/*
* Nettle crypto backend implementation
*
- * Copyright (C) 2011 Red Hat, Inc. All rights reserved.
+ * Copyright (C) 2011-2012 Red Hat, Inc. All rights reserved.
+ * Copyright (C) 2011-2012, Milan Broz
*
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * version 2 as published by the Free Software Foundation.
+ * This file is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
*
- * This program is distributed in the hope that it will be useful,
+ * This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
*
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this file; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include <stdlib.h>
#include <nettle/hmac.h>
#include "crypto_backend.h"
+static char *version = "Nettle";
+
typedef void (*init_func) (void *);
typedef void (*update_func) (void *, unsigned, const uint8_t *);
typedef void (*digest_func) (void *, unsigned, uint8_t *);
(digest_func) hmac_sha512_digest,
(set_key_func) hmac_sha512_set_key,
},
+ { "ripemd160", RIPEMD160_DIGEST_SIZE,
+ (init_func) ripemd160_init,
+ (update_func) ripemd160_update,
+ (digest_func) ripemd160_digest,
+ (update_func) hmac_ripemd160_update,
+ (digest_func) hmac_ripemd160_digest,
+ (set_key_func) hmac_ripemd160_set_key,
+ },
{ NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, }
};
int crypt_backend_init(struct crypt_device *ctx)
{
- log_dbg("Initialising Nettle crypto backend.");
return 0;
}
+const char *crypt_backend_version(void)
+{
+ return version;
+}
+
/* HASH */
int crypt_hash_size(const char *name)
{
return 0;
}
-int crypt_hash_restart(struct crypt_hash *ctx)
+static void crypt_hash_restart(struct crypt_hash *ctx)
{
ctx->hash->init(&ctx->nettle_ctx);
- return 0;
}
int crypt_hash_write(struct crypt_hash *ctx, const char *buffer, size_t length)
return -EINVAL;
ctx->hash->digest(&ctx->nettle_ctx, length, (uint8_t *)buffer);
+ crypt_hash_restart(ctx);
return 0;
}
return -EINVAL;
}
-int crypt_hmac_restart(struct crypt_hmac *ctx)
+static void crypt_hmac_restart(struct crypt_hmac *ctx)
{
ctx->hash->hmac_set_key(&ctx->nettle_ctx, ctx->key_length, ctx->key);
- return 0;
}
int crypt_hmac_write(struct crypt_hmac *ctx, const char *buffer, size_t length)
return -EINVAL;
ctx->hash->hmac_digest(&ctx->nettle_ctx, length, (uint8_t *)buffer);
+ crypt_hmac_restart(ctx);
return 0;
}
free(ctx);
return 0;
}
+
+/* RNG - N/A */
+int crypt_backend_rng(char *buffer, size_t length, int quality, int fips)
+{
+ return -EINVAL;
+}
+
+/* PBKDF */
+int crypt_pbkdf(const char *kdf, const char *hash,
+ const char *password, size_t password_length,
+ const char *salt, size_t salt_length,
+ char *key, size_t key_length,
+ unsigned int iterations)
+{
+ if (!kdf || strncmp(kdf, "pbkdf2", 6))
+ return -EINVAL;
+
+ /* FIXME: switch to internal implementation in Nettle 2.6 */
+ return pkcs5_pbkdf2(hash, password, password_length, salt, salt_length,
+ iterations, key_length, key);
+}