270f25386Sebastian Redl * @group: Identifying number for the ECC group (IANA "Group Description" 633c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith * attribute registrty for RFC 2409) 634389db16c63eec6ecfa9b235155252d8da766e94eArgyrios Kyrtzidis * Returns: Pointer to EC context or %NULL on failure 6355cf48766d626ff6b223acc9d4b7e415ca8480836Ted Kremenek */ 6364db64a461cb3442934afe43c83ed3f17f7c11c1dDouglas Gregorstruct crypto_ec * crypto_ec_init(int group); 637a88084b78fd4ca5d3d858c14b02414f8cc399f02Douglas Gregor 638bef35c91b594f66216f4aab303b71a6c5ab7abcfArgyrios Kyrtzidis/** 639bef35c91b594f66216f4aab303b71a6c5ab7abcfArgyrios Kyrtzidis * crypto_ec_deinit - Deinitialize elliptic curve context 640521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar * @e: EC context from crypto_ec_init() 6414cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor */ 6424cd912aa94656697a44c3ebb159f05060300524eDouglas Gregorvoid crypto_ec_deinit(struct crypto_ec *e); 6434cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor 6444cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor/** 6454cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor * crypto_ec_prime_len - Get length of the prime in octets 6464cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor * @e: EC context from crypto_ec_init() 6474cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor * Returns: Length of the prime defining the group 6484cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor */ 6494cd912aa94656697a44c3ebb159f05060300524eDouglas Gregorsize_t crypto_ec_prime_len(struct crypto_ec *e); 6504cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor 6514cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor/** 6524cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor * crypto_ec_prime_len_bits - Get length of the prime in bits 6534cd912aa94656697a44c3ebb159f05060300524eDouglas Gregor * @e: EC context from crypto_ec_init() 654d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidis * Returns: Length of the prime defining the group in bits 655d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidis */ 656d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidissize_t crypto_ec_prime_len_bits(struct crypto_ec *e); 657d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidis 658d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidis/** 659d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidis * crypto_ec_get_prime - Get prime defining an EC group 660d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidis * @e: EC context from crypto_ec_init() 661d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidis * Returns: Prime (bignum) defining the group 662d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidis */ 663d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidisconst struct crypto_bignum * crypto_ec_get_prime(struct crypto_ec *e); 664d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidis 665abb5afadd11b19568359880faa5d966a4e33551cArgyrios Kyrtzidis/** 666abb5afadd11b19568359880faa5d966a4e33551cArgyrios Kyrtzidis * crypto_ec_get_order - Get order of an EC group 667abb5afadd11b19568359880faa5d966a4e33551cArgyrios Kyrtzidis * @e: EC context from crypto_ec_init() 6686f3ce979a7748fd117e6473d6272b16d643b6262Argyrios Kyrtzidis * Returns: Order (bignum) of the group 6696f3ce979a7748fd117e6473d6272b16d643b6262Argyrios Kyrtzidis */ 6706f3ce979a7748fd117e6473d6272b16d643b6262Argyrios Kyrtzidisconst struct crypto_bignum * crypto_ec_get_order(struct crypto_ec *e); 6716f3ce979a7748fd117e6473d6272b16d643b6262Argyrios Kyrtzidis 672e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis/** 673e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * struct crypto_ec_point - Elliptic curve point 674e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * 675e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * Internal data structure for EC implementation to represent a point. The 676e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * contents is specific to the used crypto library. 677e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis */ 678e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidisstruct crypto_ec_point; 679d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidis 680c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith/** 681abb5afadd11b19568359880faa5d966a4e33551cArgyrios Kyrtzidis * crypto_ec_point_init - Initialize data for an EC point 6826f3ce979a7748fd117e6473d6272b16d643b6262Argyrios Kyrtzidis * @e: EC context from crypto_ec_init() 6836f3ce979a7748fd117e6473d6272b16d643b6262Argyrios Kyrtzidis * Returns: Pointer to EC point data or %NULL on failure 6846f3ce979a7748fd117e6473d6272b16d643b6262Argyrios Kyrtzidis */ 6856f3ce979a7748fd117e6473d6272b16d643b6262Argyrios Kyrtzidisstruct crypto_ec_point * crypto_ec_point_init(struct crypto_ec *e); 6866f3ce979a7748fd117e6473d6272b16d643b6262Argyrios Kyrtzidis 6876f3ce979a7748fd117e6473d6272b16d643b6262Argyrios Kyrtzidis/** 688e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * crypto_ec_point_deinit - Deinitialize EC point data 689d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenko * @p: EC point data from crypto_ec_point_init() 690e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * @clear: Whether to clear the EC point value from memory 691d808bd2978bd4ac95a92b309b038452b533fd7a0Argyrios Kyrtzidis */ 692521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbarvoid crypto_ec_point_deinit(struct crypto_ec_point *p, int clear); 693521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar 694521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar/** 695521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar * crypto_ec_point_to_bin - Write EC point value as binary data 696f7acc37450d59ef751df73acb91de73850cc6517Daniel Dunbar * @e: EC context from crypto_ec_init() 697521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar * @p: EC point data from crypto_ec_point_init() 6985262fda30b876c8aae95f2eb92e349418d6b14bbDaniel Dunbar * @x: Buffer for writing the binary data for x coordinate or %NULL if not used 6995262fda30b876c8aae95f2eb92e349418d6b14bbDaniel Dunbar * @y: Buffer for writing the binary data for y coordinate or %NULL if not used 700521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar * Returns: 0 on success, -1 on failure 701521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar * 702521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar * This function can be used to write an EC point as binary data in a format 703f7acc37450d59ef751df73acb91de73850cc6517Daniel Dunbar * that has the x and y coordinates in big endian byte order fields padded to 704c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith * the length of the prime defining the group. 705a88084b78fd4ca5d3d858c14b02414f8cc399f02Douglas Gregor */ 70644c181aec37789f25f6c15543c164416f72e562aDouglas Gregorint crypto_ec_point_to_bin(struct crypto_ec *e, 707df95a13ec73d2cdaea79555cb412d767f4963120Douglas Gregor const struct crypto_ec_point *point, u8 *x, u8 *y); 708467dc88512b4ba4bb16e274ea3771dc1415d31daDouglas Gregor 709d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenko/** 710d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenko * crypto_ec_point_from_bin - Create EC point from binary data 711521bf9c529e653ab28896d027352d3e16e2672d5Daniel Dunbar * @e: EC context from crypto_ec_init() 7127b55668db7618334cc40011d3c1e128524d89462Daniel Dunbar * @val: Binary data to read the EC point from 7137b55668db7618334cc40011d3c1e128524d89462Daniel Dunbar * Returns: Pointer to EC point data or %NULL on failure 7147b55668db7618334cc40011d3c1e128524d89462Daniel Dunbar * 7157b55668db7618334cc40011d3c1e128524d89462Daniel Dunbar * This function readers x and y coordinates of the EC point from the provided 7167b55668db7618334cc40011d3c1e128524d89462Daniel Dunbar * buffer assuming the values are in big endian byte order with fields padded to 7177b55668db7618334cc40011d3c1e128524d89462Daniel Dunbar * the length of the prime defining the group. 7187b55668db7618334cc40011d3c1e128524d89462Daniel Dunbar */ 7195262fda30b876c8aae95f2eb92e349418d6b14bbDaniel Dunbarstruct crypto_ec_point * crypto_ec_point_from_bin(struct crypto_ec *e, 7205262fda30b876c8aae95f2eb92e349418d6b14bbDaniel Dunbar const u8 *val); 7217b55668db7618334cc40011d3c1e128524d89462Daniel Dunbar 722869824e87940f97b87064db2df2861e82e08a8c6Daniel Dunbar/** 723e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * crypto_bignum_add - c = a + b 724e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * @e: EC context from crypto_ec_init() 725e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * @a: Bignum 726e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * @b: Bignum 727e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis * @c: Bignum; used to store the result of a + b 7287b55668db7618334cc40011d3c1e128524d89462Daniel Dunbar * Returns: 0 on success, -1 on failure 7297b55668db7618334cc40011d3c1e128524d89462Daniel Dunbar */ 7307b55668db7618334cc40011d3c1e128524d89462Daniel Dunbarint crypto_ec_point_add(struct crypto_ec *e, const struct crypto_ec_point *a, 7317b55668db7618334cc40011d3c1e128524d89462Daniel Dunbar const struct crypto_ec_point *b, 732c93dc7889644293e318e19d82830ea2acc45b678Dylan Noblesmith struct crypto_ec_point *c); 733686775deca8b8685eb90801495880e3abdd844c2Chris Lattner 7347b55668db7618334cc40011d3c1e128524d89462Daniel Dunbar/** 735e47be3e9682e82da15059006f43c7f3c021e4fffDouglas Gregor * crypto_bignum_mul - res = b * p 7364db64a461cb3442934afe43c83ed3f17f7c11c1dDouglas Gregor * @e: EC context from crypto_ec_init() 737a88084b78fd4ca5d3d858c14b02414f8cc399f02Douglas Gregor * @p: EC point 738299a4a967b02c9f0d0d94ad8560e3ced893f9116Argyrios Kyrtzidis * @b: Bignum 739df95a13ec73d2cdaea79555cb412d767f4963120Douglas Gregor * @res: EC point; used to store the result of b * p 740467dc88512b4ba4bb16e274ea3771dc1415d31daDouglas Gregor * Returns: 0 on success, -1 on failure 741bef35c91b594f66216f4aab303b71a6c5ab7abcfArgyrios Kyrtzidis */ 742d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenkoint crypto_ec_point_mul(struct crypto_ec *e, const struct crypto_ec_point *p, 743e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis const struct crypto_bignum *b, 7446a91d385618ea4d28236c496f540a26877c95525Erik Verbruggen struct crypto_ec_point *res); 745e722ed6f5464232e23be52f4976312ef526fae99Argyrios Kyrtzidis 746abc563f554951259bbe0315055cad92ee14d87e4Douglas Gregor/** 747abc563f554951259bbe0315055cad92ee14d87e4Douglas Gregor * crypto_ec_point_invert - Compute inverse of an EC point 748abc563f554951259bbe0315055cad92ee14d87e4Douglas Gregor * @e: EC context from crypto_ec_init() 749abc563f554951259bbe0315055cad92ee14d87e4Douglas Gregor * @p: EC point to invert (and result of the operation) 750abc563f554951259bbe0315055cad92ee14d87e4Douglas Gregor * Returns: 0 on success, -1 on failure 751abc563f554951259bbe0315055cad92ee14d87e4Douglas Gregor */ 752abc563f554951259bbe0315055cad92ee14d87e4Douglas Gregorint crypto_ec_point_invert(struct crypto_ec *e, struct crypto_ec_point *p); 753abc563f554951259bbe0315055cad92ee14d87e4Douglas Gregor 7541abc6bca3d7fb0e7b1e40fbcad6cfb5e10594548Douglas Gregor/** 7551abc6bca3d7fb0e7b1e40fbcad6cfb5e10594548Douglas Gregor * crypto_ec_point_solve_y_coord - Solve y coordinate for an x coordinate 7561abc6bca3d7fb0e7b1e40fbcad6cfb5e10594548Douglas Gregor * @e: EC context from crypto_ec_init() 7571abc6bca3d7fb0e7b1e40fbcad6cfb5e10594548Douglas Gregor * @p: EC point to use for the returning the result 758cee235cdf0b8047761ffac598c4c3a32ab7411a2Douglas Gregor * @x: x coordinate 759cee235cdf0b8047761ffac598c4c3a32ab7411a2Douglas Gregor * @y_bit: y-bit (0 or 1) for selecting the y value to use 760cee235cdf0b8047761ffac598c4c3a32ab7411a2Douglas Gregor * Returns: 0 on success, -1 on failure 761cee235cdf0b8047761ffac598c4c3a32ab7411a2Douglas Gregor */ 762cee235cdf0b8047761ffac598c4c3a32ab7411a2Douglas Gregorint crypto_ec_point_solve_y_coord(struct crypto_ec *e, 763cee235cdf0b8047761ffac598c4c3a32ab7411a2Douglas Gregor struct crypto_ec_point *p, 764cee235cdf0b8047761ffac598c4c3a32ab7411a2Douglas Gregor const struct crypto_bignum *x, int y_bit); 765cee235cdf0b8047761ffac598c4c3a32ab7411a2Douglas Gregor 766cee235cdf0b8047761ffac598c4c3a32ab7411a2Douglas Gregor/** 767cee235cdf0b8047761ffac598c4c3a32ab7411a2Douglas Gregor * crypto_ec_point_is_at_infinity - Check whether EC point is neutral element 768cee235cdf0b8047761ffac598c4c3a32ab7411a2Douglas Gregor * @e: EC context from crypto_ec_init() 7691abc6bca3d7fb0e7b1e40fbcad6cfb5e10594548Douglas Gregor * @p: EC point 770d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenko * Returns: 1 if the specified EC point is the neutral element of the group or 771d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenko * 0 if not 772d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenko */ 7732283d79155a3e82442fce124ce5fd704ca138801Douglas Gregorint crypto_ec_point_is_at_infinity(struct crypto_ec *e, 7742283d79155a3e82442fce124ce5fd704ca138801Douglas Gregor const struct crypto_ec_point *p); 775686775deca8b8685eb90801495880e3abdd844c2Chris Lattner 7761abc6bca3d7fb0e7b1e40fbcad6cfb5e10594548Douglas Gregor/** 777cee235cdf0b8047761ffac598c4c3a32ab7411a2Douglas Gregor * crypto_ec_point_is_on_curve - Check whether EC point is on curve 778d99ef536b241071b6f4c01db6525dc03242ac30bDmitri Gribenko * @e: EC context from crypto_ec_init() 7791abc6bca3d7fb0e7b1e40fbcad6cfb5e10594548Douglas Gregor * @p: EC point 780d6471f7c1921c7802804ce3ff6fe9768310f72b9David Blaikie * Returns: 1 if the specified EC point is on the curve or 0 if not 7811abc6bca3d7fb0e7b1e40fbcad6cfb5e10594548Douglas Gregor */ 782686775deca8b8685eb90801495880e3abdd844c2Chris Lattnerint crypto_ec_point_is_on_curve(struct crypto_ec *e, 783686775deca8b8685eb90801495880e3abdd844c2Chris Lattner const struct crypto_ec_point *p); 7847ae2faafd30524ef5f863bb3b8701977888839bbDouglas Gregor 7857ae2faafd30524ef5f863bb3b8701977888839bbDouglas Gregor#endif /* CRYPTO_H */ 7867ae2faafd30524ef5f863bb3b8701977888839bbDouglas Gregor