diff options
| author | Michael Brown | 2012-03-18 14:25:10 +0100 |
|---|---|---|
| committer | Michael Brown | 2012-03-18 14:35:32 +0100 |
| commit | c00eb6e190d4957c0e7c5f1e18e4ea1fbaa5a6d0 (patch) | |
| tree | 2242b632d196af26bd970ed3ab45264cc9f9a5db /src | |
| parent | [crypto] Add more ASN.1 functions for X.509 certificate parsing (diff) | |
| download | ipxe-c00eb6e190d4957c0e7c5f1e18e4ea1fbaa5a6d0.tar.gz ipxe-c00eb6e190d4957c0e7c5f1e18e4ea1fbaa5a6d0.tar.xz ipxe-c00eb6e190d4957c0e7c5f1e18e4ea1fbaa5a6d0.zip | |
[crypto] Add abstraction for a public-key algorithm
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/crypto/crypto_null.c | 49 | ||||
| -rw-r--r-- | src/include/ipxe/crypto.h | 98 |
2 files changed, 147 insertions, 0 deletions
diff --git a/src/crypto/crypto_null.c b/src/crypto/crypto_null.c index c9c32ae99..590ac5605 100644 --- a/src/crypto/crypto_null.c +++ b/src/crypto/crypto_null.c @@ -81,7 +81,56 @@ struct cipher_algorithm cipher_null = { .decrypt = cipher_null_decrypt, }; +static int pubkey_null_init ( void *ctx __unused, const void *key __unused, + size_t key_len __unused ) { + return 0; +} + +static size_t pubkey_null_max_len ( void *ctx __unused ) { + return 0; +} + +static int pubkey_null_encrypt ( void *ctx __unused, + const void *plaintext __unused, + size_t plaintext_len __unused, + void *ciphertext __unused ) { + return 0; +} + +static int pubkey_null_decrypt ( void *ctx __unused, + const void *ciphertext __unused, + size_t ciphertext_len __unused, + void *plaintext __unused ) { + return 0; +} + +static int pubkey_null_sign ( void *ctx __unused, + struct digest_algorithm *digest __unused, + const void *value __unused, + void *signature __unused ) { + return 0; +} + +static int pubkey_null_verify ( void *ctx __unused, + struct digest_algorithm *digest __unused, + const void *value __unused, + const void *signature __unused , + size_t signature_len __unused ) { + return 0; +} + +static void pubkey_null_final ( void *ctx __unused ) { + /* Do nothing */ +} + struct pubkey_algorithm pubkey_null = { .name = "null", .ctxsize = 0, + .init = pubkey_null_init, + .max_len = pubkey_null_max_len, + .encrypt = pubkey_null_encrypt, + .decrypt = pubkey_null_decrypt, + .sign = pubkey_null_sign, + .verify = pubkey_null_verify, + .final = pubkey_null_final, }; diff --git a/src/include/ipxe/crypto.h b/src/include/ipxe/crypto.h index 7c21e96e9..d7d42b66c 100644 --- a/src/include/ipxe/crypto.h +++ b/src/include/ipxe/crypto.h @@ -96,6 +96,67 @@ struct pubkey_algorithm { const char *name; /** Context size */ size_t ctxsize; + /** Initialise algorithm + * + * @v ctx Context + * @v key Key + * @v key_len Length of key + * @ret rc Return status code + */ + int ( * init ) ( void *ctx, const void *key, size_t key_len ); + /** Calculate maximum output length + * + * @v ctx Context + * @ret max_len Maximum output length + */ + size_t ( * max_len ) ( void *ctx ); + /** Encrypt + * + * @v ctx Context + * @v plaintext Plaintext + * @v plaintext_len Length of plaintext + * @v ciphertext Ciphertext + * @ret ciphertext_len Length of ciphertext, or negative error + */ + int ( * encrypt ) ( void *ctx, const void *data, size_t len, + void *out ); + /** Decrypt + * + * @v ctx Context + * @v ciphertext Ciphertext + * @v ciphertext_len Ciphertext length + * @v plaintext Plaintext + * @ret plaintext_len Plaintext length, or negative error + */ + int ( * decrypt ) ( void *ctx, const void *data, size_t len, + void *out ); + /** Sign digest value + * + * @v ctx Context + * @v digest Digest algorithm + * @v value Digest value + * @v signature Signature + * @ret signature_len Signature length, or negative error + */ + int ( * sign ) ( void *ctx, struct digest_algorithm *digest, + const void *value, void *signature ); + /** Verify signed digest value + * + * @v ctx Context + * @v digest Digest algorithm + * @v value Digest value + * @v signature Signature + * @v signature_len Signature length + * @ret rc Return status code + */ + int ( * verify ) ( void *ctx, struct digest_algorithm *digest, + const void *value, const void *signature, + size_t signature_len ); + /** Finalise algorithm + * + * @v ctx Context + */ + void ( * final ) ( void *ctx ); }; static inline void digest_init ( struct digest_algorithm *digest, @@ -147,6 +208,43 @@ static inline int is_stream_cipher ( struct cipher_algorithm *cipher ) { return ( cipher->blocksize == 1 ); } +static inline int pubkey_init ( struct pubkey_algorithm *pubkey, void *ctx, + const void *key, size_t key_len ) { + return pubkey->init ( ctx, key, key_len ); +} + +static inline size_t pubkey_max_len ( struct pubkey_algorithm *pubkey, + void *ctx ) { + return pubkey->max_len ( ctx ); +} + +static inline int pubkey_encrypt ( struct pubkey_algorithm *pubkey, void *ctx, + const void *data, size_t len, void *out ) { + return pubkey->encrypt ( ctx, data, len, out ); +} + +static inline int pubkey_decrypt ( struct pubkey_algorithm *pubkey, void *ctx, + const void *data, size_t len, void *out ) { + return pubkey->decrypt ( ctx, data, len, out ); +} + +static inline int pubkey_sign ( struct pubkey_algorithm *pubkey, void *ctx, + struct digest_algorithm *digest, + const void *value, void *signature ) { + return pubkey->sign ( ctx, digest, value, signature ); +} + +static inline int pubkey_verify ( struct pubkey_algorithm *pubkey, void *ctx, + struct digest_algorithm *digest, + const void *value, const void *signature, + size_t signature_len ) { + return pubkey->verify ( ctx, digest, value, signature, signature_len ); +} + +static inline void pubkey_final ( struct pubkey_algorithm *pubkey, void *ctx ) { + pubkey->final ( ctx ); +} + extern struct digest_algorithm digest_null; extern struct cipher_algorithm cipher_null; extern struct pubkey_algorithm pubkey_null; |