1 /*
2 * Crypto wrapper functions for NSS
3 * Copyright (c) 2009, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "includes.h"
10 #include <nspr/prtypes.h>
11 #include <nspr/plarenas.h>
12 #include <nspr/plhash.h>
13 #include <nspr/prtime.h>
14 #include <nspr/prinrval.h>
15 #include <nspr/prclist.h>
16 #include <nspr/prlock.h>
17 #include <nss/sechash.h>
18 #include <nss/pk11pub.h>
19
20 #include "common.h"
21 #include "crypto.h"
22
23
nss_hash(HASH_HashType type,unsigned int max_res_len,size_t num_elem,const u8 * addr[],const size_t * len,u8 * mac)24 static int nss_hash(HASH_HashType type, unsigned int max_res_len,
25 size_t num_elem, const u8 *addr[], const size_t *len,
26 u8 *mac)
27 {
28 HASHContext *ctx;
29 size_t i;
30 unsigned int reslen;
31
32 ctx = HASH_Create(type);
33 if (ctx == NULL)
34 return -1;
35
36 HASH_Begin(ctx);
37 for (i = 0; i < num_elem; i++)
38 HASH_Update(ctx, addr[i], len[i]);
39 HASH_End(ctx, mac, &reslen, max_res_len);
40 HASH_Destroy(ctx);
41
42 return 0;
43 }
44
45
des_encrypt(const u8 * clear,const u8 * key,u8 * cypher)46 void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
47 {
48 PK11Context *ctx = NULL;
49 PK11SlotInfo *slot;
50 SECItem *param = NULL;
51 PK11SymKey *symkey = NULL;
52 SECItem item;
53 int olen;
54 u8 pkey[8], next, tmp;
55 int i;
56
57 /* Add parity bits to the key */
58 next = 0;
59 for (i = 0; i < 7; i++) {
60 tmp = key[i];
61 pkey[i] = (tmp >> i) | next | 1;
62 next = tmp << (7 - i);
63 }
64 pkey[i] = next | 1;
65
66 slot = PK11_GetBestSlot(CKM_DES_ECB, NULL);
67 if (slot == NULL) {
68 wpa_printf(MSG_ERROR, "NSS: PK11_GetBestSlot failed");
69 goto out;
70 }
71
72 item.type = siBuffer;
73 item.data = pkey;
74 item.len = 8;
75 symkey = PK11_ImportSymKey(slot, CKM_DES_ECB, PK11_OriginDerive,
76 CKA_ENCRYPT, &item, NULL);
77 if (symkey == NULL) {
78 wpa_printf(MSG_ERROR, "NSS: PK11_ImportSymKey failed");
79 goto out;
80 }
81
82 param = PK11_GenerateNewParam(CKM_DES_ECB, symkey);
83 if (param == NULL) {
84 wpa_printf(MSG_ERROR, "NSS: PK11_GenerateNewParam failed");
85 goto out;
86 }
87
88 ctx = PK11_CreateContextBySymKey(CKM_DES_ECB, CKA_ENCRYPT,
89 symkey, param);
90 if (ctx == NULL) {
91 wpa_printf(MSG_ERROR, "NSS: PK11_CreateContextBySymKey("
92 "CKM_DES_ECB) failed");
93 goto out;
94 }
95
96 if (PK11_CipherOp(ctx, cypher, &olen, 8, (void *) clear, 8) !=
97 SECSuccess) {
98 wpa_printf(MSG_ERROR, "NSS: PK11_CipherOp failed");
99 goto out;
100 }
101
102 out:
103 if (ctx)
104 PK11_DestroyContext(ctx, PR_TRUE);
105 if (symkey)
106 PK11_FreeSymKey(symkey);
107 if (param)
108 SECITEM_FreeItem(param, PR_TRUE);
109 }
110
111
rc4_skip(const u8 * key,size_t keylen,size_t skip,u8 * data,size_t data_len)112 int rc4_skip(const u8 *key, size_t keylen, size_t skip,
113 u8 *data, size_t data_len)
114 {
115 return -1;
116 }
117
118
md5_vector(size_t num_elem,const u8 * addr[],const size_t * len,u8 * mac)119 int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
120 {
121 return nss_hash(HASH_AlgMD5, 16, num_elem, addr, len, mac);
122 }
123
124
sha1_vector(size_t num_elem,const u8 * addr[],const size_t * len,u8 * mac)125 int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
126 {
127 return nss_hash(HASH_AlgSHA1, 20, num_elem, addr, len, mac);
128 }
129
130
sha256_vector(size_t num_elem,const u8 * addr[],const size_t * len,u8 * mac)131 int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len,
132 u8 *mac)
133 {
134 return nss_hash(HASH_AlgSHA256, 32, num_elem, addr, len, mac);
135 }
136
137
aes_encrypt_init(const u8 * key,size_t len)138 void * aes_encrypt_init(const u8 *key, size_t len)
139 {
140 return NULL;
141 }
142
143
aes_encrypt(void * ctx,const u8 * plain,u8 * crypt)144 void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
145 {
146 }
147
148
aes_encrypt_deinit(void * ctx)149 void aes_encrypt_deinit(void *ctx)
150 {
151 }
152
153
aes_decrypt_init(const u8 * key,size_t len)154 void * aes_decrypt_init(const u8 *key, size_t len)
155 {
156 return NULL;
157 }
158
159
aes_decrypt(void * ctx,const u8 * crypt,u8 * plain)160 void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
161 {
162 }
163
164
aes_decrypt_deinit(void * ctx)165 void aes_decrypt_deinit(void *ctx)
166 {
167 }
168
169
crypto_mod_exp(const u8 * base,size_t base_len,const u8 * power,size_t power_len,const u8 * modulus,size_t modulus_len,u8 * result,size_t * result_len)170 int crypto_mod_exp(const u8 *base, size_t base_len,
171 const u8 *power, size_t power_len,
172 const u8 *modulus, size_t modulus_len,
173 u8 *result, size_t *result_len)
174 {
175 return -1;
176 }
177
178
179 struct crypto_cipher {
180 };
181
182
crypto_cipher_init(enum crypto_cipher_alg alg,const u8 * iv,const u8 * key,size_t key_len)183 struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
184 const u8 *iv, const u8 *key,
185 size_t key_len)
186 {
187 return NULL;
188 }
189
190
crypto_cipher_encrypt(struct crypto_cipher * ctx,const u8 * plain,u8 * crypt,size_t len)191 int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain,
192 u8 *crypt, size_t len)
193 {
194 return -1;
195 }
196
197
crypto_cipher_decrypt(struct crypto_cipher * ctx,const u8 * crypt,u8 * plain,size_t len)198 int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
199 u8 *plain, size_t len)
200 {
201 return -1;
202 }
203
204
crypto_cipher_deinit(struct crypto_cipher * ctx)205 void crypto_cipher_deinit(struct crypto_cipher *ctx)
206 {
207 }
208