1*03f9172cSAndroid Build Coastguard Worker /* 2*03f9172cSAndroid Build Coastguard Worker * Wrapper functions for crypto libraries 3*03f9172cSAndroid Build Coastguard Worker * Copyright (c) 2004-2017, Jouni Malinen <[email protected]> 4*03f9172cSAndroid Build Coastguard Worker * 5*03f9172cSAndroid Build Coastguard Worker * This software may be distributed under the terms of the BSD license. 6*03f9172cSAndroid Build Coastguard Worker * See README for more details. 7*03f9172cSAndroid Build Coastguard Worker * 8*03f9172cSAndroid Build Coastguard Worker * This file defines the cryptographic functions that need to be implemented 9*03f9172cSAndroid Build Coastguard Worker * for wpa_supplicant and hostapd. When TLS is not used, internal 10*03f9172cSAndroid Build Coastguard Worker * implementation of MD5, SHA1, and AES is used and no external libraries are 11*03f9172cSAndroid Build Coastguard Worker * required. When TLS is enabled (e.g., by enabling EAP-TLS or EAP-PEAP), the 12*03f9172cSAndroid Build Coastguard Worker * crypto library used by the TLS implementation is expected to be used for 13*03f9172cSAndroid Build Coastguard Worker * non-TLS needs, too, in order to save space by not implementing these 14*03f9172cSAndroid Build Coastguard Worker * functions twice. 15*03f9172cSAndroid Build Coastguard Worker * 16*03f9172cSAndroid Build Coastguard Worker * Wrapper code for using each crypto library is in its own file (crypto*.c) 17*03f9172cSAndroid Build Coastguard Worker * and one of these files is build and linked in to provide the functions 18*03f9172cSAndroid Build Coastguard Worker * defined here. 19*03f9172cSAndroid Build Coastguard Worker */ 20*03f9172cSAndroid Build Coastguard Worker 21*03f9172cSAndroid Build Coastguard Worker #ifndef CRYPTO_H 22*03f9172cSAndroid Build Coastguard Worker #define CRYPTO_H 23*03f9172cSAndroid Build Coastguard Worker 24*03f9172cSAndroid Build Coastguard Worker #define HMAC_VECTOR_MAX_ELEM 11 25*03f9172cSAndroid Build Coastguard Worker 26*03f9172cSAndroid Build Coastguard Worker /** 27*03f9172cSAndroid Build Coastguard Worker * md4_vector - MD4 hash for data vector 28*03f9172cSAndroid Build Coastguard Worker * @num_elem: Number of elements in the data vector 29*03f9172cSAndroid Build Coastguard Worker * @addr: Pointers to the data areas 30*03f9172cSAndroid Build Coastguard Worker * @len: Lengths of the data blocks 31*03f9172cSAndroid Build Coastguard Worker * @mac: Buffer for the hash 32*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 33*03f9172cSAndroid Build Coastguard Worker */ 34*03f9172cSAndroid Build Coastguard Worker int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac); 35*03f9172cSAndroid Build Coastguard Worker 36*03f9172cSAndroid Build Coastguard Worker /** 37*03f9172cSAndroid Build Coastguard Worker * md5_vector - MD5 hash for data vector 38*03f9172cSAndroid Build Coastguard Worker * @num_elem: Number of elements in the data vector 39*03f9172cSAndroid Build Coastguard Worker * @addr: Pointers to the data areas 40*03f9172cSAndroid Build Coastguard Worker * @len: Lengths of the data blocks 41*03f9172cSAndroid Build Coastguard Worker * @mac: Buffer for the hash 42*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 43*03f9172cSAndroid Build Coastguard Worker */ 44*03f9172cSAndroid Build Coastguard Worker int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac); 45*03f9172cSAndroid Build Coastguard Worker 46*03f9172cSAndroid Build Coastguard Worker 47*03f9172cSAndroid Build Coastguard Worker /** 48*03f9172cSAndroid Build Coastguard Worker * sha1_vector - SHA-1 hash for data vector 49*03f9172cSAndroid Build Coastguard Worker * @num_elem: Number of elements in the data vector 50*03f9172cSAndroid Build Coastguard Worker * @addr: Pointers to the data areas 51*03f9172cSAndroid Build Coastguard Worker * @len: Lengths of the data blocks 52*03f9172cSAndroid Build Coastguard Worker * @mac: Buffer for the hash 53*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 54*03f9172cSAndroid Build Coastguard Worker */ 55*03f9172cSAndroid Build Coastguard Worker int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, 56*03f9172cSAndroid Build Coastguard Worker u8 *mac); 57*03f9172cSAndroid Build Coastguard Worker 58*03f9172cSAndroid Build Coastguard Worker /** 59*03f9172cSAndroid Build Coastguard Worker * fips186_2-prf - NIST FIPS Publication 186-2 change notice 1 PRF 60*03f9172cSAndroid Build Coastguard Worker * @seed: Seed/key for the PRF 61*03f9172cSAndroid Build Coastguard Worker * @seed_len: Seed length in bytes 62*03f9172cSAndroid Build Coastguard Worker * @x: Buffer for PRF output 63*03f9172cSAndroid Build Coastguard Worker * @xlen: Output length in bytes 64*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 65*03f9172cSAndroid Build Coastguard Worker * 66*03f9172cSAndroid Build Coastguard Worker * This function implements random number generation specified in NIST FIPS 67*03f9172cSAndroid Build Coastguard Worker * Publication 186-2 for EAP-SIM. This PRF uses a function that is similar to 68*03f9172cSAndroid Build Coastguard Worker * SHA-1, but has different message padding. 69*03f9172cSAndroid Build Coastguard Worker */ 70*03f9172cSAndroid Build Coastguard Worker int __must_check fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, 71*03f9172cSAndroid Build Coastguard Worker size_t xlen); 72*03f9172cSAndroid Build Coastguard Worker 73*03f9172cSAndroid Build Coastguard Worker /** 74*03f9172cSAndroid Build Coastguard Worker * sha256_vector - SHA256 hash for data vector 75*03f9172cSAndroid Build Coastguard Worker * @num_elem: Number of elements in the data vector 76*03f9172cSAndroid Build Coastguard Worker * @addr: Pointers to the data areas 77*03f9172cSAndroid Build Coastguard Worker * @len: Lengths of the data blocks 78*03f9172cSAndroid Build Coastguard Worker * @mac: Buffer for the hash 79*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 80*03f9172cSAndroid Build Coastguard Worker */ 81*03f9172cSAndroid Build Coastguard Worker int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, 82*03f9172cSAndroid Build Coastguard Worker u8 *mac); 83*03f9172cSAndroid Build Coastguard Worker 84*03f9172cSAndroid Build Coastguard Worker /** 85*03f9172cSAndroid Build Coastguard Worker * sha384_vector - SHA384 hash for data vector 86*03f9172cSAndroid Build Coastguard Worker * @num_elem: Number of elements in the data vector 87*03f9172cSAndroid Build Coastguard Worker * @addr: Pointers to the data areas 88*03f9172cSAndroid Build Coastguard Worker * @len: Lengths of the data blocks 89*03f9172cSAndroid Build Coastguard Worker * @mac: Buffer for the hash 90*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 91*03f9172cSAndroid Build Coastguard Worker */ 92*03f9172cSAndroid Build Coastguard Worker int sha384_vector(size_t num_elem, const u8 *addr[], const size_t *len, 93*03f9172cSAndroid Build Coastguard Worker u8 *mac); 94*03f9172cSAndroid Build Coastguard Worker 95*03f9172cSAndroid Build Coastguard Worker /** 96*03f9172cSAndroid Build Coastguard Worker * sha512_vector - SHA512 hash for data vector 97*03f9172cSAndroid Build Coastguard Worker * @num_elem: Number of elements in the data vector 98*03f9172cSAndroid Build Coastguard Worker * @addr: Pointers to the data areas 99*03f9172cSAndroid Build Coastguard Worker * @len: Lengths of the data blocks 100*03f9172cSAndroid Build Coastguard Worker * @mac: Buffer for the hash 101*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 102*03f9172cSAndroid Build Coastguard Worker */ 103*03f9172cSAndroid Build Coastguard Worker int sha512_vector(size_t num_elem, const u8 *addr[], const size_t *len, 104*03f9172cSAndroid Build Coastguard Worker u8 *mac); 105*03f9172cSAndroid Build Coastguard Worker 106*03f9172cSAndroid Build Coastguard Worker /** 107*03f9172cSAndroid Build Coastguard Worker * des_encrypt - Encrypt one block with DES 108*03f9172cSAndroid Build Coastguard Worker * @clear: 8 octets (in) 109*03f9172cSAndroid Build Coastguard Worker * @key: 7 octets (in) (no parity bits included) 110*03f9172cSAndroid Build Coastguard Worker * @cypher: 8 octets (out) 111*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 112*03f9172cSAndroid Build Coastguard Worker */ 113*03f9172cSAndroid Build Coastguard Worker int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher); 114*03f9172cSAndroid Build Coastguard Worker 115*03f9172cSAndroid Build Coastguard Worker /** 116*03f9172cSAndroid Build Coastguard Worker * aes_encrypt_init - Initialize AES for encryption 117*03f9172cSAndroid Build Coastguard Worker * @key: Encryption key 118*03f9172cSAndroid Build Coastguard Worker * @len: Key length in bytes (usually 16, i.e., 128 bits) 119*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to context data or %NULL on failure 120*03f9172cSAndroid Build Coastguard Worker */ 121*03f9172cSAndroid Build Coastguard Worker void * aes_encrypt_init(const u8 *key, size_t len); 122*03f9172cSAndroid Build Coastguard Worker 123*03f9172cSAndroid Build Coastguard Worker /** 124*03f9172cSAndroid Build Coastguard Worker * aes_encrypt - Encrypt one AES block 125*03f9172cSAndroid Build Coastguard Worker * @ctx: Context pointer from aes_encrypt_init() 126*03f9172cSAndroid Build Coastguard Worker * @plain: Plaintext data to be encrypted (16 bytes) 127*03f9172cSAndroid Build Coastguard Worker * @crypt: Buffer for the encrypted data (16 bytes) 128*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 129*03f9172cSAndroid Build Coastguard Worker */ 130*03f9172cSAndroid Build Coastguard Worker int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt); 131*03f9172cSAndroid Build Coastguard Worker 132*03f9172cSAndroid Build Coastguard Worker /** 133*03f9172cSAndroid Build Coastguard Worker * aes_encrypt_deinit - Deinitialize AES encryption 134*03f9172cSAndroid Build Coastguard Worker * @ctx: Context pointer from aes_encrypt_init() 135*03f9172cSAndroid Build Coastguard Worker */ 136*03f9172cSAndroid Build Coastguard Worker void aes_encrypt_deinit(void *ctx); 137*03f9172cSAndroid Build Coastguard Worker 138*03f9172cSAndroid Build Coastguard Worker /** 139*03f9172cSAndroid Build Coastguard Worker * aes_decrypt_init - Initialize AES for decryption 140*03f9172cSAndroid Build Coastguard Worker * @key: Decryption key 141*03f9172cSAndroid Build Coastguard Worker * @len: Key length in bytes (usually 16, i.e., 128 bits) 142*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to context data or %NULL on failure 143*03f9172cSAndroid Build Coastguard Worker */ 144*03f9172cSAndroid Build Coastguard Worker void * aes_decrypt_init(const u8 *key, size_t len); 145*03f9172cSAndroid Build Coastguard Worker 146*03f9172cSAndroid Build Coastguard Worker /** 147*03f9172cSAndroid Build Coastguard Worker * aes_decrypt - Decrypt one AES block 148*03f9172cSAndroid Build Coastguard Worker * @ctx: Context pointer from aes_encrypt_init() 149*03f9172cSAndroid Build Coastguard Worker * @crypt: Encrypted data (16 bytes) 150*03f9172cSAndroid Build Coastguard Worker * @plain: Buffer for the decrypted data (16 bytes) 151*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 152*03f9172cSAndroid Build Coastguard Worker */ 153*03f9172cSAndroid Build Coastguard Worker int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain); 154*03f9172cSAndroid Build Coastguard Worker 155*03f9172cSAndroid Build Coastguard Worker /** 156*03f9172cSAndroid Build Coastguard Worker * aes_decrypt_deinit - Deinitialize AES decryption 157*03f9172cSAndroid Build Coastguard Worker * @ctx: Context pointer from aes_encrypt_init() 158*03f9172cSAndroid Build Coastguard Worker */ 159*03f9172cSAndroid Build Coastguard Worker void aes_decrypt_deinit(void *ctx); 160*03f9172cSAndroid Build Coastguard Worker 161*03f9172cSAndroid Build Coastguard Worker 162*03f9172cSAndroid Build Coastguard Worker enum crypto_hash_alg { 163*03f9172cSAndroid Build Coastguard Worker CRYPTO_HASH_ALG_MD5, CRYPTO_HASH_ALG_SHA1, 164*03f9172cSAndroid Build Coastguard Worker CRYPTO_HASH_ALG_HMAC_MD5, CRYPTO_HASH_ALG_HMAC_SHA1, 165*03f9172cSAndroid Build Coastguard Worker CRYPTO_HASH_ALG_SHA256, CRYPTO_HASH_ALG_HMAC_SHA256, 166*03f9172cSAndroid Build Coastguard Worker CRYPTO_HASH_ALG_SHA384, CRYPTO_HASH_ALG_SHA512 167*03f9172cSAndroid Build Coastguard Worker }; 168*03f9172cSAndroid Build Coastguard Worker 169*03f9172cSAndroid Build Coastguard Worker struct crypto_hash; 170*03f9172cSAndroid Build Coastguard Worker 171*03f9172cSAndroid Build Coastguard Worker /** 172*03f9172cSAndroid Build Coastguard Worker * crypto_hash_init - Initialize hash/HMAC function 173*03f9172cSAndroid Build Coastguard Worker * @alg: Hash algorithm 174*03f9172cSAndroid Build Coastguard Worker * @key: Key for keyed hash (e.g., HMAC) or %NULL if not needed 175*03f9172cSAndroid Build Coastguard Worker * @key_len: Length of the key in bytes 176*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to hash context to use with other hash functions or %NULL 177*03f9172cSAndroid Build Coastguard Worker * on failure 178*03f9172cSAndroid Build Coastguard Worker * 179*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 180*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 181*03f9172cSAndroid Build Coastguard Worker * to implement this. 182*03f9172cSAndroid Build Coastguard Worker */ 183*03f9172cSAndroid Build Coastguard Worker struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key, 184*03f9172cSAndroid Build Coastguard Worker size_t key_len); 185*03f9172cSAndroid Build Coastguard Worker 186*03f9172cSAndroid Build Coastguard Worker /** 187*03f9172cSAndroid Build Coastguard Worker * crypto_hash_update - Add data to hash calculation 188*03f9172cSAndroid Build Coastguard Worker * @ctx: Context pointer from crypto_hash_init() 189*03f9172cSAndroid Build Coastguard Worker * @data: Data buffer to add 190*03f9172cSAndroid Build Coastguard Worker * @len: Length of the buffer 191*03f9172cSAndroid Build Coastguard Worker * 192*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 193*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 194*03f9172cSAndroid Build Coastguard Worker * to implement this. 195*03f9172cSAndroid Build Coastguard Worker */ 196*03f9172cSAndroid Build Coastguard Worker void crypto_hash_update(struct crypto_hash *ctx, const u8 *data, size_t len); 197*03f9172cSAndroid Build Coastguard Worker 198*03f9172cSAndroid Build Coastguard Worker /** 199*03f9172cSAndroid Build Coastguard Worker * crypto_hash_finish - Complete hash calculation 200*03f9172cSAndroid Build Coastguard Worker * @ctx: Context pointer from crypto_hash_init() 201*03f9172cSAndroid Build Coastguard Worker * @hash: Buffer for hash value or %NULL if caller is just freeing the hash 202*03f9172cSAndroid Build Coastguard Worker * context 203*03f9172cSAndroid Build Coastguard Worker * @len: Pointer to length of the buffer or %NULL if caller is just freeing the 204*03f9172cSAndroid Build Coastguard Worker * hash context; on return, this is set to the actual length of the hash value 205*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 if buffer is too small (len set to needed length), 206*03f9172cSAndroid Build Coastguard Worker * or -2 on other failures (including failed crypto_hash_update() operations) 207*03f9172cSAndroid Build Coastguard Worker * 208*03f9172cSAndroid Build Coastguard Worker * This function calculates the hash value and frees the context buffer that 209*03f9172cSAndroid Build Coastguard Worker * was used for hash calculation. 210*03f9172cSAndroid Build Coastguard Worker * 211*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 212*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 213*03f9172cSAndroid Build Coastguard Worker * to implement this. 214*03f9172cSAndroid Build Coastguard Worker */ 215*03f9172cSAndroid Build Coastguard Worker int crypto_hash_finish(struct crypto_hash *ctx, u8 *hash, size_t *len); 216*03f9172cSAndroid Build Coastguard Worker 217*03f9172cSAndroid Build Coastguard Worker 218*03f9172cSAndroid Build Coastguard Worker enum crypto_cipher_alg { 219*03f9172cSAndroid Build Coastguard Worker CRYPTO_CIPHER_NULL = 0, CRYPTO_CIPHER_ALG_AES, CRYPTO_CIPHER_ALG_3DES, 220*03f9172cSAndroid Build Coastguard Worker CRYPTO_CIPHER_ALG_DES, CRYPTO_CIPHER_ALG_RC2, CRYPTO_CIPHER_ALG_RC4 221*03f9172cSAndroid Build Coastguard Worker }; 222*03f9172cSAndroid Build Coastguard Worker 223*03f9172cSAndroid Build Coastguard Worker struct crypto_cipher; 224*03f9172cSAndroid Build Coastguard Worker 225*03f9172cSAndroid Build Coastguard Worker /** 226*03f9172cSAndroid Build Coastguard Worker * crypto_cipher_init - Initialize block/stream cipher function 227*03f9172cSAndroid Build Coastguard Worker * @alg: Cipher algorithm 228*03f9172cSAndroid Build Coastguard Worker * @iv: Initialization vector for block ciphers or %NULL for stream ciphers 229*03f9172cSAndroid Build Coastguard Worker * @key: Cipher key 230*03f9172cSAndroid Build Coastguard Worker * @key_len: Length of key in bytes 231*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to cipher context to use with other cipher functions or 232*03f9172cSAndroid Build Coastguard Worker * %NULL on failure 233*03f9172cSAndroid Build Coastguard Worker * 234*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 235*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 236*03f9172cSAndroid Build Coastguard Worker * to implement this. 237*03f9172cSAndroid Build Coastguard Worker */ 238*03f9172cSAndroid Build Coastguard Worker struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, 239*03f9172cSAndroid Build Coastguard Worker const u8 *iv, const u8 *key, 240*03f9172cSAndroid Build Coastguard Worker size_t key_len); 241*03f9172cSAndroid Build Coastguard Worker 242*03f9172cSAndroid Build Coastguard Worker /** 243*03f9172cSAndroid Build Coastguard Worker * crypto_cipher_encrypt - Cipher encrypt 244*03f9172cSAndroid Build Coastguard Worker * @ctx: Context pointer from crypto_cipher_init() 245*03f9172cSAndroid Build Coastguard Worker * @plain: Plaintext to cipher 246*03f9172cSAndroid Build Coastguard Worker * @crypt: Resulting ciphertext 247*03f9172cSAndroid Build Coastguard Worker * @len: Length of the plaintext 248*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 249*03f9172cSAndroid Build Coastguard Worker * 250*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 251*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 252*03f9172cSAndroid Build Coastguard Worker * to implement this. 253*03f9172cSAndroid Build Coastguard Worker */ 254*03f9172cSAndroid Build Coastguard Worker int __must_check crypto_cipher_encrypt(struct crypto_cipher *ctx, 255*03f9172cSAndroid Build Coastguard Worker const u8 *plain, u8 *crypt, size_t len); 256*03f9172cSAndroid Build Coastguard Worker 257*03f9172cSAndroid Build Coastguard Worker /** 258*03f9172cSAndroid Build Coastguard Worker * crypto_cipher_decrypt - Cipher decrypt 259*03f9172cSAndroid Build Coastguard Worker * @ctx: Context pointer from crypto_cipher_init() 260*03f9172cSAndroid Build Coastguard Worker * @crypt: Ciphertext to decrypt 261*03f9172cSAndroid Build Coastguard Worker * @plain: Resulting plaintext 262*03f9172cSAndroid Build Coastguard Worker * @len: Length of the cipher text 263*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 264*03f9172cSAndroid Build Coastguard Worker * 265*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 266*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 267*03f9172cSAndroid Build Coastguard Worker * to implement this. 268*03f9172cSAndroid Build Coastguard Worker */ 269*03f9172cSAndroid Build Coastguard Worker int __must_check crypto_cipher_decrypt(struct crypto_cipher *ctx, 270*03f9172cSAndroid Build Coastguard Worker const u8 *crypt, u8 *plain, size_t len); 271*03f9172cSAndroid Build Coastguard Worker 272*03f9172cSAndroid Build Coastguard Worker /** 273*03f9172cSAndroid Build Coastguard Worker * crypto_cipher_decrypt - Free cipher context 274*03f9172cSAndroid Build Coastguard Worker * @ctx: Context pointer from crypto_cipher_init() 275*03f9172cSAndroid Build Coastguard Worker * 276*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 277*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 278*03f9172cSAndroid Build Coastguard Worker * to implement this. 279*03f9172cSAndroid Build Coastguard Worker */ 280*03f9172cSAndroid Build Coastguard Worker void crypto_cipher_deinit(struct crypto_cipher *ctx); 281*03f9172cSAndroid Build Coastguard Worker 282*03f9172cSAndroid Build Coastguard Worker 283*03f9172cSAndroid Build Coastguard Worker struct crypto_public_key; 284*03f9172cSAndroid Build Coastguard Worker struct crypto_private_key; 285*03f9172cSAndroid Build Coastguard Worker 286*03f9172cSAndroid Build Coastguard Worker /** 287*03f9172cSAndroid Build Coastguard Worker * crypto_public_key_import - Import an RSA public key 288*03f9172cSAndroid Build Coastguard Worker * @key: Key buffer (DER encoded RSA public key) 289*03f9172cSAndroid Build Coastguard Worker * @len: Key buffer length in bytes 290*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to the public key or %NULL on failure 291*03f9172cSAndroid Build Coastguard Worker * 292*03f9172cSAndroid Build Coastguard Worker * This function can just return %NULL if the crypto library supports X.509 293*03f9172cSAndroid Build Coastguard Worker * parsing. In that case, crypto_public_key_from_cert() is used to import the 294*03f9172cSAndroid Build Coastguard Worker * public key from a certificate. 295*03f9172cSAndroid Build Coastguard Worker * 296*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 297*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 298*03f9172cSAndroid Build Coastguard Worker * to implement this. 299*03f9172cSAndroid Build Coastguard Worker */ 300*03f9172cSAndroid Build Coastguard Worker struct crypto_public_key * crypto_public_key_import(const u8 *key, size_t len); 301*03f9172cSAndroid Build Coastguard Worker 302*03f9172cSAndroid Build Coastguard Worker struct crypto_public_key * 303*03f9172cSAndroid Build Coastguard Worker crypto_public_key_import_parts(const u8 *n, size_t n_len, 304*03f9172cSAndroid Build Coastguard Worker const u8 *e, size_t e_len); 305*03f9172cSAndroid Build Coastguard Worker 306*03f9172cSAndroid Build Coastguard Worker /** 307*03f9172cSAndroid Build Coastguard Worker * crypto_private_key_import - Import an RSA private key 308*03f9172cSAndroid Build Coastguard Worker * @key: Key buffer (DER encoded RSA private key) 309*03f9172cSAndroid Build Coastguard Worker * @len: Key buffer length in bytes 310*03f9172cSAndroid Build Coastguard Worker * @passwd: Key encryption password or %NULL if key is not encrypted 311*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to the private key or %NULL on failure 312*03f9172cSAndroid Build Coastguard Worker * 313*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 314*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 315*03f9172cSAndroid Build Coastguard Worker * to implement this. 316*03f9172cSAndroid Build Coastguard Worker */ 317*03f9172cSAndroid Build Coastguard Worker struct crypto_private_key * crypto_private_key_import(const u8 *key, 318*03f9172cSAndroid Build Coastguard Worker size_t len, 319*03f9172cSAndroid Build Coastguard Worker const char *passwd); 320*03f9172cSAndroid Build Coastguard Worker 321*03f9172cSAndroid Build Coastguard Worker /** 322*03f9172cSAndroid Build Coastguard Worker * crypto_public_key_from_cert - Import an RSA public key from a certificate 323*03f9172cSAndroid Build Coastguard Worker * @buf: DER encoded X.509 certificate 324*03f9172cSAndroid Build Coastguard Worker * @len: Certificate buffer length in bytes 325*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to public key or %NULL on failure 326*03f9172cSAndroid Build Coastguard Worker * 327*03f9172cSAndroid Build Coastguard Worker * This function can just return %NULL if the crypto library does not support 328*03f9172cSAndroid Build Coastguard Worker * X.509 parsing. In that case, internal code will be used to parse the 329*03f9172cSAndroid Build Coastguard Worker * certificate and public key is imported using crypto_public_key_import(). 330*03f9172cSAndroid Build Coastguard Worker * 331*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 332*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 333*03f9172cSAndroid Build Coastguard Worker * to implement this. 334*03f9172cSAndroid Build Coastguard Worker */ 335*03f9172cSAndroid Build Coastguard Worker struct crypto_public_key * crypto_public_key_from_cert(const u8 *buf, 336*03f9172cSAndroid Build Coastguard Worker size_t len); 337*03f9172cSAndroid Build Coastguard Worker 338*03f9172cSAndroid Build Coastguard Worker /** 339*03f9172cSAndroid Build Coastguard Worker * crypto_public_key_encrypt_pkcs1_v15 - Public key encryption (PKCS #1 v1.5) 340*03f9172cSAndroid Build Coastguard Worker * @key: Public key 341*03f9172cSAndroid Build Coastguard Worker * @in: Plaintext buffer 342*03f9172cSAndroid Build Coastguard Worker * @inlen: Length of plaintext buffer in bytes 343*03f9172cSAndroid Build Coastguard Worker * @out: Output buffer for encrypted data 344*03f9172cSAndroid Build Coastguard Worker * @outlen: Length of output buffer in bytes; set to used length on success 345*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 346*03f9172cSAndroid Build Coastguard Worker * 347*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 348*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 349*03f9172cSAndroid Build Coastguard Worker * to implement this. 350*03f9172cSAndroid Build Coastguard Worker */ 351*03f9172cSAndroid Build Coastguard Worker int __must_check crypto_public_key_encrypt_pkcs1_v15( 352*03f9172cSAndroid Build Coastguard Worker struct crypto_public_key *key, const u8 *in, size_t inlen, 353*03f9172cSAndroid Build Coastguard Worker u8 *out, size_t *outlen); 354*03f9172cSAndroid Build Coastguard Worker 355*03f9172cSAndroid Build Coastguard Worker /** 356*03f9172cSAndroid Build Coastguard Worker * crypto_private_key_decrypt_pkcs1_v15 - Private key decryption (PKCS #1 v1.5) 357*03f9172cSAndroid Build Coastguard Worker * @key: Private key 358*03f9172cSAndroid Build Coastguard Worker * @in: Encrypted buffer 359*03f9172cSAndroid Build Coastguard Worker * @inlen: Length of encrypted buffer in bytes 360*03f9172cSAndroid Build Coastguard Worker * @out: Output buffer for encrypted data 361*03f9172cSAndroid Build Coastguard Worker * @outlen: Length of output buffer in bytes; set to used length on success 362*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 363*03f9172cSAndroid Build Coastguard Worker * 364*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 365*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 366*03f9172cSAndroid Build Coastguard Worker * to implement this. 367*03f9172cSAndroid Build Coastguard Worker */ 368*03f9172cSAndroid Build Coastguard Worker int __must_check crypto_private_key_decrypt_pkcs1_v15( 369*03f9172cSAndroid Build Coastguard Worker struct crypto_private_key *key, const u8 *in, size_t inlen, 370*03f9172cSAndroid Build Coastguard Worker u8 *out, size_t *outlen); 371*03f9172cSAndroid Build Coastguard Worker 372*03f9172cSAndroid Build Coastguard Worker /** 373*03f9172cSAndroid Build Coastguard Worker * crypto_private_key_sign_pkcs1 - Sign with private key (PKCS #1) 374*03f9172cSAndroid Build Coastguard Worker * @key: Private key from crypto_private_key_import() 375*03f9172cSAndroid Build Coastguard Worker * @in: Plaintext buffer 376*03f9172cSAndroid Build Coastguard Worker * @inlen: Length of plaintext buffer in bytes 377*03f9172cSAndroid Build Coastguard Worker * @out: Output buffer for encrypted (signed) data 378*03f9172cSAndroid Build Coastguard Worker * @outlen: Length of output buffer in bytes; set to used length on success 379*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 380*03f9172cSAndroid Build Coastguard Worker * 381*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 382*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 383*03f9172cSAndroid Build Coastguard Worker * to implement this. 384*03f9172cSAndroid Build Coastguard Worker */ 385*03f9172cSAndroid Build Coastguard Worker int __must_check crypto_private_key_sign_pkcs1(struct crypto_private_key *key, 386*03f9172cSAndroid Build Coastguard Worker const u8 *in, size_t inlen, 387*03f9172cSAndroid Build Coastguard Worker u8 *out, size_t *outlen); 388*03f9172cSAndroid Build Coastguard Worker 389*03f9172cSAndroid Build Coastguard Worker /** 390*03f9172cSAndroid Build Coastguard Worker * crypto_public_key_free - Free public key 391*03f9172cSAndroid Build Coastguard Worker * @key: Public key 392*03f9172cSAndroid Build Coastguard Worker * 393*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 394*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 395*03f9172cSAndroid Build Coastguard Worker * to implement this. 396*03f9172cSAndroid Build Coastguard Worker */ 397*03f9172cSAndroid Build Coastguard Worker void crypto_public_key_free(struct crypto_public_key *key); 398*03f9172cSAndroid Build Coastguard Worker 399*03f9172cSAndroid Build Coastguard Worker /** 400*03f9172cSAndroid Build Coastguard Worker * crypto_private_key_free - Free private key 401*03f9172cSAndroid Build Coastguard Worker * @key: Private key from crypto_private_key_import() 402*03f9172cSAndroid Build Coastguard Worker * 403*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 404*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 405*03f9172cSAndroid Build Coastguard Worker * to implement this. 406*03f9172cSAndroid Build Coastguard Worker */ 407*03f9172cSAndroid Build Coastguard Worker void crypto_private_key_free(struct crypto_private_key *key); 408*03f9172cSAndroid Build Coastguard Worker 409*03f9172cSAndroid Build Coastguard Worker /** 410*03f9172cSAndroid Build Coastguard Worker * crypto_public_key_decrypt_pkcs1 - Decrypt PKCS #1 signature 411*03f9172cSAndroid Build Coastguard Worker * @key: Public key 412*03f9172cSAndroid Build Coastguard Worker * @crypt: Encrypted signature data (using the private key) 413*03f9172cSAndroid Build Coastguard Worker * @crypt_len: Encrypted signature data length 414*03f9172cSAndroid Build Coastguard Worker * @plain: Buffer for plaintext (at least crypt_len bytes) 415*03f9172cSAndroid Build Coastguard Worker * @plain_len: Plaintext length (max buffer size on input, real len on output); 416*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 417*03f9172cSAndroid Build Coastguard Worker */ 418*03f9172cSAndroid Build Coastguard Worker int __must_check crypto_public_key_decrypt_pkcs1( 419*03f9172cSAndroid Build Coastguard Worker struct crypto_public_key *key, const u8 *crypt, size_t crypt_len, 420*03f9172cSAndroid Build Coastguard Worker u8 *plain, size_t *plain_len); 421*03f9172cSAndroid Build Coastguard Worker 422*03f9172cSAndroid Build Coastguard Worker int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey, 423*03f9172cSAndroid Build Coastguard Worker u8 *pubkey); 424*03f9172cSAndroid Build Coastguard Worker int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len, 425*03f9172cSAndroid Build Coastguard Worker const u8 *order, size_t order_len, 426*03f9172cSAndroid Build Coastguard Worker const u8 *privkey, size_t privkey_len, 427*03f9172cSAndroid Build Coastguard Worker const u8 *pubkey, size_t pubkey_len, 428*03f9172cSAndroid Build Coastguard Worker u8 *secret, size_t *len); 429*03f9172cSAndroid Build Coastguard Worker 430*03f9172cSAndroid Build Coastguard Worker /** 431*03f9172cSAndroid Build Coastguard Worker * crypto_global_init - Initialize crypto wrapper 432*03f9172cSAndroid Build Coastguard Worker * 433*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 434*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 435*03f9172cSAndroid Build Coastguard Worker * to implement this. 436*03f9172cSAndroid Build Coastguard Worker */ 437*03f9172cSAndroid Build Coastguard Worker int __must_check crypto_global_init(void); 438*03f9172cSAndroid Build Coastguard Worker 439*03f9172cSAndroid Build Coastguard Worker /** 440*03f9172cSAndroid Build Coastguard Worker * crypto_global_deinit - Deinitialize crypto wrapper 441*03f9172cSAndroid Build Coastguard Worker * 442*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 443*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 444*03f9172cSAndroid Build Coastguard Worker * to implement this. 445*03f9172cSAndroid Build Coastguard Worker */ 446*03f9172cSAndroid Build Coastguard Worker void crypto_global_deinit(void); 447*03f9172cSAndroid Build Coastguard Worker 448*03f9172cSAndroid Build Coastguard Worker /** 449*03f9172cSAndroid Build Coastguard Worker * crypto_mod_exp - Modular exponentiation of large integers 450*03f9172cSAndroid Build Coastguard Worker * @base: Base integer (big endian byte array) 451*03f9172cSAndroid Build Coastguard Worker * @base_len: Length of base integer in bytes 452*03f9172cSAndroid Build Coastguard Worker * @power: Power integer (big endian byte array) 453*03f9172cSAndroid Build Coastguard Worker * @power_len: Length of power integer in bytes 454*03f9172cSAndroid Build Coastguard Worker * @modulus: Modulus integer (big endian byte array) 455*03f9172cSAndroid Build Coastguard Worker * @modulus_len: Length of modulus integer in bytes 456*03f9172cSAndroid Build Coastguard Worker * @result: Buffer for the result 457*03f9172cSAndroid Build Coastguard Worker * @result_len: Result length (max buffer size on input, real len on output) 458*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 459*03f9172cSAndroid Build Coastguard Worker * 460*03f9172cSAndroid Build Coastguard Worker * This function calculates result = base ^ power mod modulus. modules_len is 461*03f9172cSAndroid Build Coastguard Worker * used as the maximum size of modulus buffer. It is set to the used size on 462*03f9172cSAndroid Build Coastguard Worker * success. 463*03f9172cSAndroid Build Coastguard Worker * 464*03f9172cSAndroid Build Coastguard Worker * This function is only used with internal TLSv1 implementation 465*03f9172cSAndroid Build Coastguard Worker * (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need 466*03f9172cSAndroid Build Coastguard Worker * to implement this. 467*03f9172cSAndroid Build Coastguard Worker */ 468*03f9172cSAndroid Build Coastguard Worker int __must_check crypto_mod_exp(const u8 *base, size_t base_len, 469*03f9172cSAndroid Build Coastguard Worker const u8 *power, size_t power_len, 470*03f9172cSAndroid Build Coastguard Worker const u8 *modulus, size_t modulus_len, 471*03f9172cSAndroid Build Coastguard Worker u8 *result, size_t *result_len); 472*03f9172cSAndroid Build Coastguard Worker 473*03f9172cSAndroid Build Coastguard Worker /** 474*03f9172cSAndroid Build Coastguard Worker * rc4_skip - XOR RC4 stream to given data with skip-stream-start 475*03f9172cSAndroid Build Coastguard Worker * @key: RC4 key 476*03f9172cSAndroid Build Coastguard Worker * @keylen: RC4 key length 477*03f9172cSAndroid Build Coastguard Worker * @skip: number of bytes to skip from the beginning of the RC4 stream 478*03f9172cSAndroid Build Coastguard Worker * @data: data to be XOR'ed with RC4 stream 479*03f9172cSAndroid Build Coastguard Worker * @data_len: buf length 480*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 481*03f9172cSAndroid Build Coastguard Worker * 482*03f9172cSAndroid Build Coastguard Worker * Generate RC4 pseudo random stream for the given key, skip beginning of the 483*03f9172cSAndroid Build Coastguard Worker * stream, and XOR the end result with the data buffer to perform RC4 484*03f9172cSAndroid Build Coastguard Worker * encryption/decryption. 485*03f9172cSAndroid Build Coastguard Worker */ 486*03f9172cSAndroid Build Coastguard Worker int rc4_skip(const u8 *key, size_t keylen, size_t skip, 487*03f9172cSAndroid Build Coastguard Worker u8 *data, size_t data_len); 488*03f9172cSAndroid Build Coastguard Worker 489*03f9172cSAndroid Build Coastguard Worker /** 490*03f9172cSAndroid Build Coastguard Worker * crypto_get_random - Generate cryptographically strong pseudo-random bytes 491*03f9172cSAndroid Build Coastguard Worker * @buf: Buffer for data 492*03f9172cSAndroid Build Coastguard Worker * @len: Number of bytes to generate 493*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 494*03f9172cSAndroid Build Coastguard Worker * 495*03f9172cSAndroid Build Coastguard Worker * If the PRNG does not have enough entropy to ensure unpredictable byte 496*03f9172cSAndroid Build Coastguard Worker * sequence, this functions must return -1. 497*03f9172cSAndroid Build Coastguard Worker */ 498*03f9172cSAndroid Build Coastguard Worker int crypto_get_random(void *buf, size_t len); 499*03f9172cSAndroid Build Coastguard Worker 500*03f9172cSAndroid Build Coastguard Worker /** 501*03f9172cSAndroid Build Coastguard Worker * crypto_pkcs7_get_certificates - Extract X.509 certificates from PKCS#7 data 502*03f9172cSAndroid Build Coastguard Worker * @pkcs7: DER encoded PKCS#7 data 503*03f9172cSAndroid Build Coastguard Worker * Returns: Buffer of the extracted PEM X.509 certificates or %NULL on failure 504*03f9172cSAndroid Build Coastguard Worker */ 505*03f9172cSAndroid Build Coastguard Worker struct wpabuf * crypto_pkcs7_get_certificates(const struct wpabuf *pkcs7); 506*03f9172cSAndroid Build Coastguard Worker 507*03f9172cSAndroid Build Coastguard Worker 508*03f9172cSAndroid Build Coastguard Worker /** 509*03f9172cSAndroid Build Coastguard Worker * struct crypto_bignum - bignum 510*03f9172cSAndroid Build Coastguard Worker * 511*03f9172cSAndroid Build Coastguard Worker * Internal data structure for bignum implementation. The contents is specific 512*03f9172cSAndroid Build Coastguard Worker * to the used crypto library. 513*03f9172cSAndroid Build Coastguard Worker */ 514*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum; 515*03f9172cSAndroid Build Coastguard Worker 516*03f9172cSAndroid Build Coastguard Worker /** 517*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_init - Allocate memory for bignum 518*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to allocated bignum or %NULL on failure 519*03f9172cSAndroid Build Coastguard Worker */ 520*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum * crypto_bignum_init(void); 521*03f9172cSAndroid Build Coastguard Worker 522*03f9172cSAndroid Build Coastguard Worker /** 523*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_init_set - Allocate memory for bignum and set the value 524*03f9172cSAndroid Build Coastguard Worker * @buf: Buffer with unsigned binary value 525*03f9172cSAndroid Build Coastguard Worker * @len: Length of buf in octets 526*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to allocated bignum or %NULL on failure 527*03f9172cSAndroid Build Coastguard Worker */ 528*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum * crypto_bignum_init_set(const u8 *buf, size_t len); 529*03f9172cSAndroid Build Coastguard Worker 530*03f9172cSAndroid Build Coastguard Worker /** 531*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_init_set - Allocate memory for bignum and set the value (uint) 532*03f9172cSAndroid Build Coastguard Worker * @val: Value to set 533*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to allocated bignum or %NULL on failure 534*03f9172cSAndroid Build Coastguard Worker */ 535*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum * crypto_bignum_init_uint(unsigned int val); 536*03f9172cSAndroid Build Coastguard Worker 537*03f9172cSAndroid Build Coastguard Worker /** 538*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_deinit - Free bignum 539*03f9172cSAndroid Build Coastguard Worker * @n: Bignum from crypto_bignum_init() or crypto_bignum_init_set() 540*03f9172cSAndroid Build Coastguard Worker * @clear: Whether to clear the value from memory 541*03f9172cSAndroid Build Coastguard Worker */ 542*03f9172cSAndroid Build Coastguard Worker void crypto_bignum_deinit(struct crypto_bignum *n, int clear); 543*03f9172cSAndroid Build Coastguard Worker 544*03f9172cSAndroid Build Coastguard Worker /** 545*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_to_bin - Set binary buffer to unsigned bignum 546*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 547*03f9172cSAndroid Build Coastguard Worker * @buf: Buffer for the binary number 548*03f9172cSAndroid Build Coastguard Worker * @len: Length of @buf in octets 549*03f9172cSAndroid Build Coastguard Worker * @padlen: Length in octets to pad the result to or 0 to indicate no padding 550*03f9172cSAndroid Build Coastguard Worker * Returns: Number of octets written on success, -1 on failure 551*03f9172cSAndroid Build Coastguard Worker */ 552*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_to_bin(const struct crypto_bignum *a, 553*03f9172cSAndroid Build Coastguard Worker u8 *buf, size_t buflen, size_t padlen); 554*03f9172cSAndroid Build Coastguard Worker 555*03f9172cSAndroid Build Coastguard Worker /** 556*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_rand - Create a random number in range of modulus 557*03f9172cSAndroid Build Coastguard Worker * @r: Bignum; set to a random value 558*03f9172cSAndroid Build Coastguard Worker * @m: Bignum; modulus 559*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 560*03f9172cSAndroid Build Coastguard Worker */ 561*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_rand(struct crypto_bignum *r, const struct crypto_bignum *m); 562*03f9172cSAndroid Build Coastguard Worker 563*03f9172cSAndroid Build Coastguard Worker /** 564*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_add - c = a + b 565*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 566*03f9172cSAndroid Build Coastguard Worker * @b: Bignum 567*03f9172cSAndroid Build Coastguard Worker * @c: Bignum; used to store the result of a + b 568*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 569*03f9172cSAndroid Build Coastguard Worker */ 570*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_add(const struct crypto_bignum *a, 571*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *b, 572*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum *c); 573*03f9172cSAndroid Build Coastguard Worker 574*03f9172cSAndroid Build Coastguard Worker /** 575*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_mod - c = a % b 576*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 577*03f9172cSAndroid Build Coastguard Worker * @b: Bignum 578*03f9172cSAndroid Build Coastguard Worker * @c: Bignum; used to store the result of a % b 579*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 580*03f9172cSAndroid Build Coastguard Worker */ 581*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_mod(const struct crypto_bignum *a, 582*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *b, 583*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum *c); 584*03f9172cSAndroid Build Coastguard Worker 585*03f9172cSAndroid Build Coastguard Worker /** 586*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_exptmod - Modular exponentiation: d = a^b (mod c) 587*03f9172cSAndroid Build Coastguard Worker * @a: Bignum; base 588*03f9172cSAndroid Build Coastguard Worker * @b: Bignum; exponent 589*03f9172cSAndroid Build Coastguard Worker * @c: Bignum; modulus 590*03f9172cSAndroid Build Coastguard Worker * @d: Bignum; used to store the result of a^b (mod c) 591*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 592*03f9172cSAndroid Build Coastguard Worker */ 593*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_exptmod(const struct crypto_bignum *a, 594*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *b, 595*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *c, 596*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum *d); 597*03f9172cSAndroid Build Coastguard Worker 598*03f9172cSAndroid Build Coastguard Worker /** 599*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_inverse - Inverse a bignum so that a * c = 1 (mod b) 600*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 601*03f9172cSAndroid Build Coastguard Worker * @b: Bignum 602*03f9172cSAndroid Build Coastguard Worker * @c: Bignum; used to store the result 603*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 604*03f9172cSAndroid Build Coastguard Worker */ 605*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_inverse(const struct crypto_bignum *a, 606*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *b, 607*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum *c); 608*03f9172cSAndroid Build Coastguard Worker 609*03f9172cSAndroid Build Coastguard Worker /** 610*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_sub - c = a - b 611*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 612*03f9172cSAndroid Build Coastguard Worker * @b: Bignum 613*03f9172cSAndroid Build Coastguard Worker * @c: Bignum; used to store the result of a - b 614*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 615*03f9172cSAndroid Build Coastguard Worker */ 616*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_sub(const struct crypto_bignum *a, 617*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *b, 618*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum *c); 619*03f9172cSAndroid Build Coastguard Worker 620*03f9172cSAndroid Build Coastguard Worker /** 621*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_div - c = a / b 622*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 623*03f9172cSAndroid Build Coastguard Worker * @b: Bignum 624*03f9172cSAndroid Build Coastguard Worker * @c: Bignum; used to store the result of a / b 625*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 626*03f9172cSAndroid Build Coastguard Worker */ 627*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_div(const struct crypto_bignum *a, 628*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *b, 629*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum *c); 630*03f9172cSAndroid Build Coastguard Worker 631*03f9172cSAndroid Build Coastguard Worker /** 632*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_addmod - d = a + b (mod c) 633*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 634*03f9172cSAndroid Build Coastguard Worker * @b: Bignum 635*03f9172cSAndroid Build Coastguard Worker * @c: Bignum 636*03f9172cSAndroid Build Coastguard Worker * @d: Bignum; used to store the result of (a + b) % c 637*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 638*03f9172cSAndroid Build Coastguard Worker */ 639*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_addmod(const struct crypto_bignum *a, 640*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *b, 641*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *c, 642*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum *d); 643*03f9172cSAndroid Build Coastguard Worker 644*03f9172cSAndroid Build Coastguard Worker /** 645*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_mulmod - d = a * b (mod c) 646*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 647*03f9172cSAndroid Build Coastguard Worker * @b: Bignum 648*03f9172cSAndroid Build Coastguard Worker * @c: Bignum 649*03f9172cSAndroid Build Coastguard Worker * @d: Bignum; used to store the result of (a * b) % c 650*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 651*03f9172cSAndroid Build Coastguard Worker */ 652*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_mulmod(const struct crypto_bignum *a, 653*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *b, 654*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *c, 655*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum *d); 656*03f9172cSAndroid Build Coastguard Worker 657*03f9172cSAndroid Build Coastguard Worker /** 658*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_sqrmod - c = a^2 (mod b) 659*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 660*03f9172cSAndroid Build Coastguard Worker * @b: Bignum 661*03f9172cSAndroid Build Coastguard Worker * @c: Bignum; used to store the result of a^2 % b 662*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 663*03f9172cSAndroid Build Coastguard Worker */ 664*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_sqrmod(const struct crypto_bignum *a, 665*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *b, 666*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum *c); 667*03f9172cSAndroid Build Coastguard Worker 668*03f9172cSAndroid Build Coastguard Worker /** 669*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_rshift - r = a >> n 670*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 671*03f9172cSAndroid Build Coastguard Worker * @n: Number of bits 672*03f9172cSAndroid Build Coastguard Worker * @r: Bignum; used to store the result of a >> n 673*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 674*03f9172cSAndroid Build Coastguard Worker */ 675*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_rshift(const struct crypto_bignum *a, int n, 676*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum *r); 677*03f9172cSAndroid Build Coastguard Worker 678*03f9172cSAndroid Build Coastguard Worker /** 679*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_cmp - Compare two bignums 680*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 681*03f9172cSAndroid Build Coastguard Worker * @b: Bignum 682*03f9172cSAndroid Build Coastguard Worker * Returns: -1 if a < b, 0 if a == b, or 1 if a > b 683*03f9172cSAndroid Build Coastguard Worker */ 684*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_cmp(const struct crypto_bignum *a, 685*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *b); 686*03f9172cSAndroid Build Coastguard Worker 687*03f9172cSAndroid Build Coastguard Worker /** 688*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_is_zero - Is the given bignum zero 689*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 690*03f9172cSAndroid Build Coastguard Worker * Returns: 1 if @a is zero or 0 if not 691*03f9172cSAndroid Build Coastguard Worker */ 692*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_is_zero(const struct crypto_bignum *a); 693*03f9172cSAndroid Build Coastguard Worker 694*03f9172cSAndroid Build Coastguard Worker /** 695*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_is_one - Is the given bignum one 696*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 697*03f9172cSAndroid Build Coastguard Worker * Returns: 1 if @a is one or 0 if not 698*03f9172cSAndroid Build Coastguard Worker */ 699*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_is_one(const struct crypto_bignum *a); 700*03f9172cSAndroid Build Coastguard Worker 701*03f9172cSAndroid Build Coastguard Worker /** 702*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_is_odd - Is the given bignum odd 703*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 704*03f9172cSAndroid Build Coastguard Worker * Returns: 1 if @a is odd or 0 if not 705*03f9172cSAndroid Build Coastguard Worker */ 706*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_is_odd(const struct crypto_bignum *a); 707*03f9172cSAndroid Build Coastguard Worker 708*03f9172cSAndroid Build Coastguard Worker /** 709*03f9172cSAndroid Build Coastguard Worker * crypto_bignum_legendre - Compute the Legendre symbol (a/p) 710*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 711*03f9172cSAndroid Build Coastguard Worker * @p: Bignum 712*03f9172cSAndroid Build Coastguard Worker * Returns: Legendre symbol -1,0,1 on success; -2 on calculation failure 713*03f9172cSAndroid Build Coastguard Worker */ 714*03f9172cSAndroid Build Coastguard Worker int crypto_bignum_legendre(const struct crypto_bignum *a, 715*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *p); 716*03f9172cSAndroid Build Coastguard Worker 717*03f9172cSAndroid Build Coastguard Worker /** 718*03f9172cSAndroid Build Coastguard Worker * struct crypto_ec - Elliptic curve context 719*03f9172cSAndroid Build Coastguard Worker * 720*03f9172cSAndroid Build Coastguard Worker * Internal data structure for EC implementation. The contents is specific 721*03f9172cSAndroid Build Coastguard Worker * to the used crypto library. 722*03f9172cSAndroid Build Coastguard Worker */ 723*03f9172cSAndroid Build Coastguard Worker struct crypto_ec; 724*03f9172cSAndroid Build Coastguard Worker 725*03f9172cSAndroid Build Coastguard Worker /** 726*03f9172cSAndroid Build Coastguard Worker * struct crypto_ec_point - Elliptic curve point 727*03f9172cSAndroid Build Coastguard Worker * 728*03f9172cSAndroid Build Coastguard Worker * Internal data structure for EC implementation to represent a point. The 729*03f9172cSAndroid Build Coastguard Worker * contents is specific to the used crypto library. 730*03f9172cSAndroid Build Coastguard Worker */ 731*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_point; 732*03f9172cSAndroid Build Coastguard Worker 733*03f9172cSAndroid Build Coastguard Worker /** 734*03f9172cSAndroid Build Coastguard Worker * crypto_ec_init - Initialize elliptic curve context 735*03f9172cSAndroid Build Coastguard Worker * @group: Identifying number for the ECC group (IANA "Group Description" 736*03f9172cSAndroid Build Coastguard Worker * attribute registrty for RFC 2409) 737*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to EC context or %NULL on failure 738*03f9172cSAndroid Build Coastguard Worker */ 739*03f9172cSAndroid Build Coastguard Worker struct crypto_ec * crypto_ec_init(int group); 740*03f9172cSAndroid Build Coastguard Worker 741*03f9172cSAndroid Build Coastguard Worker /** 742*03f9172cSAndroid Build Coastguard Worker * crypto_ec_deinit - Deinitialize elliptic curve context 743*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 744*03f9172cSAndroid Build Coastguard Worker */ 745*03f9172cSAndroid Build Coastguard Worker void crypto_ec_deinit(struct crypto_ec *e); 746*03f9172cSAndroid Build Coastguard Worker 747*03f9172cSAndroid Build Coastguard Worker /** 748*03f9172cSAndroid Build Coastguard Worker * crypto_ec_prime_len - Get length of the prime in octets 749*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 750*03f9172cSAndroid Build Coastguard Worker * Returns: Length of the prime defining the group 751*03f9172cSAndroid Build Coastguard Worker */ 752*03f9172cSAndroid Build Coastguard Worker size_t crypto_ec_prime_len(struct crypto_ec *e); 753*03f9172cSAndroid Build Coastguard Worker 754*03f9172cSAndroid Build Coastguard Worker /** 755*03f9172cSAndroid Build Coastguard Worker * crypto_ec_prime_len_bits - Get length of the prime in bits 756*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 757*03f9172cSAndroid Build Coastguard Worker * Returns: Length of the prime defining the group in bits 758*03f9172cSAndroid Build Coastguard Worker */ 759*03f9172cSAndroid Build Coastguard Worker size_t crypto_ec_prime_len_bits(struct crypto_ec *e); 760*03f9172cSAndroid Build Coastguard Worker 761*03f9172cSAndroid Build Coastguard Worker /** 762*03f9172cSAndroid Build Coastguard Worker * crypto_ec_order_len - Get length of the order in octets 763*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 764*03f9172cSAndroid Build Coastguard Worker * Returns: Length of the order defining the group 765*03f9172cSAndroid Build Coastguard Worker */ 766*03f9172cSAndroid Build Coastguard Worker size_t crypto_ec_order_len(struct crypto_ec *e); 767*03f9172cSAndroid Build Coastguard Worker 768*03f9172cSAndroid Build Coastguard Worker /** 769*03f9172cSAndroid Build Coastguard Worker * crypto_ec_get_prime - Get prime defining an EC group 770*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 771*03f9172cSAndroid Build Coastguard Worker * Returns: Prime (bignum) defining the group 772*03f9172cSAndroid Build Coastguard Worker */ 773*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum * crypto_ec_get_prime(struct crypto_ec *e); 774*03f9172cSAndroid Build Coastguard Worker 775*03f9172cSAndroid Build Coastguard Worker /** 776*03f9172cSAndroid Build Coastguard Worker * crypto_ec_get_order - Get order of an EC group 777*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 778*03f9172cSAndroid Build Coastguard Worker * Returns: Order (bignum) of the group 779*03f9172cSAndroid Build Coastguard Worker */ 780*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum * crypto_ec_get_order(struct crypto_ec *e); 781*03f9172cSAndroid Build Coastguard Worker 782*03f9172cSAndroid Build Coastguard Worker /** 783*03f9172cSAndroid Build Coastguard Worker * crypto_ec_get_a - Get 'a' coefficient of an EC group's curve 784*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 785*03f9172cSAndroid Build Coastguard Worker * Returns: 'a' coefficient (bignum) of the group 786*03f9172cSAndroid Build Coastguard Worker */ 787*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum * crypto_ec_get_a(struct crypto_ec *e); 788*03f9172cSAndroid Build Coastguard Worker 789*03f9172cSAndroid Build Coastguard Worker /** 790*03f9172cSAndroid Build Coastguard Worker * crypto_ec_get_b - Get 'b' coeffiecient of an EC group's curve 791*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 792*03f9172cSAndroid Build Coastguard Worker * Returns: 'b' coefficient (bignum) of the group 793*03f9172cSAndroid Build Coastguard Worker */ 794*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum * crypto_ec_get_b(struct crypto_ec *e); 795*03f9172cSAndroid Build Coastguard Worker 796*03f9172cSAndroid Build Coastguard Worker /** 797*03f9172cSAndroid Build Coastguard Worker * crypto_ec_get_generator - Get generator point of the EC group's curve 798*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 799*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to generator point 800*03f9172cSAndroid Build Coastguard Worker */ 801*03f9172cSAndroid Build Coastguard Worker const struct crypto_ec_point * crypto_ec_get_generator(struct crypto_ec *e); 802*03f9172cSAndroid Build Coastguard Worker 803*03f9172cSAndroid Build Coastguard Worker /** 804*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_init - Initialize data for an EC point 805*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 806*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to EC point data or %NULL on failure 807*03f9172cSAndroid Build Coastguard Worker */ 808*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_point * crypto_ec_point_init(struct crypto_ec *e); 809*03f9172cSAndroid Build Coastguard Worker 810*03f9172cSAndroid Build Coastguard Worker /** 811*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_deinit - Deinitialize EC point data 812*03f9172cSAndroid Build Coastguard Worker * @p: EC point data from crypto_ec_point_init() 813*03f9172cSAndroid Build Coastguard Worker * @clear: Whether to clear the EC point value from memory 814*03f9172cSAndroid Build Coastguard Worker */ 815*03f9172cSAndroid Build Coastguard Worker void crypto_ec_point_deinit(struct crypto_ec_point *p, int clear); 816*03f9172cSAndroid Build Coastguard Worker 817*03f9172cSAndroid Build Coastguard Worker /** 818*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_x - Copies the x-ordinate point into big number 819*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 820*03f9172cSAndroid Build Coastguard Worker * @p: EC point data 821*03f9172cSAndroid Build Coastguard Worker * @x: Big number to set to the copy of x-ordinate 822*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 823*03f9172cSAndroid Build Coastguard Worker */ 824*03f9172cSAndroid Build Coastguard Worker int crypto_ec_point_x(struct crypto_ec *e, const struct crypto_ec_point *p, 825*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum *x); 826*03f9172cSAndroid Build Coastguard Worker 827*03f9172cSAndroid Build Coastguard Worker /** 828*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_to_bin - Write EC point value as binary data 829*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 830*03f9172cSAndroid Build Coastguard Worker * @p: EC point data from crypto_ec_point_init() 831*03f9172cSAndroid Build Coastguard Worker * @x: Buffer for writing the binary data for x coordinate or %NULL if not used 832*03f9172cSAndroid Build Coastguard Worker * @y: Buffer for writing the binary data for y coordinate or %NULL if not used 833*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 834*03f9172cSAndroid Build Coastguard Worker * 835*03f9172cSAndroid Build Coastguard Worker * This function can be used to write an EC point as binary data in a format 836*03f9172cSAndroid Build Coastguard Worker * that has the x and y coordinates in big endian byte order fields padded to 837*03f9172cSAndroid Build Coastguard Worker * the length of the prime defining the group. 838*03f9172cSAndroid Build Coastguard Worker */ 839*03f9172cSAndroid Build Coastguard Worker int crypto_ec_point_to_bin(struct crypto_ec *e, 840*03f9172cSAndroid Build Coastguard Worker const struct crypto_ec_point *point, u8 *x, u8 *y); 841*03f9172cSAndroid Build Coastguard Worker 842*03f9172cSAndroid Build Coastguard Worker /** 843*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_from_bin - Create EC point from binary data 844*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 845*03f9172cSAndroid Build Coastguard Worker * @val: Binary data to read the EC point from 846*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to EC point data or %NULL on failure 847*03f9172cSAndroid Build Coastguard Worker * 848*03f9172cSAndroid Build Coastguard Worker * This function readers x and y coordinates of the EC point from the provided 849*03f9172cSAndroid Build Coastguard Worker * buffer assuming the values are in big endian byte order with fields padded to 850*03f9172cSAndroid Build Coastguard Worker * the length of the prime defining the group. 851*03f9172cSAndroid Build Coastguard Worker */ 852*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_point * crypto_ec_point_from_bin(struct crypto_ec *e, 853*03f9172cSAndroid Build Coastguard Worker const u8 *val); 854*03f9172cSAndroid Build Coastguard Worker 855*03f9172cSAndroid Build Coastguard Worker /** 856*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_add - c = a + b 857*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 858*03f9172cSAndroid Build Coastguard Worker * @a: Bignum 859*03f9172cSAndroid Build Coastguard Worker * @b: Bignum 860*03f9172cSAndroid Build Coastguard Worker * @c: Bignum; used to store the result of a + b 861*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 862*03f9172cSAndroid Build Coastguard Worker */ 863*03f9172cSAndroid Build Coastguard Worker int crypto_ec_point_add(struct crypto_ec *e, const struct crypto_ec_point *a, 864*03f9172cSAndroid Build Coastguard Worker const struct crypto_ec_point *b, 865*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_point *c); 866*03f9172cSAndroid Build Coastguard Worker 867*03f9172cSAndroid Build Coastguard Worker /** 868*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_mul - res = b * p 869*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 870*03f9172cSAndroid Build Coastguard Worker * @p: EC point 871*03f9172cSAndroid Build Coastguard Worker * @b: Bignum 872*03f9172cSAndroid Build Coastguard Worker * @res: EC point; used to store the result of b * p 873*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 874*03f9172cSAndroid Build Coastguard Worker */ 875*03f9172cSAndroid Build Coastguard Worker int crypto_ec_point_mul(struct crypto_ec *e, const struct crypto_ec_point *p, 876*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *b, 877*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_point *res); 878*03f9172cSAndroid Build Coastguard Worker 879*03f9172cSAndroid Build Coastguard Worker /** 880*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_invert - Compute inverse of an EC point 881*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 882*03f9172cSAndroid Build Coastguard Worker * @p: EC point to invert (and result of the operation) 883*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 884*03f9172cSAndroid Build Coastguard Worker */ 885*03f9172cSAndroid Build Coastguard Worker int crypto_ec_point_invert(struct crypto_ec *e, struct crypto_ec_point *p); 886*03f9172cSAndroid Build Coastguard Worker 887*03f9172cSAndroid Build Coastguard Worker /** 888*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_compute_y_sqr - Compute y^2 = x^3 + ax + b 889*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 890*03f9172cSAndroid Build Coastguard Worker * @x: x coordinate 891*03f9172cSAndroid Build Coastguard Worker * Returns: y^2 on success, %NULL failure 892*03f9172cSAndroid Build Coastguard Worker */ 893*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum * 894*03f9172cSAndroid Build Coastguard Worker crypto_ec_point_compute_y_sqr(struct crypto_ec *e, 895*03f9172cSAndroid Build Coastguard Worker const struct crypto_bignum *x); 896*03f9172cSAndroid Build Coastguard Worker 897*03f9172cSAndroid Build Coastguard Worker /** 898*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_is_at_infinity - Check whether EC point is neutral element 899*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 900*03f9172cSAndroid Build Coastguard Worker * @p: EC point 901*03f9172cSAndroid Build Coastguard Worker * Returns: 1 if the specified EC point is the neutral element of the group or 902*03f9172cSAndroid Build Coastguard Worker * 0 if not 903*03f9172cSAndroid Build Coastguard Worker */ 904*03f9172cSAndroid Build Coastguard Worker int crypto_ec_point_is_at_infinity(struct crypto_ec *e, 905*03f9172cSAndroid Build Coastguard Worker const struct crypto_ec_point *p); 906*03f9172cSAndroid Build Coastguard Worker 907*03f9172cSAndroid Build Coastguard Worker /** 908*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_is_on_curve - Check whether EC point is on curve 909*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 910*03f9172cSAndroid Build Coastguard Worker * @p: EC point 911*03f9172cSAndroid Build Coastguard Worker * Returns: 1 if the specified EC point is on the curve or 0 if not 912*03f9172cSAndroid Build Coastguard Worker */ 913*03f9172cSAndroid Build Coastguard Worker int crypto_ec_point_is_on_curve(struct crypto_ec *e, 914*03f9172cSAndroid Build Coastguard Worker const struct crypto_ec_point *p); 915*03f9172cSAndroid Build Coastguard Worker 916*03f9172cSAndroid Build Coastguard Worker /** 917*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_cmp - Compare two EC points 918*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 919*03f9172cSAndroid Build Coastguard Worker * @a: EC point 920*03f9172cSAndroid Build Coastguard Worker * @b: EC point 921*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on equal, non-zero otherwise 922*03f9172cSAndroid Build Coastguard Worker */ 923*03f9172cSAndroid Build Coastguard Worker int crypto_ec_point_cmp(const struct crypto_ec *e, 924*03f9172cSAndroid Build Coastguard Worker const struct crypto_ec_point *a, 925*03f9172cSAndroid Build Coastguard Worker const struct crypto_ec_point *b); 926*03f9172cSAndroid Build Coastguard Worker 927*03f9172cSAndroid Build Coastguard Worker /** 928*03f9172cSAndroid Build Coastguard Worker * crypto_ec_point_debug_print - Dump EC point to debug log 929*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 930*03f9172cSAndroid Build Coastguard Worker * @p: EC point 931*03f9172cSAndroid Build Coastguard Worker * @title: Name of the EC point in the trace 932*03f9172cSAndroid Build Coastguard Worker */ 933*03f9172cSAndroid Build Coastguard Worker void crypto_ec_point_debug_print(const struct crypto_ec *e, 934*03f9172cSAndroid Build Coastguard Worker const struct crypto_ec_point *p, 935*03f9172cSAndroid Build Coastguard Worker const char *title); 936*03f9172cSAndroid Build Coastguard Worker 937*03f9172cSAndroid Build Coastguard Worker /** 938*03f9172cSAndroid Build Coastguard Worker * struct crypto_ec_key - Elliptic curve key pair 939*03f9172cSAndroid Build Coastguard Worker * 940*03f9172cSAndroid Build Coastguard Worker * Internal data structure for EC key pair. The contents is specific to the used 941*03f9172cSAndroid Build Coastguard Worker * crypto library. 942*03f9172cSAndroid Build Coastguard Worker */ 943*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_key; 944*03f9172cSAndroid Build Coastguard Worker 945*03f9172cSAndroid Build Coastguard Worker /** 946*03f9172cSAndroid Build Coastguard Worker * struct crypto_ecdh - Elliptic Curve Diffie–Hellman context 947*03f9172cSAndroid Build Coastguard Worker * 948*03f9172cSAndroid Build Coastguard Worker * Internal data structure for ECDH. The contents is specific to the used 949*03f9172cSAndroid Build Coastguard Worker * crypto library. 950*03f9172cSAndroid Build Coastguard Worker */ 951*03f9172cSAndroid Build Coastguard Worker struct crypto_ecdh; 952*03f9172cSAndroid Build Coastguard Worker 953*03f9172cSAndroid Build Coastguard Worker /** 954*03f9172cSAndroid Build Coastguard Worker * crypto_ecdh_init - Initialize elliptic curve Diffie–Hellman context 955*03f9172cSAndroid Build Coastguard Worker * @group: Identifying number for the ECC group (IANA "Group Description" 956*03f9172cSAndroid Build Coastguard Worker * attribute registry for RFC 2409) 957*03f9172cSAndroid Build Coastguard Worker * This function generates an ephemeral key pair. 958*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to ECDH context or %NULL on failure 959*03f9172cSAndroid Build Coastguard Worker */ 960*03f9172cSAndroid Build Coastguard Worker struct crypto_ecdh * crypto_ecdh_init(int group); 961*03f9172cSAndroid Build Coastguard Worker 962*03f9172cSAndroid Build Coastguard Worker /** 963*03f9172cSAndroid Build Coastguard Worker * crypto_ecdh_init2 - Initialize elliptic curve Diffie–Hellman context with a 964*03f9172cSAndroid Build Coastguard Worker * given EC key 965*03f9172cSAndroid Build Coastguard Worker * @group: Identifying number for the ECC group (IANA "Group Description" 966*03f9172cSAndroid Build Coastguard Worker * attribute registry for RFC 2409) 967*03f9172cSAndroid Build Coastguard Worker * @own_key: Our own EC Key 968*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to ECDH context or %NULL on failure 969*03f9172cSAndroid Build Coastguard Worker */ 970*03f9172cSAndroid Build Coastguard Worker struct crypto_ecdh * crypto_ecdh_init2(int group, 971*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_key *own_key); 972*03f9172cSAndroid Build Coastguard Worker 973*03f9172cSAndroid Build Coastguard Worker /** 974*03f9172cSAndroid Build Coastguard Worker * crypto_ecdh_get_pubkey - Retrieve public key from ECDH context 975*03f9172cSAndroid Build Coastguard Worker * @ecdh: ECDH context from crypto_ecdh_init() or crypto_ecdh_init2() 976*03f9172cSAndroid Build Coastguard Worker * @inc_y: Whether public key should include y coordinate (explicit form) 977*03f9172cSAndroid Build Coastguard Worker * or not (compressed form) 978*03f9172cSAndroid Build Coastguard Worker * Returns: Binary data f the public key or %NULL on failure 979*03f9172cSAndroid Build Coastguard Worker */ 980*03f9172cSAndroid Build Coastguard Worker struct wpabuf * crypto_ecdh_get_pubkey(struct crypto_ecdh *ecdh, int inc_y); 981*03f9172cSAndroid Build Coastguard Worker 982*03f9172cSAndroid Build Coastguard Worker /** 983*03f9172cSAndroid Build Coastguard Worker * crypto_ecdh_set_peerkey - Compute ECDH secret 984*03f9172cSAndroid Build Coastguard Worker * @ecdh: ECDH context from crypto_ecdh_init() or crypto_ecdh_init2() 985*03f9172cSAndroid Build Coastguard Worker * @inc_y: Whether peer's public key includes y coordinate (explicit form) 986*03f9172cSAndroid Build Coastguard Worker * or not (compressed form) 987*03f9172cSAndroid Build Coastguard Worker * @key: Binary data of the peer's public key 988*03f9172cSAndroid Build Coastguard Worker * @len: Length of the @key buffer 989*03f9172cSAndroid Build Coastguard Worker * Returns: Binary data with the EDCH secret or %NULL on failure 990*03f9172cSAndroid Build Coastguard Worker */ 991*03f9172cSAndroid Build Coastguard Worker struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y, 992*03f9172cSAndroid Build Coastguard Worker const u8 *key, size_t len); 993*03f9172cSAndroid Build Coastguard Worker 994*03f9172cSAndroid Build Coastguard Worker /** 995*03f9172cSAndroid Build Coastguard Worker * crypto_ecdh_deinit - Free ECDH context 996*03f9172cSAndroid Build Coastguard Worker * @ecdh: ECDH context from crypto_ecdh_init() or crypto_ecdh_init2() 997*03f9172cSAndroid Build Coastguard Worker */ 998*03f9172cSAndroid Build Coastguard Worker void crypto_ecdh_deinit(struct crypto_ecdh *ecdh); 999*03f9172cSAndroid Build Coastguard Worker 1000*03f9172cSAndroid Build Coastguard Worker /** 1001*03f9172cSAndroid Build Coastguard Worker * crypto_ecdh_prime_len - Get length of the prime in octets 1002*03f9172cSAndroid Build Coastguard Worker * @e: ECDH context from crypto_ecdh_init() 1003*03f9172cSAndroid Build Coastguard Worker * Returns: Length of the prime defining the group 1004*03f9172cSAndroid Build Coastguard Worker */ 1005*03f9172cSAndroid Build Coastguard Worker size_t crypto_ecdh_prime_len(struct crypto_ecdh *ecdh); 1006*03f9172cSAndroid Build Coastguard Worker 1007*03f9172cSAndroid Build Coastguard Worker /** 1008*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_parse_priv - Initialize EC key pair from ECPrivateKey ASN.1 1009*03f9172cSAndroid Build Coastguard Worker * @der: DER encoding of ASN.1 ECPrivateKey 1010*03f9172cSAndroid Build Coastguard Worker * @der_len: Length of @der buffer 1011*03f9172cSAndroid Build Coastguard Worker * Returns: EC key or %NULL on failure 1012*03f9172cSAndroid Build Coastguard Worker */ 1013*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_key * crypto_ec_key_parse_priv(const u8 *der, size_t der_len); 1014*03f9172cSAndroid Build Coastguard Worker 1015*03f9172cSAndroid Build Coastguard Worker /** 1016*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_set_priv - Initialize EC key pair from raw key data 1017*03f9172cSAndroid Build Coastguard Worker * @group: Identifying number for the ECC group 1018*03f9172cSAndroid Build Coastguard Worker * @raw: Raw key data 1019*03f9172cSAndroid Build Coastguard Worker * @raw_len: Length of @raw buffer 1020*03f9172cSAndroid Build Coastguard Worker * Returns: EC key or %NULL on failure 1021*03f9172cSAndroid Build Coastguard Worker */ 1022*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_key * crypto_ec_key_set_priv(int group, 1023*03f9172cSAndroid Build Coastguard Worker const u8 *raw, size_t raw_len); 1024*03f9172cSAndroid Build Coastguard Worker 1025*03f9172cSAndroid Build Coastguard Worker /** 1026*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_parse_pub - Initialize EC key pair from SubjectPublicKeyInfo ASN.1 1027*03f9172cSAndroid Build Coastguard Worker * @der: DER encoding of ASN.1 SubjectPublicKeyInfo 1028*03f9172cSAndroid Build Coastguard Worker * @der_len: Length of @der buffer 1029*03f9172cSAndroid Build Coastguard Worker * Returns: EC key or %NULL on failure 1030*03f9172cSAndroid Build Coastguard Worker */ 1031*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_key * crypto_ec_key_parse_pub(const u8 *der, size_t der_len); 1032*03f9172cSAndroid Build Coastguard Worker 1033*03f9172cSAndroid Build Coastguard Worker /** 1034*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_set_pub - Initialize an EC public key from EC point coordinates 1035*03f9172cSAndroid Build Coastguard Worker * @group: Identifying number for the ECC group 1036*03f9172cSAndroid Build Coastguard Worker * @x: X coordinate of the public key 1037*03f9172cSAndroid Build Coastguard Worker * @y: Y coordinate of the public key 1038*03f9172cSAndroid Build Coastguard Worker * @len: Length of @x and @y buffer 1039*03f9172cSAndroid Build Coastguard Worker * Returns: EC key or %NULL on failure 1040*03f9172cSAndroid Build Coastguard Worker * 1041*03f9172cSAndroid Build Coastguard Worker * This function initialize an EC key from public key coordinates, in big endian 1042*03f9172cSAndroid Build Coastguard Worker * byte order padded to the length of the prime defining the group. 1043*03f9172cSAndroid Build Coastguard Worker */ 1044*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_key * crypto_ec_key_set_pub(int group, const u8 *x, 1045*03f9172cSAndroid Build Coastguard Worker const u8 *y, size_t len); 1046*03f9172cSAndroid Build Coastguard Worker 1047*03f9172cSAndroid Build Coastguard Worker /** 1048*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_set_pub_point - Initialize an EC public key from EC point 1049*03f9172cSAndroid Build Coastguard Worker * @e: EC context from crypto_ec_init() 1050*03f9172cSAndroid Build Coastguard Worker * @pub: Public key point 1051*03f9172cSAndroid Build Coastguard Worker * Returns: EC key or %NULL on failure 1052*03f9172cSAndroid Build Coastguard Worker */ 1053*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_key * 1054*03f9172cSAndroid Build Coastguard Worker crypto_ec_key_set_pub_point(struct crypto_ec *e, 1055*03f9172cSAndroid Build Coastguard Worker const struct crypto_ec_point *pub); 1056*03f9172cSAndroid Build Coastguard Worker 1057*03f9172cSAndroid Build Coastguard Worker /** 1058*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_gen - Generate EC key pair 1059*03f9172cSAndroid Build Coastguard Worker * @group: Identifying number for the ECC group 1060*03f9172cSAndroid Build Coastguard Worker * Returns: EC key or %NULL on failure 1061*03f9172cSAndroid Build Coastguard Worker */ 1062*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_key * crypto_ec_key_gen(int group); 1063*03f9172cSAndroid Build Coastguard Worker 1064*03f9172cSAndroid Build Coastguard Worker /** 1065*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_deinit - Free EC key 1066*03f9172cSAndroid Build Coastguard Worker * @key: EC key from crypto_ec_key_parse_pub/priv() or crypto_ec_key_gen() 1067*03f9172cSAndroid Build Coastguard Worker */ 1068*03f9172cSAndroid Build Coastguard Worker void crypto_ec_key_deinit(struct crypto_ec_key *key); 1069*03f9172cSAndroid Build Coastguard Worker 1070*03f9172cSAndroid Build Coastguard Worker /** 1071*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_get_subject_public_key - Get SubjectPublicKeyInfo ASN.1 for an EC key 1072*03f9172cSAndroid Build Coastguard Worker * @key: EC key from crypto_ec_key_parse/set_pub/priv() or crypto_ec_key_gen() 1073*03f9172cSAndroid Build Coastguard Worker * Returns: Buffer with DER encoding of ASN.1 SubjectPublicKeyInfo using 1074*03f9172cSAndroid Build Coastguard Worker * compressed point format, or %NULL on failure 1075*03f9172cSAndroid Build Coastguard Worker */ 1076*03f9172cSAndroid Build Coastguard Worker struct wpabuf * crypto_ec_key_get_subject_public_key(struct crypto_ec_key *key); 1077*03f9172cSAndroid Build Coastguard Worker 1078*03f9172cSAndroid Build Coastguard Worker /** 1079*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_get_ecprivate_key - Get ECPrivateKey ASN.1 for a EC key 1080*03f9172cSAndroid Build Coastguard Worker * @key: EC key from crypto_ec_key_parse_priv() or crypto_ec_key_gen() 1081*03f9172cSAndroid Build Coastguard Worker * @include_pub: Whether to include public key in the ASN.1 sequence 1082*03f9172cSAndroid Build Coastguard Worker * Returns: Buffer with DER encoding of ASN.1 ECPrivateKey or %NULL on failure 1083*03f9172cSAndroid Build Coastguard Worker */ 1084*03f9172cSAndroid Build Coastguard Worker struct wpabuf * crypto_ec_key_get_ecprivate_key(struct crypto_ec_key *key, 1085*03f9172cSAndroid Build Coastguard Worker bool include_pub); 1086*03f9172cSAndroid Build Coastguard Worker 1087*03f9172cSAndroid Build Coastguard Worker /** 1088*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_get_pubkey_point - Get public key point coordinates 1089*03f9172cSAndroid Build Coastguard Worker * @key: EC key from crypto_ec_key_parse/set_pub() or crypto_ec_key_parse_priv() 1090*03f9172cSAndroid Build Coastguard Worker * @prefix: Whether output buffer should include the octet to indicate 1091*03f9172cSAndroid Build Coastguard Worker * coordinate form (as defined for SubjectPublicKeyInfo) 1092*03f9172cSAndroid Build Coastguard Worker * Returns: Buffer with coordinates of public key in uncompressed form or %NULL 1093*03f9172cSAndroid Build Coastguard Worker * on failure 1094*03f9172cSAndroid Build Coastguard Worker */ 1095*03f9172cSAndroid Build Coastguard Worker struct wpabuf * crypto_ec_key_get_pubkey_point(struct crypto_ec_key *key, 1096*03f9172cSAndroid Build Coastguard Worker int prefix); 1097*03f9172cSAndroid Build Coastguard Worker 1098*03f9172cSAndroid Build Coastguard Worker /** 1099*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_get_public_key - Get EC public key as an EC point 1100*03f9172cSAndroid Build Coastguard Worker * @key: EC key from crypto_ec_key_parse/set_pub() or crypto_ec_key_parse_priv() 1101*03f9172cSAndroid Build Coastguard Worker * Returns: Public key as an EC point or %NULL on failure 1102*03f9172cSAndroid Build Coastguard Worker * 1103*03f9172cSAndroid Build Coastguard Worker * The caller needs to free the returned value with crypto_ec_point_deinit(). 1104*03f9172cSAndroid Build Coastguard Worker */ 1105*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_point * 1106*03f9172cSAndroid Build Coastguard Worker crypto_ec_key_get_public_key(struct crypto_ec_key *key); 1107*03f9172cSAndroid Build Coastguard Worker 1108*03f9172cSAndroid Build Coastguard Worker /** 1109*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_get_private_key - Get EC private key as a bignum 1110*03f9172cSAndroid Build Coastguard Worker * @key: EC key from crypto_ec_key_parse/set_pub() or crypto_ec_key_parse_priv() 1111*03f9172cSAndroid Build Coastguard Worker * Returns: Private key as a bignum or %NULL on failure 1112*03f9172cSAndroid Build Coastguard Worker * 1113*03f9172cSAndroid Build Coastguard Worker * The caller needs to free the returned value with crypto_bignum_deinit(). 1114*03f9172cSAndroid Build Coastguard Worker */ 1115*03f9172cSAndroid Build Coastguard Worker struct crypto_bignum * 1116*03f9172cSAndroid Build Coastguard Worker crypto_ec_key_get_private_key(struct crypto_ec_key *key); 1117*03f9172cSAndroid Build Coastguard Worker 1118*03f9172cSAndroid Build Coastguard Worker /** 1119*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_sign - Sign a buffer with an EC key 1120*03f9172cSAndroid Build Coastguard Worker * @key: EC key from crypto_ec_key_parse_priv() or crypto_ec_key_gen() 1121*03f9172cSAndroid Build Coastguard Worker * @data: Data to sign 1122*03f9172cSAndroid Build Coastguard Worker * @len: Length of @data buffer 1123*03f9172cSAndroid Build Coastguard Worker * Returns: Buffer with DER encoding of ASN.1 Ecdsa-Sig-Value or %NULL on failure 1124*03f9172cSAndroid Build Coastguard Worker */ 1125*03f9172cSAndroid Build Coastguard Worker struct wpabuf * crypto_ec_key_sign(struct crypto_ec_key *key, const u8 *data, 1126*03f9172cSAndroid Build Coastguard Worker size_t len); 1127*03f9172cSAndroid Build Coastguard Worker 1128*03f9172cSAndroid Build Coastguard Worker /** 1129*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_sign_r_s - Sign a buffer with an EC key 1130*03f9172cSAndroid Build Coastguard Worker * @key: EC key from crypto_ec_key_parse_priv() or crypto_ec_key_gen() 1131*03f9172cSAndroid Build Coastguard Worker * @data: Data to sign 1132*03f9172cSAndroid Build Coastguard Worker * @len: Length of @data buffer 1133*03f9172cSAndroid Build Coastguard Worker * Returns: Buffer with the concatenated r and s values. Each value is in big 1134*03f9172cSAndroid Build Coastguard Worker * endian byte order padded to the length of the prime defining the group of 1135*03f9172cSAndroid Build Coastguard Worker * the key. 1136*03f9172cSAndroid Build Coastguard Worker */ 1137*03f9172cSAndroid Build Coastguard Worker struct wpabuf * crypto_ec_key_sign_r_s(struct crypto_ec_key *key, 1138*03f9172cSAndroid Build Coastguard Worker const u8 *data, size_t len); 1139*03f9172cSAndroid Build Coastguard Worker 1140*03f9172cSAndroid Build Coastguard Worker /** 1141*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_verify_signature - Verify ECDSA signature 1142*03f9172cSAndroid Build Coastguard Worker * @key: EC key from crypto_ec_key_parse/set_pub() or crypto_ec_key_gen() 1143*03f9172cSAndroid Build Coastguard Worker * @data: Data to be signed 1144*03f9172cSAndroid Build Coastguard Worker * @len: Length of @data buffer 1145*03f9172cSAndroid Build Coastguard Worker * @sig: DER encoding of ASN.1 Ecdsa-Sig-Value 1146*03f9172cSAndroid Build Coastguard Worker * @sig_len: Length of @sig buffer 1147*03f9172cSAndroid Build Coastguard Worker * Returns: 1 if signature is valid, 0 if signature is invalid and -1 on failure 1148*03f9172cSAndroid Build Coastguard Worker */ 1149*03f9172cSAndroid Build Coastguard Worker int crypto_ec_key_verify_signature(struct crypto_ec_key *key, const u8 *data, 1150*03f9172cSAndroid Build Coastguard Worker size_t len, const u8 *sig, size_t sig_len); 1151*03f9172cSAndroid Build Coastguard Worker 1152*03f9172cSAndroid Build Coastguard Worker /** 1153*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_verify_signature_r_s - Verify signature 1154*03f9172cSAndroid Build Coastguard Worker * @key: EC key from crypto_ec_key_parse/set_pub() or crypto_ec_key_gen() 1155*03f9172cSAndroid Build Coastguard Worker * @data: Data to signed 1156*03f9172cSAndroid Build Coastguard Worker * @len: Length of @data buffer 1157*03f9172cSAndroid Build Coastguard Worker * @r: Binary data, in big endian byte order, of the 'r' field of the ECDSA 1158*03f9172cSAndroid Build Coastguard Worker * signature. 1159*03f9172cSAndroid Build Coastguard Worker * @s: Binary data, in big endian byte order, of the 's' field of the ECDSA 1160*03f9172cSAndroid Build Coastguard Worker * signature. 1161*03f9172cSAndroid Build Coastguard Worker * @r_len: Length of @r buffer 1162*03f9172cSAndroid Build Coastguard Worker * @s_len: Length of @s buffer 1163*03f9172cSAndroid Build Coastguard Worker * Returns: 1 if signature is valid, 0 if signature is invalid, or -1 on failure 1164*03f9172cSAndroid Build Coastguard Worker */ 1165*03f9172cSAndroid Build Coastguard Worker int crypto_ec_key_verify_signature_r_s(struct crypto_ec_key *key, 1166*03f9172cSAndroid Build Coastguard Worker const u8 *data, size_t len, 1167*03f9172cSAndroid Build Coastguard Worker const u8 *r, size_t r_len, 1168*03f9172cSAndroid Build Coastguard Worker const u8 *s, size_t s_len); 1169*03f9172cSAndroid Build Coastguard Worker 1170*03f9172cSAndroid Build Coastguard Worker /** 1171*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_group - Get IANA group identifier for an EC key 1172*03f9172cSAndroid Build Coastguard Worker * @key: EC key from crypto_ec_key_parse/set_pub/priv() or crypto_ec_key_gen() 1173*03f9172cSAndroid Build Coastguard Worker * Returns: IANA group identifier and -1 on failure 1174*03f9172cSAndroid Build Coastguard Worker */ 1175*03f9172cSAndroid Build Coastguard Worker int crypto_ec_key_group(struct crypto_ec_key *key); 1176*03f9172cSAndroid Build Coastguard Worker 1177*03f9172cSAndroid Build Coastguard Worker /** 1178*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_cmp - Compare two EC public keys 1179*03f9172cSAndroid Build Coastguard Worker * @key1: Key 1 1180*03f9172cSAndroid Build Coastguard Worker * @key2: Key 2 1181*03f9172cSAndroid Build Coastguard Worker * Returns: 0 if public keys are identical, -1 otherwise 1182*03f9172cSAndroid Build Coastguard Worker */ 1183*03f9172cSAndroid Build Coastguard Worker int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2); 1184*03f9172cSAndroid Build Coastguard Worker 1185*03f9172cSAndroid Build Coastguard Worker /** 1186*03f9172cSAndroid Build Coastguard Worker * crypto_ec_key_debug_print - Dump EC key to debug log 1187*03f9172cSAndroid Build Coastguard Worker * @key: EC key from crypto_ec_key_parse/set_pub/priv() or crypto_ec_key_gen() 1188*03f9172cSAndroid Build Coastguard Worker * @title: Name of the EC point in the trace 1189*03f9172cSAndroid Build Coastguard Worker */ 1190*03f9172cSAndroid Build Coastguard Worker void crypto_ec_key_debug_print(const struct crypto_ec_key *key, 1191*03f9172cSAndroid Build Coastguard Worker const char *title); 1192*03f9172cSAndroid Build Coastguard Worker 1193*03f9172cSAndroid Build Coastguard Worker /** 1194*03f9172cSAndroid Build Coastguard Worker * struct crypto_csr - Certification Signing Request 1195*03f9172cSAndroid Build Coastguard Worker * 1196*03f9172cSAndroid Build Coastguard Worker * Internal data structure for CSR. The contents is specific to the used 1197*03f9172cSAndroid Build Coastguard Worker * crypto library. 1198*03f9172cSAndroid Build Coastguard Worker * For now it is assumed that only an EC public key can be used 1199*03f9172cSAndroid Build Coastguard Worker */ 1200*03f9172cSAndroid Build Coastguard Worker struct crypto_csr; 1201*03f9172cSAndroid Build Coastguard Worker 1202*03f9172cSAndroid Build Coastguard Worker /** 1203*03f9172cSAndroid Build Coastguard Worker * enum crypto_csr_name - CSR name type 1204*03f9172cSAndroid Build Coastguard Worker */ 1205*03f9172cSAndroid Build Coastguard Worker enum crypto_csr_name { 1206*03f9172cSAndroid Build Coastguard Worker CSR_NAME_CN, 1207*03f9172cSAndroid Build Coastguard Worker CSR_NAME_SN, 1208*03f9172cSAndroid Build Coastguard Worker CSR_NAME_C, 1209*03f9172cSAndroid Build Coastguard Worker CSR_NAME_O, 1210*03f9172cSAndroid Build Coastguard Worker CSR_NAME_OU, 1211*03f9172cSAndroid Build Coastguard Worker }; 1212*03f9172cSAndroid Build Coastguard Worker 1213*03f9172cSAndroid Build Coastguard Worker /** 1214*03f9172cSAndroid Build Coastguard Worker * enum crypto_csr_attr - CSR attribute 1215*03f9172cSAndroid Build Coastguard Worker */ 1216*03f9172cSAndroid Build Coastguard Worker enum crypto_csr_attr { 1217*03f9172cSAndroid Build Coastguard Worker CSR_ATTR_CHALLENGE_PASSWORD, 1218*03f9172cSAndroid Build Coastguard Worker }; 1219*03f9172cSAndroid Build Coastguard Worker 1220*03f9172cSAndroid Build Coastguard Worker /** 1221*03f9172cSAndroid Build Coastguard Worker * crypto_csr_init - Initialize empty CSR 1222*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to CSR data or %NULL on failure 1223*03f9172cSAndroid Build Coastguard Worker */ 1224*03f9172cSAndroid Build Coastguard Worker struct crypto_csr * crypto_csr_init(void); 1225*03f9172cSAndroid Build Coastguard Worker 1226*03f9172cSAndroid Build Coastguard Worker /** 1227*03f9172cSAndroid Build Coastguard Worker * crypto_csr_verify - Initialize CSR from CertificationRequest 1228*03f9172cSAndroid Build Coastguard Worker * @req: DER encoding of ASN.1 CertificationRequest 1229*03f9172cSAndroid Build Coastguard Worker * 1230*03f9172cSAndroid Build Coastguard Worker * Returns: Pointer to CSR data or %NULL on failure or if signature is invalid 1231*03f9172cSAndroid Build Coastguard Worker */ 1232*03f9172cSAndroid Build Coastguard Worker struct crypto_csr * crypto_csr_verify(const struct wpabuf *req); 1233*03f9172cSAndroid Build Coastguard Worker 1234*03f9172cSAndroid Build Coastguard Worker /** 1235*03f9172cSAndroid Build Coastguard Worker * crypto_csr_deinit - Free CSR structure 1236*03f9172cSAndroid Build Coastguard Worker * @csr: CSR structure from @crypto_csr_init() or crypto_csr_verify() 1237*03f9172cSAndroid Build Coastguard Worker */ 1238*03f9172cSAndroid Build Coastguard Worker void crypto_csr_deinit(struct crypto_csr *csr); 1239*03f9172cSAndroid Build Coastguard Worker 1240*03f9172cSAndroid Build Coastguard Worker /** 1241*03f9172cSAndroid Build Coastguard Worker * crypto_csr_set_ec_public_key - Set public key in CSR 1242*03f9172cSAndroid Build Coastguard Worker * @csr: CSR structure from @crypto_csr_init() 1243*03f9172cSAndroid Build Coastguard Worker * @key: EC public key to set as public key in the CSR 1244*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 1245*03f9172cSAndroid Build Coastguard Worker */ 1246*03f9172cSAndroid Build Coastguard Worker int crypto_csr_set_ec_public_key(struct crypto_csr *csr, 1247*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_key *key); 1248*03f9172cSAndroid Build Coastguard Worker 1249*03f9172cSAndroid Build Coastguard Worker /** 1250*03f9172cSAndroid Build Coastguard Worker * crypto_csr_set_name - Set name entry in CSR SubjectName 1251*03f9172cSAndroid Build Coastguard Worker * @csr: CSR structure from @crypto_csr_init() 1252*03f9172cSAndroid Build Coastguard Worker * @type: Name type to add into the CSR SubjectName 1253*03f9172cSAndroid Build Coastguard Worker * @name: UTF-8 string to write in the CSR SubjectName 1254*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 1255*03f9172cSAndroid Build Coastguard Worker */ 1256*03f9172cSAndroid Build Coastguard Worker int crypto_csr_set_name(struct crypto_csr *csr, enum crypto_csr_name type, 1257*03f9172cSAndroid Build Coastguard Worker const char *name); 1258*03f9172cSAndroid Build Coastguard Worker 1259*03f9172cSAndroid Build Coastguard Worker /** 1260*03f9172cSAndroid Build Coastguard Worker * crypto_csr_set_attribute - Set attribute in CSR 1261*03f9172cSAndroid Build Coastguard Worker * @csr: CSR structure from @crypto_csr_init() 1262*03f9172cSAndroid Build Coastguard Worker * @attr: Attribute identifier 1263*03f9172cSAndroid Build Coastguard Worker * @attr_type: ASN.1 type of @value buffer 1264*03f9172cSAndroid Build Coastguard Worker * @value: Attribute value 1265*03f9172cSAndroid Build Coastguard Worker * @len: length of @value buffer 1266*03f9172cSAndroid Build Coastguard Worker * Returns: 0 on success, -1 on failure 1267*03f9172cSAndroid Build Coastguard Worker */ 1268*03f9172cSAndroid Build Coastguard Worker int crypto_csr_set_attribute(struct crypto_csr *csr, enum crypto_csr_attr attr, 1269*03f9172cSAndroid Build Coastguard Worker int attr_type, const u8 *value, size_t len); 1270*03f9172cSAndroid Build Coastguard Worker 1271*03f9172cSAndroid Build Coastguard Worker /** 1272*03f9172cSAndroid Build Coastguard Worker * crypto_csr_get_attribute - Get attribute from CSR 1273*03f9172cSAndroid Build Coastguard Worker * @csr: CSR structure from @crypto_csr_verify() 1274*03f9172cSAndroid Build Coastguard Worker * @attr: Updated with atribute identifier 1275*03f9172cSAndroid Build Coastguard Worker * @len: Updated with length of returned buffer 1276*03f9172cSAndroid Build Coastguard Worker * @type: ASN.1 type of the attribute buffer 1277*03f9172cSAndroid Build Coastguard Worker * Returns: Type, length, and pointer on attribute value or %NULL on failure 1278*03f9172cSAndroid Build Coastguard Worker */ 1279*03f9172cSAndroid Build Coastguard Worker const u8 * crypto_csr_get_attribute(struct crypto_csr *csr, 1280*03f9172cSAndroid Build Coastguard Worker enum crypto_csr_attr attr, 1281*03f9172cSAndroid Build Coastguard Worker size_t *len, int *type); 1282*03f9172cSAndroid Build Coastguard Worker 1283*03f9172cSAndroid Build Coastguard Worker /** 1284*03f9172cSAndroid Build Coastguard Worker * crypto_csr_sign - Sign CSR and return ASN.1 CertificationRequest 1285*03f9172cSAndroid Build Coastguard Worker * @csr: CSR structure from @crypto_csr_init() 1286*03f9172cSAndroid Build Coastguard Worker * @key: Private key to sign the CSR (for now ony EC key are supported) 1287*03f9172cSAndroid Build Coastguard Worker * @algo: Hash algorithm to use for the signature 1288*03f9172cSAndroid Build Coastguard Worker * Returns: DER encoding of ASN.1 CertificationRequest for the CSR or %NULL on 1289*03f9172cSAndroid Build Coastguard Worker * failure 1290*03f9172cSAndroid Build Coastguard Worker */ 1291*03f9172cSAndroid Build Coastguard Worker struct wpabuf * crypto_csr_sign(struct crypto_csr *csr, 1292*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_key *key, 1293*03f9172cSAndroid Build Coastguard Worker enum crypto_hash_alg algo); 1294*03f9172cSAndroid Build Coastguard Worker 1295*03f9172cSAndroid Build Coastguard Worker struct crypto_rsa_key; 1296*03f9172cSAndroid Build Coastguard Worker 1297*03f9172cSAndroid Build Coastguard Worker /** 1298*03f9172cSAndroid Build Coastguard Worker * crypto_rsa_key_read - Read an RSA key 1299*03f9172cSAndroid Build Coastguard Worker * @file: File from which to read (PEM encoded, can be X.509v3 certificate) 1300*03f9172cSAndroid Build Coastguard Worker * @private_key: Whether to read the private key instead of public key 1301*03f9172cSAndroid Build Coastguard Worker * Returns: RSA key or %NULL on failure 1302*03f9172cSAndroid Build Coastguard Worker */ 1303*03f9172cSAndroid Build Coastguard Worker struct crypto_rsa_key * crypto_rsa_key_read(const char *file, bool private_key); 1304*03f9172cSAndroid Build Coastguard Worker 1305*03f9172cSAndroid Build Coastguard Worker /** 1306*03f9172cSAndroid Build Coastguard Worker * crypto_rsa_oaep_sha256_encrypt - RSA-OAEP-SHA-256 encryption 1307*03f9172cSAndroid Build Coastguard Worker * @key: RSA key from crypto_rsa_key_read() 1308*03f9172cSAndroid Build Coastguard Worker * @in: Plaintext input data 1309*03f9172cSAndroid Build Coastguard Worker * Returns: Encrypted output data or %NULL on failure 1310*03f9172cSAndroid Build Coastguard Worker */ 1311*03f9172cSAndroid Build Coastguard Worker struct wpabuf * crypto_rsa_oaep_sha256_encrypt(struct crypto_rsa_key *key, 1312*03f9172cSAndroid Build Coastguard Worker const struct wpabuf *in); 1313*03f9172cSAndroid Build Coastguard Worker 1314*03f9172cSAndroid Build Coastguard Worker /** 1315*03f9172cSAndroid Build Coastguard Worker * crypto_rsa_oaep_sha256_decrypt - RSA-OAEP-SHA-256 decryption 1316*03f9172cSAndroid Build Coastguard Worker * @key: RSA key from crypto_rsa_key_read() 1317*03f9172cSAndroid Build Coastguard Worker * @in: Encrypted input data 1318*03f9172cSAndroid Build Coastguard Worker * Returns: Decrypted output data or %NULL on failure 1319*03f9172cSAndroid Build Coastguard Worker */ 1320*03f9172cSAndroid Build Coastguard Worker struct wpabuf * crypto_rsa_oaep_sha256_decrypt(struct crypto_rsa_key *key, 1321*03f9172cSAndroid Build Coastguard Worker const struct wpabuf *in); 1322*03f9172cSAndroid Build Coastguard Worker 1323*03f9172cSAndroid Build Coastguard Worker /** 1324*03f9172cSAndroid Build Coastguard Worker * crypto_rsa_key_free - Free an RSA key 1325*03f9172cSAndroid Build Coastguard Worker * @key: RSA key from crypto_rsa_key_read() 1326*03f9172cSAndroid Build Coastguard Worker */ 1327*03f9172cSAndroid Build Coastguard Worker void crypto_rsa_key_free(struct crypto_rsa_key *key); 1328*03f9172cSAndroid Build Coastguard Worker 1329*03f9172cSAndroid Build Coastguard Worker enum hpke_mode { 1330*03f9172cSAndroid Build Coastguard Worker HPKE_MODE_BASE = 0x00, 1331*03f9172cSAndroid Build Coastguard Worker HPKE_MODE_PSK = 0x01, 1332*03f9172cSAndroid Build Coastguard Worker HPKE_MODE_AUTH = 0x02, 1333*03f9172cSAndroid Build Coastguard Worker HPKE_MODE_AUTH_PSK = 0x03, 1334*03f9172cSAndroid Build Coastguard Worker }; 1335*03f9172cSAndroid Build Coastguard Worker 1336*03f9172cSAndroid Build Coastguard Worker enum hpke_kem_id { 1337*03f9172cSAndroid Build Coastguard Worker HPKE_DHKEM_P256_HKDF_SHA256 = 0x0010, 1338*03f9172cSAndroid Build Coastguard Worker HPKE_DHKEM_P384_HKDF_SHA384 = 0x0011, 1339*03f9172cSAndroid Build Coastguard Worker HPKE_DHKEM_P521_HKDF_SHA512 = 0x0012, 1340*03f9172cSAndroid Build Coastguard Worker HPKE_DHKEM_X5519_HKDF_SHA256 = 0x0020, 1341*03f9172cSAndroid Build Coastguard Worker HPKE_DHKEM_X448_HKDF_SHA512 = 0x0021, 1342*03f9172cSAndroid Build Coastguard Worker }; 1343*03f9172cSAndroid Build Coastguard Worker 1344*03f9172cSAndroid Build Coastguard Worker enum hpke_kdf_id { 1345*03f9172cSAndroid Build Coastguard Worker HPKE_KDF_HKDF_SHA256 = 0x0001, 1346*03f9172cSAndroid Build Coastguard Worker HPKE_KDF_HKDF_SHA384 = 0x0002, 1347*03f9172cSAndroid Build Coastguard Worker HPKE_KDF_HKDF_SHA512 = 0x0003, 1348*03f9172cSAndroid Build Coastguard Worker }; 1349*03f9172cSAndroid Build Coastguard Worker 1350*03f9172cSAndroid Build Coastguard Worker enum hpke_aead_id { 1351*03f9172cSAndroid Build Coastguard Worker HPKE_AEAD_AES_128_GCM = 0x0001, 1352*03f9172cSAndroid Build Coastguard Worker HPKE_AEAD_AES_256_GCM = 0x0002, 1353*03f9172cSAndroid Build Coastguard Worker HPKE_AEAD_CHACHA20POLY1305 = 0x0003, 1354*03f9172cSAndroid Build Coastguard Worker }; 1355*03f9172cSAndroid Build Coastguard Worker 1356*03f9172cSAndroid Build Coastguard Worker /** 1357*03f9172cSAndroid Build Coastguard Worker * hpke_base_seal - HPKE base mode single-shot encrypt 1358*03f9172cSAndroid Build Coastguard Worker * Returns: enc | ct; or %NULL on failure 1359*03f9172cSAndroid Build Coastguard Worker */ 1360*03f9172cSAndroid Build Coastguard Worker struct wpabuf * hpke_base_seal(enum hpke_kem_id kem_id, 1361*03f9172cSAndroid Build Coastguard Worker enum hpke_kdf_id kdf_id, 1362*03f9172cSAndroid Build Coastguard Worker enum hpke_aead_id aead_id, 1363*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_key *peer_pub, 1364*03f9172cSAndroid Build Coastguard Worker const u8 *info, size_t info_len, 1365*03f9172cSAndroid Build Coastguard Worker const u8 *aad, size_t aad_len, 1366*03f9172cSAndroid Build Coastguard Worker const u8 *pt, size_t pt_len); 1367*03f9172cSAndroid Build Coastguard Worker 1368*03f9172cSAndroid Build Coastguard Worker /** 1369*03f9172cSAndroid Build Coastguard Worker * hpke_base_open - HPKE base mode single-shot decrypt 1370*03f9172cSAndroid Build Coastguard Worker * @enc_ct: enc | ct 1371*03f9172cSAndroid Build Coastguard Worker * Returns: pt; or %NULL on failure 1372*03f9172cSAndroid Build Coastguard Worker */ 1373*03f9172cSAndroid Build Coastguard Worker struct wpabuf * hpke_base_open(enum hpke_kem_id kem_id, 1374*03f9172cSAndroid Build Coastguard Worker enum hpke_kdf_id kdf_id, 1375*03f9172cSAndroid Build Coastguard Worker enum hpke_aead_id aead_id, 1376*03f9172cSAndroid Build Coastguard Worker struct crypto_ec_key *own_priv, 1377*03f9172cSAndroid Build Coastguard Worker const u8 *info, size_t info_len, 1378*03f9172cSAndroid Build Coastguard Worker const u8 *aad, size_t aad_len, 1379*03f9172cSAndroid Build Coastguard Worker const u8 *enc_ct, size_t enc_ct_len); 1380*03f9172cSAndroid Build Coastguard Worker 1381*03f9172cSAndroid Build Coastguard Worker /** 1382*03f9172cSAndroid Build Coastguard Worker * crypto_unload - Unload crypto resources 1383*03f9172cSAndroid Build Coastguard Worker * 1384*03f9172cSAndroid Build Coastguard Worker * This function is called just before the process exits to allow dynamic 1385*03f9172cSAndroid Build Coastguard Worker * resource allocations to be freed. 1386*03f9172cSAndroid Build Coastguard Worker */ 1387*03f9172cSAndroid Build Coastguard Worker void crypto_unload(void); 1388*03f9172cSAndroid Build Coastguard Worker 1389*03f9172cSAndroid Build Coastguard Worker #endif /* CRYPTO_H */ 1390