2 * Nettle crypto backend implementation
4 * Copyright (C) 2011-2012 Red Hat, Inc. All rights reserved.
5 * Copyright (C) 2011-2012, Milan Broz
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * version 2 as published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 #include <nettle/sha.h>
25 #include <nettle/hmac.h>
26 #include "crypto_backend.h"
28 static char *version = "Nettle";
30 typedef void (*init_func) (void *);
31 typedef void (*update_func) (void *, unsigned, const uint8_t *);
32 typedef void (*digest_func) (void *, unsigned, uint8_t *);
33 typedef void (*set_key_func) (void *, unsigned, const uint8_t *);
41 update_func hmac_update;
42 digest_func hmac_digest;
43 set_key_func hmac_set_key;
46 static struct hash_alg hash_algs[] = {
47 { "sha1", SHA1_DIGEST_SIZE,
48 (init_func) sha1_init,
49 (update_func) sha1_update,
50 (digest_func) sha1_digest,
51 (update_func) hmac_sha1_update,
52 (digest_func) hmac_sha1_digest,
53 (set_key_func) hmac_sha1_set_key,
55 { "sha224", SHA224_DIGEST_SIZE,
56 (init_func) sha224_init,
57 (update_func) sha224_update,
58 (digest_func) sha224_digest,
59 (update_func) hmac_sha224_update,
60 (digest_func) hmac_sha224_digest,
61 (set_key_func) hmac_sha224_set_key,
63 { "sha256", SHA256_DIGEST_SIZE,
64 (init_func) sha256_init,
65 (update_func) sha256_update,
66 (digest_func) sha256_digest,
67 (update_func) hmac_sha256_update,
68 (digest_func) hmac_sha256_digest,
69 (set_key_func) hmac_sha256_set_key,
71 { "sha384", SHA384_DIGEST_SIZE,
72 (init_func) sha384_init,
73 (update_func) sha384_update,
74 (digest_func) sha384_digest,
75 (update_func) hmac_sha384_update,
76 (digest_func) hmac_sha384_digest,
77 (set_key_func) hmac_sha384_set_key,
79 { "sha512", SHA512_DIGEST_SIZE,
80 (init_func) sha512_init,
81 (update_func) sha512_update,
82 (digest_func) sha512_digest,
83 (update_func) hmac_sha512_update,
84 (digest_func) hmac_sha512_digest,
85 (set_key_func) hmac_sha512_set_key,
87 { "ripemd160", RIPEMD160_DIGEST_SIZE,
88 (init_func) ripemd160_init,
89 (update_func) ripemd160_update,
90 (digest_func) ripemd160_digest,
91 (update_func) hmac_ripemd160_update,
92 (digest_func) hmac_ripemd160_digest,
93 (set_key_func) hmac_ripemd160_set_key,
95 { NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, }
99 const struct hash_alg *hash;
101 struct sha1_ctx sha1;
102 struct sha224_ctx sha224;
103 struct sha256_ctx sha256;
104 struct sha384_ctx sha384;
105 struct sha512_ctx sha512;
110 const struct hash_alg *hash;
112 struct hmac_sha1_ctx sha1;
113 struct hmac_sha224_ctx sha224;
114 struct hmac_sha256_ctx sha256;
115 struct hmac_sha384_ctx sha384;
116 struct hmac_sha512_ctx sha512;
122 uint32_t crypt_backend_flags(void)
127 static struct hash_alg *_get_alg(const char *name)
131 while (name && hash_algs[i].name) {
132 if (!strcmp(name, hash_algs[i].name))
133 return &hash_algs[i];
139 int crypt_backend_init(struct crypt_device *ctx)
144 const char *crypt_backend_version(void)
150 int crypt_hash_size(const char *name)
152 struct hash_alg *ha = _get_alg(name);
154 return ha ? ha->length : -EINVAL;
157 int crypt_hash_init(struct crypt_hash **ctx, const char *name)
159 struct crypt_hash *h;
161 h = malloc(sizeof(*h));
165 h->hash = _get_alg(name);
171 h->hash->init(&h->nettle_ctx);
177 static void crypt_hash_restart(struct crypt_hash *ctx)
179 ctx->hash->init(&ctx->nettle_ctx);
182 int crypt_hash_write(struct crypt_hash *ctx, const char *buffer, size_t length)
184 ctx->hash->update(&ctx->nettle_ctx, length, (const uint8_t*)buffer);
188 int crypt_hash_final(struct crypt_hash *ctx, char *buffer, size_t length)
190 if (length > (size_t)ctx->hash->length)
193 ctx->hash->digest(&ctx->nettle_ctx, length, (uint8_t *)buffer);
194 crypt_hash_restart(ctx);
198 int crypt_hash_destroy(struct crypt_hash *ctx)
200 memset(ctx, 0, sizeof(*ctx));
206 int crypt_hmac_size(const char *name)
208 return crypt_hash_size(name);
211 int crypt_hmac_init(struct crypt_hmac **ctx, const char *name,
212 const void *buffer, size_t length)
214 struct crypt_hmac *h;
216 h = malloc(sizeof(*h));
219 memset(ctx, 0, sizeof(*ctx));
222 h->hash = _get_alg(name);
226 h->key = malloc(length);
230 memcpy(h->key, buffer, length);
231 h->key_length = length;
233 h->hash->init(&h->nettle_ctx);
234 h->hash->hmac_set_key(&h->nettle_ctx, h->key_length, h->key);
243 static void crypt_hmac_restart(struct crypt_hmac *ctx)
245 ctx->hash->hmac_set_key(&ctx->nettle_ctx, ctx->key_length, ctx->key);
248 int crypt_hmac_write(struct crypt_hmac *ctx, const char *buffer, size_t length)
250 ctx->hash->hmac_update(&ctx->nettle_ctx, length, (const uint8_t *)buffer);
254 int crypt_hmac_final(struct crypt_hmac *ctx, char *buffer, size_t length)
256 if (length > (size_t)ctx->hash->length)
259 ctx->hash->hmac_digest(&ctx->nettle_ctx, length, (uint8_t *)buffer);
260 crypt_hmac_restart(ctx);
264 int crypt_hmac_destroy(struct crypt_hmac *ctx)
266 memset(ctx->key, 0, ctx->key_length);
267 memset(ctx, 0, sizeof(*ctx));
274 int crypt_backend_rng(char *buffer, size_t length, int quality, int fips)
280 int crypt_pbkdf(const char *kdf, const char *hash,
281 const char *password, size_t password_length,
282 const char *salt, size_t salt_length,
283 char *key, size_t key_length,
284 unsigned int iterations)
286 if (!kdf || strncmp(kdf, "pbkdf2", 6))
289 /* FIXME: switch to internal implementation in Nettle 2.6 */
290 return pkcs5_pbkdf2(hash, password, password_length, salt, salt_length,
291 iterations, key_length, key);