crypto_nss.c revision 214501
1/* 2 * Crypto wrapper functions for NSS 3 * Copyright (c) 2009, Jouni Malinen <j@w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15#include "includes.h" 16#include <nspr/prtypes.h> 17#include <nspr/plarenas.h> 18#include <nspr/plhash.h> 19#include <nspr/prtime.h> 20#include <nspr/prinrval.h> 21#include <nspr/prclist.h> 22#include <nspr/prlock.h> 23#include <nss/sechash.h> 24#include <nss/pk11pub.h> 25 26#include "common.h" 27#include "crypto.h" 28 29 30static int nss_hash(HASH_HashType type, unsigned int max_res_len, 31 size_t num_elem, const u8 *addr[], const size_t *len, 32 u8 *mac) 33{ 34 HASHContext *ctx; 35 size_t i; 36 unsigned int reslen; 37 38 ctx = HASH_Create(type); 39 if (ctx == NULL) 40 return -1; 41 42 HASH_Begin(ctx); 43 for (i = 0; i < num_elem; i++) 44 HASH_Update(ctx, addr[i], len[i]); 45 HASH_End(ctx, mac, &reslen, max_res_len); 46 HASH_Destroy(ctx); 47 48 return 0; 49} 50 51 52void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) 53{ 54 PK11Context *ctx = NULL; 55 PK11SlotInfo *slot; 56 SECItem *param = NULL; 57 PK11SymKey *symkey = NULL; 58 SECItem item; 59 int olen; 60 u8 pkey[8], next, tmp; 61 int i; 62 63 /* Add parity bits to the key */ 64 next = 0; 65 for (i = 0; i < 7; i++) { 66 tmp = key[i]; 67 pkey[i] = (tmp >> i) | next | 1; 68 next = tmp << (7 - i); 69 } 70 pkey[i] = next | 1; 71 72 slot = PK11_GetBestSlot(CKM_DES_ECB, NULL); 73 if (slot == NULL) { 74 wpa_printf(MSG_ERROR, "NSS: PK11_GetBestSlot failed"); 75 goto out; 76 } 77 78 item.type = siBuffer; 79 item.data = pkey; 80 item.len = 8; 81 symkey = PK11_ImportSymKey(slot, CKM_DES_ECB, PK11_OriginDerive, 82 CKA_ENCRYPT, &item, NULL); 83 if (symkey == NULL) { 84 wpa_printf(MSG_ERROR, "NSS: PK11_ImportSymKey failed"); 85 goto out; 86 } 87 88 param = PK11_GenerateNewParam(CKM_DES_ECB, symkey); 89 if (param == NULL) { 90 wpa_printf(MSG_ERROR, "NSS: PK11_GenerateNewParam failed"); 91 goto out; 92 } 93 94 ctx = PK11_CreateContextBySymKey(CKM_DES_ECB, CKA_ENCRYPT, 95 symkey, param); 96 if (ctx == NULL) { 97 wpa_printf(MSG_ERROR, "NSS: PK11_CreateContextBySymKey(" 98 "CKM_DES_ECB) failed"); 99 goto out; 100 } 101 102 if (PK11_CipherOp(ctx, cypher, &olen, 8, (void *) clear, 8) != 103 SECSuccess) { 104 wpa_printf(MSG_ERROR, "NSS: PK11_CipherOp failed"); 105 goto out; 106 } 107 108out: 109 if (ctx) 110 PK11_DestroyContext(ctx, PR_TRUE); 111 if (symkey) 112 PK11_FreeSymKey(symkey); 113 if (param) 114 SECITEM_FreeItem(param, PR_TRUE); 115} 116 117 118int rc4_skip(const u8 *key, size_t keylen, size_t skip, 119 u8 *data, size_t data_len) 120{ 121 return -1; 122} 123 124 125int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) 126{ 127 return nss_hash(HASH_AlgMD5, 16, num_elem, addr, len, mac); 128} 129 130 131int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) 132{ 133 return nss_hash(HASH_AlgSHA1, 20, num_elem, addr, len, mac); 134} 135 136 137int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, 138 u8 *mac) 139{ 140 return nss_hash(HASH_AlgSHA256, 32, num_elem, addr, len, mac); 141} 142 143 144void * aes_encrypt_init(const u8 *key, size_t len) 145{ 146 return NULL; 147} 148 149 150void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) 151{ 152} 153 154 155void aes_encrypt_deinit(void *ctx) 156{ 157} 158 159 160void * aes_decrypt_init(const u8 *key, size_t len) 161{ 162 return NULL; 163} 164 165 166void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) 167{ 168} 169 170 171void aes_decrypt_deinit(void *ctx) 172{ 173} 174 175 176int crypto_mod_exp(const u8 *base, size_t base_len, 177 const u8 *power, size_t power_len, 178 const u8 *modulus, size_t modulus_len, 179 u8 *result, size_t *result_len) 180{ 181 return -1; 182} 183 184 185struct crypto_cipher { 186}; 187 188 189struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, 190 const u8 *iv, const u8 *key, 191 size_t key_len) 192{ 193 return NULL; 194} 195 196 197int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain, 198 u8 *crypt, size_t len) 199{ 200 return -1; 201} 202 203 204int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt, 205 u8 *plain, size_t len) 206{ 207 return -1; 208} 209 210 211void crypto_cipher_deinit(struct crypto_cipher *ctx) 212{ 213} 214