lsquic_crypto.h revision 7d09751d
1/* Copyright (c) 2017 - 2020 LiteSpeed Technologies Inc. See LICENSE. */ 2 3#ifndef __LSQUIC_CRYPTO_H__ 4#define __LSQUIC_CRYPTO_H__ 5 6#include <stdint.h> 7 8#define HS_PKT_HASH_LENGTH 12 9 10 11#ifdef __cplusplus 12extern "C" { 13#endif 14 15struct lsquic_str; 16struct evp_aead_ctx_st; 17struct evp_pkey_st; 18struct x509_st; 19 20#if defined( __x86_64 )||defined( __x86_64__ ) 21 typedef __uint128_t uint128; 22#else 23 typedef struct uint128_st 24 { 25 uint64_t hi_; 26 uint64_t lo_; 27 } uint128; 28#endif 29 30 31void crypto_init(void); 32 33/* XXX: why have a wrapper around RAND_bytes? */ 34void rand_bytes(void *data, int len); 35 36 37int export_key_material_simple(unsigned char *ikm, uint32_t ikm_len, 38 unsigned char *salt, int salt_len, 39 char *label, uint32_t label_len, 40 const uint8_t *context, uint32_t context_len, 41 uint8_t *key, uint16_t key_len); 42 43int lsquic_export_key_material(const unsigned char *ikm, uint32_t ikm_len, 44 const unsigned char *salt, int salt_len, 45 const unsigned char *context, uint32_t context_len, 46 uint16_t c_key_len, uint8_t *c_key, 47 uint16_t s_key_len, uint8_t *s_key, 48 uint16_t c_key_iv_len, uint8_t *c_key_iv, 49 uint16_t s_key_iv_len, uint8_t *s_key_iv, 50 uint8_t *sub_key, 51 uint8_t *c_hp, uint8_t *s_hp); 52 53void c255_get_pub_key(unsigned char *priv_key, unsigned char pub_key[32]); 54int c255_gen_share_key(unsigned char *priv_key, unsigned char *peer_pub_key, unsigned char *shared_key); 55 56 57 58uint64_t fnv1a_64(const uint8_t * data, int len); 59void fnv1a_64_s(const uint8_t * data, int len, char *md); 60void fnv1a_128_s(const uint8_t * data , int len, uint8_t *md); 61uint128 fnv1a_128_3(const uint8_t * data1, int len1, 62 const uint8_t * data2, int len2, 63 const uint8_t * data3, int len3); 64void serialize_fnv128_short(uint128 v, uint8_t *md); 65 66 67/* Encrypt plaint text to cipher test */ 68int aes_aead_enc(struct evp_aead_ctx_st *key, 69 const uint8_t *ad, size_t ad_len, 70 const uint8_t *nonce, size_t nonce_len, 71 const uint8_t *plain, size_t plain_len, 72 uint8_t *cypher, size_t *cypher_len); 73 74int aes_aead_dec(struct evp_aead_ctx_st *key, 75 const uint8_t *ad, size_t ad_len, 76 const uint8_t *nonce, size_t nonce_len, 77 const uint8_t *cypher, size_t cypher_len, 78 uint8_t *plain, size_t *plain_len); 79 80/* 32 bytes client nonce with 4 bytes tm, 8 bytes orbit */ 81void gen_nonce_c(unsigned char *buf, uint64_t orbit); 82 83struct evp_pkey_st *PEM_to_key(const char *buf, int len); 84 85struct x509_st *bio_to_crt(const void *buf, int len, int type); 86 87int lshkdf_expand(const unsigned char *prk, const unsigned char *info, int info_len, 88 uint16_t c_key_len, uint8_t *c_key, 89 uint16_t s_key_len, uint8_t *s_key, 90 uint16_t c_key_iv_len, uint8_t *c_key_iv, 91 uint16_t s_key_iv_len, uint8_t *s_key_iv, 92 uint16_t sub_key_len, uint8_t *sub_key, 93 uint8_t *c_hp, uint8_t *s_hp); 94void lshkdf_extract(const unsigned char *ikm, int ikm_len, const unsigned char *salt, 95 int salt_len, unsigned char *prk); 96 97int gen_prof(const uint8_t *chlo_data, size_t chlo_data_len, 98 const uint8_t *scfg_data, uint32_t scfg_data_len, 99 const struct evp_pkey_st *priv_key, uint8_t *buf, size_t *len); 100int verify_prof0(const uint8_t *chlo_data, size_t chlo_data_len, 101 const uint8_t *scfg_data, uint32_t scfg_data_len, 102 const struct evp_pkey_st *pub_key, const uint8_t *buf, size_t len); 103 104int verify_prof(const uint8_t *chlo_data, size_t chlo_data_len, struct lsquic_str * scfg, 105 const struct evp_pkey_st *pub_key, const uint8_t *buf, size_t len); 106 107 108#ifdef __cplusplus 109} 110#endif 111 112#endif //__LSQUIC_CRYPTO_H__ 113