oasis

0004-Add-support-for-some-BearSSL-crypto-primitives.patch (4890B)

From f20f3e1c7f498bbc2a83a749ed38a795d54a5c25 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Fri, 15 Nov 2019 20:19:37 -0800
Subject: [PATCH] Add support for some BearSSL crypto primitives
---
 src/crypto/crypto_bearssl.c | 171 ++++++++++++++++++++++++++++++++++++
 1 file changed, 171 insertions(+)
 create mode 100644 src/crypto/crypto_bearssl.c
diff --git a/src/crypto/crypto_bearssl.c b/src/crypto/crypto_bearssl.c
new file mode 100644
index 000000000..4f1b64e24
--- /dev/null
+++ b/src/crypto/crypto_bearssl.c
@@ -0,0 +1,171 @@
+/*
+ * Wrapper functions for BearSSL crypto
+ * Copyright (c) 2019, Michael Forney <mforney@mforney.org>
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#include "includes.h"
+#include <bearssl.h>
+
+#include "common.h"
+#include "md5.h"
+#include "crypto.h"
+
+static int digest_vector(size_t num_elem, const u8 *addr[], const size_t *len,
+			 u8 *out, const br_hash_class *hash)
+{
+	br_hash_compat_context ctx;
+	size_t i;
+
+	hash->init(&ctx.vtable);
+	for (i = 0; i < num_elem; ++i)
+		hash->update(&ctx.vtable, addr[i], len[i]);
+	hash->out(&ctx.vtable, out);
+
+	return 0;
+}
+
+int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *out)
+{
+	return digest_vector(num_elem, addr, len, out, &br_sha1_vtable);
+}
+
+int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *out)
+{
+	return digest_vector(num_elem, addr, len, out, &br_sha256_vtable);
+}
+
+static int hmac_vector(const u8 *key, size_t key_len, size_t num_elem,
+                       const u8 *addr[], const size_t *len, u8 *mac,
+                       const br_hash_class *type)
+{
+	br_hmac_key_context kc;
+	br_hmac_context ctx;
+	size_t i;
+
+	br_hmac_key_init(&kc, type, key, key_len);
+	br_hmac_init(&ctx, &kc, 0);
+	for (i = 0; i < num_elem; ++i)
+		br_hmac_update(&ctx, addr[i], len[i]);
+	br_hmac_out(&ctx, mac);
+
+	return 0;
+}
+
+int hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem,
+                       const u8 *addr[], const size_t *len, u8 *mac)
+{
+	return hmac_vector(key, key_len, num_elem, addr, len, mac, &br_sha256_vtable);
+}
+
+int hmac_sha256(const u8 *key, size_t key_len, const u8 *data,
+		size_t data_len, u8 *mac)
+{
+	return hmac_sha256_vector(key, key_len, 1, &data, &data_len, mac);
+}
+
+int hmac_sha1_vector(const u8 *key, size_t key_len, size_t num_elem,
+                     const u8 *addr[], const size_t *len, u8 *mac)
+{
+	return hmac_vector(key, key_len, num_elem, addr, len, mac, &br_sha1_vtable);
+}
+
+int hmac_sha1(const u8 *key, size_t key_len, const u8 *data, size_t data_len,
+	       u8 *mac)
+{
+	return hmac_sha1_vector(key, key_len, 1, &data, &data_len, mac);
+}
+
+int hmac_md5(const u8 *key, size_t key_len, const u8 *data, size_t data_len,
+             u8 *mac)
+{
+	return hmac_vector(key, key_len, 1, &data, &data_len, mac, &br_md5_vtable);
+}
+
+void *aes_encrypt_init(const u8 *key, size_t len)
+{
+	br_aes_ct64_cbcenc_keys *ctx;
+
+	if (len != 16 && len != 24 && len != 32)
+		return NULL;
+	ctx = os_malloc(sizeof *ctx);
+	if (ctx == NULL)
+		return NULL;
+	br_aes_ct64_cbcenc_init(ctx, key, len);
+	return ctx;
+}
+
+int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
+{
+	unsigned char iv[br_aes_ct64_BLOCK_SIZE];
+
+	memset(iv, 0, sizeof iv);
+	memcpy(crypt, plain, br_aes_ct64_BLOCK_SIZE);
+	br_aes_ct64_cbcenc_run(ctx, iv, crypt, br_aes_ct64_BLOCK_SIZE);
+	return 0;
+}
+
+void aes_encrypt_deinit(void *ctx)
+{
+	os_free(ctx);
+}
+
+void *aes_decrypt_init(const u8 *key, size_t len)
+{
+	br_aes_ct64_cbcdec_keys *ctx;
+
+	if (len != 16 && len != 24 && len != 32)
+		return NULL;
+	ctx = os_malloc(sizeof *ctx);
+	if (ctx == NULL)
+		return NULL;
+	br_aes_ct64_cbcdec_init(ctx, key, len);
+	return ctx;
+}
+
+int aes_decrypt(void *ctx, const u8 *plain, u8 *crypt)
+{
+	unsigned char iv[br_aes_ct64_BLOCK_SIZE];
+
+	memset(iv, 0, sizeof iv);
+	memcpy(crypt, plain, br_aes_ct64_BLOCK_SIZE);
+	br_aes_ct64_cbcdec_run(ctx, iv, crypt, br_aes_ct64_BLOCK_SIZE);
+	return 0;
+}
+
+void aes_decrypt_deinit(void *ctx)
+{
+	os_free(ctx);
+}
+
+int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
+{
+	br_aes_ct64_cbcenc_keys ctx;
+	u8 ivbuf[br_aes_ct64_BLOCK_SIZE];
+
+	if (data_len & 0xF)
+		return -1;
+	memcpy(ivbuf, iv, sizeof ivbuf);
+	br_aes_ct64_cbcenc_init(&ctx, key, 16);
+	br_aes_ct64_cbcenc_run(&ctx, ivbuf, data, data_len);
+	return 0;
+}
+
+int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
+{
+	br_aes_ct64_cbcdec_keys ctx;
+	u8 ivbuf[br_aes_ct64_BLOCK_SIZE];
+
+	if (data_len & 0xF)
+		return -1;
+	memcpy(ivbuf, iv, sizeof ivbuf);
+	br_aes_ct64_cbcdec_init(&ctx, key, 16);
+	br_aes_ct64_cbcdec_run(&ctx, ivbuf, data, data_len);
+	return 0;
+}
+
+void crypto_unload(void)
+{
+}
-- 
2.45.2