wpa_supplicant / hostapd  2.5
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Pages
Data Structures | Functions
crypto_openssl.c File Reference

Wrapper functions for OpenSSL libcrypto. More...

#include "includes.h"
#include <openssl/opensslv.h>
#include <openssl/err.h>
#include <openssl/des.h>
#include <openssl/aes.h>
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/dh.h>
#include <openssl/hmac.h>
#include <openssl/rand.h>
#include "common.h"
#include "wpabuf.h"
#include "dh_group5.h"
#include "sha1.h"
#include "sha256.h"
#include "sha384.h"
#include "crypto.h"

Data Structures

struct  crypto_cipher
 
struct  crypto_hash
 

Functions

int md4_vector (size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
 MD4 hash for data vector. More...
 
void des_encrypt (const u8 *clear, const u8 *key, u8 *cypher)
 Encrypt one block with DES. More...
 
int rc4_skip (const u8 *key, size_t keylen, size_t skip, u8 *data, size_t data_len)
 XOR RC4 stream to given data with skip-stream-start. More...
 
int md5_vector (size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
 MD5 hash for data vector. More...
 
int sha1_vector (size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
 SHA-1 hash for data vector. More...
 
int sha256_vector (size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
 SHA256 hash for data vector. More...
 
void * aes_encrypt_init (const u8 *key, size_t len)
 Initialize AES for encryption. More...
 
void aes_encrypt (void *ctx, const u8 *plain, u8 *crypt)
 Encrypt one AES block. More...
 
void aes_encrypt_deinit (void *ctx)
 Deinitialize AES encryption. More...
 
void * aes_decrypt_init (const u8 *key, size_t len)
 Initialize AES for decryption. More...
 
void aes_decrypt (void *ctx, const u8 *crypt, u8 *plain)
 Decrypt one AES block. More...
 
void aes_decrypt_deinit (void *ctx)
 Deinitialize AES decryption. More...
 
int aes_wrap (const u8 *kek, size_t kek_len, int n, const u8 *plain, u8 *cipher)
 Wrap keys with AES Key Wrap Algorithm (RFC3394) More...
 
int aes_unwrap (const u8 *kek, size_t kek_len, int n, const u8 *cipher, u8 *plain)
 Unwrap key with AES Key Wrap Algorithm (RFC3394) More...
 
int aes_128_cbc_encrypt (const u8 *key, const u8 *iv, u8 *data, size_t data_len)
 AES-128 CBC encryption. More...
 
int aes_128_cbc_decrypt (const u8 *key, const u8 *iv, u8 *data, size_t data_len)
 AES-128 CBC decryption. More...
 
int crypto_mod_exp (const u8 *base, size_t base_len, const u8 *power, size_t power_len, const u8 *modulus, size_t modulus_len, u8 *result, size_t *result_len)
 Modular exponentiation of large integers. More...
 
struct crypto_ciphercrypto_cipher_init (enum crypto_cipher_alg alg, const u8 *iv, const u8 *key, size_t key_len)
 Initialize block/stream cipher function. More...
 
int crypto_cipher_encrypt (struct crypto_cipher *ctx, const u8 *plain, u8 *crypt, size_t len)
 Cipher encrypt. More...
 
int crypto_cipher_decrypt (struct crypto_cipher *ctx, const u8 *crypt, u8 *plain, size_t len)
 Cipher decrypt. More...
 
void crypto_cipher_deinit (struct crypto_cipher *ctx)
 Free cipher context. More...
 
void * dh5_init (struct wpabuf **priv, struct wpabuf **publ)
 
void * dh5_init_fixed (const struct wpabuf *priv, const struct wpabuf *publ)
 
struct wpabufdh5_derive_shared (void *ctx, const struct wpabuf *peer_public, const struct wpabuf *own_private)
 
void dh5_free (void *ctx)
 
struct crypto_hashcrypto_hash_init (enum crypto_hash_alg alg, const u8 *key, size_t key_len)
 Initialize hash/HMAC function. More...
 
void crypto_hash_update (struct crypto_hash *ctx, const u8 *data, size_t len)
 Add data to hash calculation. More...
 
int crypto_hash_finish (struct crypto_hash *ctx, u8 *mac, size_t *len)
 Complete hash calculation. More...
 
int hmac_md5_vector (const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
 
int hmac_md5 (const u8 *key, size_t key_len, const u8 *data, size_t data_len, u8 *mac)
 
int pbkdf2_sha1 (const char *passphrase, const u8 *ssid, size_t ssid_len, int iterations, u8 *buf, size_t buflen)
 
int hmac_sha1_vector (const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
 
int hmac_sha1 (const u8 *key, size_t key_len, const u8 *data, size_t data_len, u8 *mac)
 
int crypto_get_random (void *buf, size_t len)
 Generate cryptographically strong pseudy-random bytes. More...
 
struct crypto_bignum * crypto_bignum_init (void)
 Allocate memory for bignum. More...
 
struct crypto_bignum * crypto_bignum_init_set (const u8 *buf, size_t len)
 Allocate memory for bignum and set the value. More...
 
void crypto_bignum_deinit (struct crypto_bignum *n, int clear)
 Free bignum. More...
 
int crypto_bignum_to_bin (const struct crypto_bignum *a, u8 *buf, size_t buflen, size_t padlen)
 Set binary buffer to unsigned bignum. More...
 
int crypto_bignum_add (const struct crypto_bignum *a, const struct crypto_bignum *b, struct crypto_bignum *c)
 c = a + b More...
 
int crypto_bignum_mod (const struct crypto_bignum *a, const struct crypto_bignum *b, struct crypto_bignum *c)
 c = a % b More...
 
int crypto_bignum_exptmod (const struct crypto_bignum *a, const struct crypto_bignum *b, const struct crypto_bignum *c, struct crypto_bignum *d)
 Modular exponentiation: d = a^b (mod c) More...
 
int crypto_bignum_inverse (const struct crypto_bignum *a, const struct crypto_bignum *b, struct crypto_bignum *c)
 Inverse a bignum so that a * c = 1 (mod b) More...
 
int crypto_bignum_sub (const struct crypto_bignum *a, const struct crypto_bignum *b, struct crypto_bignum *c)
 c = a - b More...
 
int crypto_bignum_div (const struct crypto_bignum *a, const struct crypto_bignum *b, struct crypto_bignum *c)
 c = a / b More...
 
int crypto_bignum_mulmod (const struct crypto_bignum *a, const struct crypto_bignum *b, const struct crypto_bignum *c, struct crypto_bignum *d)
 d = a * b (mod c) More...
 
int crypto_bignum_cmp (const struct crypto_bignum *a, const struct crypto_bignum *b)
 Compare two bignums. More...
 
int crypto_bignum_bits (const struct crypto_bignum *a)
 Get size of a bignum in bits. More...
 
int crypto_bignum_is_zero (const struct crypto_bignum *a)
 Is the given bignum zero. More...
 
int crypto_bignum_is_one (const struct crypto_bignum *a)
 Is the given bignum one. More...
 
int crypto_bignum_legendre (const struct crypto_bignum *a, const struct crypto_bignum *p)
 Compute the Legendre symbol (a/p) More...
 

Detailed Description

Wrapper functions for OpenSSL libcrypto.

Function Documentation

int aes_128_cbc_decrypt ( const u8 *  key,
const u8 *  iv,
u8 *  data,
size_t  data_len 
)

AES-128 CBC decryption.

Parameters
keyDecryption key
ivDecryption IV for CBC mode (16 bytes)
dataData to decrypt in-place
data_lenLength of data in bytes (must be divisible by 16)
Returns
0 on success, -1 on failure
int aes_128_cbc_encrypt ( const u8 *  key,
const u8 *  iv,
u8 *  data,
size_t  data_len 
)

AES-128 CBC encryption.

Parameters
keyEncryption key
ivEncryption IV for CBC mode (16 bytes)
dataData to encrypt in-place
data_lenLength of data in bytes (must be divisible by 16)
Returns
0 on success, -1 on failure
void aes_decrypt ( void *  ctx,
const u8 *  crypt,
u8 *  plain 
)

Decrypt one AES block.

Parameters
ctxContext pointer from aes_encrypt_init()
cryptEncrypted data (16 bytes)
plainBuffer for the decrypted data (16 bytes)
void aes_decrypt_deinit ( void *  ctx)

Deinitialize AES decryption.

Parameters
ctxContext pointer from aes_encrypt_init()
void* aes_decrypt_init ( const u8 *  key,
size_t  len 
)

Initialize AES for decryption.

Parameters
keyDecryption key
lenKey length in bytes (usually 16, i.e., 128 bits)
Returns
Pointer to context data or NULL on failure
void aes_encrypt ( void *  ctx,
const u8 *  plain,
u8 *  crypt 
)

Encrypt one AES block.

Parameters
ctxContext pointer from aes_encrypt_init()
plainPlaintext data to be encrypted (16 bytes)
cryptBuffer for the encrypted data (16 bytes)
void aes_encrypt_deinit ( void *  ctx)

Deinitialize AES encryption.

Parameters
ctxContext pointer from aes_encrypt_init()
void* aes_encrypt_init ( const u8 *  key,
size_t  len 
)

Initialize AES for encryption.

Parameters
keyEncryption key
lenKey length in bytes (usually 16, i.e., 128 bits)
Returns
Pointer to context data or NULL on failure
int aes_unwrap ( const u8 *  kek,
size_t  kek_len,
int  n,
const u8 *  cipher,
u8 *  plain 
)

Unwrap key with AES Key Wrap Algorithm (RFC3394)

Parameters
kekKey encryption key (KEK)
kek_lenLength of KEK in octets
nLength of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 bytes
cipherWrapped key to be unwrapped, (n + 1) * 64 bits
plainPlaintext key, n * 64 bits
Returns
0 on success, -1 on failure (e.g., integrity verification failed)
int aes_wrap ( const u8 *  kek,
size_t  kek_len,
int  n,
const u8 *  plain,
u8 *  cipher 
)

Wrap keys with AES Key Wrap Algorithm (RFC3394)

Parameters
kekKey encryption key (KEK)
kek_lenLength of KEK in octets
nLength of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 bytes
plainPlaintext key to be wrapped, n * 64 bits
cipherWrapped key, (n + 1) * 64 bits
Returns
0 on success, -1 on failure
int crypto_bignum_add ( const struct crypto_bignum *  a,
const struct crypto_bignum *  b,
struct crypto_bignum *  c 
)

c = a + b

Parameters
aBignum
bBignum
cBignum; used to store the result of a + b
Returns
0 on success, -1 on failure
int crypto_bignum_bits ( const struct crypto_bignum *  a)

Get size of a bignum in bits.

Parameters
aBignum
Returns
Number of bits in the bignum
int crypto_bignum_cmp ( const struct crypto_bignum *  a,
const struct crypto_bignum *  b 
)

Compare two bignums.

Parameters
aBignum
bBignum
Returns
-1 if a < b, 0 if a == b, or 1 if a > b
void crypto_bignum_deinit ( struct crypto_bignum *  n,
int  clear 
)

Free bignum.

Parameters
nBignum from crypto_bignum_init() or crypto_bignum_init_set()
clearWhether to clear the value from memory
int crypto_bignum_div ( const struct crypto_bignum *  a,
const struct crypto_bignum *  b,
struct crypto_bignum *  c 
)

c = a / b

Parameters
aBignum
bBignum
cBignum; used to store the result of a / b
Returns
0 on success, -1 on failure
int crypto_bignum_exptmod ( const struct crypto_bignum *  a,
const struct crypto_bignum *  b,
const struct crypto_bignum *  c,
struct crypto_bignum *  d 
)

Modular exponentiation: d = a^b (mod c)

Parameters
aBignum; base
bBignum; exponent
cBignum; modulus
dBignum; used to store the result of a^b (mod c)
Returns
0 on success, -1 on failure
struct crypto_bignum* crypto_bignum_init ( void  )

Allocate memory for bignum.

Returns
Pointer to allocated bignum or NULL on failure
struct crypto_bignum* crypto_bignum_init_set ( const u8 *  buf,
size_t  len 
)

Allocate memory for bignum and set the value.

Parameters
bufBuffer with unsigned binary value
lenLength of buf in octets
Returns
Pointer to allocated bignum or NULL on failure
int crypto_bignum_inverse ( const struct crypto_bignum *  a,
const struct crypto_bignum *  b,
struct crypto_bignum *  c 
)

Inverse a bignum so that a * c = 1 (mod b)

Parameters
aBignum
bBignum
cBignum; used to store the result
Returns
0 on success, -1 on failure
int crypto_bignum_is_one ( const struct crypto_bignum *  a)

Is the given bignum one.

Parameters
aBignum
Returns
1 if a is one or 0 if not
int crypto_bignum_is_zero ( const struct crypto_bignum *  a)

Is the given bignum zero.

Parameters
aBignum
Returns
1 if a is zero or 0 if not
int crypto_bignum_legendre ( const struct crypto_bignum *  a,
const struct crypto_bignum *  p 
)

Compute the Legendre symbol (a/p)

Parameters
aBignum
pBignum
Returns
Legendre symbol -1,0,1 on success; -2 on calculation failure
int crypto_bignum_mod ( const struct crypto_bignum *  a,
const struct crypto_bignum *  b,
struct crypto_bignum *  c 
)

c = a % b

Parameters
aBignum
bBignum
cBignum; used to store the result of a % b
Returns
0 on success, -1 on failure
int crypto_bignum_mulmod ( const struct crypto_bignum *  a,
const struct crypto_bignum *  b,
const struct crypto_bignum *  c,
struct crypto_bignum *  d 
)

d = a * b (mod c)

Parameters
aBignum
bBignum
cBignum
dBignum; used to store the result of (a * b) % c
Returns
0 on success, -1 on failure
int crypto_bignum_sub ( const struct crypto_bignum *  a,
const struct crypto_bignum *  b,
struct crypto_bignum *  c 
)

c = a - b

Parameters
aBignum
bBignum
cBignum; used to store the result of a - b
Returns
0 on success, -1 on failure
int crypto_bignum_to_bin ( const struct crypto_bignum *  a,
u8 *  buf,
size_t  buflen,
size_t  padlen 
)

Set binary buffer to unsigned bignum.

Parameters
aBignum
bufBuffer for the binary number
lenLength of buf in octets
padlenLength in octets to pad the result to or 0 to indicate no padding
Returns
Number of octets written on success, -1 on failure
int crypto_cipher_decrypt ( struct crypto_cipher ctx,
const u8 *  crypt,
u8 *  plain,
size_t  len 
)

Cipher decrypt.

Parameters
ctxContext pointer from crypto_cipher_init()
cryptCiphertext to decrypt
plainResulting plaintext
lenLength of the cipher text
Returns
0 on success, -1 on failure

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

void crypto_cipher_deinit ( struct crypto_cipher ctx)

Free cipher context.

Parameters
ctxContext pointer from crypto_cipher_init()

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

int crypto_cipher_encrypt ( struct crypto_cipher ctx,
const u8 *  plain,
u8 *  crypt,
size_t  len 
)

Cipher encrypt.

Parameters
ctxContext pointer from crypto_cipher_init()
plainPlaintext to cipher
cryptResulting ciphertext
lenLength of the plaintext
Returns
0 on success, -1 on failure

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

struct crypto_cipher* crypto_cipher_init ( enum crypto_cipher_alg  alg,
const u8 *  iv,
const u8 *  key,
size_t  key_len 
)

Initialize block/stream cipher function.

Parameters
algCipher algorithm
ivInitialization vector for block ciphers or NULL for stream ciphers
keyCipher key
key_lenLength of key in bytes
Returns
Pointer to cipher context to use with other cipher functions or NULL on failure

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

int crypto_get_random ( void *  buf,
size_t  len 
)

Generate cryptographically strong pseudy-random bytes.

Parameters
bufBuffer for data
lenNumber of bytes to generate
Returns
0 on success, -1 on failure

If the PRNG does not have enough entropy to ensure unpredictable byte sequence, this functions must return -1.

int crypto_hash_finish ( struct crypto_hash ctx,
u8 *  hash,
size_t *  len 
)

Complete hash calculation.

Parameters
ctxContext pointer from crypto_hash_init()
hashBuffer for hash value or NULL if caller is just freeing the hash context
lenPointer to length of the buffer or NULL if caller is just freeing the hash context; on return, this is set to the actual length of the hash value
Returns
0 on success, -1 if buffer is too small (len set to needed length), or -2 on other failures (including failed crypto_hash_update() operations)

This function calculates the hash value and frees the context buffer that was used for hash calculation.

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

struct crypto_hash* crypto_hash_init ( enum crypto_hash_alg  alg,
const u8 *  key,
size_t  key_len 
)

Initialize hash/HMAC function.

Parameters
algHash algorithm
keyKey for keyed hash (e.g., HMAC) or NULL if not needed
key_lenLength of the key in bytes
Returns
Pointer to hash context to use with other hash functions or NULL on failure

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

void crypto_hash_update ( struct crypto_hash ctx,
const u8 *  data,
size_t  len 
)

Add data to hash calculation.

Parameters
ctxContext pointer from crypto_hash_init()
dataData buffer to add
lenLength of the buffer

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

int crypto_mod_exp ( const u8 *  base,
size_t  base_len,
const u8 *  power,
size_t  power_len,
const u8 *  modulus,
size_t  modulus_len,
u8 *  result,
size_t *  result_len 
)

Modular exponentiation of large integers.

Parameters
baseBase integer (big endian byte array)
base_lenLength of base integer in bytes
powerPower integer (big endian byte array)
power_lenLength of power integer in bytes
modulusModulus integer (big endian byte array)
modulus_lenLength of modulus integer in bytes
resultBuffer for the result
result_lenResult length (max buffer size on input, real len on output)
Returns
0 on success, -1 on failure

This function calculates result = base ^ power mod modulus. modules_len is used as the maximum size of modulus buffer. It is set to the used size on success.

This function is only used with internal TLSv1 implementation (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need to implement this.

void des_encrypt ( const u8 *  clear,
const u8 *  key,
u8 *  cypher 
)

Encrypt one block with DES.

Parameters
clear8 octets (in)
key7 octets (in) (no parity bits included)
cypher8 octets (out)
int md4_vector ( size_t  num_elem,
const u8 *  addr[],
const size_t *  len,
u8 *  mac 
)

MD4 hash for data vector.

Parameters
num_elemNumber of elements in the data vector
addrPointers to the data areas
lenLengths of the data blocks
macBuffer for the hash
Returns
0 on success, -1 on failure
int md5_vector ( size_t  num_elem,
const u8 *  addr[],
const size_t *  len,
u8 *  mac 
)

MD5 hash for data vector.

Parameters
num_elemNumber of elements in the data vector
addrPointers to the data areas
lenLengths of the data blocks
macBuffer for the hash
Returns
0 on success, -1 on failure
int rc4_skip ( const u8 *  key,
size_t  keylen,
size_t  skip,
u8 *  data,
size_t  data_len 
)

XOR RC4 stream to given data with skip-stream-start.

Parameters
keyRC4 key
keylenRC4 key length
skipnumber of bytes to skip from the beginning of the RC4 stream
datadata to be XOR'ed with RC4 stream
data_lenbuf length
Returns
0 on success, -1 on failure

Generate RC4 pseudo random stream for the given key, skip beginning of the stream, and XOR the end result with the data buffer to perform RC4 encryption/decryption.

int sha1_vector ( size_t  num_elem,
const u8 *  addr[],
const size_t *  len,
u8 *  mac 
)

SHA-1 hash for data vector.

Parameters
num_elemNumber of elements in the data vector
addrPointers to the data areas
lenLengths of the data blocks
macBuffer for the hash
Returns
0 on success, -1 on failure
int sha256_vector ( size_t  num_elem,
const u8 *  addr[],
const size_t *  len,
u8 *  mac 
)

SHA256 hash for data vector.

Parameters
num_elemNumber of elements in the data vector
addrPointers to the data areas
lenLengths of the data blocks
macBuffer for the hash
Returns
0 on success, -1 on failure