3a19555445
This allows WPS to be linked with GnuTLS.
200 lines
4.4 KiB
C
200 lines
4.4 KiB
C
/*
|
|
* WPA Supplicant / wrapper functions for libgcrypt
|
|
* Copyright (c) 2004-2005, Jouni Malinen <j@w1.fi>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
* published by the Free Software Foundation.
|
|
*
|
|
* Alternatively, this software may be distributed under the terms of BSD
|
|
* license.
|
|
*
|
|
* See README and COPYING for more details.
|
|
*/
|
|
|
|
#include "includes.h"
|
|
#include <gcrypt.h>
|
|
|
|
#include "common.h"
|
|
#include "crypto.h"
|
|
|
|
void md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
|
{
|
|
gcry_md_hd_t hd;
|
|
unsigned char *p;
|
|
size_t i;
|
|
|
|
if (gcry_md_open(&hd, GCRY_MD_MD4, 0) != GPG_ERR_NO_ERROR)
|
|
return;
|
|
for (i = 0; i < num_elem; i++)
|
|
gcry_md_write(hd, addr[i], len[i]);
|
|
p = gcry_md_read(hd, GCRY_MD_MD4);
|
|
if (p)
|
|
memcpy(mac, p, gcry_md_get_algo_dlen(GCRY_MD_MD4));
|
|
gcry_md_close(hd);
|
|
}
|
|
|
|
|
|
void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
|
{
|
|
gcry_cipher_hd_t hd;
|
|
u8 pkey[8], next, tmp;
|
|
int i;
|
|
|
|
/* Add parity bits to the key */
|
|
next = 0;
|
|
for (i = 0; i < 7; i++) {
|
|
tmp = key[i];
|
|
pkey[i] = (tmp >> i) | next | 1;
|
|
next = tmp << (7 - i);
|
|
}
|
|
pkey[i] = next | 1;
|
|
|
|
gcry_cipher_open(&hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0);
|
|
gcry_err_code(gcry_cipher_setkey(hd, pkey, 8));
|
|
gcry_cipher_encrypt(hd, cypher, 8, clear, 8);
|
|
gcry_cipher_close(hd);
|
|
}
|
|
|
|
|
|
#ifdef EAP_TLS_FUNCS
|
|
void md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
|
{
|
|
gcry_md_hd_t hd;
|
|
unsigned char *p;
|
|
size_t i;
|
|
|
|
if (gcry_md_open(&hd, GCRY_MD_MD5, 0) != GPG_ERR_NO_ERROR)
|
|
return;
|
|
for (i = 0; i < num_elem; i++)
|
|
gcry_md_write(hd, addr[i], len[i]);
|
|
p = gcry_md_read(hd, GCRY_MD_MD5);
|
|
if (p)
|
|
memcpy(mac, p, gcry_md_get_algo_dlen(GCRY_MD_MD5));
|
|
gcry_md_close(hd);
|
|
}
|
|
|
|
|
|
void sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
|
{
|
|
gcry_md_hd_t hd;
|
|
unsigned char *p;
|
|
size_t i;
|
|
|
|
if (gcry_md_open(&hd, GCRY_MD_SHA1, 0) != GPG_ERR_NO_ERROR)
|
|
return;
|
|
for (i = 0; i < num_elem; i++)
|
|
gcry_md_write(hd, addr[i], len[i]);
|
|
p = gcry_md_read(hd, GCRY_MD_SHA1);
|
|
if (p)
|
|
memcpy(mac, p, gcry_md_get_algo_dlen(GCRY_MD_SHA1));
|
|
gcry_md_close(hd);
|
|
}
|
|
|
|
|
|
#ifndef CONFIG_NO_FIPS186_2_PRF
|
|
int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
|
|
{
|
|
/* FIX: how to do this with libgcrypt? */
|
|
return -1;
|
|
}
|
|
#endif /* CONFIG_NO_FIPS186_2_PRF */
|
|
|
|
|
|
void * aes_encrypt_init(const u8 *key, size_t len)
|
|
{
|
|
gcry_cipher_hd_t hd;
|
|
|
|
if (gcry_cipher_open(&hd, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_ECB, 0) !=
|
|
GPG_ERR_NO_ERROR) {
|
|
printf("cipher open failed\n");
|
|
return NULL;
|
|
}
|
|
if (gcry_cipher_setkey(hd, key, len) != GPG_ERR_NO_ERROR) {
|
|
printf("setkey failed\n");
|
|
gcry_cipher_close(hd);
|
|
return NULL;
|
|
}
|
|
|
|
return hd;
|
|
}
|
|
|
|
|
|
void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
|
|
{
|
|
gcry_cipher_hd_t hd = ctx;
|
|
gcry_cipher_encrypt(hd, crypt, 16, plain, 16);
|
|
}
|
|
|
|
|
|
void aes_encrypt_deinit(void *ctx)
|
|
{
|
|
gcry_cipher_hd_t hd = ctx;
|
|
gcry_cipher_close(hd);
|
|
}
|
|
|
|
|
|
void * aes_decrypt_init(const u8 *key, size_t len)
|
|
{
|
|
gcry_cipher_hd_t hd;
|
|
|
|
if (gcry_cipher_open(&hd, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_ECB, 0) !=
|
|
GPG_ERR_NO_ERROR)
|
|
return NULL;
|
|
if (gcry_cipher_setkey(hd, key, len) != GPG_ERR_NO_ERROR) {
|
|
gcry_cipher_close(hd);
|
|
return NULL;
|
|
}
|
|
|
|
return hd;
|
|
}
|
|
|
|
|
|
void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
|
|
{
|
|
gcry_cipher_hd_t hd = ctx;
|
|
gcry_cipher_decrypt(hd, plain, 16, crypt, 16);
|
|
}
|
|
|
|
|
|
void aes_decrypt_deinit(void *ctx)
|
|
{
|
|
gcry_cipher_hd_t hd = ctx;
|
|
gcry_cipher_close(hd);
|
|
}
|
|
#endif /* EAP_TLS_FUNCS */
|
|
|
|
|
|
int crypto_mod_exp(const u8 *base, size_t base_len,
|
|
const u8 *power, size_t power_len,
|
|
const u8 *modulus, size_t modulus_len,
|
|
u8 *result, size_t *result_len)
|
|
{
|
|
gcry_mpi_t bn_base = NULL, bn_exp = NULL, bn_modulus = NULL,
|
|
bn_result = NULL;
|
|
int ret = -1;
|
|
|
|
if (gcry_mpi_scan(&bn_base, GCRYMPI_FMT_USG, base, base_len, NULL) !=
|
|
GPG_ERR_NO_ERROR ||
|
|
gcry_mpi_scan(&bn_exp, GCRYMPI_FMT_USG, power, power_len, NULL) !=
|
|
GPG_ERR_NO_ERROR ||
|
|
gcry_mpi_scan(&bn_modulus, GCRYMPI_FMT_USG, modulus, modulus_len,
|
|
NULL) != GPG_ERR_NO_ERROR)
|
|
goto error;
|
|
bn_result = gcry_mpi_new(modulus_len * 8);
|
|
|
|
gcry_mpi_powm(bn_result, bn_base, bn_exp, bn_modulus);
|
|
|
|
if (gcry_mpi_print(GCRYMPI_FMT_USG, result, *result_len, result_len,
|
|
bn_result) != GPG_ERR_NO_ERROR)
|
|
goto error;
|
|
|
|
ret = 0;
|
|
|
|
error:
|
|
gcry_mpi_release(bn_base);
|
|
gcry_mpi_release(bn_exp);
|
|
gcry_mpi_release(bn_modulus);
|
|
gcry_mpi_release(bn_result);
|
|
return ret;
|
|
}
|