xref: /openbsd-src/sbin/isakmpd/crypto.h (revision 0ceec575d44650ab50d55dba950d9f9edd7a2e62) 
1*0ceec575Smikeb /* $OpenBSD: crypto.h,v 1.20 2010/10/19 07:47:34 mikeb Exp $	 */
2b031339aSniklas /* $EOM: crypto.h,v 1.12 2000/10/15 21:56:41 niklas Exp $	 */
32040585eSniklas 
42040585eSniklas /*
52040585eSniklas  * Copyright (c) 1998 Niels Provos.  All rights reserved.
62040585eSniklas  *
72040585eSniklas  * Redistribution and use in source and binary forms, with or without
82040585eSniklas  * modification, are permitted provided that the following conditions
92040585eSniklas  * are met:
102040585eSniklas  * 1. Redistributions of source code must retain the above copyright
112040585eSniklas  *    notice, this list of conditions and the following disclaimer.
122040585eSniklas  * 2. Redistributions in binary form must reproduce the above copyright
132040585eSniklas  *    notice, this list of conditions and the following disclaimer in the
142040585eSniklas  *    documentation and/or other materials provided with the distribution.
152040585eSniklas  *
162040585eSniklas  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
172040585eSniklas  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
182040585eSniklas  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
192040585eSniklas  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
202040585eSniklas  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
212040585eSniklas  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
222040585eSniklas  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
232040585eSniklas  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
242040585eSniklas  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
252040585eSniklas  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
262040585eSniklas  */
272040585eSniklas 
282040585eSniklas /*
292040585eSniklas  * This code was written under funding by Ericsson Radio Systems.
302040585eSniklas  */
312040585eSniklas 
322040585eSniklas #ifndef _CRYPTO_H_
332040585eSniklas #define _CRYPTO_H_
342040585eSniklas 
350456bce5Sjsg #include <openssl/des.h>
361ad5b6f7Smarkus #include <blf.h>
37*0ceec575Smikeb #include <openssl/cast.h>
381ad5b6f7Smarkus 
3920f38361Smarkus #include <openssl/aes.h>
4020f38361Smarkus 
411ad5b6f7Smarkus #define USE_32BIT
421ad5b6f7Smarkus #if defined (USE_64BIT)
431ad5b6f7Smarkus 
441ad5b6f7Smarkus #define XOR64(x,y) *(u_int64_t *)(x) ^= *(u_int64_t *)(y);
451ad5b6f7Smarkus #define SET64(x,y) *(u_int64_t *)(x) = *(u_int64_t *)(y);
461ad5b6f7Smarkus 
471ad5b6f7Smarkus #elif defined (USE_32BIT)
481ad5b6f7Smarkus 
491ad5b6f7Smarkus #define XOR64(x,y) *(u_int32_t *)(x) ^= *(u_int32_t *)(y); \
501ad5b6f7Smarkus    *(u_int32_t *)((u_int8_t *)(x) + 4) ^= *(u_int32_t *)((u_int8_t *)(y) + 4);
511ad5b6f7Smarkus #define SET64(x,y) *(u_int32_t *)(x) = *(u_int32_t *)(y); \
521ad5b6f7Smarkus    *(u_int32_t *)((u_int8_t *)(x) + 4) = *(u_int32_t *)((u_int8_t *)(y) + 4);
531ad5b6f7Smarkus 
541ad5b6f7Smarkus #else
551ad5b6f7Smarkus 
561ad5b6f7Smarkus #define XOR8(x,y,i) (x)[i] ^= (y)[i];
571ad5b6f7Smarkus #define XOR64(x,y) XOR8(x,y,0); XOR8(x,y,1); XOR8(x,y,2); XOR8(x,y,3); \
581ad5b6f7Smarkus    XOR8(x,y,4); XOR8(x,y,5); XOR8(x,y,6); XOR8(x,y,7);
591ad5b6f7Smarkus #define SET8(x,y,i) (x)[i] = (y)[i];
601ad5b6f7Smarkus #define SET64(x,y) SET8(x,y,0); SET8(x,y,1); SET8(x,y,2); SET8(x,y,3); \
611ad5b6f7Smarkus    SET8(x,y,4); SET8(x,y,5); SET8(x,y,6); SET8(x,y,7);
621ad5b6f7Smarkus 
631ad5b6f7Smarkus #endif				/* USE_64BIT */
641ad5b6f7Smarkus 
651ad5b6f7Smarkus #define SET_32BIT_BIG(x,y) (x)[3]= (y); (x)[2]= (y) >> 8; \
661ad5b6f7Smarkus     (x)[1] = (y) >> 16; (x)[0]= (y) >> 24;
671ad5b6f7Smarkus #define GET_32BIT_BIG(x) (u_int32_t)(x)[3] | ((u_int32_t)(x)[2] << 8) | \
681ad5b6f7Smarkus     ((u_int32_t)(x)[1] << 16)| ((u_int32_t)(x)[0] << 24);
692040585eSniklas 
702040585eSniklas /*
712040585eSniklas  * This is standard for all block ciphers we use at the moment.
7220f38361Smarkus  * Keep MAXBLK uptodate.
732040585eSniklas  */
742040585eSniklas #define BLOCKSIZE	8
7520f38361Smarkus #define MAXBLK		AES_BLOCK_SIZE
762040585eSniklas 
772040585eSniklas struct keystate {
782040585eSniklas 	struct crypto_xf *xf;	/* Back pointer */
792040585eSniklas 	u_int8_t        iv[MAXBLK];	/* Next IV to use */
802040585eSniklas 	u_int8_t        iv2[MAXBLK];
812040585eSniklas 	u_int8_t       *riv, *liv;
821ad5b6f7Smarkus 	union {
830456bce5Sjsg 		DES_key_schedule desks[3];
841ad5b6f7Smarkus 		blf_ctx         blfks;
85*0ceec575Smikeb 		CAST_KEY        castks;
8620f38361Smarkus 		AES_KEY         aesks[2];
871ad5b6f7Smarkus 	}               keydata;
882040585eSniklas };
892040585eSniklas 
901ad5b6f7Smarkus #define ks_des	keydata.desks
911ad5b6f7Smarkus #define ks_blf	keydata.blfks
921ad5b6f7Smarkus #define ks_cast	keydata.castks
9320f38361Smarkus #define ks_aes	keydata.aesks
942040585eSniklas 
952040585eSniklas /*
962040585eSniklas  * Information about the cryptotransform.
972040585eSniklas  *
982040585eSniklas  * XXX - In regards to the IV (Initialization Vector) the drafts are
995678a57aShshoexer  * completely fucked up and specify a MUST as how it is derived, so
1002040585eSniklas  * we also have to provide for that. I just don't know where.
1012040585eSniklas  * Furthermore is this enum needed at all?  It seems to be Oakley IDs
1022040585eSniklas  * only anyhow, and we already have defines for that in ipsec_doi.h.
1032040585eSniklas  */
1042040585eSniklas enum transform {
1052040585eSniklas 	DES_CBC = 1,		/* This is a MUST */
1062040585eSniklas 	IDEA_CBC = 2,		/* Licensed, DONT use */
1072040585eSniklas 	BLOWFISH_CBC = 3,
1082040585eSniklas 	RC5_R16_B64_CBC = 4,	/* Licensed, DONT use */
1092040585eSniklas 	TRIPLEDES_CBC = 5,	/* This is a SHOULD */
11020f38361Smarkus 	CAST_CBC = 6,
11120f38361Smarkus 	AES_CBC = 7
1122040585eSniklas };
1132040585eSniklas 
1142040585eSniklas enum cryptoerr {
1152040585eSniklas 	EOKAY,			/* No error */
1162040585eSniklas 	ENOCRYPTO,		/* A none crypto related error, see errno */
1172040585eSniklas 	EWEAKKEY,		/* A weak key was found in key setup */
11817120c27Sderaadt 	EKEYLEN			/* The key length was invalid for the cipher */
1192040585eSniklas };
1202040585eSniklas 
1212040585eSniklas struct crypto_xf {
1222040585eSniklas 	enum transform  id;	/* Oakley ID */
1232040585eSniklas 	char           *name;	/* Transform Name */
1242040585eSniklas 	u_int16_t       keymin, keymax;	/* Possible Keying Bytes */
1252040585eSniklas 	u_int16_t       blocksize;	/* Need to keep IV in the state */
1262040585eSniklas 	struct keystate *state;	/* Key information, can also be passed sep. */
1272040585eSniklas 	enum cryptoerr  (*init)(struct keystate *, u_int8_t *, u_int16_t);
1282040585eSniklas 	void            (*encrypt)(struct keystate *, u_int8_t *, u_int16_t);
1292040585eSniklas 	void            (*decrypt)(struct keystate *, u_int8_t *, u_int16_t);
1302040585eSniklas };
1312040585eSniklas 
1322040585eSniklas extern struct keystate *crypto_clone_keystate(struct keystate *);
1332040585eSniklas extern void     crypto_decrypt(struct keystate *, u_int8_t *, u_int16_t);
1342040585eSniklas extern void     crypto_encrypt(struct keystate *, u_int8_t *, u_int16_t);
1352040585eSniklas extern struct crypto_xf *crypto_get(enum transform);
136df915834Shshoexer extern struct keystate *crypto_init(struct crypto_xf *, u_int8_t *, u_int16_t,
137df915834Shshoexer 		    enum cryptoerr *);
1382040585eSniklas extern void     crypto_init_iv(struct keystate *, u_int8_t *, size_t);
1392040585eSniklas extern void     crypto_update_iv(struct keystate *);
1402040585eSniklas 
1412040585eSniklas #endif				/* _CRYPTO_H_ */
142