2
* Copyright (C) 2010 Free Software Foundation, Inc.
4
* Author: Nikos Mavrogiannopoulos
6
* This file is part of GNUTLS.
8
* The GNUTLS library is free software; you can redistribute it and/or
9
* modify it under the terms of the GNU Lesser General Public License
10
* as published by the Free Software Foundation; either version 2.1 of
11
* the License, or (at your option) any later version.
13
* This library is distributed in the hope that it will be useful, but
14
* WITHOUT ANY WARRANTY; without even the implied warranty of
15
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16
* Lesser General Public License for more details.
18
* You should have received a copy of the GNU Lesser General Public
19
* License along with this library; if not, write to the Free Software
20
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
25
/* Here lie nettle's wrappers for cipher support.
28
#include <gnutls_int.h>
29
#include <gnutls_errors.h>
30
#include <gnutls_cipher_int.h>
31
#include <nettle/aes.h>
32
#include <nettle/camellia.h>
33
#include <nettle/arcfour.h>
34
#include <nettle/arctwo.h>
35
#include <nettle/des.h>
36
#include <nettle/nettle-meta.h>
37
#include <nettle/cbc.h>
39
/* Functions that refer to the libgcrypt library.
42
#define MAX_BLOCK_SIZE 32
44
typedef void (*encrypt_func) (void *, nettle_crypt_func, unsigned, uint8_t *,
45
unsigned, uint8_t *, const uint8_t *);
46
typedef void (*decrypt_func) (void *, nettle_crypt_func, unsigned, uint8_t *,
47
unsigned, uint8_t *, const uint8_t *);
48
typedef void (*setkey_func) (void *, unsigned, const uint8_t *);
51
stream_encrypt (void *ctx, nettle_crypt_func func, unsigned block_size,
52
uint8_t * iv, unsigned length, uint8_t * dst,
55
func (ctx, length, dst, src);
60
struct aes_ctx encrypt;
61
struct aes_ctx decrypt;
65
aes_bidi_setkey (struct aes_bidi_ctx *ctx, unsigned length,
68
aes_set_encrypt_key (&ctx->encrypt, length, key);
69
aes_invert_key (&ctx->decrypt, &ctx->encrypt);
73
aes_bidi_encrypt (struct aes_bidi_ctx *ctx,
74
unsigned length, uint8_t * dst, const uint8_t * src)
76
aes_encrypt (&ctx->encrypt, length, dst, src);
80
aes_bidi_decrypt (struct aes_bidi_ctx *ctx,
81
unsigned length, uint8_t * dst, const uint8_t * src)
83
aes_decrypt (&ctx->decrypt, length, dst, src);
86
struct camellia_bidi_ctx
88
struct camellia_ctx encrypt;
89
struct camellia_ctx decrypt;
93
camellia_bidi_setkey (struct camellia_bidi_ctx *ctx, unsigned length,
96
camellia_set_encrypt_key (&ctx->encrypt, length, key);
97
camellia_invert_key (&ctx->decrypt, &ctx->encrypt);
101
camellia_bidi_encrypt (struct camellia_bidi_ctx *ctx,
102
unsigned length, uint8_t * dst, const uint8_t * src)
104
camellia_crypt (&ctx->encrypt, length, dst, src);
108
camellia_bidi_decrypt (struct camellia_bidi_ctx *ctx,
109
unsigned length, uint8_t * dst, const uint8_t * src)
111
camellia_crypt (&ctx->decrypt, length, dst, src);
114
struct nettle_cipher_ctx
118
struct aes_bidi_ctx aes_bidi;
119
struct camellia_bidi_ctx camellia_bidi;
120
struct arcfour_ctx arcfour;
121
struct arctwo_ctx arctwo;
122
struct des3_ctx des3;
126
uint8_t iv[MAX_BLOCK_SIZE];
127
gnutls_cipher_algorithm_t algo;
129
nettle_crypt_func *i_encrypt;
130
nettle_crypt_func *i_decrypt;
131
encrypt_func encrypt;
132
decrypt_func decrypt;
138
wrap_nettle_cipher_init (gnutls_cipher_algorithm_t algo, void **_ctx)
140
struct nettle_cipher_ctx *ctx;
142
ctx = gnutls_calloc (1, sizeof (*ctx));
146
return GNUTLS_E_MEMORY_ERROR;
153
case GNUTLS_CIPHER_CAMELLIA_128_CBC:
154
case GNUTLS_CIPHER_CAMELLIA_256_CBC:
155
ctx->encrypt = cbc_encrypt;
156
ctx->decrypt = cbc_decrypt;
157
ctx->i_encrypt = (nettle_crypt_func *) camellia_bidi_encrypt;
158
ctx->i_decrypt = (nettle_crypt_func *) camellia_bidi_decrypt;
159
ctx->ctx_ptr = &ctx->ctx.camellia_bidi;
160
ctx->block_size = CAMELLIA_BLOCK_SIZE;
162
case GNUTLS_CIPHER_AES_128_CBC:
163
case GNUTLS_CIPHER_AES_192_CBC:
164
case GNUTLS_CIPHER_AES_256_CBC:
165
ctx->encrypt = cbc_encrypt;
166
ctx->decrypt = cbc_decrypt;
167
ctx->i_encrypt = (nettle_crypt_func *) aes_bidi_encrypt;
168
ctx->i_decrypt = (nettle_crypt_func *) aes_bidi_decrypt;
169
ctx->ctx_ptr = &ctx->ctx.aes_bidi;
170
ctx->block_size = AES_BLOCK_SIZE;
172
case GNUTLS_CIPHER_3DES_CBC:
173
ctx->encrypt = cbc_encrypt;
174
ctx->decrypt = cbc_decrypt;
175
ctx->i_encrypt = (nettle_crypt_func *) des3_encrypt;
176
ctx->i_decrypt = (nettle_crypt_func *) des3_decrypt;
177
ctx->ctx_ptr = &ctx->ctx.des3;
178
ctx->block_size = DES3_BLOCK_SIZE;
180
case GNUTLS_CIPHER_DES_CBC:
181
ctx->encrypt = cbc_encrypt;
182
ctx->decrypt = cbc_decrypt;
183
ctx->i_encrypt = (nettle_crypt_func *) des_encrypt;
184
ctx->i_decrypt = (nettle_crypt_func *) des_decrypt;
185
ctx->ctx_ptr = &ctx->ctx.des;
186
ctx->block_size = DES_BLOCK_SIZE;
188
case GNUTLS_CIPHER_ARCFOUR_128:
189
case GNUTLS_CIPHER_ARCFOUR_40:
190
ctx->encrypt = stream_encrypt;
191
ctx->decrypt = stream_encrypt;
192
ctx->i_encrypt = (nettle_crypt_func *) arcfour_crypt;
193
ctx->i_decrypt = (nettle_crypt_func *) arcfour_crypt;
194
ctx->ctx_ptr = &ctx->ctx.arcfour;
197
case GNUTLS_CIPHER_RC2_40_CBC:
198
ctx->encrypt = cbc_encrypt;
199
ctx->decrypt = cbc_decrypt;
200
ctx->i_encrypt = (nettle_crypt_func *) arctwo_encrypt;
201
ctx->i_decrypt = (nettle_crypt_func *) arctwo_decrypt;
202
ctx->ctx_ptr = &ctx->ctx.arctwo;
203
ctx->block_size = ARCTWO_BLOCK_SIZE;
207
return GNUTLS_E_INVALID_REQUEST;
216
wrap_nettle_cipher_setkey (void *_ctx, const void *key, size_t keysize)
218
struct nettle_cipher_ctx *ctx = _ctx;
219
opaque des_key[DES3_KEY_SIZE];
223
case GNUTLS_CIPHER_AES_128_CBC:
224
case GNUTLS_CIPHER_AES_192_CBC:
225
case GNUTLS_CIPHER_AES_256_CBC:
226
aes_bidi_setkey (ctx->ctx_ptr, keysize, key);
228
case GNUTLS_CIPHER_CAMELLIA_128_CBC:
229
case GNUTLS_CIPHER_CAMELLIA_256_CBC:
230
camellia_bidi_setkey (ctx->ctx_ptr, keysize, key);
232
case GNUTLS_CIPHER_3DES_CBC:
233
if (keysize != DES3_KEY_SIZE)
236
return GNUTLS_E_INTERNAL_ERROR;
239
des_fix_parity (keysize, des_key, key);
241
/* this fails on weak keys */
242
if (des3_set_key (ctx->ctx_ptr, des_key) != 1)
245
return GNUTLS_E_INTERNAL_ERROR;
248
case GNUTLS_CIPHER_DES_CBC:
249
if (keysize != DES_KEY_SIZE)
252
return GNUTLS_E_INTERNAL_ERROR;
255
des_fix_parity (keysize, des_key, key);
257
if (des_set_key (ctx->ctx_ptr, des_key) != 1)
260
return GNUTLS_E_INTERNAL_ERROR;
263
case GNUTLS_CIPHER_ARCFOUR_128:
264
case GNUTLS_CIPHER_ARCFOUR_40:
265
arcfour_set_key (ctx->ctx_ptr, keysize, key);
267
case GNUTLS_CIPHER_RC2_40_CBC:
268
arctwo_set_key (ctx->ctx_ptr, keysize, key);
272
return GNUTLS_E_INVALID_REQUEST;
279
wrap_nettle_cipher_setiv (void *_ctx, const void *iv, size_t ivsize)
281
struct nettle_cipher_ctx *ctx = _ctx;
283
if (ivsize > ctx->block_size)
286
return GNUTLS_E_INVALID_REQUEST;
288
memcpy (ctx->iv, iv, ivsize);
294
wrap_nettle_cipher_decrypt (void *_ctx, const void *encr, size_t encrsize,
295
void *plain, size_t plainsize)
297
struct nettle_cipher_ctx *ctx = _ctx;
299
ctx->decrypt (ctx->ctx_ptr, ctx->i_decrypt, ctx->block_size, ctx->iv,
300
encrsize, plain, encr);
306
wrap_nettle_cipher_encrypt (void *_ctx, const void *plain, size_t plainsize,
307
void *encr, size_t encrsize)
309
struct nettle_cipher_ctx *ctx = _ctx;
311
ctx->encrypt (ctx->ctx_ptr, ctx->i_encrypt, ctx->block_size, ctx->iv,
312
plainsize, encr, plain);
318
wrap_nettle_cipher_close (void *h)
323
gnutls_crypto_cipher_st _gnutls_cipher_ops = {
324
.init = wrap_nettle_cipher_init,
325
.setkey = wrap_nettle_cipher_setkey,
326
.setiv = wrap_nettle_cipher_setiv,
327
.encrypt = wrap_nettle_cipher_encrypt,
328
.decrypt = wrap_nettle_cipher_decrypt,
329
.deinit = wrap_nettle_cipher_close,