lsquic_crypto.h revision 67b0dc15
150aadb33SDmitri Tikhonov/* Copyright (c) 2017 LiteSpeed Technologies Inc.  See LICENSE. */
250aadb33SDmitri Tikhonov
350aadb33SDmitri Tikhonov#ifndef __LSQUIC_CRYPTO_H__
450aadb33SDmitri Tikhonov#define __LSQUIC_CRYPTO_H__
550aadb33SDmitri Tikhonov
650aadb33SDmitri Tikhonov#include <stdint.h>
750aadb33SDmitri Tikhonov
850aadb33SDmitri Tikhonov#define HS_PKT_HASH_LENGTH 12
950aadb33SDmitri Tikhonov
1050aadb33SDmitri Tikhonov
1150aadb33SDmitri Tikhonov#ifdef __cplusplus
1250aadb33SDmitri Tikhonovextern "C" {
1350aadb33SDmitri Tikhonov#endif
1450aadb33SDmitri Tikhonov
1550aadb33SDmitri Tikhonovstruct lsquic_str;
1650aadb33SDmitri Tikhonov
1750aadb33SDmitri Tikhonov#if defined( __x86_64 )||defined( __x86_64__ )
1850aadb33SDmitri Tikhonov    typedef __uint128_t uint128;
1950aadb33SDmitri Tikhonov#else
2050aadb33SDmitri Tikhonov    typedef struct uint128_st
2150aadb33SDmitri Tikhonov    {
2250aadb33SDmitri Tikhonov        uint64_t hi_;
2350aadb33SDmitri Tikhonov        uint64_t lo_;
2450aadb33SDmitri Tikhonov    } uint128;
2550aadb33SDmitri Tikhonov#endif
2650aadb33SDmitri Tikhonov
2750aadb33SDmitri Tikhonov
2867b0dc15SDmitri Tikhonovvoid crypto_init(void);
2950aadb33SDmitri Tikhonov
3050aadb33SDmitri Tikhonov/* XXX: why have a wrapper around RAND_bytes? */
3150aadb33SDmitri Tikhonovvoid rand_bytes(void *data, int len);
3250aadb33SDmitri Tikhonov
3350aadb33SDmitri Tikhonov
3450aadb33SDmitri Tikhonovint export_key_material_simple(unsigned char *ikm, uint32_t ikm_len,
3550aadb33SDmitri Tikhonov                        unsigned char *salt, int salt_len,
3650aadb33SDmitri Tikhonov                        char *label, uint32_t label_len,
3750aadb33SDmitri Tikhonov                        const uint8_t *context, uint32_t context_len,
3850aadb33SDmitri Tikhonov                        uint8_t *key, uint16_t key_len);
3950aadb33SDmitri Tikhonov
4050aadb33SDmitri Tikhonovint export_key_material(const unsigned char *ikm, uint32_t ikm_len,
4150aadb33SDmitri Tikhonov                        const unsigned char *salt, int salt_len,
4250aadb33SDmitri Tikhonov                        const unsigned char *context, uint32_t context_len,
4350aadb33SDmitri Tikhonov                        uint16_t c_key_len, uint8_t *c_key,
4450aadb33SDmitri Tikhonov                        uint16_t s_key_len, uint8_t *s_key,
4550aadb33SDmitri Tikhonov                        uint16_t c_key_iv_len, uint8_t *c_key_iv,
4650aadb33SDmitri Tikhonov                        uint16_t s_key_iv_len, uint8_t *s_key_iv,
4750aadb33SDmitri Tikhonov                        uint8_t *sub_key);
4850aadb33SDmitri Tikhonov
4950aadb33SDmitri Tikhonovvoid c255_get_pub_key(unsigned char *priv_key, unsigned char pub_key[32]);
5050aadb33SDmitri Tikhonovint c255_gen_share_key(unsigned char *priv_key, unsigned char *peer_pub_key, unsigned char *shared_key);
5150aadb33SDmitri Tikhonov
5250aadb33SDmitri Tikhonov
5350aadb33SDmitri Tikhonov
5450aadb33SDmitri Tikhonovuint64_t fnv1a_64(const uint8_t * data, int len);
5550aadb33SDmitri Tikhonovvoid fnv1a_64_s(const uint8_t * data, int len, char *md);
5650aadb33SDmitri Tikhonovuint128 fnv1a_128(const uint8_t * data, int len);
5750aadb33SDmitri Tikhonovvoid fnv1a_128_s(const uint8_t * data , int len, uint8_t  *md);
5850aadb33SDmitri Tikhonovuint128 fnv1a_128_2(const uint8_t * data1, int len1, const uint8_t * data2, int len2);
5950aadb33SDmitri Tikhonovuint128 fnv1a_128_3(const uint8_t * data1, int len1,
6050aadb33SDmitri Tikhonov                      const uint8_t * data2, int len2,
6150aadb33SDmitri Tikhonov                      const uint8_t * data3, int len3);
6250aadb33SDmitri Tikhonovvoid fnv1a_128_2_s(const uint8_t * data1, int len1, const uint8_t * data2, int len2, uint8_t  *md);
6350aadb33SDmitri Tikhonovvoid serialize_fnv128_short(uint128 v, uint8_t *md);
6450aadb33SDmitri Tikhonov
6550aadb33SDmitri Tikhonov
6650aadb33SDmitri Tikhonov/* before session handshake complete */
6750aadb33SDmitri Tikhonovint verify_hs_pkt(const uint8_t *pkg_data, size_t header_len, size_t pkg_len);
6850aadb33SDmitri Tikhonovint update_hs_pkt_hash(uint8_t *pkg_data, int header_len, int pkg_len);
6950aadb33SDmitri Tikhonovint get_hs_pkt_hash_len();
7050aadb33SDmitri Tikhonov
7150aadb33SDmitri Tikhonov
7250aadb33SDmitri Tikhonov/*16 bytes of h outputted  */
7350aadb33SDmitri Tikhonovvoid sha256(const uint8_t *buf, int len, uint8_t *h);
7450aadb33SDmitri Tikhonov
7550aadb33SDmitri Tikhonov
7650aadb33SDmitri Tikhonov/* Encrypt plaint text to cipher test */
7750aadb33SDmitri Tikhonovint aes_aead_enc(EVP_AEAD_CTX *key,
7850aadb33SDmitri Tikhonov              const uint8_t *ad, size_t ad_len,
7950aadb33SDmitri Tikhonov              const uint8_t *nonce, size_t nonce_len,
8050aadb33SDmitri Tikhonov              const uint8_t *plain, size_t plain_len,
8150aadb33SDmitri Tikhonov              uint8_t *cypher, size_t *cypher_len);
8250aadb33SDmitri Tikhonov
8350aadb33SDmitri Tikhonovint aes_aead_dec(EVP_AEAD_CTX *key,
8450aadb33SDmitri Tikhonov              const uint8_t *ad, size_t ad_len,
8550aadb33SDmitri Tikhonov              const uint8_t *nonce, size_t nonce_len,
8650aadb33SDmitri Tikhonov              const uint8_t *cypher, size_t cypher_len,
8750aadb33SDmitri Tikhonov              uint8_t *plain, size_t *plain_len);
8850aadb33SDmitri Tikhonov
8950aadb33SDmitri Tikhonovint aes_get_key_length();
9050aadb33SDmitri Tikhonov
9150aadb33SDmitri Tikhonovvoid gen_nonce_s(char *buf, int length);
9250aadb33SDmitri Tikhonov
9350aadb33SDmitri Tikhonov/* 32 bytes client nonce with 4 bytes tm, 8 bytes orbit */
9450aadb33SDmitri Tikhonovvoid gen_nonce_c(unsigned char *buf, uint64_t orbit);
9550aadb33SDmitri Tikhonov
9650aadb33SDmitri TikhonovEVP_PKEY *PEM_to_key(const char *buf, int len);
9750aadb33SDmitri Tikhonov
9850aadb33SDmitri TikhonovX509 *bio_to_crt(const void *buf, int len, int type);
9950aadb33SDmitri Tikhonov
10050aadb33SDmitri Tikhonovint lshkdf_expand(const unsigned char *prk, const unsigned char *info, int info_len,
10150aadb33SDmitri Tikhonov                uint16_t c_key_len, uint8_t *c_key,
10250aadb33SDmitri Tikhonov                uint16_t s_key_len, uint8_t *s_key,
10350aadb33SDmitri Tikhonov                uint16_t c_key_iv_len, uint8_t *c_key_iv,
10450aadb33SDmitri Tikhonov                uint16_t s_key_iv_len, uint8_t *s_key_iv,
10550aadb33SDmitri Tikhonov                uint16_t sub_key_len, uint8_t *sub_key);
10650aadb33SDmitri Tikhonovvoid lshkdf_extract(const unsigned char *ikm, int ikm_len, const unsigned char *salt,
10750aadb33SDmitri Tikhonov                  int salt_len, unsigned char *prk);
10850aadb33SDmitri Tikhonov
10950aadb33SDmitri Tikhonovint gen_prof(const uint8_t *chlo_data, size_t chlo_data_len,
11050aadb33SDmitri Tikhonov             const uint8_t *scfg_data, uint32_t scfg_data_len,
11150aadb33SDmitri Tikhonov             const EVP_PKEY *priv_key, uint8_t *buf, size_t *len);
11250aadb33SDmitri Tikhonovint verify_prof0(const uint8_t *chlo_data, size_t chlo_data_len,
11350aadb33SDmitri Tikhonov                const uint8_t *scfg_data, uint32_t scfg_data_len,
11450aadb33SDmitri Tikhonov                const EVP_PKEY *pub_key, const uint8_t *buf, size_t len);
11550aadb33SDmitri Tikhonov
11650aadb33SDmitri Tikhonovint verify_prof(const uint8_t *chlo_data, size_t chlo_data_len, struct lsquic_str * scfg,
11750aadb33SDmitri Tikhonov                const EVP_PKEY *pub_key, const uint8_t *buf, size_t len);
11850aadb33SDmitri Tikhonov
11950aadb33SDmitri Tikhonov
12050aadb33SDmitri Tikhonov#ifdef __cplusplus
12150aadb33SDmitri Tikhonov}
12250aadb33SDmitri Tikhonov#endif
12350aadb33SDmitri Tikhonov
12450aadb33SDmitri Tikhonov#endif //__LSQUIC_CRYPTO_H__
125