|
1 /* |
|
2 * Copyright (c) 2001-2006 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: EAP and WLAN authentication protocols. |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 #if !defined( _EAP_AM_CRYPTO_SYMBIAN_H_ ) |
|
22 #define _EAP_AM_CRYPTO_SYMBIAN_H_ |
|
23 |
|
24 // INCLUDES |
|
25 #include "eap_am_types.h" |
|
26 #include "eap_variable_data.h" |
|
27 #include "eap_am_export.h" |
|
28 #include "eap_am_tools.h" |
|
29 #include "eap_array.h" |
|
30 #include "abs_eap_am_crypto.h" |
|
31 |
|
32 // FORWARD DECLARATIONS |
|
33 class abs_eap_am_tools_c; |
|
34 class eap_variable_data_c; |
|
35 |
|
36 // LOCAL CONSTANTS |
|
37 const u32_t EAP_HW_TICKS_SEED_BUFFER_SIZE = 8u; |
|
38 |
|
39 // CLASS DECLARATION |
|
40 |
|
41 /// Class eap_am_crypto offers services to authenticate data, encrypt data, |
|
42 /// decrypt data, generate keys and generate cryptographically strong random data. |
|
43 class EAP_EXPORT eap_am_crypto_symbian_c |
|
44 : public abs_eap_am_crypto_c |
|
45 { |
|
46 private: |
|
47 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
48 |
|
49 /// This is pointer to the tools class. |
|
50 abs_eap_am_tools_c * const m_am_tools; |
|
51 |
|
52 /// This indicates whether this object was generated successfully. |
|
53 bool m_is_valid; |
|
54 |
|
55 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
56 public: |
|
57 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
58 |
|
59 /** |
|
60 * Destructor does nothing special. |
|
61 */ |
|
62 EAP_FUNC_IMPORT virtual ~eap_am_crypto_symbian_c(); |
|
63 |
|
64 /** |
|
65 * Constructor initializes the member attributes. |
|
66 */ |
|
67 EAP_FUNC_IMPORT eap_am_crypto_symbian_c(abs_eap_am_tools_c * const tools); |
|
68 |
|
69 EAP_FUNC_IMPORT eap_status_e configure(); |
|
70 |
|
71 |
|
72 /** |
|
73 * The get_is_valid() function returns the status of the eap_core object. |
|
74 * True indicates the object is initialized succesfully. |
|
75 */ |
|
76 EAP_FUNC_IMPORT bool get_is_valid() const; |
|
77 |
|
78 EAP_FUNC_IMPORT void set_is_valid(); |
|
79 |
|
80 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
81 |
|
82 /** |
|
83 * This function activates random generator for test use. |
|
84 * It does generate predictive pseudorandom data. |
|
85 */ |
|
86 EAP_FUNC_IMPORT void use_test_random( |
|
87 const u8_t * const seed, |
|
88 const u32_t seed_length, |
|
89 const bool does_continuous_seeding_when_true); |
|
90 |
|
91 /** |
|
92 * The get_rand_bytes() function fills count random bytes to buffer. |
|
93 */ |
|
94 EAP_FUNC_IMPORT eap_status_e get_rand_bytes( |
|
95 u8_t * const buffer, |
|
96 const u32_t count); |
|
97 |
|
98 /** |
|
99 * The add_rand_seed() function seeds count bytes from buffer to the random data pool. |
|
100 * The seed bytes could be any data that increases entropy of the random data pool. |
|
101 * For example time stamps of send and received messages, likewise addresses, |
|
102 * cookies and nonces included in messages. |
|
103 */ |
|
104 EAP_FUNC_IMPORT eap_status_e add_rand_seed( |
|
105 const u8_t * const buffer, |
|
106 const u32_t count); |
|
107 |
|
108 /** |
|
109 * The add_rand_seed_hw_ticks() function adds hardware ticks read with |
|
110 * the abs_eap_am_tools::get_hardware_ticks() function. This could be used to |
|
111 * seed the random data pool with time stamps. |
|
112 */ |
|
113 EAP_FUNC_IMPORT eap_status_e add_rand_seed_hw_ticks(); |
|
114 |
|
115 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
116 |
|
117 /** |
|
118 * The generate_diffie_hellman_keys() function generates private and public |
|
119 * Diffie-Hellman keys. |
|
120 * It is used only for sanity checks. Only one well-known group is supported. |
|
121 * @param own_private_dh_key Saves context here. |
|
122 */ |
|
123 EAP_FUNC_IMPORT eap_status_e generate_diffie_hellman_keys( |
|
124 eap_variable_data_c * const own_private_dh_key, |
|
125 eap_variable_data_c * const own_public_dh_key, |
|
126 const u8_t * const prime, |
|
127 const u32_t prime_length, |
|
128 const u8_t * const group_generator, |
|
129 const u32_t group_generator_length); |
|
130 |
|
131 /** |
|
132 * The generate_g_power_to_xy() function generates shared secret |
|
133 * Diffie-Hellman key from own_private_dh_key and peer_public_dh_key. |
|
134 * Only one well-known group is supported. |
|
135 * @param own_private_dh_key Is the context. |
|
136 */ |
|
137 EAP_FUNC_IMPORT eap_status_e generate_g_power_to_xy( |
|
138 const eap_variable_data_c * const own_private_dh_key, |
|
139 const eap_variable_data_c * const peer_public_dh_key, |
|
140 eap_variable_data_c * const shared_dh_key, |
|
141 const u8_t * const prime, |
|
142 const u32_t prime_length, |
|
143 const u8_t * const group_generator, |
|
144 const u32_t group_generator_length); |
|
145 |
|
146 /** |
|
147 * This functions cleans up the diffie-hellman context. |
|
148 * This is not used in Symbian. |
|
149 */ |
|
150 EAP_FUNC_IMPORT eap_status_e dh_cleanup( |
|
151 const eap_variable_data_c * const dh_context); |
|
152 |
|
153 |
|
154 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
155 |
|
156 /** |
|
157 * This function returns the size of message digest of SHA1-algorithm. |
|
158 */ |
|
159 EAP_FUNC_IMPORT u32_t get_sha_256_digest_length( |
|
160 eap_variable_data_c * const sha_256_context); |
|
161 |
|
162 /** |
|
163 * This function returns the block size of SHA1-algorithm. |
|
164 */ |
|
165 EAP_FUNC_IMPORT u32_t get_sha_256_block_size( |
|
166 eap_variable_data_c * const sha_256_context); |
|
167 |
|
168 /** |
|
169 * The sha_256_init() function initializes SHA1. |
|
170 * Internal context of SHA1 is stored to sha_256_context. |
|
171 */ |
|
172 EAP_FUNC_IMPORT eap_status_e sha_256_init( |
|
173 eap_variable_data_c * const sha_256_context); |
|
174 |
|
175 /** |
|
176 * The sha_256_update() function updates the context of |
|
177 * sha_256_context with data_length bytes of data. |
|
178 */ |
|
179 EAP_FUNC_IMPORT eap_status_e sha_256_update( |
|
180 eap_variable_data_c * const sha_256_context, |
|
181 const u8_t * const data, |
|
182 const u32_t data_length); |
|
183 |
|
184 /** |
|
185 * The sha_256_final() function writes the message authentication code |
|
186 * (MAC) to buffer pointed by message_digest. The length of MAC is stored |
|
187 * to buffer pointed by md_length_or_null, If md_length_or_null is non NULL. |
|
188 */ |
|
189 EAP_FUNC_IMPORT eap_status_e sha_256_final( |
|
190 eap_variable_data_c * const sha_256_context, |
|
191 u8_t * const message_digest, |
|
192 u32_t *md_length_or_null); |
|
193 |
|
194 /** |
|
195 * The hmac_sha_256_cleanup() cleanups the SHA1 context. |
|
196 */ |
|
197 EAP_FUNC_IMPORT eap_status_e sha_256_cleanup( |
|
198 eap_variable_data_c * const sha_256_context); |
|
199 |
|
200 /** |
|
201 * The sha_256_copy_context() copies the SHA1 context. |
|
202 */ |
|
203 EAP_FUNC_IMPORT eap_status_e sha_256_copy_context( |
|
204 eap_variable_data_c * const copied_sha_256_context, |
|
205 const eap_variable_data_c * const original_sha_256_context); |
|
206 |
|
207 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
208 |
|
209 /** |
|
210 * This function returns the size of message digest of SHA1-algorithm. |
|
211 */ |
|
212 EAP_FUNC_IMPORT u32_t get_sha1_digest_length( |
|
213 eap_variable_data_c * const sha1_context); |
|
214 |
|
215 /** |
|
216 * This function returns the block size of SHA1-algorithm. |
|
217 */ |
|
218 EAP_FUNC_IMPORT u32_t get_sha1_block_size( |
|
219 eap_variable_data_c * const sha1_context); |
|
220 |
|
221 /** |
|
222 * The sha1_init() function initializes SHA1. |
|
223 * Internal context of SHA1 is stored to sha1_context. |
|
224 */ |
|
225 EAP_FUNC_IMPORT eap_status_e sha1_init( |
|
226 eap_variable_data_c * const sha1_context); |
|
227 |
|
228 /** |
|
229 * The sha1_update() function updates the context of |
|
230 * sha1_context with data_length bytes of data. |
|
231 */ |
|
232 EAP_FUNC_IMPORT eap_status_e sha1_update( |
|
233 eap_variable_data_c * const sha1_context, |
|
234 const u8_t * const data, |
|
235 const u32_t data_length); |
|
236 |
|
237 /** |
|
238 * The sha1_final() function writes the message authentication code |
|
239 * (MAC) to buffer pointed by message_digest. The length of MAC is stored |
|
240 * to buffer pointed by md_length_or_null, If md_length_or_null is non NULL. |
|
241 * It must include the length of the message_digest buffer must be set before |
|
242 * function call. |
|
243 */ |
|
244 EAP_FUNC_IMPORT eap_status_e sha1_final( |
|
245 eap_variable_data_c * const sha1_context, |
|
246 u8_t * const message_digest, |
|
247 u32_t *md_length_or_null); |
|
248 |
|
249 /** |
|
250 * The sha1_cleanup() cleanups the SHA1 context. |
|
251 */ |
|
252 EAP_FUNC_IMPORT eap_status_e sha1_cleanup( |
|
253 eap_variable_data_c * const sha1_context); |
|
254 |
|
255 /** |
|
256 * The sha1_copy_context() copies the SHA1 context. |
|
257 */ |
|
258 EAP_FUNC_IMPORT eap_status_e sha1_copy_context( |
|
259 eap_variable_data_c * const copied_sha1_context, |
|
260 const eap_variable_data_c * const original_sha1_context); |
|
261 |
|
262 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
263 |
|
264 /** |
|
265 * The aes_key_length() function returns the length of key AES-algorithm. |
|
266 * This will be constant 16 bytes (128 bits). Still it is better use function |
|
267 * to help changes if the length of key is changed in future. |
|
268 */ |
|
269 EAP_FUNC_IMPORT u32_t aes_key_length(); |
|
270 |
|
271 /** |
|
272 * The aes_block_size() function returns the block size of AES-algorithm. |
|
273 * This will be constant 16 bytes (128 bits). Still it is better use function |
|
274 * to help changes if the size is changed in future. |
|
275 */ |
|
276 EAP_FUNC_IMPORT u32_t aes_block_size(); |
|
277 |
|
278 |
|
279 /** |
|
280 * The aes_set_encryption_key() function initializes the encryption |
|
281 * context of AES-algorithm to the aes_context using key_length bytes from buffer key. |
|
282 */ |
|
283 EAP_FUNC_IMPORT eap_status_e aes_set_encryption_key( |
|
284 eap_variable_data_c * const aes_context, |
|
285 const u8_t * const key, |
|
286 const u32_t key_length); |
|
287 |
|
288 /** |
|
289 * This function cleans the aes_context. |
|
290 */ |
|
291 EAP_FUNC_IMPORT eap_status_e aes_cleanup( |
|
292 eap_variable_data_c * const aes_context); |
|
293 |
|
294 /** |
|
295 * The aes_set_decryption_key() function initializes the decryption context of |
|
296 * AES-algorithm to the aes_context using key_length bytes from buffer key. |
|
297 */ |
|
298 EAP_FUNC_IMPORT eap_status_e aes_set_decryption_key( |
|
299 eap_variable_data_c * const aes_context, |
|
300 const u8_t * const key, |
|
301 const u32_t key_length); |
|
302 |
|
303 /** |
|
304 * The aes_encrypt_block() function encrypts data of data_length bytes |
|
305 * using encryption_IV initialization vector. NOTE the length of data must |
|
306 * be aligned to block size of AES-algorithm. |
|
307 * This version takes pointers to input and output buffers as a parameter. |
|
308 * Those buffers must be fully separated. Some optimizations are used taking |
|
309 * advance from separate buffers. |
|
310 */ |
|
311 EAP_FUNC_IMPORT eap_status_e aes_encrypt_block( |
|
312 eap_variable_data_c * const aes_context, |
|
313 const u8_t * const data_in, |
|
314 u8_t * const data_out, |
|
315 const u32_t data_length); |
|
316 |
|
317 /** |
|
318 * The aes_decrypt_block() function decrypts data of data_length bytes |
|
319 * using decryption_IV initialization vector. NOTE the length of data must |
|
320 * be aligned to block size of AES-algorithm. |
|
321 * This version takes pointers to input and output buffers as a parameter. |
|
322 * Those buffers must be fully separated. Some optimizations are used |
|
323 * taking advance from separate buffers. |
|
324 */ |
|
325 EAP_FUNC_IMPORT eap_status_e aes_decrypt_block( |
|
326 eap_variable_data_c * const aes_context, |
|
327 const u8_t * const data_in, |
|
328 u8_t * const data_out, |
|
329 const u32_t data_length); |
|
330 |
|
331 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
332 |
|
333 /** |
|
334 * The key_length() function returns the length of key 3DES-EDE-algorithm. |
|
335 * This will be constant 24 bytes (192 bits). Still it is better use function |
|
336 * to help changes if the length of key is changed in future. |
|
337 */ |
|
338 EAP_FUNC_IMPORT u32_t key_length_3des_ede(); |
|
339 |
|
340 /** |
|
341 * The block_size() function returns the block size of 3DES-EDE-algorithm. |
|
342 * This will be constant 24 bytes (192 bits). Still it is better use function |
|
343 * to help changes if the size is changed in future. |
|
344 */ |
|
345 EAP_FUNC_IMPORT u32_t block_size_3des_ede(); |
|
346 |
|
347 |
|
348 /** |
|
349 * The cbc_set_encryption_key() function initializes the encryption |
|
350 * context of 3DES-EDE-algorithm to the context using key_length bytes from buffer key. |
|
351 */ |
|
352 EAP_FUNC_IMPORT eap_status_e set_encryption_key_3des_ede( |
|
353 eap_variable_data_c * const context, |
|
354 const u8_t * const key, |
|
355 const u32_t key_length); |
|
356 |
|
357 /** |
|
358 * The cbc_set_decryption_key() function initializes the decryption context of |
|
359 * 3DES-EDE-algorithm to the context using key_length bytes from buffer key. |
|
360 */ |
|
361 EAP_FUNC_IMPORT eap_status_e set_decryption_key_3des_ede( |
|
362 eap_variable_data_c * const context, |
|
363 const u8_t * const key, |
|
364 const u32_t key_length); |
|
365 |
|
366 /** |
|
367 * This function cleans up context. |
|
368 */ |
|
369 EAP_FUNC_IMPORT eap_status_e cleanup_3des_ede( |
|
370 eap_variable_data_c * const context); |
|
371 |
|
372 /** |
|
373 * The cbc_encrypt_data() function encrypts data of data_length bytes |
|
374 * using encryption_IV initialization vector. NOTE the length of data must |
|
375 * be aligned to block size of 3DES-EDE-algorithm. |
|
376 * This version takes pointers to input and output buffers as a parameter. |
|
377 * Those buffers must be fully separated. Some optimizations are used taking |
|
378 * advance from separate buffers. |
|
379 */ |
|
380 EAP_FUNC_IMPORT eap_status_e encrypt_block_3des_ede( |
|
381 eap_variable_data_c * const context, |
|
382 const u8_t * const data_in, |
|
383 u8_t * const data_out, |
|
384 const u32_t data_length); |
|
385 |
|
386 /** |
|
387 * The cbc_decrypt_data() function decrypts data of data_length bytes |
|
388 * using decryption_IV initialization vector. NOTE the length of data must |
|
389 * be aligned to block size of 3DES-EDE-algorithm. |
|
390 * This version takes pointers to input and output buffers as a parameter. |
|
391 * Those buffers must be fully separated. Some optimizations are used |
|
392 * taking advance from separate buffers. |
|
393 */ |
|
394 EAP_FUNC_IMPORT eap_status_e decrypt_block_3des_ede( |
|
395 eap_variable_data_c * const context, |
|
396 const u8_t * const data_in, |
|
397 u8_t * const data_out, |
|
398 const u32_t data_length); |
|
399 |
|
400 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
401 |
|
402 /** |
|
403 * Key derivation is based on the random number generation specified in |
|
404 * NIST Federal Information Processing Standards (FIPS) Publication |
|
405 * 186-2 [9]. The random number generator is specified in the change |
|
406 * notice 1 (2001 October 5) of [9] (Algorithm 1). As specified in the |
|
407 * change notice (page 74), when Algorithm 1 is used as a general- |
|
408 * purpose random number generator, the "mod q" term in step 3.3 is |
|
409 * omitted. The function G used in the algorithm is constructed via |
|
410 * Secure Hash Standard as specified in Appendix 3.3 of the standard. |
|
411 |
|
412 * 160-bit XKEY and XVAL values are used, so b = 160. The initial |
|
413 * secret seed value XKEY is computed from the n GSM Kc keys and the |
|
414 * NONCE_MT with the following formula: |
|
415 * @code |
|
416 * XKEY = SHA1(n*Kc| NONCE_MT) |
|
417 * |
|
418 * Random generator becomes as follows: |
|
419 * Step 1. Choose a new, secret value for the seed-key, XKEY. |
|
420 * Step 2. In hexadecimal notation let |
|
421 * t = 67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0. |
|
422 * This is the initial value for H0 || H1 || H2 || H3 || H4 in the SHS. |
|
423 * Step 3. For j = 0 to m - 1 do |
|
424 * c. xj = G(t,XKEY). |
|
425 * d. XKEY = (1 + XKEY + xj) mod 2^b. |
|
426 * @endcode |
|
427 */ |
|
428 EAP_FUNC_IMPORT eap_status_e dss_pseudo_random( |
|
429 u8_t *out, |
|
430 u32_t out_length, |
|
431 u8_t *xkey, |
|
432 u32_t xkey_length); |
|
433 |
|
434 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
435 |
|
436 /** |
|
437 * This function returns the size of message digest of MD5-algorithm. |
|
438 */ |
|
439 EAP_FUNC_IMPORT u32_t get_md5_digest_length( |
|
440 eap_variable_data_c * const md5_context); |
|
441 |
|
442 /** |
|
443 * This function returns the block size of MD5-algorithm. |
|
444 */ |
|
445 EAP_FUNC_IMPORT u32_t get_md5_block_size( |
|
446 eap_variable_data_c * const md5_context); |
|
447 |
|
448 /** |
|
449 * The sha1_init() function initializes MD5. |
|
450 * Internal context of MD5 is stored to sha1_context. |
|
451 */ |
|
452 EAP_FUNC_IMPORT eap_status_e md5_init( |
|
453 eap_variable_data_c * const md5_context); |
|
454 |
|
455 /** |
|
456 * The md5_update() function updates the context of |
|
457 * md5_context with data_length bytes of data. |
|
458 */ |
|
459 EAP_FUNC_IMPORT eap_status_e md5_update( |
|
460 eap_variable_data_c * const md5_context, |
|
461 const u8_t * const data, |
|
462 const u32_t data_length); |
|
463 |
|
464 /** |
|
465 * The md5_final() function writes the message authentication code |
|
466 * (MAC) to buffer pointed by message_digest. The length of MAC is stored |
|
467 * to buffer pointed by md_length_or_null, If md_length_or_null is non NULL. |
|
468 * It must include the length of the message_digest buffer before function call. |
|
469 */ |
|
470 EAP_FUNC_IMPORT eap_status_e md5_final( |
|
471 eap_variable_data_c * const md5_context, |
|
472 u8_t * const message_digest, |
|
473 u32_t *md_length_or_null); |
|
474 |
|
475 /** |
|
476 * The hmac_md5_cleanup() cleanups the MD5 context. |
|
477 */ |
|
478 EAP_FUNC_IMPORT eap_status_e md5_cleanup( |
|
479 eap_variable_data_c * const md5_context); |
|
480 |
|
481 /** |
|
482 * The md5_copy_context() copies the MD5 context. |
|
483 */ |
|
484 EAP_FUNC_IMPORT eap_status_e md5_copy_context( |
|
485 eap_variable_data_c * const copied_md5_context, |
|
486 const eap_variable_data_c * const original_md5_context); |
|
487 |
|
488 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
489 |
|
490 /** |
|
491 * This function returns the size of message digest of MD4-algorithm. |
|
492 */ |
|
493 EAP_FUNC_IMPORT u32_t get_md4_digest_length( |
|
494 eap_variable_data_c * const md4_context); |
|
495 |
|
496 /** |
|
497 * This function returns the block size of MD4-algorithm. |
|
498 */ |
|
499 EAP_FUNC_IMPORT u32_t get_md4_block_size( |
|
500 eap_variable_data_c * const md4_context); |
|
501 |
|
502 /** |
|
503 * The md4_init() function initializes MD4. |
|
504 * Internal context of MD4 is stored to sha1_context. |
|
505 */ |
|
506 EAP_FUNC_IMPORT eap_status_e md4_init( |
|
507 eap_variable_data_c * const md4_context); |
|
508 |
|
509 /** |
|
510 * The md4_update() function updates the context of |
|
511 * md4_context with data_length bytes of data. |
|
512 */ |
|
513 EAP_FUNC_IMPORT eap_status_e md4_update( |
|
514 eap_variable_data_c * const md4_context, |
|
515 const u8_t * const data, |
|
516 const u32_t data_length); |
|
517 |
|
518 /** |
|
519 * The md4_final() function writes the message authentication code |
|
520 * (MAC) to buffer pointed by message_digest. The length of MAC is stored |
|
521 * to buffer pointed by md_length_or_null, If md_length_or_null is non NULL. |
|
522 * It must include the length of the message_digest buffer before function call. |
|
523 */ |
|
524 EAP_FUNC_IMPORT eap_status_e md4_final( |
|
525 eap_variable_data_c * const md4_context, |
|
526 u8_t * const message_digest, |
|
527 u32_t *md_length_or_null); |
|
528 |
|
529 /** |
|
530 * The hmac_md4_cleanup() cleanups the MD4 context. |
|
531 */ |
|
532 EAP_FUNC_IMPORT eap_status_e md4_cleanup( |
|
533 eap_variable_data_c * const md4_context); |
|
534 |
|
535 /** |
|
536 * The md4_copy_context() copies the MD4 context. |
|
537 */ |
|
538 EAP_FUNC_IMPORT eap_status_e md4_copy_context( |
|
539 eap_variable_data_c * const copied_md4_context, |
|
540 const eap_variable_data_c * const original_md4_context); |
|
541 |
|
542 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
543 |
|
544 /** |
|
545 * Used to set the RC4 key. |
|
546 */ |
|
547 EAP_FUNC_IMPORT eap_status_e rc4_set_key( |
|
548 eap_variable_data_c * const rc4_context, |
|
549 const eap_variable_data_c * const key); |
|
550 |
|
551 /** |
|
552 * Used to clean up the RC4 context. |
|
553 */ |
|
554 EAP_FUNC_IMPORT eap_status_e rc4_cleanup( |
|
555 eap_variable_data_c * const rc4_context); |
|
556 |
|
557 /** |
|
558 * Encrypts RC4 data. |
|
559 * Input and output buffers must be non overlapping. |
|
560 */ |
|
561 EAP_FUNC_IMPORT eap_status_e rc4_encrypt( |
|
562 const eap_variable_data_c * const rc4_context, |
|
563 const void * const data_in, |
|
564 void * const data_out, |
|
565 const u32_t data_length); |
|
566 |
|
567 /** |
|
568 * Encrypts RC4 data. |
|
569 * The same buffer is used for input and output. |
|
570 */ |
|
571 EAP_FUNC_IMPORT eap_status_e rc4_encrypt( |
|
572 const eap_variable_data_c * const rc4_context, |
|
573 void * const data_in_out, |
|
574 const u32_t data_length); |
|
575 |
|
576 /** |
|
577 * Decrypts RC4 data. |
|
578 * The same buffer is used for input and output. |
|
579 */ |
|
580 EAP_FUNC_IMPORT eap_status_e rc4_decrypt( |
|
581 const eap_variable_data_c * const rc4_context, |
|
582 void * const data_in_out, |
|
583 const u32_t data_length); |
|
584 |
|
585 /** |
|
586 * Decrypts RC4 data. |
|
587 * Input and output buffers must be non overlapping. |
|
588 */ |
|
589 EAP_FUNC_IMPORT eap_status_e rc4_decrypt( |
|
590 const eap_variable_data_c * const rc4_context, |
|
591 const void * const data_in, |
|
592 void * const data_out, |
|
593 const u32_t data_length); |
|
594 |
|
595 |
|
596 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
597 |
|
598 /** |
|
599 * The rsa_init() function initializes context of RSA. |
|
600 * Internal context of RSA is stored to rsa_context. |
|
601 */ |
|
602 EAP_FUNC_IMPORT eap_status_e rsa_init( |
|
603 eap_variable_data_c * const rsa_context); |
|
604 |
|
605 /** |
|
606 * Function encrypts input data to output data using RSA algorithm with public RSA key. |
|
607 */ |
|
608 EAP_FUNC_IMPORT eap_status_e rsa_encrypt_with_public_key( |
|
609 eap_variable_data_c * const rsa_context, |
|
610 const eap_variable_data_c * const public_rsa_key, |
|
611 const eap_variable_data_c * const input_data, |
|
612 eap_variable_data_c * const output_data); |
|
613 |
|
614 /** |
|
615 * Function decrypts input data to output data using RSA algorithm with public RSA key. |
|
616 */ |
|
617 EAP_FUNC_IMPORT eap_status_e rsa_decrypt_with_public_key( |
|
618 eap_variable_data_c * const rsa_context, |
|
619 const eap_variable_data_c * const public_rsa_key, |
|
620 const eap_variable_data_c * const input_data, |
|
621 eap_variable_data_c * const output_data); |
|
622 |
|
623 /** |
|
624 * Function encrypts input data to output data using RSA algorithm with private RSA key. |
|
625 */ |
|
626 EAP_FUNC_IMPORT eap_status_e rsa_encrypt_with_private_key( |
|
627 eap_variable_data_c * const rsa_context, |
|
628 const eap_variable_data_c * const private_rsa_key, |
|
629 const eap_variable_data_c * const input_data, |
|
630 eap_variable_data_c * const output_data); |
|
631 |
|
632 /** |
|
633 * Function decrypts input data to output data using RSA algorithm with private RSA key. |
|
634 */ |
|
635 EAP_FUNC_IMPORT eap_status_e rsa_decrypt_with_private_key( |
|
636 eap_variable_data_c * const rsa_context, |
|
637 const eap_variable_data_c * const private_rsa_key, |
|
638 const eap_variable_data_c * const input_data, |
|
639 eap_variable_data_c * const output_data); |
|
640 |
|
641 /** |
|
642 * Function signs hash to signed hash using RSA algorithm with private RSA key. |
|
643 */ |
|
644 EAP_FUNC_IMPORT eap_status_e rsa_sign( |
|
645 eap_variable_data_c * const rsa_context, |
|
646 const eap_variable_data_c * const private_rsa_key, |
|
647 const eap_variable_data_c * const hash, |
|
648 eap_variable_data_c * const signed_hash); |
|
649 |
|
650 /** |
|
651 * Function verifies hash and signed hash using RSA algorithm with public RSA key. |
|
652 */ |
|
653 EAP_FUNC_IMPORT eap_status_e rsa_verify( |
|
654 eap_variable_data_c * const rsa_context, |
|
655 const eap_variable_data_c * const public_rsa_key, |
|
656 const eap_variable_data_c * const hash, |
|
657 const eap_variable_data_c * const signed_hash); |
|
658 |
|
659 EAP_FUNC_IMPORT eap_status_e rsa_cleanup( |
|
660 eap_variable_data_c * const rsa_context); |
|
661 |
|
662 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
663 |
|
664 /** |
|
665 * The dsa_init() function initializes context of DSA. |
|
666 * Internal context of DSA is stored to dsa_context. |
|
667 */ |
|
668 EAP_FUNC_IMPORT eap_status_e dsa_init( |
|
669 eap_variable_data_c * const dsa_context); |
|
670 |
|
671 /** |
|
672 * Function signs hash to signed hash using DSA algorithm with private RSA key. |
|
673 */ |
|
674 EAP_FUNC_IMPORT eap_status_e dsa_sign( |
|
675 eap_variable_data_c * const dsa_context, |
|
676 const eap_variable_data_c * const private_dsa_key, |
|
677 const eap_variable_data_c * const hash, |
|
678 eap_variable_data_c * const signed_hash); |
|
679 |
|
680 /** |
|
681 * Function verifies hash and signed hash using DSA algorithm with public RSA key and DSA parameters. |
|
682 */ |
|
683 EAP_FUNC_IMPORT eap_status_e dsa_verify( |
|
684 eap_variable_data_c * const dsa_context, |
|
685 const eap_variable_data_c * const public_dsa_key, |
|
686 const eap_variable_data_c * const dsa_param_p, |
|
687 const eap_variable_data_c * const dsa_param_q, |
|
688 const eap_variable_data_c * const dsa_param_g, |
|
689 const eap_variable_data_c * const hash, |
|
690 const eap_variable_data_c * const signed_hash); |
|
691 |
|
692 /** |
|
693 * This function cleans up dsa_context. |
|
694 */ |
|
695 EAP_FUNC_IMPORT eap_status_e dsa_cleanup( |
|
696 eap_variable_data_c * const dsa_context); |
|
697 |
|
698 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
699 private: |
|
700 |
|
701 /** |
|
702 * This function initializes crypto memory leak detection. |
|
703 * In Symbian this is not used. |
|
704 */ |
|
705 EAP_FUNC_IMPORT void open_crypto_memory_leaks(); |
|
706 |
|
707 /** |
|
708 * This function ends crypto memory leak detection. |
|
709 * In Symbian this is not used. |
|
710 */ |
|
711 EAP_FUNC_IMPORT void close_crypto_memory_leaks(); |
|
712 |
|
713 // - - - - - - - - - - - - - - - - - - - - - - - - |
|
714 private: |
|
715 void generate_diffie_hellman_keysL( |
|
716 eap_variable_data_c * const own_private_dh_key, |
|
717 eap_variable_data_c * const own_public_dh_key, |
|
718 const u8_t * const prime, |
|
719 const u32_t prime_length, |
|
720 const u8_t * const group_generator, |
|
721 const u32_t group_generator_length); |
|
722 |
|
723 void generate_g_power_to_xyL( |
|
724 const eap_variable_data_c * const own_private_dh_key, |
|
725 const eap_variable_data_c * const peer_public_dh_key, |
|
726 eap_variable_data_c * const shared_dh_key, |
|
727 const u8_t * const /* prime */, |
|
728 const u32_t prime_length, |
|
729 const u8_t * const /* group_generator */, |
|
730 const u32_t /* group_generator_length */); |
|
731 |
|
732 void rsa_encrypt_with_public_keyL( |
|
733 eap_variable_data_c * const rsa_context, |
|
734 const eap_variable_data_c * const public_rsa_key, |
|
735 const eap_variable_data_c * const input_data, |
|
736 eap_variable_data_c * const output_data); |
|
737 |
|
738 void rsa_decrypt_with_public_keyL( |
|
739 eap_variable_data_c * const rsa_context, |
|
740 const eap_variable_data_c * const public_rsa_key, |
|
741 const eap_variable_data_c * const input_data, |
|
742 eap_variable_data_c * const output_data); |
|
743 |
|
744 void rsa_encrypt_with_private_keyL( |
|
745 eap_variable_data_c * const rsa_context, |
|
746 const eap_variable_data_c * const private_rsa_key, |
|
747 const eap_variable_data_c * const input_data, |
|
748 eap_variable_data_c * const output_data); |
|
749 |
|
750 void rsa_decrypt_with_private_keyL( |
|
751 eap_variable_data_c * const rsa_context, |
|
752 const eap_variable_data_c * const private_rsa_key, |
|
753 const eap_variable_data_c * const input_data, |
|
754 eap_variable_data_c * const output_data); |
|
755 |
|
756 void dsa_signL( |
|
757 eap_variable_data_c * const dsa_context, |
|
758 const eap_variable_data_c * const private_dsa_key, |
|
759 const eap_variable_data_c * const hash, |
|
760 eap_variable_data_c * const signed_hash); |
|
761 |
|
762 void dsa_verifyL( |
|
763 eap_variable_data_c * const dsa_context, |
|
764 const eap_variable_data_c * const public_dsa_key, |
|
765 const eap_variable_data_c * const dsa_param_p, |
|
766 const eap_variable_data_c * const dsa_param_q, |
|
767 const eap_variable_data_c * const dsa_param_g, |
|
768 const eap_variable_data_c * const hash, |
|
769 const eap_variable_data_c * const signed_hash); |
|
770 |
|
771 eap_status_e rc4(const eap_variable_data_c * const rc4_context, |
|
772 const void* data_in, |
|
773 void* const data_out, |
|
774 const u32_t data_length); |
|
775 |
|
776 eap_status_e rsa_verifyL( |
|
777 eap_variable_data_c * const rsa_context, |
|
778 const eap_variable_data_c * const public_rsa_key, |
|
779 const eap_variable_data_c * const hash, |
|
780 const eap_variable_data_c * const signed_hash); |
|
781 |
|
782 eap_status_e rsa_signL( |
|
783 eap_variable_data_c * const rsa_context, |
|
784 const eap_variable_data_c * const private_rsa_key, |
|
785 const eap_variable_data_c * const hash, |
|
786 eap_variable_data_c * const signed_hash); |
|
787 |
|
788 }; |
|
789 |
|
790 #endif //#if !defined( _EAP_AM_CRYPTO_SYMBIAN_H_ ) |
|
791 |
|
792 |
|
793 |
|
794 // End of file |