lsquic_crypto.h revision 50aadb33
1/* Copyright (c) 2017 LiteSpeed Technologies Inc. See LICENSE. */ 2 3#ifndef __LSQUIC_CRYPTO_H__ 4#define __LSQUIC_CRYPTO_H__ 5 6#include <stdint.h> 7 8#define HS_PKT_HASH_LENGTH 12 9 10 11#ifdef __cplusplus 12extern "C" { 13#endif 14 15struct lsquic_str; 16 17#if defined( __x86_64 )||defined( __x86_64__ ) 18 typedef __uint128_t uint128; 19#else 20 typedef struct uint128_st 21 { 22 uint64_t hi_; 23 uint64_t lo_; 24 } uint128; 25#endif 26 27 28void crypto_init(); 29 30/* XXX: why have a wrapper around RAND_bytes? */ 31void rand_bytes(void *data, int len); 32 33 34int export_key_material_simple(unsigned char *ikm, uint32_t ikm_len, 35 unsigned char *salt, int salt_len, 36 char *label, uint32_t label_len, 37 const uint8_t *context, uint32_t context_len, 38 uint8_t *key, uint16_t key_len); 39 40int export_key_material(const unsigned char *ikm, uint32_t ikm_len, 41 const unsigned char *salt, int salt_len, 42 const unsigned char *context, uint32_t context_len, 43 uint16_t c_key_len, uint8_t *c_key, 44 uint16_t s_key_len, uint8_t *s_key, 45 uint16_t c_key_iv_len, uint8_t *c_key_iv, 46 uint16_t s_key_iv_len, uint8_t *s_key_iv, 47 uint8_t *sub_key); 48 49void c255_get_pub_key(unsigned char *priv_key, unsigned char pub_key[32]); 50int c255_gen_share_key(unsigned char *priv_key, unsigned char *peer_pub_key, unsigned char *shared_key); 51 52 53 54uint64_t fnv1a_64(const uint8_t * data, int len); 55void fnv1a_64_s(const uint8_t * data, int len, char *md); 56uint128 fnv1a_128(const uint8_t * data, int len); 57void fnv1a_128_s(const uint8_t * data , int len, uint8_t *md); 58uint128 fnv1a_128_2(const uint8_t * data1, int len1, const uint8_t * data2, int len2); 59uint128 fnv1a_128_3(const uint8_t * data1, int len1, 60 const uint8_t * data2, int len2, 61 const uint8_t * data3, int len3); 62void fnv1a_128_2_s(const uint8_t * data1, int len1, const uint8_t * data2, int len2, uint8_t *md); 63void serialize_fnv128_short(uint128 v, uint8_t *md); 64 65 66/* before session handshake complete */ 67int verify_hs_pkt(const uint8_t *pkg_data, size_t header_len, size_t pkg_len); 68int update_hs_pkt_hash(uint8_t *pkg_data, int header_len, int pkg_len); 69int get_hs_pkt_hash_len(); 70 71 72/*16 bytes of h outputted */ 73void sha256(const uint8_t *buf, int len, uint8_t *h); 74 75 76/* Encrypt plaint text to cipher test */ 77int aes_aead_enc(EVP_AEAD_CTX *key, 78 const uint8_t *ad, size_t ad_len, 79 const uint8_t *nonce, size_t nonce_len, 80 const uint8_t *plain, size_t plain_len, 81 uint8_t *cypher, size_t *cypher_len); 82 83int aes_aead_dec(EVP_AEAD_CTX *key, 84 const uint8_t *ad, size_t ad_len, 85 const uint8_t *nonce, size_t nonce_len, 86 const uint8_t *cypher, size_t cypher_len, 87 uint8_t *plain, size_t *plain_len); 88 89int aes_get_key_length(); 90 91void gen_nonce_s(char *buf, int length); 92 93/* 32 bytes client nonce with 4 bytes tm, 8 bytes orbit */ 94void gen_nonce_c(unsigned char *buf, uint64_t orbit); 95 96EVP_PKEY *PEM_to_key(const char *buf, int len); 97 98X509 *bio_to_crt(const void *buf, int len, int type); 99 100int lshkdf_expand(const unsigned char *prk, const unsigned char *info, int info_len, 101 uint16_t c_key_len, uint8_t *c_key, 102 uint16_t s_key_len, uint8_t *s_key, 103 uint16_t c_key_iv_len, uint8_t *c_key_iv, 104 uint16_t s_key_iv_len, uint8_t *s_key_iv, 105 uint16_t sub_key_len, uint8_t *sub_key); 106void lshkdf_extract(const unsigned char *ikm, int ikm_len, const unsigned char *salt, 107 int salt_len, unsigned char *prk); 108 109int gen_prof(const uint8_t *chlo_data, size_t chlo_data_len, 110 const uint8_t *scfg_data, uint32_t scfg_data_len, 111 const EVP_PKEY *priv_key, uint8_t *buf, size_t *len); 112int verify_prof0(const uint8_t *chlo_data, size_t chlo_data_len, 113 const uint8_t *scfg_data, uint32_t scfg_data_len, 114 const EVP_PKEY *pub_key, const uint8_t *buf, size_t len); 115 116int verify_prof(const uint8_t *chlo_data, size_t chlo_data_len, struct lsquic_str * scfg, 117 const EVP_PKEY *pub_key, const uint8_t *buf, size_t len); 118 119 120#ifdef __cplusplus 121} 122#endif 123 124#endif //__LSQUIC_CRYPTO_H__ 125