2 * Nettle crypto backend implementation
4 * Copyright (C) 2011-2012 Red Hat, Inc. All rights reserved.
5 * Copyright (C) 2011-2012, Milan Broz
7 * This file is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
12 * This file is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this file; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
25 #include <nettle/sha.h>
26 #include <nettle/hmac.h>
27 #include "crypto_backend.h"
29 static char *version = "Nettle";
31 typedef void (*init_func) (void *);
32 typedef void (*update_func) (void *, unsigned, const uint8_t *);
33 typedef void (*digest_func) (void *, unsigned, uint8_t *);
34 typedef void (*set_key_func) (void *, unsigned, const uint8_t *);
42 update_func hmac_update;
43 digest_func hmac_digest;
44 set_key_func hmac_set_key;
47 static struct hash_alg hash_algs[] = {
48 { "sha1", SHA1_DIGEST_SIZE,
49 (init_func) sha1_init,
50 (update_func) sha1_update,
51 (digest_func) sha1_digest,
52 (update_func) hmac_sha1_update,
53 (digest_func) hmac_sha1_digest,
54 (set_key_func) hmac_sha1_set_key,
56 { "sha224", SHA224_DIGEST_SIZE,
57 (init_func) sha224_init,
58 (update_func) sha224_update,
59 (digest_func) sha224_digest,
60 (update_func) hmac_sha224_update,
61 (digest_func) hmac_sha224_digest,
62 (set_key_func) hmac_sha224_set_key,
64 { "sha256", SHA256_DIGEST_SIZE,
65 (init_func) sha256_init,
66 (update_func) sha256_update,
67 (digest_func) sha256_digest,
68 (update_func) hmac_sha256_update,
69 (digest_func) hmac_sha256_digest,
70 (set_key_func) hmac_sha256_set_key,
72 { "sha384", SHA384_DIGEST_SIZE,
73 (init_func) sha384_init,
74 (update_func) sha384_update,
75 (digest_func) sha384_digest,
76 (update_func) hmac_sha384_update,
77 (digest_func) hmac_sha384_digest,
78 (set_key_func) hmac_sha384_set_key,
80 { "sha512", SHA512_DIGEST_SIZE,
81 (init_func) sha512_init,
82 (update_func) sha512_update,
83 (digest_func) sha512_digest,
84 (update_func) hmac_sha512_update,
85 (digest_func) hmac_sha512_digest,
86 (set_key_func) hmac_sha512_set_key,
88 { "ripemd160", RIPEMD160_DIGEST_SIZE,
89 (init_func) ripemd160_init,
90 (update_func) ripemd160_update,
91 (digest_func) ripemd160_digest,
92 (update_func) hmac_ripemd160_update,
93 (digest_func) hmac_ripemd160_digest,
94 (set_key_func) hmac_ripemd160_set_key,
96 { NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, }
100 const struct hash_alg *hash;
102 struct sha1_ctx sha1;
103 struct sha224_ctx sha224;
104 struct sha256_ctx sha256;
105 struct sha384_ctx sha384;
106 struct sha512_ctx sha512;
111 const struct hash_alg *hash;
113 struct hmac_sha1_ctx sha1;
114 struct hmac_sha224_ctx sha224;
115 struct hmac_sha256_ctx sha256;
116 struct hmac_sha384_ctx sha384;
117 struct hmac_sha512_ctx sha512;
123 uint32_t crypt_backend_flags(void)
128 static struct hash_alg *_get_alg(const char *name)
132 while (name && hash_algs[i].name) {
133 if (!strcmp(name, hash_algs[i].name))
134 return &hash_algs[i];
140 int crypt_backend_init(struct crypt_device *ctx)
145 const char *crypt_backend_version(void)
151 int crypt_hash_size(const char *name)
153 struct hash_alg *ha = _get_alg(name);
155 return ha ? ha->length : -EINVAL;
158 int crypt_hash_init(struct crypt_hash **ctx, const char *name)
160 struct crypt_hash *h;
162 h = malloc(sizeof(*h));
166 h->hash = _get_alg(name);
172 h->hash->init(&h->nettle_ctx);
178 static void crypt_hash_restart(struct crypt_hash *ctx)
180 ctx->hash->init(&ctx->nettle_ctx);
183 int crypt_hash_write(struct crypt_hash *ctx, const char *buffer, size_t length)
185 ctx->hash->update(&ctx->nettle_ctx, length, (const uint8_t*)buffer);
189 int crypt_hash_final(struct crypt_hash *ctx, char *buffer, size_t length)
191 if (length > (size_t)ctx->hash->length)
194 ctx->hash->digest(&ctx->nettle_ctx, length, (uint8_t *)buffer);
195 crypt_hash_restart(ctx);
199 int crypt_hash_destroy(struct crypt_hash *ctx)
201 memset(ctx, 0, sizeof(*ctx));
207 int crypt_hmac_size(const char *name)
209 return crypt_hash_size(name);
212 int crypt_hmac_init(struct crypt_hmac **ctx, const char *name,
213 const void *buffer, size_t length)
215 struct crypt_hmac *h;
217 h = malloc(sizeof(*h));
220 memset(ctx, 0, sizeof(*ctx));
223 h->hash = _get_alg(name);
227 h->key = malloc(length);
231 memcpy(h->key, buffer, length);
232 h->key_length = length;
234 h->hash->init(&h->nettle_ctx);
235 h->hash->hmac_set_key(&h->nettle_ctx, h->key_length, h->key);
244 static void crypt_hmac_restart(struct crypt_hmac *ctx)
246 ctx->hash->hmac_set_key(&ctx->nettle_ctx, ctx->key_length, ctx->key);
249 int crypt_hmac_write(struct crypt_hmac *ctx, const char *buffer, size_t length)
251 ctx->hash->hmac_update(&ctx->nettle_ctx, length, (const uint8_t *)buffer);
255 int crypt_hmac_final(struct crypt_hmac *ctx, char *buffer, size_t length)
257 if (length > (size_t)ctx->hash->length)
260 ctx->hash->hmac_digest(&ctx->nettle_ctx, length, (uint8_t *)buffer);
261 crypt_hmac_restart(ctx);
265 int crypt_hmac_destroy(struct crypt_hmac *ctx)
267 memset(ctx->key, 0, ctx->key_length);
268 memset(ctx, 0, sizeof(*ctx));
275 int crypt_backend_rng(char *buffer, size_t length, int quality, int fips)
281 int crypt_pbkdf(const char *kdf, const char *hash,
282 const char *password, size_t password_length,
283 const char *salt, size_t salt_length,
284 char *key, size_t key_length,
285 unsigned int iterations)
287 if (!kdf || strncmp(kdf, "pbkdf2", 6))
290 /* FIXME: switch to internal implementation in Nettle 2.6 */
291 return pkcs5_pbkdf2(hash, password, password_length, salt, salt_length,
292 iterations, key_length, key);