SKEYID derivation based on libstrongswan
[strongswan.git] / src / pluto / crypto.h
1 /* crypto interfaces
2 * Copyright (C) 1998, 1999 D. Hugh Redelmeier.
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include <gmp.h> /* GNU MP library */
16
17 #include <crypto/hashers/hasher.h>
18 #include <crypto/prfs/prf.h>
19
20 #include "md5.h"
21 #include "sha1.h"
22 #include "libsha2/sha2.h"
23 #include "ike_alg.h"
24
25 extern void init_crypto(void);
26 extern void free_crypto(void);
27
28 /* Oakley group descriptions */
29
30 extern MP_INT groupgenerator; /* MODP group generator (2) */
31
32 struct oakley_group_desc {
33 u_int16_t group;
34 MP_INT *modulus;
35 size_t bytes;
36 };
37
38 extern const struct oakley_group_desc unset_group; /* magic signifier */
39 extern const struct oakley_group_desc *lookup_group(u_int16_t group);
40 #define OAKLEY_GROUP_SIZE 7
41 extern const struct oakley_group_desc oakley_group[OAKLEY_GROUP_SIZE];
42
43 /* unification of cryptographic encoding/decoding algorithms
44 * The IV is taken from and returned to st->st_new_iv.
45 * This allows the old IV to be retained.
46 * Use update_iv to commit to the new IV (for example, once a packet has
47 * been validated).
48 */
49
50 #define MAX_OAKLEY_KEY_LEN0 (3 * DES_CBC_BLOCK_SIZE)
51 #define MAX_OAKLEY_KEY_LEN (256/BITS_PER_BYTE)
52
53 struct state; /* forward declaration, dammit */
54
55 void crypto_cbc_encrypt(const struct encrypt_desc *e, bool enc, u_int8_t *buf, size_t size, struct state *st);
56
57 #define update_iv(st) memcpy((st)->st_iv, (st)->st_new_iv \
58 , (st)->st_iv_len = (st)->st_new_iv_len)
59
60 #define set_ph1_iv(st, iv) \
61 passert((st)->st_ph1_iv_len <= sizeof((st)->st_ph1_iv)); \
62 memcpy((st)->st_ph1_iv, (iv), (st)->st_ph1_iv_len);
63
64 /* unification of cryptographic hashing mechanisms */
65
66 #ifndef NO_HASH_CTX
67 union hash_ctx {
68 MD5_CTX ctx_md5;
69 SHA1_CTX ctx_sha1;
70 sha256_context ctx_sha256;
71 sha512_context ctx_sha512;
72 };
73
74 /* HMAC package
75 * Note that hmac_ctx can be (and is) copied since there are
76 * no persistent pointers into it.
77 */
78
79 struct hmac_ctx {
80 const struct hash_desc *h; /* underlying hash function */
81 size_t hmac_digest_size; /* copy of h->hash_digest_size */
82 union hash_ctx hash_ctx; /* ctx for hash function */
83 u_char buf1[MAX_HASH_BLOCK_SIZE];
84 u_char buf2[MAX_HASH_BLOCK_SIZE];
85 };
86
87 extern void hmac_init(
88 struct hmac_ctx *ctx,
89 const struct hash_desc *h,
90 const u_char *key,
91 size_t key_len);
92
93 #define hmac_init_chunk(ctx, h, ch) hmac_init((ctx), (h), (ch).ptr, (ch).len)
94
95 extern void hmac_reinit(struct hmac_ctx *ctx); /* saves recreating pads */
96
97 extern void hmac_update(
98 struct hmac_ctx *ctx,
99 const u_char *data,
100 size_t data_len);
101
102 #define hmac_update_chunk(ctx, ch) hmac_update((ctx), (ch).ptr, (ch).len)
103
104 extern void hmac_final(u_char *output, struct hmac_ctx *ctx);
105
106 #define hmac_final_chunk(ch, name, ctx) { \
107 free((ch).ptr); \
108 (ch).len = (ctx)->hmac_digest_size; \
109 (ch).ptr = malloc((ch).len); \
110 hmac_final((ch).ptr, (ctx)); \
111 }
112
113 extern hash_algorithm_t oakley_to_hash_algorithm(int alg);
114 extern pseudo_random_function_t oakley_to_prf(int alg);
115
116 #endif