1189251Ssam/* 2189251Ssam * WPA Supplicant / wrapper functions for crypto libraries 3214734Srpaulo * Copyright (c) 2004-2009, Jouni Malinen <j@w1.fi> 4189251Ssam * 5189251Ssam * This program is free software; you can redistribute it and/or modify 6189251Ssam * it under the terms of the GNU General Public License version 2 as 7189251Ssam * published by the Free Software Foundation. 8189251Ssam * 9189251Ssam * Alternatively, this software may be distributed under the terms of BSD 10189251Ssam * license. 11189251Ssam * 12189251Ssam * See README and COPYING for more details. 13189251Ssam * 14189251Ssam * This file defines the cryptographic functions that need to be implemented 15189251Ssam * for wpa_supplicant and hostapd. When TLS is not used, internal 16189251Ssam * implementation of MD5, SHA1, and AES is used and no external libraries are 17189251Ssam * required. When TLS is enabled (e.g., by enabling EAP-TLS or EAP-PEAP), the 18189251Ssam * crypto library used by the TLS implementation is expected to be used for 19189251Ssam * non-TLS needs, too, in order to save space by not implementing these 20189251Ssam * functions twice. 21189251Ssam * 22189251Ssam * Wrapper code for using each crypto library is in its own file (crypto*.c) 23189251Ssam * and one of these files is build and linked in to provide the functions 24189251Ssam * defined here. 25189251Ssam */ 26189251Ssam 27189251Ssam#ifndef CRYPTO_H 28189251Ssam#define CRYPTO_H 29189251Ssam 30189251Ssam/** 31189251Ssam * md4_vector - MD4 hash for data vector 32189251Ssam * @num_elem: Number of elements in the data vector 33189251Ssam * @addr: Pointers to the data areas 34189251Ssam * @len: Lengths of the data blocks 35189251Ssam * @mac: Buffer for the hash 36214734Srpaulo * Returns: 0 on success, -1 on failure 37189251Ssam */ 38214734Srpauloint md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac); 39189251Ssam 40189251Ssam/** 41189251Ssam * md5_vector - MD5 hash for data vector 42189251Ssam * @num_elem: Number of elements in the data vector 43189251Ssam * @addr: Pointers to the data areas 44189251Ssam * @len: Lengths of the data blocks 45189251Ssam * @mac: Buffer for the hash 46214734Srpaulo * Returns: 0 on success, -1 on failure 47189251Ssam */ 48214734Srpauloint md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac); 49189251Ssam 50214734Srpaulo#ifdef CONFIG_FIPS 51189251Ssam/** 52214734Srpaulo * md5_vector_non_fips_allow - MD5 hash for data vector (non-FIPS use allowed) 53214734Srpaulo * @num_elem: Number of elements in the data vector 54214734Srpaulo * @addr: Pointers to the data areas 55214734Srpaulo * @len: Lengths of the data blocks 56214734Srpaulo * @mac: Buffer for the hash 57214734Srpaulo * Returns: 0 on success, -1 on failure 58214734Srpaulo */ 59214734Srpauloint md5_vector_non_fips_allow(size_t num_elem, const u8 *addr[], 60214734Srpaulo const size_t *len, u8 *mac); 61214734Srpaulo#else /* CONFIG_FIPS */ 62214734Srpaulo#define md5_vector_non_fips_allow md5_vector 63214734Srpaulo#endif /* CONFIG_FIPS */ 64214734Srpaulo 65214734Srpaulo 66214734Srpaulo/** 67189251Ssam * sha1_vector - SHA-1 hash for data vector 68189251Ssam * @num_elem: Number of elements in the data vector 69189251Ssam * @addr: Pointers to the data areas 70189251Ssam * @len: Lengths of the data blocks 71189251Ssam * @mac: Buffer for the hash 72214734Srpaulo * Returns: 0 on success, -1 on failure 73189251Ssam */ 74214734Srpauloint sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, 75214734Srpaulo u8 *mac); 76189251Ssam 77189251Ssam/** 78189251Ssam * fips186_2-prf - NIST FIPS Publication 186-2 change notice 1 PRF 79189251Ssam * @seed: Seed/key for the PRF 80189251Ssam * @seed_len: Seed length in bytes 81189251Ssam * @x: Buffer for PRF output 82189251Ssam * @xlen: Output length in bytes 83189251Ssam * Returns: 0 on success, -1 on failure 84189251Ssam * 85189251Ssam * This function implements random number generation specified in NIST FIPS 86189251Ssam * Publication 186-2 for EAP-SIM. This PRF uses a function that is similar to 87189251Ssam * SHA-1, but has different message padding. 88189251Ssam */ 89189251Ssamint __must_check fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, 90189251Ssam size_t xlen); 91189251Ssam 92189251Ssam/** 93189251Ssam * sha256_vector - SHA256 hash for data vector 94189251Ssam * @num_elem: Number of elements in the data vector 95189251Ssam * @addr: Pointers to the data areas 96189251Ssam * @len: Lengths of the data blocks 97189251Ssam * @mac: Buffer for the hash 98214734Srpaulo * Returns: 0 on success, -1 on failure 99189251Ssam */ 100214734Srpauloint sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, 101214734Srpaulo u8 *mac); 102189251Ssam 103189251Ssam/** 104189251Ssam * des_encrypt - Encrypt one block with DES 105189251Ssam * @clear: 8 octets (in) 106189251Ssam * @key: 7 octets (in) (no parity bits included) 107189251Ssam * @cypher: 8 octets (out) 108189251Ssam */ 109189251Ssamvoid des_encrypt(const u8 *clear, const u8 *key, u8 *cypher); 110189251Ssam 111189251Ssam/** 112189251Ssam * aes_encrypt_init - Initialize AES for encryption 113189251Ssam * @key: Encryption key 114189251Ssam * @len: Key length in bytes (usually 16, i.e., 128 bits) 115189251Ssam * Returns: Pointer to context data or %NULL on failure 116189251Ssam */ 117189251Ssamvoid * aes_encrypt_init(const u8 *key, size_t len); 118189251Ssam 119189251Ssam/** 120189251Ssam * aes_encrypt - Encrypt one AES block 121189251Ssam * @ctx: Context pointer from aes_encrypt_init() 122189251Ssam * @plain: Plaintext data to be encrypted (16 bytes) 123189251Ssam * @crypt: Buffer for the encrypted data (16 bytes) 124189251Ssam */ 125189251Ssamvoid aes_encrypt(void *ctx, const u8 *plain, u8 *crypt); 126189251Ssam 127189251Ssam/** 128189251Ssam * aes_encrypt_deinit - Deinitialize AES encryption 129189251Ssam * @ctx: Context pointer from aes_encrypt_init() 130189251Ssam */ 131189251Ssamvoid aes_encrypt_deinit(void *ctx); 132189251Ssam 133189251Ssam/** 134189251Ssam * aes_decrypt_init - Initialize AES for decryption 135189251Ssam * @key: Decryption key 136189251Ssam * @len: Key length in bytes (usually 16, i.e., 128 bits) 137189251Ssam * Returns: Pointer to context data or %NULL on failure 138189251Ssam */ 139189251Ssamvoid * aes_decrypt_init(const u8 *key, size_t len); 140189251Ssam 141189251Ssam/** 142189251Ssam * aes_decrypt - Decrypt one AES block 143189251Ssam * @ctx: Context pointer from aes_encrypt_init() 144189251Ssam * @crypt: Encrypted data (16 bytes) 145189251Ssam * @plain: Buffer for the decrypted data (16 bytes) 146189251Ssam */ 147189251Ssamvoid aes_decrypt(void *ctx, const u8 *crypt, u8 *plain); 148189251Ssam 149189251Ssam/** 150189251Ssam * aes_decrypt_deinit - Deinitialize AES decryption 151189251Ssam * @ctx: Context pointer from aes_encrypt_init() 152189251Ssam */ 153189251Ssamvoid aes_decrypt_deinit(void *ctx); 154189251Ssam 155189251Ssam 156189251Ssamenum crypto_hash_alg { 157189251Ssam CRYPTO_HASH_ALG_MD5, CRYPTO_HASH_ALG_SHA1, 158189251Ssam CRYPTO_HASH_ALG_HMAC_MD5, CRYPTO_HASH_ALG_HMAC_SHA1 159189251Ssam}; 160189251Ssam 161189251Ssamstruct crypto_hash; 162189251Ssam 163189251Ssam/** 164189251Ssam * crypto_hash_init - Initialize hash/HMAC function 165189251Ssam * @alg: Hash algorithm 166189251Ssam * @key: Key for keyed hash (e.g., HMAC) or %NULL if not needed 167189251Ssam * @key_len: Length of the key in bytes 168189251Ssam * Returns: Pointer to hash context to use with other hash functions or %NULL 169189251Ssam * on failure 170189251Ssam * 171189251Ssam * This function is only used with internal TLSv1 implementation 172189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 173189251Ssam * to implement this. 174189251Ssam */ 175189251Ssamstruct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key, 176189251Ssam size_t key_len); 177189251Ssam 178189251Ssam/** 179189251Ssam * crypto_hash_update - Add data to hash calculation 180189251Ssam * @ctx: Context pointer from crypto_hash_init() 181189251Ssam * @data: Data buffer to add 182189251Ssam * @len: Length of the buffer 183189251Ssam * 184189251Ssam * This function is only used with internal TLSv1 implementation 185189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 186189251Ssam * to implement this. 187189251Ssam */ 188189251Ssamvoid crypto_hash_update(struct crypto_hash *ctx, const u8 *data, size_t len); 189189251Ssam 190189251Ssam/** 191189251Ssam * crypto_hash_finish - Complete hash calculation 192189251Ssam * @ctx: Context pointer from crypto_hash_init() 193189251Ssam * @hash: Buffer for hash value or %NULL if caller is just freeing the hash 194189251Ssam * context 195189251Ssam * @len: Pointer to length of the buffer or %NULL if caller is just freeing the 196189251Ssam * hash context; on return, this is set to the actual length of the hash value 197189251Ssam * Returns: 0 on success, -1 if buffer is too small (len set to needed length), 198189251Ssam * or -2 on other failures (including failed crypto_hash_update() operations) 199189251Ssam * 200189251Ssam * This function calculates the hash value and frees the context buffer that 201189251Ssam * was used for hash calculation. 202189251Ssam * 203189251Ssam * This function is only used with internal TLSv1 implementation 204189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 205189251Ssam * to implement this. 206189251Ssam */ 207189251Ssamint crypto_hash_finish(struct crypto_hash *ctx, u8 *hash, size_t *len); 208189251Ssam 209189251Ssam 210189251Ssamenum crypto_cipher_alg { 211189251Ssam CRYPTO_CIPHER_NULL = 0, CRYPTO_CIPHER_ALG_AES, CRYPTO_CIPHER_ALG_3DES, 212189251Ssam CRYPTO_CIPHER_ALG_DES, CRYPTO_CIPHER_ALG_RC2, CRYPTO_CIPHER_ALG_RC4 213189251Ssam}; 214189251Ssam 215189251Ssamstruct crypto_cipher; 216189251Ssam 217189251Ssam/** 218189251Ssam * crypto_cipher_init - Initialize block/stream cipher function 219189251Ssam * @alg: Cipher algorithm 220189251Ssam * @iv: Initialization vector for block ciphers or %NULL for stream ciphers 221189251Ssam * @key: Cipher key 222189251Ssam * @key_len: Length of key in bytes 223189251Ssam * Returns: Pointer to cipher context to use with other cipher functions or 224189251Ssam * %NULL on failure 225189251Ssam * 226189251Ssam * This function is only used with internal TLSv1 implementation 227189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 228189251Ssam * to implement this. 229189251Ssam */ 230189251Ssamstruct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, 231189251Ssam const u8 *iv, const u8 *key, 232189251Ssam size_t key_len); 233189251Ssam 234189251Ssam/** 235189251Ssam * crypto_cipher_encrypt - Cipher encrypt 236189251Ssam * @ctx: Context pointer from crypto_cipher_init() 237189251Ssam * @plain: Plaintext to cipher 238189251Ssam * @crypt: Resulting ciphertext 239189251Ssam * @len: Length of the plaintext 240189251Ssam * Returns: 0 on success, -1 on failure 241189251Ssam * 242189251Ssam * This function is only used with internal TLSv1 implementation 243189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 244189251Ssam * to implement this. 245189251Ssam */ 246189251Ssamint __must_check crypto_cipher_encrypt(struct crypto_cipher *ctx, 247189251Ssam const u8 *plain, u8 *crypt, size_t len); 248189251Ssam 249189251Ssam/** 250189251Ssam * crypto_cipher_decrypt - Cipher decrypt 251189251Ssam * @ctx: Context pointer from crypto_cipher_init() 252189251Ssam * @crypt: Ciphertext to decrypt 253189251Ssam * @plain: Resulting plaintext 254189251Ssam * @len: Length of the cipher text 255189251Ssam * Returns: 0 on success, -1 on failure 256189251Ssam * 257189251Ssam * This function is only used with internal TLSv1 implementation 258189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 259189251Ssam * to implement this. 260189251Ssam */ 261189251Ssamint __must_check crypto_cipher_decrypt(struct crypto_cipher *ctx, 262189251Ssam const u8 *crypt, u8 *plain, size_t len); 263189251Ssam 264189251Ssam/** 265189251Ssam * crypto_cipher_decrypt - Free cipher context 266189251Ssam * @ctx: Context pointer from crypto_cipher_init() 267189251Ssam * 268189251Ssam * This function is only used with internal TLSv1 implementation 269189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 270189251Ssam * to implement this. 271189251Ssam */ 272189251Ssamvoid crypto_cipher_deinit(struct crypto_cipher *ctx); 273189251Ssam 274189251Ssam 275189251Ssamstruct crypto_public_key; 276189251Ssamstruct crypto_private_key; 277189251Ssam 278189251Ssam/** 279189251Ssam * crypto_public_key_import - Import an RSA public key 280189251Ssam * @key: Key buffer (DER encoded RSA public key) 281189251Ssam * @len: Key buffer length in bytes 282189251Ssam * Returns: Pointer to the public key or %NULL on failure 283189251Ssam * 284189251Ssam * This function can just return %NULL if the crypto library supports X.509 285189251Ssam * parsing. In that case, crypto_public_key_from_cert() is used to import the 286189251Ssam * public key from a certificate. 287189251Ssam * 288189251Ssam * This function is only used with internal TLSv1 implementation 289189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 290189251Ssam * to implement this. 291189251Ssam */ 292189251Ssamstruct crypto_public_key * crypto_public_key_import(const u8 *key, size_t len); 293189251Ssam 294189251Ssam/** 295189251Ssam * crypto_private_key_import - Import an RSA private key 296189251Ssam * @key: Key buffer (DER encoded RSA private key) 297189251Ssam * @len: Key buffer length in bytes 298214734Srpaulo * @passwd: Key encryption password or %NULL if key is not encrypted 299189251Ssam * Returns: Pointer to the private key or %NULL on failure 300189251Ssam * 301189251Ssam * This function is only used with internal TLSv1 implementation 302189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 303189251Ssam * to implement this. 304189251Ssam */ 305189251Ssamstruct crypto_private_key * crypto_private_key_import(const u8 *key, 306214734Srpaulo size_t len, 307214734Srpaulo const char *passwd); 308189251Ssam 309189251Ssam/** 310189251Ssam * crypto_public_key_from_cert - Import an RSA public key from a certificate 311189251Ssam * @buf: DER encoded X.509 certificate 312189251Ssam * @len: Certificate buffer length in bytes 313189251Ssam * Returns: Pointer to public key or %NULL on failure 314189251Ssam * 315189251Ssam * This function can just return %NULL if the crypto library does not support 316189251Ssam * X.509 parsing. In that case, internal code will be used to parse the 317189251Ssam * certificate and public key is imported using crypto_public_key_import(). 318189251Ssam * 319189251Ssam * This function is only used with internal TLSv1 implementation 320189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 321189251Ssam * to implement this. 322189251Ssam */ 323189251Ssamstruct crypto_public_key * crypto_public_key_from_cert(const u8 *buf, 324189251Ssam size_t len); 325189251Ssam 326189251Ssam/** 327189251Ssam * crypto_public_key_encrypt_pkcs1_v15 - Public key encryption (PKCS #1 v1.5) 328189251Ssam * @key: Public key 329189251Ssam * @in: Plaintext buffer 330189251Ssam * @inlen: Length of plaintext buffer in bytes 331189251Ssam * @out: Output buffer for encrypted data 332189251Ssam * @outlen: Length of output buffer in bytes; set to used length on success 333189251Ssam * Returns: 0 on success, -1 on failure 334189251Ssam * 335189251Ssam * This function is only used with internal TLSv1 implementation 336189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 337189251Ssam * to implement this. 338189251Ssam */ 339189251Ssamint __must_check crypto_public_key_encrypt_pkcs1_v15( 340189251Ssam struct crypto_public_key *key, const u8 *in, size_t inlen, 341189251Ssam u8 *out, size_t *outlen); 342189251Ssam 343189251Ssam/** 344189251Ssam * crypto_private_key_decrypt_pkcs1_v15 - Private key decryption (PKCS #1 v1.5) 345189251Ssam * @key: Private key 346189251Ssam * @in: Encrypted buffer 347189251Ssam * @inlen: Length of encrypted buffer in bytes 348189251Ssam * @out: Output buffer for encrypted data 349189251Ssam * @outlen: Length of output buffer in bytes; set to used length on success 350189251Ssam * Returns: 0 on success, -1 on failure 351189251Ssam * 352189251Ssam * This function is only used with internal TLSv1 implementation 353189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 354189251Ssam * to implement this. 355189251Ssam */ 356189251Ssamint __must_check crypto_private_key_decrypt_pkcs1_v15( 357189251Ssam struct crypto_private_key *key, const u8 *in, size_t inlen, 358189251Ssam u8 *out, size_t *outlen); 359189251Ssam 360189251Ssam/** 361189251Ssam * crypto_private_key_sign_pkcs1 - Sign with private key (PKCS #1) 362189251Ssam * @key: Private key from crypto_private_key_import() 363189251Ssam * @in: Plaintext buffer 364189251Ssam * @inlen: Length of plaintext buffer in bytes 365189251Ssam * @out: Output buffer for encrypted (signed) data 366189251Ssam * @outlen: Length of output buffer in bytes; set to used length on success 367189251Ssam * Returns: 0 on success, -1 on failure 368189251Ssam * 369189251Ssam * This function is only used with internal TLSv1 implementation 370189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 371189251Ssam * to implement this. 372189251Ssam */ 373189251Ssamint __must_check crypto_private_key_sign_pkcs1(struct crypto_private_key *key, 374189251Ssam const u8 *in, size_t inlen, 375189251Ssam u8 *out, size_t *outlen); 376189251Ssam 377189251Ssam/** 378189251Ssam * crypto_public_key_free - Free public key 379189251Ssam * @key: Public key 380189251Ssam * 381189251Ssam * This function is only used with internal TLSv1 implementation 382189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 383189251Ssam * to implement this. 384189251Ssam */ 385189251Ssamvoid crypto_public_key_free(struct crypto_public_key *key); 386189251Ssam 387189251Ssam/** 388189251Ssam * crypto_private_key_free - Free private key 389189251Ssam * @key: Private key from crypto_private_key_import() 390189251Ssam * 391189251Ssam * This function is only used with internal TLSv1 implementation 392189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 393189251Ssam * to implement this. 394189251Ssam */ 395189251Ssamvoid crypto_private_key_free(struct crypto_private_key *key); 396189251Ssam 397189251Ssam/** 398189251Ssam * crypto_public_key_decrypt_pkcs1 - Decrypt PKCS #1 signature 399189251Ssam * @key: Public key 400189251Ssam * @crypt: Encrypted signature data (using the private key) 401189251Ssam * @crypt_len: Encrypted signature data length 402189251Ssam * @plain: Buffer for plaintext (at least crypt_len bytes) 403189251Ssam * @plain_len: Plaintext length (max buffer size on input, real len on output); 404189251Ssam * Returns: 0 on success, -1 on failure 405189251Ssam */ 406189251Ssamint __must_check crypto_public_key_decrypt_pkcs1( 407189251Ssam struct crypto_public_key *key, const u8 *crypt, size_t crypt_len, 408189251Ssam u8 *plain, size_t *plain_len); 409189251Ssam 410189251Ssam/** 411189251Ssam * crypto_global_init - Initialize crypto wrapper 412189251Ssam * 413189251Ssam * This function is only used with internal TLSv1 implementation 414189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 415189251Ssam * to implement this. 416189251Ssam */ 417189251Ssamint __must_check crypto_global_init(void); 418189251Ssam 419189251Ssam/** 420189251Ssam * crypto_global_deinit - Deinitialize crypto wrapper 421189251Ssam * 422189251Ssam * This function is only used with internal TLSv1 implementation 423189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 424189251Ssam * to implement this. 425189251Ssam */ 426189251Ssamvoid crypto_global_deinit(void); 427189251Ssam 428189251Ssam/** 429189251Ssam * crypto_mod_exp - Modular exponentiation of large integers 430189251Ssam * @base: Base integer (big endian byte array) 431189251Ssam * @base_len: Length of base integer in bytes 432189251Ssam * @power: Power integer (big endian byte array) 433189251Ssam * @power_len: Length of power integer in bytes 434189251Ssam * @modulus: Modulus integer (big endian byte array) 435189251Ssam * @modulus_len: Length of modulus integer in bytes 436189251Ssam * @result: Buffer for the result 437189251Ssam * @result_len: Result length (max buffer size on input, real len on output) 438189251Ssam * Returns: 0 on success, -1 on failure 439189251Ssam * 440189251Ssam * This function calculates result = base ^ power mod modulus. modules_len is 441189251Ssam * used as the maximum size of modulus buffer. It is set to the used size on 442189251Ssam * success. 443189251Ssam * 444189251Ssam * This function is only used with internal TLSv1 implementation 445189251Ssam * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 446189251Ssam * to implement this. 447189251Ssam */ 448189251Ssamint __must_check crypto_mod_exp(const u8 *base, size_t base_len, 449189251Ssam const u8 *power, size_t power_len, 450189251Ssam const u8 *modulus, size_t modulus_len, 451189251Ssam u8 *result, size_t *result_len); 452189251Ssam 453214734Srpaulo/** 454214734Srpaulo * rc4_skip - XOR RC4 stream to given data with skip-stream-start 455214734Srpaulo * @key: RC4 key 456214734Srpaulo * @keylen: RC4 key length 457214734Srpaulo * @skip: number of bytes to skip from the beginning of the RC4 stream 458214734Srpaulo * @data: data to be XOR'ed with RC4 stream 459214734Srpaulo * @data_len: buf length 460214734Srpaulo * Returns: 0 on success, -1 on failure 461214734Srpaulo * 462214734Srpaulo * Generate RC4 pseudo random stream for the given key, skip beginning of the 463214734Srpaulo * stream, and XOR the end result with the data buffer to perform RC4 464214734Srpaulo * encryption/decryption. 465214734Srpaulo */ 466214734Srpauloint rc4_skip(const u8 *key, size_t keylen, size_t skip, 467214734Srpaulo u8 *data, size_t data_len); 468214734Srpaulo 469189251Ssam#endif /* CRYPTO_H */ 470