crypto_openssl.c File Reference

Wrapper functions for OpenSSL libcrypto. More...

#include "includes.h"
#include <openssl/opensslv.h>
#include <openssl/err.h>
#include <openssl/des.h>
#include <openssl/aes.h>
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/dh.h>
#include <openssl/hmac.h>
#include <openssl/rand.h>
#include "common.h"
#include "wpabuf.h"
#include "dh_group5.h"
#include "sha1.h"
#include "sha256.h"
#include "sha384.h"
#include "crypto.h"

Data Structures
struct	crypto_cipher
struct	crypto_hash

Functions
int	md4_vector (size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
	MD4 hash for data vector. More...
void	des_encrypt (const u8 *clear, const u8 *key, u8 *cypher)
	Encrypt one block with DES. More...
int	rc4_skip (const u8 *key, size_t keylen, size_t skip, u8 *data, size_t data_len)
	XOR RC4 stream to given data with skip-stream-start. More...
int	md5_vector (size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
	MD5 hash for data vector. More...
int	sha1_vector (size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
	SHA-1 hash for data vector. More...
int	sha256_vector (size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
	SHA256 hash for data vector. More...
void *	aes_encrypt_init (const u8 *key, size_t len)
	Initialize AES for encryption. More...
void	aes_encrypt (void *ctx, const u8 *plain, u8 *crypt)
	Encrypt one AES block. More...
void	aes_encrypt_deinit (void *ctx)
	Deinitialize AES encryption. More...
void *	aes_decrypt_init (const u8 *key, size_t len)
	Initialize AES for decryption. More...
void	aes_decrypt (void *ctx, const u8 *crypt, u8 *plain)
	Decrypt one AES block. More...
void	aes_decrypt_deinit (void *ctx)
	Deinitialize AES decryption. More...
int	aes_wrap (const u8 *kek, size_t kek_len, int n, const u8 *plain, u8 *cipher)
	Wrap keys with AES Key Wrap Algorithm (RFC3394) More...
int	aes_unwrap (const u8 *kek, size_t kek_len, int n, const u8 *cipher, u8 *plain)
	Unwrap key with AES Key Wrap Algorithm (RFC3394) More...
int	aes_128_cbc_encrypt (const u8 *key, const u8 *iv, u8 *data, size_t data_len)
	AES-128 CBC encryption. More...
int	aes_128_cbc_decrypt (const u8 *key, const u8 *iv, u8 *data, size_t data_len)
	AES-128 CBC decryption. More...
int	crypto_mod_exp (const u8 *base, size_t base_len, const u8 *power, size_t power_len, const u8 *modulus, size_t modulus_len, u8 *result, size_t *result_len)
	Modular exponentiation of large integers. More...
struct crypto_cipher *	crypto_cipher_init (enum crypto_cipher_alg alg, const u8 *iv, const u8 *key, size_t key_len)
	Initialize block/stream cipher function. More...
int	crypto_cipher_encrypt (struct crypto_cipher *ctx, const u8 *plain, u8 *crypt, size_t len)
	Cipher encrypt. More...
int	crypto_cipher_decrypt (struct crypto_cipher *ctx, const u8 *crypt, u8 *plain, size_t len)
	Cipher decrypt. More...
void	crypto_cipher_deinit (struct crypto_cipher *ctx)
	Free cipher context. More...
void *	dh5_init (struct wpabuf **priv, struct wpabuf **publ)
void *	dh5_init_fixed (const struct wpabuf *priv, const struct wpabuf *publ)
struct wpabuf *	dh5_derive_shared (void *ctx, const struct wpabuf *peer_public, const struct wpabuf *own_private)
void	dh5_free (void *ctx)
struct crypto_hash *	crypto_hash_init (enum crypto_hash_alg alg, const u8 *key, size_t key_len)
	Initialize hash/HMAC function. More...
void	crypto_hash_update (struct crypto_hash *ctx, const u8 *data, size_t len)
	Add data to hash calculation. More...
int	crypto_hash_finish (struct crypto_hash *ctx, u8 *mac, size_t *len)
	Complete hash calculation. More...
int	hmac_md5_vector (const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
int	hmac_md5 (const u8 *key, size_t key_len, const u8 *data, size_t data_len, u8 *mac)
int	pbkdf2_sha1 (const char *passphrase, const u8 *ssid, size_t ssid_len, int iterations, u8 *buf, size_t buflen)
int	hmac_sha1_vector (const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
int	hmac_sha1 (const u8 *key, size_t key_len, const u8 *data, size_t data_len, u8 *mac)
int	crypto_get_random (void *buf, size_t len)
	Generate cryptographically strong pseudy-random bytes. More...
struct crypto_bignum *	crypto_bignum_init (void)
	Allocate memory for bignum. More...
struct crypto_bignum *	crypto_bignum_init_set (const u8 *buf, size_t len)
	Allocate memory for bignum and set the value. More...
void	crypto_bignum_deinit (struct crypto_bignum *n, int clear)
	Free bignum. More...
int	crypto_bignum_to_bin (const struct crypto_bignum *a, u8 *buf, size_t buflen, size_t padlen)
	Set binary buffer to unsigned bignum. More...
int	crypto_bignum_add (const struct crypto_bignum *a, const struct crypto_bignum *b, struct crypto_bignum *c)
	c = a + b More...
int	crypto_bignum_mod (const struct crypto_bignum *a, const struct crypto_bignum *b, struct crypto_bignum *c)
	c = a % b More...
int	crypto_bignum_exptmod (const struct crypto_bignum *a, const struct crypto_bignum *b, const struct crypto_bignum *c, struct crypto_bignum *d)
	Modular exponentiation: d = a^b (mod c) More...
int	crypto_bignum_inverse (const struct crypto_bignum *a, const struct crypto_bignum *b, struct crypto_bignum *c)
	Inverse a bignum so that a * c = 1 (mod b) More...
int	crypto_bignum_sub (const struct crypto_bignum *a, const struct crypto_bignum *b, struct crypto_bignum *c)
	c = a - b More...
int	crypto_bignum_div (const struct crypto_bignum *a, const struct crypto_bignum *b, struct crypto_bignum *c)
	c = a / b More...
int	crypto_bignum_mulmod (const struct crypto_bignum *a, const struct crypto_bignum *b, const struct crypto_bignum *c, struct crypto_bignum *d)
	d = a * b (mod c) More...
int	crypto_bignum_cmp (const struct crypto_bignum *a, const struct crypto_bignum *b)
	Compare two bignums. More...
int	crypto_bignum_bits (const struct crypto_bignum *a)
	Get size of a bignum in bits. More...
int	crypto_bignum_is_zero (const struct crypto_bignum *a)
	Is the given bignum zero. More...
int	crypto_bignum_is_one (const struct crypto_bignum *a)
	Is the given bignum one. More...
int	crypto_bignum_legendre (const struct crypto_bignum *a, const struct crypto_bignum *p)
	Compute the Legendre symbol (a/p) More...

Detailed Description

Wrapper functions for OpenSSL libcrypto.

Function Documentation

int aes_128_cbc_decrypt	(	const u8 *	key,
		const u8 *	iv,
		u8 *	data,
		size_t	data_len
	)

AES-128 CBC decryption.

Parameters

key	Decryption key
iv	Decryption IV for CBC mode (16 bytes)
data	Data to decrypt in-place
data_len	Length of data in bytes (must be divisible by 16)

Returns

0 on success, -1 on failure

int aes_128_cbc_encrypt	(	const u8 *	key,
		const u8 *	iv,
		u8 *	data,
		size_t	data_len
	)

AES-128 CBC encryption.

Parameters

key	Encryption key
iv	Encryption IV for CBC mode (16 bytes)
data	Data to encrypt in-place
data_len	Length of data in bytes (must be divisible by 16)

Returns

0 on success, -1 on failure

void aes_decrypt	(	void *	ctx,
		const u8 *	crypt,
		u8 *	plain
	)

Decrypt one AES block.

Parameters

ctx	Context pointer from aes_encrypt_init()
crypt	Encrypted data (16 bytes)
plain	Buffer for the decrypted data (16 bytes)

void aes_decrypt_deinit

(

void *

ctx

)

Deinitialize AES decryption.

Parameters

ctx	Context pointer from aes_encrypt_init()

void* aes_decrypt_init	(	const u8 *	key,
		size_t	len
	)

Initialize AES for decryption.

Parameters

key	Decryption key
len	Key length in bytes (usually 16, i.e., 128 bits)

Returns

Pointer to context data or NULL on failure

void aes_encrypt	(	void *	ctx,
		const u8 *	plain,
		u8 *	crypt
	)

Encrypt one AES block.

Parameters

ctx	Context pointer from aes_encrypt_init()
plain	Plaintext data to be encrypted (16 bytes)
crypt	Buffer for the encrypted data (16 bytes)

void aes_encrypt_deinit

(

void *

ctx

)

Deinitialize AES encryption.

Parameters

ctx	Context pointer from aes_encrypt_init()

void* aes_encrypt_init	(	const u8 *	key,
		size_t	len
	)

Initialize AES for encryption.

Parameters

key	Encryption key
len	Key length in bytes (usually 16, i.e., 128 bits)

Returns

Pointer to context data or NULL on failure

int aes_unwrap	(	const u8 *	kek,
		size_t	kek_len,
		int	n,
		const u8 *	cipher,
		u8 *	plain
	)

Unwrap key with AES Key Wrap Algorithm (RFC3394)

Parameters

kek	Key encryption key (KEK)
kek_len	Length of KEK in octets
n	Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 bytes
cipher	Wrapped key to be unwrapped, (n + 1) * 64 bits
plain	Plaintext key, n * 64 bits

Returns

0 on success, -1 on failure (e.g., integrity verification failed)

int aes_wrap	(	const u8 *	kek,
		size_t	kek_len,
		int	n,
		const u8 *	plain,
		u8 *	cipher
	)

Wrap keys with AES Key Wrap Algorithm (RFC3394)

Parameters

kek	Key encryption key (KEK)
kek_len	Length of KEK in octets
n	Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 bytes
plain	Plaintext key to be wrapped, n * 64 bits
cipher	Wrapped key, (n + 1) * 64 bits

Returns

0 on success, -1 on failure

int crypto_bignum_add	(	const struct crypto_bignum *	a,
		const struct crypto_bignum *	b,
		struct crypto_bignum *	c
	)

c = a + b

Parameters

a	Bignum
b	Bignum
c	Bignum; used to store the result of a + b

Returns

0 on success, -1 on failure

int crypto_bignum_bits

(

const struct crypto_bignum *

a

)

Get size of a bignum in bits.

Parameters

a

Bignum

Returns

Number of bits in the bignum

int crypto_bignum_cmp	(	const struct crypto_bignum *	a,
		const struct crypto_bignum *	b
	)

Compare two bignums.

Parameters

a	Bignum
b	Bignum

Returns

-1 if a < b, 0 if a == b, or 1 if a > b

void crypto_bignum_deinit	(	struct crypto_bignum *	n,
		int	clear
	)

Free bignum.

Parameters

n	Bignum from crypto_bignum_init() or crypto_bignum_init_set()
clear	Whether to clear the value from memory

int crypto_bignum_div	(	const struct crypto_bignum *	a,
		const struct crypto_bignum *	b,
		struct crypto_bignum *	c
	)

c = a / b

Parameters

a	Bignum
b	Bignum
c	Bignum; used to store the result of a / b

Returns

0 on success, -1 on failure

int crypto_bignum_exptmod	(	const struct crypto_bignum *	a,
		const struct crypto_bignum *	b,
		const struct crypto_bignum *	c,
		struct crypto_bignum *	d
	)

Modular exponentiation: d = a^b (mod c)

Parameters

a	Bignum; base
b	Bignum; exponent
c	Bignum; modulus
d	Bignum; used to store the result of a^b (mod c)

Returns

0 on success, -1 on failure

struct crypto_bignum* crypto_bignum_init

(

void

)

Allocate memory for bignum.

Returns

Pointer to allocated bignum or NULL on failure

struct crypto_bignum* crypto_bignum_init_set	(	const u8 *	buf,
		size_t	len
	)

Allocate memory for bignum and set the value.

Parameters

buf	Buffer with unsigned binary value
len	Length of buf in octets

Returns

Pointer to allocated bignum or NULL on failure

int crypto_bignum_inverse	(	const struct crypto_bignum *	a,
		const struct crypto_bignum *	b,
		struct crypto_bignum *	c
	)

Inverse a bignum so that a * c = 1 (mod b)

Parameters

a	Bignum
b	Bignum
c	Bignum; used to store the result

Returns

0 on success, -1 on failure

int crypto_bignum_is_one

(

const struct crypto_bignum *

a

)

Is the given bignum one.

Parameters

a

Bignum

Returns

1 if a is one or 0 if not

int crypto_bignum_is_zero

(

const struct crypto_bignum *

a

)

Is the given bignum zero.

Parameters

a

Bignum

Returns

1 if a is zero or 0 if not

int crypto_bignum_legendre	(	const struct crypto_bignum *	a,
		const struct crypto_bignum *	p
	)

Compute the Legendre symbol (a/p)

Parameters

a	Bignum
p	Bignum

Returns

Legendre symbol -1,0,1 on success; -2 on calculation failure

int crypto_bignum_mod	(	const struct crypto_bignum *	a,
		const struct crypto_bignum *	b,
		struct crypto_bignum *	c
	)

c = a % b

Parameters

a	Bignum
b	Bignum
c	Bignum; used to store the result of a % b

Returns

0 on success, -1 on failure

int crypto_bignum_mulmod	(	const struct crypto_bignum *	a,
		const struct crypto_bignum *	b,
		const struct crypto_bignum *	c,
		struct crypto_bignum *	d
	)

d = a * b (mod c)

Parameters

a	Bignum
b	Bignum
c	Bignum
d	Bignum; used to store the result of (a * b) % c

Returns

0 on success, -1 on failure

int crypto_bignum_sub	(	const struct crypto_bignum *	a,
		const struct crypto_bignum *	b,
		struct crypto_bignum *	c
	)

c = a - b

Parameters

a	Bignum
b	Bignum
c	Bignum; used to store the result of a - b

Returns

0 on success, -1 on failure

int crypto_bignum_to_bin	(	const struct crypto_bignum *	a,
		u8 *	buf,
		size_t	buflen,
		size_t	padlen
	)

Set binary buffer to unsigned bignum.

Parameters

a	Bignum
buf	Buffer for the binary number
len	Length of buf in octets
padlen	Length in octets to pad the result to or 0 to indicate no padding

Returns

Number of octets written on success, -1 on failure

int crypto_cipher_decrypt	(	struct crypto_cipher *	ctx,
		const u8 *	crypt,
		u8 *	plain,
		size_t	len
	)

Cipher decrypt.

Parameters

ctx	Context pointer from crypto_cipher_init()
crypt	Ciphertext to decrypt
plain	Resulting plaintext
len	Length of the cipher text

Returns

0 on success, -1 on failure

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

void crypto_cipher_deinit

(

struct crypto_cipher *

ctx

)

Free cipher context.

Parameters

ctx	Context pointer from crypto_cipher_init()

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

int crypto_cipher_encrypt	(	struct crypto_cipher *	ctx,
		const u8 *	plain,
		u8 *	crypt,
		size_t	len
	)

Cipher encrypt.

Parameters

ctx	Context pointer from crypto_cipher_init()
plain	Plaintext to cipher
crypt	Resulting ciphertext
len	Length of the plaintext

Returns

0 on success, -1 on failure

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

struct crypto_cipher* crypto_cipher_init	(	enum crypto_cipher_alg	alg,
		const u8 *	iv,
		const u8 *	key,
		size_t	key_len
	)

Initialize block/stream cipher function.

Parameters

alg	Cipher algorithm
iv	Initialization vector for block ciphers or NULL for stream ciphers
key	Cipher key
key_len	Length of key in bytes

Returns

Pointer to cipher context to use with other cipher functions or NULL on failure

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

int crypto_get_random	(	void *	buf,
		size_t	len
	)

Generate cryptographically strong pseudy-random bytes.

Parameters

buf	Buffer for data
len	Number of bytes to generate

Returns

0 on success, -1 on failure

If the PRNG does not have enough entropy to ensure unpredictable byte sequence, this functions must return -1.

int crypto_hash_finish	(	struct crypto_hash *	ctx,
		u8 *	hash,
		size_t *	len
	)

Complete hash calculation.

Parameters

ctx	Context pointer from crypto_hash_init()
hash	Buffer for hash value or NULL if caller is just freeing the hash context
len	Pointer to length of the buffer or NULL if caller is just freeing the hash context; on return, this is set to the actual length of the hash value

Returns

0 on success, -1 if buffer is too small (len set to needed length), or -2 on other failures (including failed crypto_hash_update() operations)

This function calculates the hash value and frees the context buffer that was used for hash calculation.

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

struct crypto_hash* crypto_hash_init	(	enum crypto_hash_alg	alg,
		const u8 *	key,
		size_t	key_len
	)

Initialize hash/HMAC function.

Parameters

alg	Hash algorithm
key	Key for keyed hash (e.g., HMAC) or NULL if not needed
key_len	Length of the key in bytes

Returns

Pointer to hash context to use with other hash functions or NULL on failure

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

void crypto_hash_update	(	struct crypto_hash *	ctx,
		const u8 *	data,
		size_t	len
	)

Add data to hash calculation.

Parameters

ctx	Context pointer from crypto_hash_init()
data	Data buffer to add
len	Length of the buffer

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

int crypto_mod_exp	(	const u8 *	base,
		size_t	base_len,
		const u8 *	power,
		size_t	power_len,
		const u8 *	modulus,
		size_t	modulus_len,
		u8 *	result,
		size_t *	result_len
	)

Modular exponentiation of large integers.

Parameters

base	Base integer (big endian byte array)
base_len	Length of base integer in bytes
power	Power integer (big endian byte array)
power_len	Length of power integer in bytes
modulus	Modulus integer (big endian byte array)
modulus_len	Length of modulus integer in bytes
result	Buffer for the result
result_len	Result length (max buffer size on input, real len on output)

Returns

0 on success, -1 on failure

This function calculates result = base ^ power mod modulus. modules_len is used as the maximum size of modulus buffer. It is set to the used size on success.

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

void des_encrypt	(	const u8 *	clear,
		const u8 *	key,
		u8 *	cypher
	)

Encrypt one block with DES.

Parameters

clear	8 octets (in)
key	7 octets (in) (no parity bits included)
cypher	8 octets (out)

int md4_vector	(	size_t	num_elem,
		const u8 *	addr[],
		const size_t *	len,
		u8 *	mac
	)

MD4 hash for data vector.

Parameters

num_elem	Number of elements in the data vector
addr	Pointers to the data areas
len	Lengths of the data blocks
mac	Buffer for the hash

Returns

0 on success, -1 on failure

int md5_vector	(	size_t	num_elem,
		const u8 *	addr[],
		const size_t *	len,
		u8 *	mac
	)

MD5 hash for data vector.

Parameters

num_elem	Number of elements in the data vector
addr	Pointers to the data areas
len	Lengths of the data blocks
mac	Buffer for the hash

Returns

0 on success, -1 on failure

int rc4_skip	(	const u8 *	key,
		size_t	keylen,
		size_t	skip,
		u8 *	data,
		size_t	data_len
	)

XOR RC4 stream to given data with skip-stream-start.

Parameters

key	RC4 key
keylen	RC4 key length
skip	number of bytes to skip from the beginning of the RC4 stream
data	data to be XOR'ed with RC4 stream
data_len	buf length

Returns

0 on success, -1 on failure

Generate RC4 pseudo random stream for the given key, skip beginning of the stream, and XOR the end result with the data buffer to perform RC4 encryption/decryption.

int sha1_vector	(	size_t	num_elem,
		const u8 *	addr[],
		const size_t *	len,
		u8 *	mac
	)

SHA-1 hash for data vector.

Parameters

num_elem	Number of elements in the data vector
addr	Pointers to the data areas
len	Lengths of the data blocks
mac	Buffer for the hash

Returns

0 on success, -1 on failure

int sha256_vector	(	size_t	num_elem,
		const u8 *	addr[],
		const size_t *	len,
		u8 *	mac
	)

SHA256 hash for data vector.

Parameters

num_elem	Number of elements in the data vector
addr	Pointers to the data areas
len	Lengths of the data blocks
mac	Buffer for the hash

Returns

0 on success, -1 on failure