src/crypto/crypto_nss.c

   1 /*
   2  * Crypto wrapper functions for NSS
   3  * Copyright (c) 2009, Jouni Malinen <j@w1.fi>
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License version 2 as
   7  * published by the Free Software Foundation.
   8  *
   9  * Alternatively, this software may be distributed under the terms of BSD
  10  * license.
  11  *
  12  * See README and COPYING for more details.
  13  */
  14
  15 #include "includes.h"
  16 #include <nspr/prtypes.h>
  17 #include <nspr/plarenas.h>
  18 #include <nspr/plhash.h>
  19 #include <nspr/prtime.h>
  20 #include <nspr/prinrval.h>
  21 #include <nspr/prclist.h>
  22 #include <nspr/prlock.h>
  23 #include <nss/sechash.h>
  24 #include <nss/pk11pub.h>
  25
  26 #include "common.h"
  27 #include "crypto.h"
  28
  29
  30 static int nss_hash(HASH_HashType type, unsigned int max_res_len,
  31                     size_t num_elem, const u8 *addr[], const size_t *len,
  32                     u8 *mac)
  33 {
  34         HASHContext *ctx;
  35         size_t i;
  36         unsigned int reslen;
  37
  38         ctx = HASH_Create(type);
  39         if (ctx == NULL)
  40                 return -1;
  41
  42         HASH_Begin(ctx);
  43         for (i = 0; i < num_elem; i++)
  44                 HASH_Update(ctx, addr[i], len[i]);
  45         HASH_End(ctx, mac, &reslen, max_res_len);
  46         HASH_Destroy(ctx);
  47
  48         return 0;
  49 }
  50
  51
  52 void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
  53 {
  54         PK11Context *ctx = NULL;
  55         PK11SlotInfo *slot;
  56         SECItem *param = NULL;
  57         PK11SymKey *symkey = NULL;
  58         SECItem item;
  59         int olen;
  60         u8 pkey[8], next, tmp;
  61         int i;
  62
  63         /* Add parity bits to the key */
  64         next = 0;
  65         for (i = 0; i < 7; i++) {
  66                 tmp = key[i];
  67                 pkey[i] = (tmp >> i) | next | 1;
  68                 next = tmp << (7 - i);
  69         }
  70         pkey[i] = next | 1;
  71
  72         slot = PK11_GetBestSlot(CKM_DES_ECB, NULL);
  73         if (slot == NULL) {
  74                 wpa_printf(MSG_ERROR, "NSS: PK11_GetBestSlot failed");
  75                 goto out;
  76         }
  77
  78         item.type = siBuffer;
  79         item.data = pkey;
  80         item.len = 8;
  81         symkey = PK11_ImportSymKey(slot, CKM_DES_ECB, PK11_OriginDerive,
  82                                    CKA_ENCRYPT, &item, NULL);
  83         if (symkey == NULL) {
  84                 wpa_printf(MSG_ERROR, "NSS: PK11_ImportSymKey failed");
  85                 goto out;
  86         }
  87
  88         param = PK11_GenerateNewParam(CKM_DES_ECB, symkey);
  89         if (param == NULL) {
  90                 wpa_printf(MSG_ERROR, "NSS: PK11_GenerateNewParam failed");
  91                 goto out;
  92         }
  93
  94         ctx = PK11_CreateContextBySymKey(CKM_DES_ECB, CKA_ENCRYPT,
  95                                          symkey, param);
  96         if (ctx == NULL) {
  97                 wpa_printf(MSG_ERROR, "NSS: PK11_CreateContextBySymKey("
  98                            "CKM_DES_ECB) failed");
  99                 goto out;
 100         }
 101
 102         if (PK11_CipherOp(ctx, cypher, &olen, 8, (void *) clear, 8) !=
 103             SECSuccess) {
 104                 wpa_printf(MSG_ERROR, "NSS: PK11_CipherOp failed");
 105                 goto out;
 106         }
 107
 108 out:
 109         if (ctx)
 110                 PK11_DestroyContext(ctx, PR_TRUE);
 111         if (symkey)
 112                 PK11_FreeSymKey(symkey);
 113         if (param)
 114                 SECITEM_FreeItem(param, PR_TRUE);
 115 }
 116
 117
 118 int rc4_skip(const u8 *key, size_t keylen, size_t skip,
 119              u8 *data, size_t data_len)
 120 {
 121         return -1;
 122 }
 123
 124
 125 int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
 126 {
 127         return nss_hash(HASH_AlgMD5, 16, num_elem, addr, len, mac);
 128 }
 129
 130
 131 int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
 132 {
 133         return nss_hash(HASH_AlgSHA1, 20, num_elem, addr, len, mac);
 134 }
 135
 136
 137 int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len,
 138                   u8 *mac)
 139 {
 140         return nss_hash(HASH_AlgSHA256, 32, num_elem, addr, len, mac);
 141 }
 142
 143
 144 void * aes_encrypt_init(const u8 *key, size_t len)
 145 {
 146         return NULL;
 147 }
 148
 149
 150 void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
 151 {
 152 }
 153
 154
 155 void aes_encrypt_deinit(void *ctx)
 156 {
 157 }
 158
 159
 160 void * aes_decrypt_init(const u8 *key, size_t len)
 161 {
 162         return NULL;
 163 }
 164
 165
 166 void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
 167 {
 168 }
 169
 170
 171 void aes_decrypt_deinit(void *ctx)
 172 {
 173 }
 174
 175
 176 int crypto_mod_exp(const u8 *base, size_t base_len,
 177                    const u8 *power, size_t power_len,
 178                    const u8 *modulus, size_t modulus_len,
 179                    u8 *result, size_t *result_len)
 180 {
 181         return -1;
 182 }
 183
 184
 185 struct crypto_cipher {
 186 };
 187
 188
 189 struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
 190                                           const u8 *iv, const u8 *key,
 191                                           size_t key_len)
 192 {
 193         return NULL;
 194 }
 195
 196
 197 int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain,
 198                           u8 *crypt, size_t len)
 199 {
 200         return -1;
 201 }
 202
 203
 204 int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
 205                           u8 *plain, size_t len)
 206 {
 207         return -1;
 208 }
 209
 210
 211 void crypto_cipher_deinit(struct crypto_cipher *ctx)
 212 {
 213 }