From 774a362e87feab25f1be16fbca08269ddc7121a4 Mon Sep 17 00:00:00 2001 From: Rene Mayrhofer Date: Thu, 12 Apr 2007 20:41:31 +0000 Subject: Major new upstream release, just ran svn-upgrade for now (and wrote some debian/changelong entries). --- src/pluto/crypto.h | 108 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 108 insertions(+) create mode 100644 src/pluto/crypto.h (limited to 'src/pluto/crypto.h') diff --git a/src/pluto/crypto.h b/src/pluto/crypto.h new file mode 100644 index 000000000..48c983349 --- /dev/null +++ b/src/pluto/crypto.h @@ -0,0 +1,108 @@ +/* crypto interfaces + * Copyright (C) 1998, 1999 D. Hugh Redelmeier. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * RCSID $Id: crypto.h,v 1.6 2005/04/07 20:13:30 as Exp $ + */ + +#include /* GNU MP library */ + +#include "libsha2/sha2.h" +#include "ike_alg.h" + +extern void init_crypto(void); + +/* Oakley group descriptions */ + +extern MP_INT groupgenerator; /* MODP group generator (2) */ + +struct oakley_group_desc { + u_int16_t group; + MP_INT *modulus; + size_t bytes; +}; + +extern const struct oakley_group_desc unset_group; /* magic signifier */ +extern const struct oakley_group_desc *lookup_group(u_int16_t group); +#define OAKLEY_GROUP_SIZE 7 +extern const struct oakley_group_desc oakley_group[OAKLEY_GROUP_SIZE]; + +/* unification of cryptographic encoding/decoding algorithms + * The IV is taken from and returned to st->st_new_iv. + * This allows the old IV to be retained. + * Use update_iv to commit to the new IV (for example, once a packet has + * been validated). + */ + +#define MAX_OAKLEY_KEY_LEN0 (3 * DES_CBC_BLOCK_SIZE) +#define MAX_OAKLEY_KEY_LEN (256/BITS_PER_BYTE) + +struct state; /* forward declaration, dammit */ + +void crypto_cbc_encrypt(const struct encrypt_desc *e, bool enc, u_int8_t *buf, size_t size, struct state *st); + +#define update_iv(st) memcpy((st)->st_iv, (st)->st_new_iv \ + , (st)->st_iv_len = (st)->st_new_iv_len) + +#define set_ph1_iv(st, iv) \ + passert((st)->st_ph1_iv_len <= sizeof((st)->st_ph1_iv)); \ + memcpy((st)->st_ph1_iv, (iv), (st)->st_ph1_iv_len); + +/* unification of cryptographic hashing mechanisms */ + +#ifndef NO_HASH_CTX +union hash_ctx { + MD5_CTX ctx_md5; + SHA1_CTX ctx_sha1; + sha256_context ctx_sha256; + sha512_context ctx_sha512; + }; + +/* HMAC package + * Note that hmac_ctx can be (and is) copied since there are + * no persistent pointers into it. + */ + +struct hmac_ctx { + const struct hash_desc *h; /* underlying hash function */ + size_t hmac_digest_size; /* copy of h->hash_digest_size */ + union hash_ctx hash_ctx; /* ctx for hash function */ + u_char buf1[MAX_HASH_BLOCK_SIZE]; + u_char buf2[MAX_HASH_BLOCK_SIZE]; + }; + +extern void hmac_init( + struct hmac_ctx *ctx, + const struct hash_desc *h, + const u_char *key, + size_t key_len); + +#define hmac_init_chunk(ctx, h, ch) hmac_init((ctx), (h), (ch).ptr, (ch).len) + +extern void hmac_reinit(struct hmac_ctx *ctx); /* saves recreating pads */ + +extern void hmac_update( + struct hmac_ctx *ctx, + const u_char *data, + size_t data_len); + +#define hmac_update_chunk(ctx, ch) hmac_update((ctx), (ch).ptr, (ch).len) + +extern void hmac_final(u_char *output, struct hmac_ctx *ctx); + +#define hmac_final_chunk(ch, name, ctx) { \ + pfreeany((ch).ptr); \ + (ch).len = (ctx)->hmac_digest_size; \ + (ch).ptr = alloc_bytes((ch).len, name); \ + hmac_final((ch).ptr, (ctx)); \ + } +#endif -- cgit v1.2.3