3 * Copyright (C) 2006-2014 wolfSSL Inc.
5 * This file is part of CyaSSL.
7 * CyaSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
12 * CyaSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
23 /* Implements Microchip CRYPTO API layer */
29 #include <cyassl/ctaocrypt/settings.h>
31 #include <cyassl/ctaocrypt/md5.h>
32 #include <cyassl/ctaocrypt/sha.h>
33 #include <cyassl/ctaocrypt/sha256.h>
34 #include <cyassl/ctaocrypt/sha512.h>
35 #include <cyassl/ctaocrypt/hmac.h>
36 #include <cyassl/ctaocrypt/compress.h>
37 #include <cyassl/ctaocrypt/random.h>
38 #include <cyassl/ctaocrypt/des3.h>
39 #include <cyassl/ctaocrypt/aes.h>
40 #include <cyassl/ctaocrypt/rsa.h>
41 #include <cyassl/ctaocrypt/ecc.h>
42 #include <cyassl/ctaocrypt/error-crypt.h>
46 int CRYPT_MD5_Initialize(CRYPT_MD5_CTX* md5)
48 typedef char md5_test[sizeof(CRYPT_MD5_CTX) >= sizeof(Md5) ? 1 : -1];
49 (void)sizeof(md5_test);
61 int CRYPT_MD5_DataAdd(CRYPT_MD5_CTX* md5, const unsigned char* input,
64 if (md5 == NULL || input == NULL)
67 Md5Update((Md5*)md5, input, sz);
73 /* Get MD5 Final into digest */
74 int CRYPT_MD5_Finalize(CRYPT_MD5_CTX* md5, unsigned char* digest)
76 if (md5 == NULL || digest == NULL)
79 Md5Final((Md5*)md5, digest);
86 int CRYPT_SHA_Initialize(CRYPT_SHA_CTX* sha)
88 typedef char sha_test[sizeof(CRYPT_SHA_CTX) >= sizeof(Sha) ? 1 : -1];
89 (void)sizeof(sha_test);
94 return InitSha((Sha*)sha);
99 int CRYPT_SHA_DataAdd(CRYPT_SHA_CTX* sha, const unsigned char* input,
102 if (sha == NULL || input == NULL)
105 return ShaUpdate((Sha*)sha, input, sz);
109 /* Get SHA Final into digest */
110 int CRYPT_SHA_Finalize(CRYPT_SHA_CTX* sha, unsigned char* digest)
112 if (sha == NULL || digest == NULL)
115 return ShaFinal((Sha*)sha, digest);
119 /* Initialize SHA-256 */
120 int CRYPT_SHA256_Initialize(CRYPT_SHA256_CTX* sha256)
122 typedef char sha_test[sizeof(CRYPT_SHA256_CTX) >= sizeof(Sha256) ? 1 : -1];
123 (void)sizeof(sha_test);
128 return InitSha256((Sha256*)sha256);
132 /* Add data to SHA-256 */
133 int CRYPT_SHA256_DataAdd(CRYPT_SHA256_CTX* sha256, const unsigned char* input,
136 if (sha256 == NULL || input == NULL)
139 return Sha256Update((Sha256*)sha256, input, sz);
143 /* Get SHA-256 Final into digest */
144 int CRYPT_SHA256_Finalize(CRYPT_SHA256_CTX* sha256, unsigned char* digest)
146 if (sha256 == NULL || digest == NULL)
149 return Sha256Final((Sha256*)sha256, digest);
153 /* Initialize SHA-384 */
154 int CRYPT_SHA384_Initialize(CRYPT_SHA384_CTX* sha384)
156 typedef char sha_test[sizeof(CRYPT_SHA384_CTX) >= sizeof(Sha384) ? 1 : -1];
157 (void)sizeof(sha_test);
162 return InitSha384((Sha384*)sha384);
166 /* Add data to SHA-384 */
167 int CRYPT_SHA384_DataAdd(CRYPT_SHA384_CTX* sha384, const unsigned char* input,
170 if (sha384 == NULL || input == NULL)
173 return Sha384Update((Sha384*)sha384, input, sz);
177 /* Get SHA-384 Final into digest */
178 int CRYPT_SHA384_Finalize(CRYPT_SHA384_CTX* sha384, unsigned char* digest)
180 if (sha384 == NULL || digest == NULL)
183 return Sha384Final((Sha384*)sha384, digest);
187 /* Initialize SHA-512 */
188 int CRYPT_SHA512_Initialize(CRYPT_SHA512_CTX* sha512)
190 typedef char sha_test[sizeof(CRYPT_SHA512_CTX) >= sizeof(Sha512) ? 1 : -1];
191 (void)sizeof(sha_test);
196 return InitSha512((Sha512*)sha512);
200 /* Add data to SHA-512 */
201 int CRYPT_SHA512_DataAdd(CRYPT_SHA512_CTX* sha512, const unsigned char* input,
204 if (sha512 == NULL || input == NULL)
207 return Sha512Update((Sha512*)sha512, input, sz);
211 /* Get SHA-512 Final into digest */
212 int CRYPT_SHA512_Finalize(CRYPT_SHA512_CTX* sha512, unsigned char* digest)
214 if (sha512 == NULL || digest == NULL)
217 return Sha512Final((Sha512*)sha512, digest);
221 /* Set HMAC key with type */
222 int CRYPT_HMAC_SetKey(CRYPT_HMAC_CTX* hmac, int type, const unsigned char* key,
225 typedef char hmac_test[sizeof(CRYPT_HMAC_CTX) >= sizeof(Hmac) ? 1 : -1];
226 (void)sizeof(hmac_test);
228 if (hmac == NULL || key == NULL)
231 if (type != CRYPT_HMAC_SHA && type != CRYPT_HMAC_SHA256 &&
232 type != CRYPT_HMAC_SHA384 && type != CRYPT_HMAC_SHA512) {
233 return BAD_FUNC_ARG; /* bad hmac type */
236 return HmacSetKey((Hmac*)hmac, type, key, sz);
240 int CRYPT_HMAC_DataAdd(CRYPT_HMAC_CTX* hmac, const unsigned char* input,
243 if (hmac == NULL || input == NULL)
246 return HmacUpdate((Hmac*)hmac, input, sz);
250 /* Get HMAC Final into digest */
251 int CRYPT_HMAC_Finalize(CRYPT_HMAC_CTX* hmac, unsigned char* digest)
253 if (hmac == NULL || digest == NULL)
256 return HmacFinal((Hmac*)hmac, digest);
260 /* Huffman Compression, set flag to do static, otherwise dynamic */
261 /* return compressed size, otherwise < 0 for error */
262 int CRYPT_HUFFMAN_Compress(unsigned char* out, unsigned int outSz,
263 const unsigned char* in, unsigned int inSz,
266 if (out == NULL || in == NULL)
269 return Compress(out, outSz, in, inSz, flags);
273 /* Huffman DeCompression, self determines type */
274 /* return decompressed size, otherwise < 0 for error */
275 int CRYPT_HUFFMAN_DeCompress(unsigned char* out, unsigned int outSz,
276 const unsigned char* in, unsigned int inSz)
278 if (out == NULL || in == NULL)
281 return DeCompress(out, outSz, in, inSz);
285 /* RNG Initialize, < 0 on error */
286 int CRYPT_RNG_Initialize(CRYPT_RNG_CTX* rng)
288 typedef char rng_test[sizeof(CRYPT_RNG_CTX) >= sizeof(RNG) ? 1 : -1];
289 (void)sizeof(rng_test);
294 return InitRng((RNG*)rng);
298 /* RNG Get single bytes, < 0 on error */
299 int CRYPT_RNG_Get(CRYPT_RNG_CTX* rng, unsigned char* b)
301 if (rng == NULL || b == NULL)
304 return RNG_GenerateByte((RNG*)rng, (byte*)b);
308 /* RNG Block Generation of sz bytes, < 0 on error */
309 int CRYPT_RNG_BlockGenerate(CRYPT_RNG_CTX* rng, unsigned char* b,
312 if (rng == NULL || b == NULL)
315 return RNG_GenerateBlock((RNG*)rng, b, sz);
319 /* Triple DES Key Set, may have iv, will have direction */
320 int CRYPT_TDES_KeySet(CRYPT_TDES_CTX* tdes, const unsigned char* key,
321 const unsigned char* iv, int dir)
323 typedef char tdes_test[sizeof(CRYPT_TDES_CTX) >= sizeof(Des3) ? 1 : -1];
324 (void)sizeof(tdes_test);
326 if (tdes == NULL || key == NULL)
329 return Des3_SetKey((Des3*)tdes, key, iv, dir);
333 /* Triple DES Iv Set, sometimes added later */
334 int CRYPT_TDES_IvSet(CRYPT_TDES_CTX* tdes, const unsigned char* iv)
336 if (tdes == NULL || iv == NULL)
339 return Des3_SetIV((Des3*)tdes, iv);
343 /* Triple DES CBC Encrypt */
344 int CRYPT_TDES_CBC_Encrypt(CRYPT_TDES_CTX* tdes, unsigned char* out,
345 const unsigned char* in, unsigned int inSz)
347 if (tdes == NULL || out == NULL || in == NULL)
350 return Des3_CbcEncrypt((Des3*)tdes, out, in, inSz);
354 /* Triple DES CBC Decrypt */
355 int CRYPT_TDES_CBC_Decrypt(CRYPT_TDES_CTX* tdes, unsigned char* out,
356 const unsigned char* in, unsigned int inSz)
358 if (tdes == NULL || out == NULL || in == NULL)
361 return Des3_CbcDecrypt((Des3*)tdes, out, in, inSz);
365 /* AES Key Set, may have iv, will have direction */
366 int CRYPT_AES_KeySet(CRYPT_AES_CTX* aes, const unsigned char* key,
367 unsigned int keyLen, const unsigned char* iv, int dir)
369 typedef char aes_test[sizeof(CRYPT_AES_CTX) >= sizeof(Aes) ? 1 : -1];
370 (void)sizeof(aes_test);
372 if (aes == NULL || key == NULL)
375 return AesSetKey((Aes*)aes, key, keyLen, iv, dir);
379 /* AES Iv Set, sometimes added later */
380 int CRYPT_AES_IvSet(CRYPT_AES_CTX* aes, const unsigned char* iv)
382 if (aes == NULL || iv == NULL)
385 return AesSetIV((Aes*)aes, iv);
389 /* AES CBC Encrypt */
390 int CRYPT_AES_CBC_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out,
391 const unsigned char* in, unsigned int inSz)
393 if (aes == NULL || out == NULL || in == NULL)
396 return AesCbcEncrypt((Aes*)aes, out, in, inSz);
400 /* AES CBC Decrypt */
401 int CRYPT_AES_CBC_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out,
402 const unsigned char* in, unsigned int inSz)
404 if (aes == NULL || out == NULL || in == NULL)
407 return AesCbcDecrypt((Aes*)aes, out, in, inSz);
411 /* AES CTR Encrypt (used for decrypt too, with ENCRYPT key setup) */
412 int CRYPT_AES_CTR_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out,
413 const unsigned char* in, unsigned int inSz)
415 if (aes == NULL || out == NULL || in == NULL)
418 AesCtrEncrypt((Aes*)aes, out, in, inSz);
424 /* AES Direct mode encrypt, one block at a time */
425 int CRYPT_AES_DIRECT_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out,
426 const unsigned char* in)
428 if (aes == NULL || out == NULL || in == NULL)
431 AesEncryptDirect((Aes*)aes, out, in);
437 /* AES Direct mode decrypt, one block at a time */
438 int CRYPT_AES_DIRECT_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out,
439 const unsigned char* in)
441 if (aes == NULL || out == NULL || in == NULL)
444 AesDecryptDirect((Aes*)aes, out, in);
451 int CRYPT_RSA_Initialize(CRYPT_RSA_CTX* rsa)
456 rsa->holder = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
457 if (rsa->holder == NULL)
460 return InitRsaKey((RsaKey*)rsa->holder, NULL);
464 /* RSA Free resources */
465 int CRYPT_RSA_Free(CRYPT_RSA_CTX* rsa)
470 FreeRsaKey((RsaKey*)rsa->holder);
471 XFREE(rsa->holder, NULL, DYNAMIC_TYPE_RSA);
478 /* RSA Public key decode ASN.1 */
479 int CRYPT_RSA_PublicKeyDecode(CRYPT_RSA_CTX* rsa, const unsigned char* in,
482 unsigned int idx = 0;
485 if (rsa == NULL || in == NULL)
488 return RsaPublicKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz);
492 /* RSA Private key decode ASN.1 */
493 int CRYPT_RSA_PrivateKeyDecode(CRYPT_RSA_CTX* rsa, const unsigned char* in,
496 unsigned int idx = 0;
499 if (rsa == NULL || in == NULL)
502 return RsaPrivateKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz);
506 /* RSA Public Encrypt */
507 int CRYPT_RSA_PublicEncrypt(CRYPT_RSA_CTX* rsa, unsigned char* out,
508 unsigned int outSz, const unsigned char* in,
509 unsigned int inSz, CRYPT_RNG_CTX* rng)
511 if (rsa == NULL || in == NULL || out == NULL || rng == NULL)
514 return RsaPublicEncrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder,
519 /* RSA Private Decrypt */
520 int CRYPT_RSA_PrivateDecrypt(CRYPT_RSA_CTX* rsa, unsigned char* out,
521 unsigned int outSz, const unsigned char* in,
524 if (rsa == NULL || in == NULL || out == NULL)
527 return RsaPrivateDecrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder);
531 /* RSA Get Encrypt size helper */
532 int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX* rsa)
537 return RsaEncryptSize((RsaKey*)rsa->holder);
542 int CRYPT_ECC_Initialize(CRYPT_ECC_CTX* ecc)
547 ecc->holder = (ecc_key*)XMALLOC(sizeof(ecc_key), NULL, DYNAMIC_TYPE_ECC);
548 if (ecc->holder == NULL)
551 ecc_init((ecc_key*)ecc->holder);
557 /* ECC free resources */
558 int CRYPT_ECC_Free(CRYPT_ECC_CTX* ecc)
563 ecc_free((ecc_key*)ecc->holder);
564 XFREE(ecc->holder, NULL, DYNAMIC_TYPE_ECC);
571 /* ECC Public x963 Export */
572 int CRYPT_ECC_PublicExport(CRYPT_ECC_CTX* ecc, unsigned char* out,
573 unsigned int outSz, unsigned int* usedSz)
576 unsigned int inOut = outSz;
578 if (ecc == NULL || out == NULL)
581 ret = ecc_export_x963((ecc_key*)ecc->holder, out, &inOut);
588 /* ECC Public x963 Import */
589 int CRYPT_ECC_PublicImport(CRYPT_ECC_CTX* ecc, const unsigned char* in,
592 if (ecc == NULL || in == NULL)
595 return ecc_import_x963(in, inSz, (ecc_key*)ecc->holder);
599 /* ECC Private x963 Import */
600 int CRYPT_ECC_PrivateImport(CRYPT_ECC_CTX* ecc, const unsigned char* priv,
601 unsigned int privSz, const unsigned char* pub, unsigned int pubSz)
603 if (ecc == NULL || priv == NULL || pub == NULL)
606 return ecc_import_private_key(priv, privSz, pub, pubSz,
607 (ecc_key*)ecc->holder);
611 /* ECC DHE Make key */
612 int CRYPT_ECC_DHE_KeyMake(CRYPT_ECC_CTX* ecc, CRYPT_RNG_CTX* rng, int keySz)
614 if (ecc == NULL || rng == NULL)
617 return ecc_make_key((RNG*)rng, keySz, (ecc_key*)ecc->holder);
621 /* ECC DHE Make shared secret with our private and peer public */
622 int CRYPT_ECC_DHE_SharedSecretMake(CRYPT_ECC_CTX* priv, CRYPT_ECC_CTX* pub,
623 unsigned char* out, unsigned int outSz, unsigned int* usedSz)
626 unsigned int inOut = outSz;
628 if (priv == NULL || pub == NULL || out == NULL || usedSz == NULL)
631 ret = ecc_shared_secret((ecc_key*)priv->holder, (ecc_key*)pub->holder,
639 /* ECC DSA Hash Sign */
640 int CRYPT_ECC_DSA_HashSign(CRYPT_ECC_CTX* ecc, CRYPT_RNG_CTX* rng,
641 unsigned char* sig, unsigned int sigSz,
642 unsigned int* usedSz, const unsigned char* in,
646 unsigned int inOut = sigSz;
648 if (ecc == NULL || rng == NULL || sig == NULL || usedSz == NULL ||
652 ret = ecc_sign_hash(in, inSz, sig, &inOut, (RNG*)rng,
653 (ecc_key*)ecc->holder);
660 /* ECC DSA Hash Verify */
661 int CRYPT_ECC_DSA_HashVerify(CRYPT_ECC_CTX* ecc, const unsigned char* sig,
662 unsigned int sigSz, unsigned char* hash,
663 unsigned int hashSz, int* status)
665 if (ecc == NULL || sig == NULL || hash == NULL || status == NULL)
668 return ecc_verify_hash(sig, sigSz, hash, hashSz, status,
669 (ecc_key*)ecc->holder);
673 /* ECC get key size helper */
674 int CRYPT_ECC_KeySizeGet(CRYPT_ECC_CTX* ecc)
679 return ecc_size((ecc_key*)ecc->holder);
683 /* ECC get signature size helper */
684 int CRYPT_ECC_SignatureSizeGet(CRYPT_ECC_CTX* ecc)
689 return ecc_sig_size((ecc_key*)ecc->holder);
693 /* Save error string from err to str which needs to be >= 80 chars */
694 int CRYPT_ERROR_StringGet(int err, char* str)
699 CTaoCryptErrorString(err, str);