wpa_supplicant: crypto.c Source File

00001 
00016 #include "includes.h"
00017 #include <openssl/opensslv.h>
00018 #include <openssl/md4.h>
00019 #include <openssl/md5.h>
00020 #include <openssl/sha.h>
00021 #include <openssl/des.h>
00022 #include <openssl/aes.h>
00023 
00024 #include "common.h"
00025 #include "crypto.h"
00026 
00027 #if OPENSSL_VERSION_NUMBER < 0x00907000
00028 #define DES_key_schedule des_key_schedule
00029 #define DES_cblock des_cblock
00030 #define DES_set_key(key, schedule) des_set_key((key), *(schedule))
00031 #define DES_ecb_encrypt(input, output, ks, enc) \
00032         des_ecb_encrypt((input), (output), *(ks), (enc))
00033 #endif /* openssl < 0.9.7 */
00034 
00035 
00036 void md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
00037 {
00038         MD4_CTX ctx;
00039         size_t i;
00040 
00041         MD4_Init(&ctx);
00042         for (i = 0; i < num_elem; i++)
00043                 MD4_Update(&ctx, addr[i], len[i]);
00044         MD4_Final(mac, &ctx);
00045 }
00046 
00047 
00048 void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
00049 {
00050         u8 pkey[8], next, tmp;
00051         int i;
00052         DES_key_schedule ks;
00053 
00054         /* Add parity bits to the key */
00055         next = 0;
00056         for (i = 0; i < 7; i++) {
00057                 tmp = key[i];
00058                 pkey[i] = (tmp >> i) | next | 1;
00059                 next = tmp << (7 - i);
00060         }
00061         pkey[i] = next | 1;
00062 
00063         DES_set_key(&pkey, &ks);
00064         DES_ecb_encrypt((DES_cblock *) clear, (DES_cblock *) cypher, &ks,
00065                         DES_ENCRYPT);
00066 }
00067 
00068 
00069 #ifdef EAP_TLS_FUNCS
00070 void md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
00071 {
00072         MD5_CTX ctx;
00073         size_t i;
00074 
00075         MD5_Init(&ctx);
00076         for (i = 0; i < num_elem; i++)
00077                 MD5_Update(&ctx, addr[i], len[i]);
00078         MD5_Final(mac, &ctx);
00079 }
00080 
00081 
00082 void sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
00083 {
00084         SHA_CTX ctx;
00085         size_t i;
00086 
00087         SHA1_Init(&ctx);
00088         for (i = 0; i < num_elem; i++)
00089                 SHA1_Update(&ctx, addr[i], len[i]);
00090         SHA1_Final(mac, &ctx);
00091 }
00092 
00093 
00094 static void sha1_transform(u8 *state, const u8 data[64])
00095 {
00096         SHA_CTX context;
00097         os_memset(&context, 0, sizeof(context));
00098         os_memcpy(&context.h0, state, 5 * 4);
00099         SHA1_Transform(&context, data);
00100         os_memcpy(state, &context.h0, 5 * 4);
00101 }
00102 
00103 
00104 int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
00105 {
00106         u8 xkey[64];
00107         u32 t[5], _t[5];
00108         int i, j, m, k;
00109         u8 *xpos = x;
00110         u32 carry;
00111 
00112         if (seed_len > sizeof(xkey))
00113                 seed_len = sizeof(xkey);
00114 
00115         /* FIPS 186-2 + change notice 1 */
00116 
00117         os_memcpy(xkey, seed, seed_len);
00118         os_memset(xkey + seed_len, 0, 64 - seed_len);
00119         t[0] = 0x67452301;
00120         t[1] = 0xEFCDAB89;
00121         t[2] = 0x98BADCFE;
00122         t[3] = 0x10325476;
00123         t[4] = 0xC3D2E1F0;
00124 
00125         m = xlen / 40;
00126         for (j = 0; j < m; j++) {
00127                 /* XSEED_j = 0 */
00128                 for (i = 0; i < 2; i++) {
00129                         /* XVAL = (XKEY + XSEED_j) mod 2^b */
00130 
00131                         /* w_i = G(t, XVAL) */
00132                         os_memcpy(_t, t, 20);
00133                         sha1_transform((u8 *) _t, xkey);
00134                         _t[0] = host_to_be32(_t[0]);
00135                         _t[1] = host_to_be32(_t[1]);
00136                         _t[2] = host_to_be32(_t[2]);
00137                         _t[3] = host_to_be32(_t[3]);
00138                         _t[4] = host_to_be32(_t[4]);
00139                         os_memcpy(xpos, _t, 20);
00140 
00141                         /* XKEY = (1 + XKEY + w_i) mod 2^b */
00142                         carry = 1;
00143                         for (k = 19; k >= 0; k--) {
00144                                 carry += xkey[k] + xpos[k];
00145                                 xkey[k] = carry & 0xff;
00146                                 carry >>= 8;
00147                         }
00148 
00149                         xpos += 20;
00150                 }
00151                 /* x_j = w_0|w_1 */
00152         }
00153 
00154         return 0;
00155 }
00156 
00157 
00158 void * aes_encrypt_init(const u8 *key, size_t len)
00159 {
00160         AES_KEY *ak;
00161         ak = os_malloc(sizeof(*ak));
00162         if (ak == NULL)
00163                 return NULL;
00164         if (AES_set_encrypt_key(key, 8 * len, ak) < 0) {
00165                 os_free(ak);
00166                 return NULL;
00167         }
00168         return ak;
00169 }
00170 
00171 
00172 void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
00173 {
00174         AES_encrypt(plain, crypt, ctx);
00175 }
00176 
00177 
00178 void aes_encrypt_deinit(void *ctx)
00179 {
00180         os_free(ctx);
00181 }
00182 
00183 
00184 void * aes_decrypt_init(const u8 *key, size_t len)
00185 {
00186         AES_KEY *ak;
00187         ak = os_malloc(sizeof(*ak));
00188         if (ak == NULL)
00189                 return NULL;
00190         if (AES_set_decrypt_key(key, 8 * len, ak) < 0) {
00191                 os_free(ak);
00192                 return NULL;
00193         }
00194         return ak;
00195 }
00196 
00197 
00198 void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
00199 {
00200         AES_decrypt(crypt, plain, ctx);
00201 }
00202 
00203 
00204 void aes_decrypt_deinit(void *ctx)
00205 {
00206         os_free(ctx);
00207 }
00208 #endif /* EAP_TLS_FUNCS */
00209