![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to crypto.h CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Qemu by Fabrice Bellard] / qemu / roms / ipxe / src / crypto / axtls|
Return to crypto.h CVS log | Up to [Qemu by Fabrice Bellard] / qemu / roms / ipxe / src / crypto / axtls |
1.1 root 1: /*
2: * Copyright(C) 2006 Cameron Rich
3: *
4: * This library is free software; you can redistribute it and/or modify
5: * it under the terms of the GNU Lesser General Public License as published by
6: * the Free Software Foundation; either version 2 of the License, or
7: * (at your option) any later version.
8: *
9: * This library is distributed in the hope that it will be useful,
10: * but WITHOUT ANY WARRANTY; without even the implied warranty of
11: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12: * GNU Lesser General Public License for more details.
13: *
14: * You should have received a copy of the GNU Lesser General Public License
15: * along with this library; if not, write to the Free Software
16: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17: */
18:
19: FILE_LICENCE ( GPL2_OR_LATER );
20:
21: /**
22: * @file crypto.h
23: */
24:
25: #ifndef HEADER_CRYPTO_H
26: #define HEADER_CRYPTO_H
27:
28: #ifdef __cplusplus
29: extern "C" {
30: #endif
31:
32: #include "bigint.h"
33:
34: /**************************************************************************
35: * AES declarations
36: **************************************************************************/
37:
38: #define AES_MAXROUNDS 14
39:
40: typedef struct aes_key_st
41: {
42: uint16_t rounds;
43: uint16_t key_size;
44: uint32_t ks[(AES_MAXROUNDS+1)*8];
45: uint8_t iv[16];
46: } AES_CTX;
47:
48: typedef enum
49: {
50: AES_MODE_128,
51: AES_MODE_256
52: } AES_MODE;
53:
54: void AES_set_key(AES_CTX *ctx, const uint8_t *key,
55: const uint8_t *iv, AES_MODE mode);
56: void AES_cbc_encrypt(AES_CTX *ctx, const uint8_t *msg,
57: uint8_t *out, int length);
58: void AES_cbc_decrypt(AES_CTX *ks, const uint8_t *in, uint8_t *out, int length);
59: void AES_convert_key(AES_CTX *ctx);
60: void AES_encrypt(const AES_CTX *ctx, uint32_t *data);
61: void AES_decrypt(const AES_CTX *ctx, uint32_t *data);
62:
63: /**************************************************************************
64: * RC4 declarations
65: **************************************************************************/
66:
67: typedef struct
68: {
69: int x, y, m[256];
70: } RC4_CTX;
71:
72: void RC4_setup(RC4_CTX *s, const uint8_t *key, int length);
73: void RC4_crypt(RC4_CTX *s, const uint8_t *msg, uint8_t *data, int length);
74:
75: /**************************************************************************
76: * SHA1 declarations
77: **************************************************************************/
78:
79: #define SHA1_SIZE 20
80:
81: /*
82: * This structure will hold context information for the SHA-1
83: * hashing operation
84: */
85: typedef struct
86: {
87: uint32_t Intermediate_Hash[SHA1_SIZE/4]; /* Message Digest */
88: uint32_t Length_Low; /* Message length in bits */
89: uint32_t Length_High; /* Message length in bits */
90: uint16_t Message_Block_Index; /* Index into message block array */
91: uint8_t Message_Block[64]; /* 512-bit message blocks */
92: } SHA1_CTX;
93:
94: void SHA1Init(SHA1_CTX *);
95: void SHA1Update(SHA1_CTX *, const uint8_t * msg, int len);
96: void SHA1Final(SHA1_CTX *, uint8_t *digest);
97:
98: /**************************************************************************
99: * MD5 declarations
100: **************************************************************************/
101:
102: /* MD5 context. */
103:
104: #define MD5_SIZE 16
105:
106: typedef struct
107: {
108: uint32_t state[4]; /* state (ABCD) */
109: uint32_t count[2]; /* number of bits, modulo 2^64 (lsb first) */
110: uint8_t buffer[64]; /* input buffer */
111: } MD5_CTX;
112:
113: void MD5Init(MD5_CTX *);
114: void MD5Update(MD5_CTX *, const uint8_t *msg, int len);
115: void MD5Final(MD5_CTX *, uint8_t *digest);
116:
117: /**************************************************************************
118: * HMAC declarations
119: **************************************************************************/
120: void hmac_md5(const uint8_t *msg, int length, const uint8_t *key,
121: int key_len, uint8_t *digest);
122: void hmac_sha1(const uint8_t *msg, int length, const uint8_t *key,
123: int key_len, uint8_t *digest);
124:
125: /**************************************************************************
126: * RNG declarations
127: **************************************************************************/
128: void RNG_initialize(const uint8_t *seed_buf, int size);
129: void RNG_terminate(void);
130: void get_random(int num_rand_bytes, uint8_t *rand_data);
131: //void get_random_NZ(int num_rand_bytes, uint8_t *rand_data);
132:
133: #include <string.h>
134: static inline void get_random_NZ(int num_rand_bytes, uint8_t *rand_data) {
135: memset ( rand_data, 0x01, num_rand_bytes );
136: }
137:
138: /**************************************************************************
139: * RSA declarations
140: **************************************************************************/
141:
142: typedef struct
143: {
144: bigint *m; /* modulus */
145: bigint *e; /* public exponent */
146: bigint *d; /* private exponent */
147: #ifdef CONFIG_BIGINT_CRT
148: bigint *p; /* p as in m = pq */
149: bigint *q; /* q as in m = pq */
150: bigint *dP; /* d mod (p-1) */
151: bigint *dQ; /* d mod (q-1) */
152: bigint *qInv; /* q^-1 mod p */
153: #endif
154: int num_octets;
155: bigint *sig_m; /* signature modulus */
156: BI_CTX *bi_ctx;
157: } RSA_CTX;
158:
159: void RSA_priv_key_new(RSA_CTX **rsa_ctx,
160: const uint8_t *modulus, int mod_len,
161: const uint8_t *pub_exp, int pub_len,
162: const uint8_t *priv_exp, int priv_len
163: #ifdef CONFIG_BIGINT_CRT
164: , const uint8_t *p, int p_len,
165: const uint8_t *q, int q_len,
166: const uint8_t *dP, int dP_len,
167: const uint8_t *dQ, int dQ_len,
168: const uint8_t *qInv, int qInv_len
169: #endif
170: );
171: void RSA_pub_key_new(RSA_CTX **rsa_ctx,
172: const uint8_t *modulus, int mod_len,
173: const uint8_t *pub_exp, int pub_len);
174: void RSA_free(RSA_CTX *ctx);
175: int RSA_decrypt(const RSA_CTX *ctx, const uint8_t *in_data, uint8_t *out_data,
176: int is_decryption);
177: bigint *RSA_private(const RSA_CTX *c, bigint *bi_msg);
178: #ifdef CONFIG_SSL_CERT_VERIFICATION
179: bigint *RSA_raw_sign_verify(RSA_CTX *c, bigint *bi_msg);
180: bigint *RSA_sign_verify(BI_CTX *ctx, const uint8_t *sig, int sig_len,
181: bigint *modulus, bigint *pub_exp);
182: bigint *RSA_public(const RSA_CTX *c, bigint *bi_msg);
183: int RSA_encrypt(const RSA_CTX *ctx, const uint8_t *in_data, uint16_t in_len,
184: uint8_t *out_data, int is_signing);
185: void RSA_print(const RSA_CTX *ctx);
186: #endif
187:
188: /**************************************************************************
189: * ASN1 declarations
190: **************************************************************************/
191: #define X509_OK 0
192: #define X509_NOT_OK -1
193: #define X509_VFY_ERROR_NO_TRUSTED_CERT -2
194: #define X509_VFY_ERROR_BAD_SIGNATURE -3
195: #define X509_VFY_ERROR_NOT_YET_VALID -4
196: #define X509_VFY_ERROR_EXPIRED -5
197: #define X509_VFY_ERROR_SELF_SIGNED -6
198: #define X509_VFY_ERROR_INVALID_CHAIN -7
199: #define X509_VFY_ERROR_UNSUPPORTED_DIGEST -8
200: #define X509_INVALID_PRIV_KEY -9
201:
202: /*
203: * The Distinguished Name
204: */
205: #define X509_NUM_DN_TYPES 3
206: #define X509_COMMON_NAME 0
207: #define X509_ORGANIZATION 1
208: #define X509_ORGANIZATIONAL_TYPE 2
209:
210: #define ASN1_INTEGER 0x02
211: #define ASN1_BIT_STRING 0x03
212: #define ASN1_OCTET_STRING 0x04
213: #define ASN1_NULL 0x05
214: #define ASN1_OID 0x06
215: #define ASN1_PRINTABLE_STR 0x13
216: #define ASN1_TELETEX_STR 0x14
217: #define ASN1_IA5_STR 0x16
218: #define ASN1_UTC_TIME 0x17
219: #define ASN1_SEQUENCE 0x30
220: #define ASN1_SET 0x31
221: #define ASN1_IMPLICIT_TAG 0x80
222: #define ASN1_EXPLICIT_TAG 0xa0
223:
224: #define SALT_SIZE 8
225:
226: struct _x509_ctx
227: {
228: char *ca_cert_dn[X509_NUM_DN_TYPES];
229: char *cert_dn[X509_NUM_DN_TYPES];
230: #if defined(_WIN32_WCE)
231: long not_before;
232: long not_after;
233: #else
234: time_t not_before;
235: time_t not_after;
236: #endif
237: uint8_t *signature;
238: uint16_t sig_len;
239: uint8_t sig_type;
240: RSA_CTX *rsa_ctx;
241: bigint *digest;
242: struct _x509_ctx *next;
243: };
244:
245: typedef struct _x509_ctx X509_CTX;
246:
247: #ifdef CONFIG_SSL_CERT_VERIFICATION
248: typedef struct
249: {
250: X509_CTX *cert[CONFIG_X509_MAX_CA_CERTS];
251: } CA_CERT_CTX;
252: #endif
253:
254: int asn1_get_private_key(const uint8_t *buf, int len, RSA_CTX **rsa_ctx);
255: int asn1_next_obj(const uint8_t *buf, int *offset, int obj_type);
256: int asn1_skip_obj(const uint8_t *buf, int *offset, int obj_type);
257: int asn1_get_int(const uint8_t *buf, int *offset, uint8_t **object);
258: int x509_new(const uint8_t *cert, int *len, X509_CTX **ctx);
259: void x509_free(X509_CTX *x509_ctx);
260: #ifdef CONFIG_SSL_CERT_VERIFICATION
261: int x509_verify(const CA_CERT_CTX *ca_cert_ctx, const X509_CTX *cert);
262: const uint8_t *x509_get_signature(const uint8_t *asn1_signature, int *len);
263: #endif
264: #ifdef CONFIG_SSL_FULL_MODE
265: void x509_print(CA_CERT_CTX *ca_cert_ctx, const X509_CTX *cert);
266: void x509_display_error(int error);
267: #endif
268:
269: /**************************************************************************
270: * MISC declarations
271: **************************************************************************/
272:
273: extern const char * const unsupported_str;
274:
275: typedef void (*crypt_func)(void *, const uint8_t *, uint8_t *, int);
276: typedef void (*hmac_func)(const uint8_t *msg, int length, const uint8_t *key,
277: int key_len, uint8_t *digest);
278:
279: typedef struct
280: {
281: uint8_t *pre_data; /* include the ssl record bytes */
282: uint8_t *data; /* the regular ssl data */
283: int max_len;
284: int index;
285: } BUF_MEM;
286:
287: BUF_MEM buf_new(void);
288: void buf_grow(BUF_MEM *bm, int len);
289: void buf_free(BUF_MEM *bm);
290: int get_file(const char *filename, uint8_t **buf);
291:
292: #if defined(CONFIG_SSL_FULL_MODE) || defined(WIN32) || defined(CONFIG_DEBUG)
293: void print_blob(const char *format, const uint8_t *data, int size, ...);
294: #else
295: #define print_blob(...)
296: #endif
297:
298: #ifdef __cplusplus
299: }
300: #endif
301:
302: #endif
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.