2 * Crypto wrapper functions for NSS
3 * Copyright (c) 2009, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
10 #include <nspr/prtypes.h>
11 #include <nspr/plarenas.h>
12 #include <nspr/plhash.h>
13 #include <nspr/prtime.h>
14 #include <nspr/prinrval.h>
15 #include <nspr/prclist.h>
16 #include <nspr/prlock.h>
17 #include <nss/sechash.h>
18 #include <nss/pk11pub.h>
24 static int nss_hash(HASH_HashType type, unsigned int max_res_len,
25 size_t num_elem, const u8 *addr[], const size_t *len,
32 ctx = HASH_Create(type);
37 for (i = 0; i < num_elem; i++)
38 HASH_Update(ctx, addr[i], len[i]);
39 HASH_End(ctx, mac, &reslen, max_res_len);
46 void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
48 PK11Context *ctx = NULL;
50 SECItem *param = NULL;
51 PK11SymKey *symkey = NULL;
54 u8 pkey[8], next, tmp;
57 /* Add parity bits to the key */
59 for (i = 0; i < 7; i++) {
61 pkey[i] = (tmp >> i) | next | 1;
62 next = tmp << (7 - i);
66 slot = PK11_GetBestSlot(CKM_DES_ECB, NULL);
68 wpa_printf(MSG_ERROR, "NSS: PK11_GetBestSlot failed");
75 symkey = PK11_ImportSymKey(slot, CKM_DES_ECB, PK11_OriginDerive,
76 CKA_ENCRYPT, &item, NULL);
78 wpa_printf(MSG_ERROR, "NSS: PK11_ImportSymKey failed");
82 param = PK11_GenerateNewParam(CKM_DES_ECB, symkey);
84 wpa_printf(MSG_ERROR, "NSS: PK11_GenerateNewParam failed");
88 ctx = PK11_CreateContextBySymKey(CKM_DES_ECB, CKA_ENCRYPT,
91 wpa_printf(MSG_ERROR, "NSS: PK11_CreateContextBySymKey("
92 "CKM_DES_ECB) failed");
96 if (PK11_CipherOp(ctx, cypher, &olen, 8, (void *) clear, 8) !=
98 wpa_printf(MSG_ERROR, "NSS: PK11_CipherOp failed");
104 PK11_DestroyContext(ctx, PR_TRUE);
106 PK11_FreeSymKey(symkey);
108 SECITEM_FreeItem(param, PR_TRUE);
112 int rc4_skip(const u8 *key, size_t keylen, size_t skip,
113 u8 *data, size_t data_len)
119 int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
121 return nss_hash(HASH_AlgMD5, 16, num_elem, addr, len, mac);
125 int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
127 return nss_hash(HASH_AlgSHA1, 20, num_elem, addr, len, mac);
131 int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len,
134 return nss_hash(HASH_AlgSHA256, 32, num_elem, addr, len, mac);
138 void * aes_encrypt_init(const u8 *key, size_t len)
144 void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
149 void aes_encrypt_deinit(void *ctx)
154 void * aes_decrypt_init(const u8 *key, size_t len)
160 void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
165 void aes_decrypt_deinit(void *ctx)
170 int crypto_mod_exp(const u8 *base, size_t base_len,
171 const u8 *power, size_t power_len,
172 const u8 *modulus, size_t modulus_len,
173 u8 *result, size_t *result_len)
179 struct crypto_cipher {
183 struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
184 const u8 *iv, const u8 *key,
191 int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain,
192 u8 *crypt, size_t len)
198 int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
199 u8 *plain, size_t len)
205 void crypto_cipher_deinit(struct crypto_cipher *ctx)