robin.thoni
/
ipxe
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 11 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4990 Commits
2 Branches
Tree: 2f020a8df3
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2f020a8df3'
${ noResults }
ipxe/src/include/ipxe/crypto.h

crypto.h 7.2KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270 
  1. #ifndef _IPXE_CRYPTO_H

  2. #define _IPXE_CRYPTO_H

  3. 

  4. /** @file

  5.  *

  6.  * Cryptographic API

  7.  *

  8.  */

  9. 

  10. FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );

  11. 

  12. #include <stdint.h>

  13. #include <stddef.h>

  14. 

  15. /** A message digest algorithm */

  16. struct digest_algorithm {

  17. 	/** Algorithm name */

  18. 	const char *name;

  19. 	/** Context size */

  20. 	size_t ctxsize;

  21. 	/** Block size */

  22. 	size_t blocksize;

  23. 	/** Digest size */

  24. 	size_t digestsize;

  25. 	/** Initialise digest

  26. 	 *

  27. 	 * @v ctx		Context

  28. 	 */

  29. 	void ( * init ) ( void *ctx );

  30. 	/** Update digest with new data

  31. 	 *

  32. 	 * @v ctx		Context

  33. 	 * @v src		Data to digest

  34. 	 * @v len		Length of data

  35. 	 *

  36. 	 * @v len is not necessarily a multiple of @c blocksize.

  37. 	 */

  38. 	void ( * update ) ( void *ctx, const void *src, size_t len );

  39. 	/** Finalise digest

  40. 	 *

  41. 	 * @v ctx		Context

  42. 	 * @v out		Buffer for digest output

  43. 	 */

  44. 	void ( * final ) ( void *ctx, void *out );

  45. };

  46. 

  47. /** A cipher algorithm */

  48. struct cipher_algorithm {

  49. 	/** Algorithm name */

  50. 	const char *name;

  51. 	/** Context size */

  52. 	size_t ctxsize;

  53. 	/** Block size */

  54. 	size_t blocksize;

  55. 	/** Set key

  56. 	 *

  57. 	 * @v ctx		Context

  58. 	 * @v key		Key

  59. 	 * @v keylen		Key length

  60. 	 * @ret rc		Return status code

  61. 	 */

  62. 	int ( * setkey ) ( void *ctx, const void *key, size_t keylen );

  63. 	/** Set initialisation vector

  64. 	 *

  65. 	 * @v ctx		Context

  66. 	 * @v iv		Initialisation vector

  67. 	 */

  68. 	void ( * setiv ) ( void *ctx, const void *iv );

  69. 	/** Encrypt data

  70. 	 *

  71. 	 * @v ctx		Context

  72. 	 * @v src		Data to encrypt

  73. 	 * @v dst		Buffer for encrypted data

  74. 	 * @v len		Length of data

  75. 	 *

  76. 	 * @v len is guaranteed to be a multiple of @c blocksize.

  77. 	 */

  78. 	void ( * encrypt ) ( void *ctx, const void *src, void *dst,

  79. 			     size_t len );

  80. 	/** Decrypt data

  81. 	 *

  82. 	 * @v ctx		Context

  83. 	 * @v src		Data to decrypt

  84. 	 * @v dst		Buffer for decrypted data

  85. 	 * @v len		Length of data

  86. 	 *

  87. 	 * @v len is guaranteed to be a multiple of @c blocksize.

  88. 	 */

  89. 	void ( * decrypt ) ( void *ctx, const void *src, void *dst,

  90. 			     size_t len );

  91. };

  92. 

  93. /** A public key algorithm */

  94. struct pubkey_algorithm {

  95. 	/** Algorithm name */

  96. 	const char *name;

  97. 	/** Context size */

  98. 	size_t ctxsize;

  99. 	/** Initialise algorithm

  100. 	 *

  101. 	 * @v ctx		Context

  102. 	 * @v key		Key

  103. 	 * @v key_len		Length of key

  104. 	 * @ret rc		Return status code

  105. 	 */

  106. 	int ( * init ) ( void *ctx, const void *key, size_t key_len );

  107. 	/** Calculate maximum output length

  108. 	 *

  109. 	 * @v ctx		Context

  110. 	 * @ret max_len		Maximum output length

  111. 	 */

  112. 	size_t ( * max_len ) ( void *ctx );

  113. 	/** Encrypt

  114. 	 *

  115. 	 * @v ctx		Context

  116. 	 * @v plaintext		Plaintext

  117. 	 * @v plaintext_len	Length of plaintext

  118. 	 * @v ciphertext	Ciphertext

  119. 	 * @ret ciphertext_len	Length of ciphertext, or negative error

  120. 	 */

  121. 	int ( * encrypt ) ( void *ctx, const void *data, size_t len,

  122. 			    void *out );

  123. 	/** Decrypt

  124. 	 *

  125. 	 * @v ctx		Context

  126. 	 * @v ciphertext	Ciphertext

  127. 	 * @v ciphertext_len	Ciphertext length

  128. 	 * @v plaintext		Plaintext

  129. 	 * @ret plaintext_len	Plaintext length, or negative error

  130. 	 */

  131. 	int ( * decrypt ) ( void *ctx, const void *data, size_t len,

  132. 			    void *out );

  133. 	/** Sign digest value

  134. 	 *

  135. 	 * @v ctx		Context

  136. 	 * @v digest		Digest algorithm

  137. 	 * @v value		Digest value

  138. 	 * @v signature		Signature

  139. 	 * @ret signature_len	Signature length, or negative error

  140. 	 */

  141. 	int ( * sign ) ( void *ctx, struct digest_algorithm *digest,

  142. 			 const void *value, void *signature );

  143. 	/** Verify signed digest value

  144. 	 *

  145. 	 * @v ctx		Context

  146. 	 * @v digest		Digest algorithm

  147. 	 * @v value		Digest value

  148. 	 * @v signature		Signature

  149. 	 * @v signature_len	Signature length

  150. 	 * @ret rc		Return status code

  151. 	 */

  152. 	int ( * verify ) ( void *ctx, struct digest_algorithm *digest,

  153. 			   const void *value, const void *signature,

  154. 			   size_t signature_len );

  155. 	/** Finalise algorithm

  156. 	 *

  157. 	 * @v ctx		Context

  158. 	 */

  159. 	void ( * final ) ( void *ctx );

  160. 	/** Check that public key matches private key

  161. 	 *

  162. 	 * @v private_key	Private key

  163. 	 * @v private_key_len	Private key length

  164. 	 * @v public_key	Public key

  165. 	 * @v public_key_len	Public key length

  166. 	 * @ret rc		Return status code

  167. 	 */

  168. 	int ( * match ) ( const void *private_key, size_t private_key_len,

  169. 			  const void *public_key, size_t public_key_len );

  170. };

  171. 

  172. static inline void digest_init ( struct digest_algorithm *digest,

  173. 				 void *ctx ) {

  174. 	digest->init ( ctx );

  175. }

  176. 

  177. static inline void digest_update ( struct digest_algorithm *digest,

  178. 				   void *ctx, const void *data, size_t len ) {

  179. 	digest->update ( ctx, data, len );

  180. }

  181. 

  182. static inline void digest_final ( struct digest_algorithm *digest,

  183. 				  void *ctx, void *out ) {

  184. 	digest->final ( ctx, out );

  185. }

  186. 

  187. static inline int cipher_setkey ( struct cipher_algorithm *cipher,

  188. 				  void *ctx, const void *key, size_t keylen ) {

  189. 	return cipher->setkey ( ctx, key, keylen );

  190. }

  191. 

  192. static inline void cipher_setiv ( struct cipher_algorithm *cipher,

  193. 				  void *ctx, const void *iv ) {

  194. 	cipher->setiv ( ctx, iv );

  195. }

  196. 

  197. static inline void cipher_encrypt ( struct cipher_algorithm *cipher,

  198. 				    void *ctx, const void *src, void *dst,

  199. 				    size_t len ) {

  200. 	cipher->encrypt ( ctx, src, dst, len );

  201. }

  202. #define cipher_encrypt( cipher, ctx, src, dst, len ) do {		\

  203. 	assert ( ( (len) & ( (cipher)->blocksize - 1 ) ) == 0 );	\

  204. 	cipher_encrypt ( (cipher), (ctx), (src), (dst), (len) );	\

  205. 	} while ( 0 )

  206. 

  207. static inline void cipher_decrypt ( struct cipher_algorithm *cipher,

  208. 				    void *ctx, const void *src, void *dst,

  209. 				    size_t len ) {

  210. 	cipher->decrypt ( ctx, src, dst, len );

  211. }

  212. #define cipher_decrypt( cipher, ctx, src, dst, len ) do {		\

  213. 	assert ( ( (len) & ( (cipher)->blocksize - 1 ) ) == 0 );	\

  214. 	cipher_decrypt ( (cipher), (ctx), (src), (dst), (len) );	\

  215. 	} while ( 0 )

  216. 

  217. static inline int is_stream_cipher ( struct cipher_algorithm *cipher ) {

  218. 	return ( cipher->blocksize == 1 );

  219. }

  220. 

  221. static inline int pubkey_init ( struct pubkey_algorithm *pubkey, void *ctx,

  222. 				const void *key, size_t key_len ) {

  223. 	return pubkey->init ( ctx, key, key_len );

  224. }

  225. 

  226. static inline size_t pubkey_max_len ( struct pubkey_algorithm *pubkey,

  227. 				      void *ctx ) {

  228. 	return pubkey->max_len ( ctx );

  229. }

  230. 

  231. static inline int pubkey_encrypt ( struct pubkey_algorithm *pubkey, void *ctx,

  232. 				   const void *data, size_t len, void *out ) {

  233. 	return pubkey->encrypt ( ctx, data, len, out );

  234. }

  235. 

  236. static inline int pubkey_decrypt ( struct pubkey_algorithm *pubkey, void *ctx,

  237. 				   const void *data, size_t len, void *out ) {

  238. 	return pubkey->decrypt ( ctx, data, len, out );

  239. }

  240. 

  241. static inline int pubkey_sign ( struct pubkey_algorithm *pubkey, void *ctx,

  242. 				struct digest_algorithm *digest,

  243. 				const void *value, void *signature ) {

  244. 	return pubkey->sign ( ctx, digest, value, signature );

  245. }

  246. 

  247. static inline int pubkey_verify ( struct pubkey_algorithm *pubkey, void *ctx,

  248. 				  struct digest_algorithm *digest,

  249. 				  const void *value, const void *signature,

  250. 				  size_t signature_len ) {

  251. 	return pubkey->verify ( ctx, digest, value, signature, signature_len );

  252. }

  253. 

  254. static inline void pubkey_final ( struct pubkey_algorithm *pubkey, void *ctx ) {

  255. 	pubkey->final ( ctx );

  256. }

  257. 

  258. static inline int pubkey_match ( struct pubkey_algorithm *pubkey,

  259. 				 const void *private_key,

  260. 				 size_t private_key_len, const void *public_key,

  261. 				 size_t public_key_len ) {

  262. 	return pubkey->match ( private_key, private_key_len, public_key,

  263. 			       public_key_len );

  264. }

  265. 

  266. extern struct digest_algorithm digest_null;

  267. extern struct cipher_algorithm cipher_null;

  268. extern struct pubkey_algorithm pubkey_null;

  269. 

  270. #endif /* _IPXE_CRYPTO_H */