ソースを参照

[crypto] Add abstraction for a public-key algorithm

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 12年前
コミット
c00eb6e190
2個のファイルの変更147行の追加0行の削除
  1. 49
    0
      src/crypto/crypto_null.c
  2. 98
    0
      src/include/ipxe/crypto.h

+ 49
- 0
src/crypto/crypto_null.c ファイルの表示

@@ -81,7 +81,56 @@ struct cipher_algorithm cipher_null = {
81 81
 	.decrypt = cipher_null_decrypt,
82 82
 };
83 83
 
84
+static int pubkey_null_init ( void *ctx __unused, const void *key __unused,
85
+			      size_t key_len __unused ) {
86
+	return 0;
87
+}
88
+
89
+static size_t pubkey_null_max_len ( void *ctx __unused ) {
90
+	return 0;
91
+}
92
+
93
+static int pubkey_null_encrypt ( void *ctx __unused,
94
+				 const void *plaintext __unused,
95
+				 size_t plaintext_len __unused,
96
+				 void *ciphertext __unused ) {
97
+	return 0;
98
+}
99
+
100
+static int pubkey_null_decrypt ( void *ctx __unused,
101
+				 const void *ciphertext __unused,
102
+				 size_t ciphertext_len __unused,
103
+				 void *plaintext __unused ) {
104
+	return 0;
105
+}
106
+
107
+static int pubkey_null_sign ( void *ctx __unused,
108
+			      struct digest_algorithm *digest __unused,
109
+			      const void *value __unused,
110
+			      void *signature __unused ) {
111
+	return 0;
112
+}
113
+
114
+static int pubkey_null_verify ( void *ctx __unused,
115
+				struct digest_algorithm *digest __unused,
116
+				const void *value __unused,
117
+				const void *signature __unused ,
118
+				size_t signature_len __unused ) {
119
+	return 0;
120
+}
121
+
122
+static void pubkey_null_final ( void *ctx __unused ) {
123
+	/* Do nothing */
124
+}
125
+
84 126
 struct pubkey_algorithm pubkey_null = {
85 127
 	.name = "null",
86 128
 	.ctxsize = 0,
129
+	.init = pubkey_null_init,
130
+	.max_len = pubkey_null_max_len,
131
+	.encrypt = pubkey_null_encrypt,
132
+	.decrypt = pubkey_null_decrypt,
133
+	.sign = pubkey_null_sign,
134
+	.verify = pubkey_null_verify,
135
+	.final = pubkey_null_final,
87 136
 };

+ 98
- 0
src/include/ipxe/crypto.h ファイルの表示

@@ -96,6 +96,67 @@ struct pubkey_algorithm {
96 96
 	const char *name;
97 97
 	/** Context size */
98 98
 	size_t ctxsize;
99
+	/** Initialise algorithm
100
+	 *
101
+	 * @v ctx		Context
102
+	 * @v key		Key
103
+	 * @v key_len		Length of key
104
+	 * @ret rc		Return status code
105
+	 */
106
+	int ( * init ) ( void *ctx, const void *key, size_t key_len );
107
+	/** Calculate maximum output length
108
+	 *
109
+	 * @v ctx		Context
110
+	 * @ret max_len		Maximum output length
111
+	 */
112
+	size_t ( * max_len ) ( void *ctx );
113
+	/** Encrypt
114
+	 *
115
+	 * @v ctx		Context
116
+	 * @v plaintext		Plaintext
117
+	 * @v plaintext_len	Length of plaintext
118
+	 * @v ciphertext	Ciphertext
119
+	 * @ret ciphertext_len	Length of ciphertext, or negative error
120
+	 */
121
+	int ( * encrypt ) ( void *ctx, const void *data, size_t len,
122
+			    void *out );
123
+	/** Decrypt
124
+	 *
125
+	 * @v ctx		Context
126
+	 * @v ciphertext	Ciphertext
127
+	 * @v ciphertext_len	Ciphertext length
128
+	 * @v plaintext		Plaintext
129
+	 * @ret plaintext_len	Plaintext length, or negative error
130
+	 */
131
+	int ( * decrypt ) ( void *ctx, const void *data, size_t len,
132
+			    void *out );
133
+	/** Sign digest value
134
+	 *
135
+	 * @v ctx		Context
136
+	 * @v digest		Digest algorithm
137
+	 * @v value		Digest value
138
+	 * @v signature		Signature
139
+	 * @ret signature_len	Signature length, or negative error
140
+	 */
141
+	int ( * sign ) ( void *ctx, struct digest_algorithm *digest,
142
+			 const void *value, void *signature );
143
+	/** Verify signed digest value
144
+	 *
145
+	 * @v ctx		Context
146
+	 * @v digest		Digest algorithm
147
+	 * @v value		Digest value
148
+	 * @v signature		Signature
149
+	 * @v signature_len	Signature length
150
+	 * @ret rc		Return status code
151
+	 */
152
+	int ( * verify ) ( void *ctx, struct digest_algorithm *digest,
153
+			   const void *value, const void *signature,
154
+			   size_t signature_len );
155
+	/** Finalise algorithm
156
+	 *
157
+	 * @v ctx		Context
158
+	 */
159
+	void ( * final ) ( void *ctx );
99 160
 };
100 161
 
101 162
 static inline void digest_init ( struct digest_algorithm *digest,
@@ -147,6 +208,43 @@ static inline int is_stream_cipher ( struct cipher_algorithm *cipher ) {
147 208
 	return ( cipher->blocksize == 1 );
148 209
 }
149 210
 
211
+static inline int pubkey_init ( struct pubkey_algorithm *pubkey, void *ctx,
212
+				const void *key, size_t key_len ) {
213
+	return pubkey->init ( ctx, key, key_len );
214
+}
215
+
216
+static inline size_t pubkey_max_len ( struct pubkey_algorithm *pubkey,
217
+				      void *ctx ) {
218
+	return pubkey->max_len ( ctx );
219
+}
220
+
221
+static inline int pubkey_encrypt ( struct pubkey_algorithm *pubkey, void *ctx,
222
+				   const void *data, size_t len, void *out ) {
223
+	return pubkey->encrypt ( ctx, data, len, out );
224
+}
225
+
226
+static inline int pubkey_decrypt ( struct pubkey_algorithm *pubkey, void *ctx,
227
+				   const void *data, size_t len, void *out ) {
228
+	return pubkey->decrypt ( ctx, data, len, out );
229
+}
230
+
231
+static inline int pubkey_sign ( struct pubkey_algorithm *pubkey, void *ctx,
232
+				struct digest_algorithm *digest,
233
+				const void *value, void *signature ) {
234
+	return pubkey->sign ( ctx, digest, value, signature );
235
+}
236
+
237
+static inline int pubkey_verify ( struct pubkey_algorithm *pubkey, void *ctx,
238
+				  struct digest_algorithm *digest,
239
+				  const void *value, const void *signature,
240
+				  size_t signature_len ) {
241
+	return pubkey->verify ( ctx, digest, value, signature, signature_len );
242
+}
243
+
244
+static inline void pubkey_final ( struct pubkey_algorithm *pubkey, void *ctx ) {
245
+	pubkey->final ( ctx );
246
+}
247
+
150 248
 extern struct digest_algorithm digest_null;
151 249
 extern struct cipher_algorithm cipher_null;
152 250
 extern struct pubkey_algorithm pubkey_null;

読み込み中…
キャンセル
保存