lsquic_crypto.h revision 5392f7a3
1/* Copyright (c) 2017 - 2019 LiteSpeed Technologies Inc. See LICENSE. */ 2 3#ifndef __LSQUIC_CRYPTO_H__ 4#define __LSQUIC_CRYPTO_H__ 5 6#include <stdint.h> 7 8#define HS_PKT_HASH_LENGTH 12 9 10 11#ifdef __cplusplus 12extern "C" { 13#endif 14 15struct lsquic_str; 16struct evp_aead_ctx_st; 17struct evp_pkey_st; 18struct x509_st; 19 20#if defined( __x86_64 )||defined( __x86_64__ ) 21 typedef __uint128_t uint128; 22#else 23 typedef struct uint128_st 24 { 25 uint64_t hi_; 26 uint64_t lo_; 27 } uint128; 28#endif 29 30 31void crypto_init(void); 32 33/* XXX: why have a wrapper around RAND_bytes? */ 34void rand_bytes(void *data, int len); 35 36 37int export_key_material_simple(unsigned char *ikm, uint32_t ikm_len, 38 unsigned char *salt, int salt_len, 39 char *label, uint32_t label_len, 40 const uint8_t *context, uint32_t context_len, 41 uint8_t *key, uint16_t key_len); 42 43int export_key_material(const unsigned char *ikm, uint32_t ikm_len, 44 const unsigned char *salt, int salt_len, 45 const unsigned char *context, uint32_t context_len, 46 uint16_t c_key_len, uint8_t *c_key, 47 uint16_t s_key_len, uint8_t *s_key, 48 uint16_t c_key_iv_len, uint8_t *c_key_iv, 49 uint16_t s_key_iv_len, uint8_t *s_key_iv, 50 uint8_t *sub_key); 51 52void c255_get_pub_key(unsigned char *priv_key, unsigned char pub_key[32]); 53int c255_gen_share_key(unsigned char *priv_key, unsigned char *peer_pub_key, unsigned char *shared_key); 54 55 56 57uint64_t fnv1a_64(const uint8_t * data, int len); 58void fnv1a_64_s(const uint8_t * data, int len, char *md); 59void fnv1a_128_s(const uint8_t * data , int len, uint8_t *md); 60uint128 fnv1a_128_3(const uint8_t * data1, int len1, 61 const uint8_t * data2, int len2, 62 const uint8_t * data3, int len3); 63void serialize_fnv128_short(uint128 v, uint8_t *md); 64 65 66/* Encrypt plaint text to cipher test */ 67int aes_aead_enc(struct evp_aead_ctx_st *key, 68 const uint8_t *ad, size_t ad_len, 69 const uint8_t *nonce, size_t nonce_len, 70 const uint8_t *plain, size_t plain_len, 71 uint8_t *cypher, size_t *cypher_len); 72 73int aes_aead_dec(struct evp_aead_ctx_st *key, 74 const uint8_t *ad, size_t ad_len, 75 const uint8_t *nonce, size_t nonce_len, 76 const uint8_t *cypher, size_t cypher_len, 77 uint8_t *plain, size_t *plain_len); 78 79/* 32 bytes client nonce with 4 bytes tm, 8 bytes orbit */ 80void gen_nonce_c(unsigned char *buf, uint64_t orbit); 81 82struct evp_pkey_st *PEM_to_key(const char *buf, int len); 83 84struct x509_st *bio_to_crt(const void *buf, int len, int type); 85 86int lshkdf_expand(const unsigned char *prk, const unsigned char *info, int info_len, 87 uint16_t c_key_len, uint8_t *c_key, 88 uint16_t s_key_len, uint8_t *s_key, 89 uint16_t c_key_iv_len, uint8_t *c_key_iv, 90 uint16_t s_key_iv_len, uint8_t *s_key_iv, 91 uint16_t sub_key_len, uint8_t *sub_key); 92void lshkdf_extract(const unsigned char *ikm, int ikm_len, const unsigned char *salt, 93 int salt_len, unsigned char *prk); 94 95int gen_prof(const uint8_t *chlo_data, size_t chlo_data_len, 96 const uint8_t *scfg_data, uint32_t scfg_data_len, 97 const struct evp_pkey_st *priv_key, uint8_t *buf, size_t *len); 98int verify_prof0(const uint8_t *chlo_data, size_t chlo_data_len, 99 const uint8_t *scfg_data, uint32_t scfg_data_len, 100 const struct evp_pkey_st *pub_key, const uint8_t *buf, size_t len); 101 102int verify_prof(const uint8_t *chlo_data, size_t chlo_data_len, struct lsquic_str * scfg, 103 const struct evp_pkey_st *pub_key, const uint8_t *buf, size_t len); 104 105 106#ifdef __cplusplus 107} 108#endif 109 110#endif //__LSQUIC_CRYPTO_H__ 111