2 * Copyright (c) 2007, Cameron Rich
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
9 * * Redistributions of source code must retain the above copyright notice,
10 * this list of conditions and the following disclaimer.
11 * * Redistributions in binary form must reproduce the above copyright notice,
12 * this list of conditions and the following disclaimer in the documentation
13 * and/or other materials provided with the distribution.
14 * * Neither the name of the axTLS project nor the names of its contributors
15 * may be used to endorse or promote products derived from this software
16 * without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
22 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
23 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
24 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
25 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
26 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
27 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
28 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 #ifndef HEADER_CRYPTO_H
36 #define HEADER_CRYPTO_H
43 #include "bigint_impl.h"
54 /* enable features based on a 'super-set' capbaility. */
55 #if defined(CONFIG_SSL_FULL_MODE)
56 #define CONFIG_SSL_ENABLE_CLIENT
57 #define CONFIG_SSL_CERT_VERIFICATION
58 #elif defined(CONFIG_SSL_ENABLE_CLIENT)
59 #define CONFIG_SSL_CERT_VERIFICATION
62 /**************************************************************************
64 **************************************************************************/
66 #define AES_MAXROUNDS 14
67 #define AES_BLOCKSIZE 16
68 #define AES_IV_SIZE 16
70 typedef struct aes_key_st
74 uint32_t ks[(AES_MAXROUNDS+1)*8];
75 uint8_t iv[AES_IV_SIZE];
84 void AES_set_key(AES_CTX *ctx, const uint8_t *key,
85 const uint8_t *iv, AES_MODE mode);
86 void AES_cbc_encrypt(AES_CTX *ctx, const uint8_t *msg,
87 uint8_t *out, int length);
88 void AES_cbc_decrypt(AES_CTX *ks, const uint8_t *in, uint8_t *out, int length);
89 void AES_convert_key(AES_CTX *ctx);
91 /**************************************************************************
93 **************************************************************************/
100 void RC4_setup(RC4_CTX *s, const uint8_t *key, int length);
101 void RC4_crypt(RC4_CTX *s, const uint8_t *msg, uint8_t *data, int length);
103 /**************************************************************************
105 **************************************************************************/
110 * This structure will hold context information for the SHA-1
115 uint32_t Intermediate_Hash[SHA1_SIZE/4]; /* Message Digest */
116 uint32_t Length_Low; /* Message length in bits */
117 uint32_t Length_High; /* Message length in bits */
118 uint16_t Message_Block_Index; /* Index into message block array */
119 uint8_t Message_Block[64]; /* 512-bit message blocks */
122 void SHA1_Init(SHA1_CTX *);
123 void SHA1_Update(SHA1_CTX *, const uint8_t * msg, int len);
124 void SHA1_Final(uint8_t *digest, SHA1_CTX *);
126 /**************************************************************************
128 **************************************************************************/
134 unsigned char cksum[16]; /* checksum of the data block */
135 unsigned char state[48]; /* intermediate digest state */
136 unsigned char buffer[16]; /* data block being processed */
137 int left; /* amount of data in buffer */
140 EXP_FUNC void STDCALL MD2_Init(MD2_CTX *ctx);
141 EXP_FUNC void STDCALL MD2_Update(MD2_CTX *ctx, const uint8_t *input, int ilen);
142 EXP_FUNC void STDCALL MD2_Final(uint8_t *digest, MD2_CTX *ctx);
144 /**************************************************************************
146 **************************************************************************/
152 uint32_t state[4]; /* state (ABCD) */
153 uint32_t count[2]; /* number of bits, modulo 2^64 (lsb first) */
154 uint8_t buffer[64]; /* input buffer */
157 EXP_FUNC void STDCALL MD5_Init(MD5_CTX *);
158 EXP_FUNC void STDCALL MD5_Update(MD5_CTX *, const uint8_t *msg, int len);
159 EXP_FUNC void STDCALL MD5_Final(uint8_t *digest, MD5_CTX *);
161 /**************************************************************************
163 **************************************************************************/
164 void hmac_md5(const uint8_t *msg, int length, const uint8_t *key,
165 int key_len, uint8_t *digest);
166 void hmac_sha1(const uint8_t *msg, int length, const uint8_t *key,
167 int key_len, uint8_t *digest);
169 /**************************************************************************
171 **************************************************************************/
175 bigint *m; /* modulus */
176 bigint *e; /* public exponent */
177 bigint *d; /* private exponent */
178 #ifdef CONFIG_BIGINT_CRT
179 bigint *p; /* p as in m = pq */
180 bigint *q; /* q as in m = pq */
181 bigint *dP; /* d mod (p-1) */
182 bigint *dQ; /* d mod (q-1) */
183 bigint *qInv; /* q^-1 mod p */
189 void RSA_priv_key_new(RSA_CTX **rsa_ctx,
190 const uint8_t *modulus, int mod_len,
191 const uint8_t *pub_exp, int pub_len,
192 const uint8_t *priv_exp, int priv_len
193 #ifdef CONFIG_BIGINT_CRT
194 , const uint8_t *p, int p_len,
195 const uint8_t *q, int q_len,
196 const uint8_t *dP, int dP_len,
197 const uint8_t *dQ, int dQ_len,
198 const uint8_t *qInv, int qInv_len
201 void RSA_pub_key_new(RSA_CTX **rsa_ctx,
202 const uint8_t *modulus, int mod_len,
203 const uint8_t *pub_exp, int pub_len);
204 void RSA_free(RSA_CTX *ctx);
205 int RSA_decrypt(const RSA_CTX *ctx, const uint8_t *in_data, uint8_t *out_data,
207 bigint *RSA_private(const RSA_CTX *c, bigint *bi_msg);
208 #if defined(CONFIG_SSL_CERT_VERIFICATION) || defined(CONFIG_SSL_GENERATE_X509_CERT)
209 bigint *RSA_sign_verify(BI_CTX *ctx, const uint8_t *sig, int sig_len,
210 bigint *modulus, bigint *pub_exp);
211 bigint *RSA_public(const RSA_CTX * c, bigint *bi_msg);
212 int RSA_encrypt(const RSA_CTX *ctx, const uint8_t *in_data, uint16_t in_len,
213 uint8_t *out_data, int is_signing);
214 void RSA_print(const RSA_CTX *ctx);
217 /**************************************************************************
219 **************************************************************************/
220 EXP_FUNC void STDCALL RNG_initialize(const uint8_t *seed_buf, int size);
221 EXP_FUNC void STDCALL RNG_terminate(void);
222 EXP_FUNC void STDCALL get_random(int num_rand_bytes, uint8_t *rand_data);
223 void get_random_NZ(int num_rand_bytes, uint8_t *rand_data);