crypto_nss.c File Reference

Crypto wrapper functions for NSS. More...

#include "includes.h"
#include <nspr/prtypes.h>
#include <nspr/plarenas.h>
#include <nspr/plhash.h>
#include <nspr/prtime.h>
#include <nspr/prinrval.h>
#include <nspr/prclist.h>
#include <nspr/prlock.h>
#include <nss/sechash.h>
#include <nss/pk11pub.h>
#include "common.h"
#include "crypto.h"

Include dependency graph for crypto_nss.c:

Go to the source code of this file.

Data Structures
struct	crypto_cipher
Functions
void	des_encrypt (const u8 *clear, const u8 *key, u8 *cypher)
	Encrypt one block with DES.
int	rc4_skip (const u8 *key, size_t keylen, size_t skip, u8 *data, size_t data_len)
	XOR RC4 stream to given data with skip-stream-start.
int	md5_vector (size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
	MD5 hash for data vector.
int	sha1_vector (size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
	SHA-1 hash for data vector.
int	sha256_vector (size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
	SHA256 hash for data vector.
void *	aes_encrypt_init (const u8 *key, size_t len)
	Initialize AES for encryption.
void	aes_encrypt (void *ctx, const u8 *plain, u8 *crypt)
	Encrypt one AES block.
void	aes_encrypt_deinit (void *ctx)
	Deinitialize AES encryption.
void *	aes_decrypt_init (const u8 *key, size_t len)
	Initialize AES for decryption.
void	aes_decrypt (void *ctx, const u8 *crypt, u8 *plain)
	Decrypt one AES block.
void	aes_decrypt_deinit (void *ctx)
	Deinitialize AES decryption.
int	crypto_mod_exp (const u8 *base, size_t base_len, const u8 *power, size_t power_len, const u8 *modulus, size_t modulus_len, u8 *result, size_t *result_len)
	Modular exponentiation of large integers.
struct crypto_cipher *	crypto_cipher_init (enum crypto_cipher_alg alg, const u8 *iv, const u8 *key, size_t key_len)
	Initialize block/stream cipher function.
int	crypto_cipher_encrypt (struct crypto_cipher *ctx, const u8 *plain, u8 *crypt, size_t len)
	Cipher encrypt.
int	crypto_cipher_decrypt (struct crypto_cipher *ctx, const u8 *crypt, u8 *plain, size_t len)
	Cipher decrypt.
void	crypto_cipher_deinit (struct crypto_cipher *ctx)
	Free cipher context.

---

Detailed Description

Crypto wrapper functions for NSS.

Copyright

Copyright (c) 2009, Jouni Malinen <j@w1.fi>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.

Alternatively, this software may be distributed under the terms of BSD license.

See README and COPYING for more details.

Definition in file crypto_nss.c.

---

Function Documentation

void aes_decrypt	(	void *	ctx,
		const u8 *	crypt,
		u8 *	plain
	)

Decrypt one AES block.

Parameters:

	ctx	Context pointer from aes_encrypt_init()
	crypt	Encrypted data (16 bytes)
	plain	Buffer for the decrypted data (16 bytes)

Definition at line 167 of file crypto_nss.c.

void aes_decrypt_deinit

(

void *

ctx

)

Deinitialize AES decryption.

Parameters:

ctx

Context pointer from aes_encrypt_init()

Definition at line 172 of file crypto_nss.c.

void* aes_decrypt_init	(	const u8 *	key,
		size_t	len
	)

Initialize AES for decryption.

Parameters:

	key	Decryption key
	len	Key length in bytes (usually 16, i.e., 128 bits)

Returns:

Pointer to context data or NULL on failure

Definition at line 161 of file crypto_nss.c.

void aes_encrypt	(	void *	ctx,
		const u8 *	plain,
		u8 *	crypt
	)

Encrypt one AES block.

Parameters:

	ctx	Context pointer from aes_encrypt_init()
	plain	Plaintext data to be encrypted (16 bytes)
	crypt	Buffer for the encrypted data (16 bytes)

Definition at line 151 of file crypto_nss.c.

void aes_encrypt_deinit

(

void *

ctx

)

Deinitialize AES encryption.

Parameters:

ctx

Context pointer from aes_encrypt_init()

Definition at line 156 of file crypto_nss.c.

void* aes_encrypt_init	(	const u8 *	key,
		size_t	len
	)

Initialize AES for encryption.

Parameters:

	key	Encryption key
	len	Key length in bytes (usually 16, i.e., 128 bits)

Returns:

Pointer to context data or NULL on failure

Definition at line 145 of file crypto_nss.c.

int crypto_cipher_decrypt	(	struct crypto_cipher *	ctx,
		const u8 *	crypt,
		u8 *	plain,
		size_t	len
	)

Cipher decrypt.

Parameters:

	ctx	Context pointer from crypto_cipher_init()
	crypt	Ciphertext to decrypt
	plain	Resulting plaintext
	len	Length of the cipher text

Returns:

0 on success, -1 on failure

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

Definition at line 205 of file crypto_nss.c.

void crypto_cipher_deinit

(

struct crypto_cipher *

ctx

)

Free cipher context.

Parameters:

ctx

Context pointer from crypto_cipher_init()

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

Definition at line 212 of file crypto_nss.c.

int crypto_cipher_encrypt	(	struct crypto_cipher *	ctx,
		const u8 *	plain,
		u8 *	crypt,
		size_t	len
	)

Cipher encrypt.

Parameters:

	ctx	Context pointer from crypto_cipher_init()
	plain	Plaintext to cipher
	crypt	Resulting ciphertext
	len	Length of the plaintext

Returns:

0 on success, -1 on failure

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

Definition at line 198 of file crypto_nss.c.

struct crypto_cipher* crypto_cipher_init	(	enum crypto_cipher_alg	alg,
		const u8 *	iv,
		const u8 *	key,
		size_t	key_len
	)			[read]

Initialize block/stream cipher function.

Parameters:

	alg	Cipher algorithm
	iv	Initialization vector for block ciphers or NULL for stream ciphers
	key	Cipher key
	key_len	Length of key in bytes

Returns:

Pointer to cipher context to use with other cipher functions or NULL on failure

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

Definition at line 190 of file crypto_nss.c.

int crypto_mod_exp	(	const u8 *	base,
		size_t	base_len,
		const u8 *	power,
		size_t	power_len,
		const u8 *	modulus,
		size_t	modulus_len,
		u8 *	result,
		size_t *	result_len
	)

Modular exponentiation of large integers.

Parameters:

	base	Base integer (big endian byte array)
	base_len	Length of base integer in bytes
	power	Power integer (big endian byte array)
	power_len	Length of power integer in bytes
	modulus	Modulus integer (big endian byte array)
	modulus_len	Length of modulus integer in bytes
	result	Buffer for the result
	result_len	Result length (max buffer size on input, real len on output)

Returns:

0 on success, -1 on failure

This function calculates result = base ^ power mod modulus. modules_len is used as the maximum size of modulus buffer. It is set to the used size on success.

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

Definition at line 177 of file crypto_nss.c.

void des_encrypt	(	const u8 *	clear,
		const u8 *	key,
		u8 *	cypher
	)

Encrypt one block with DES.

Parameters:

	clear	8 octets (in)
	key	7 octets (in) (no parity bits included)
	cypher	8 octets (out)

Definition at line 53 of file crypto_nss.c.

Here is the call graph for this function:

int md5_vector	(	size_t	num_elem,
		const u8 *	addr[],
		const size_t *	len,
		u8 *	mac
	)

MD5 hash for data vector.

Parameters:

	num_elem	Number of elements in the data vector
	addr	Pointers to the data areas
	len	Lengths of the data blocks
	mac	Buffer for the hash

Returns:

0 on success, -1 on failure

Definition at line 126 of file crypto_nss.c.

int rc4_skip	(	const u8 *	key,
		size_t	keylen,
		size_t	skip,
		u8 *	data,
		size_t	data_len
	)

XOR RC4 stream to given data with skip-stream-start.

Parameters:

	key	RC4 key
	keylen	RC4 key length
	skip	number of bytes to skip from the beginning of the RC4 stream
	data	data to be XOR'ed with RC4 stream
	data_len	buf length

Returns:

0 on success, -1 on failure

Generate RC4 pseudo random stream for the given key, skip beginning of the stream, and XOR the end result with the data buffer to perform RC4 encryption/decryption.

Definition at line 119 of file crypto_nss.c.

int sha1_vector	(	size_t	num_elem,
		const u8 *	addr[],
		const size_t *	len,
		u8 *	mac
	)

SHA-1 hash for data vector.

Parameters:

	num_elem	Number of elements in the data vector
	addr	Pointers to the data areas
	len	Lengths of the data blocks
	mac	Buffer for the hash

Returns:

0 on success, -1 on failure

Definition at line 132 of file crypto_nss.c.

int sha256_vector	(	size_t	num_elem,
		const u8 *	addr[],
		const size_t *	len,
		u8 *	mac
	)

SHA256 hash for data vector.

Parameters:

	num_elem	Number of elements in the data vector
	addr	Pointers to the data areas
	len	Lengths of the data blocks
	mac	Buffer for the hash

Returns:

0 on success, -1 on failure

Definition at line 138 of file crypto_nss.c.