24 #ifndef LIBMBEDCRYPTO_H_ 25 #define LIBMBEDCRYPTO_H_ 29 #ifdef HAVE_LIBMBEDCRYPTO 31 #include <mbedtls/md.h> 32 #include <mbedtls/bignum.h> 33 #include <mbedtls/pk.h> 34 #include <mbedtls/cipher.h> 35 #include <mbedtls/entropy.h> 36 #include <mbedtls/ctr_drbg.h> 38 typedef mbedtls_md_context_t *SHACTX;
39 typedef mbedtls_md_context_t *SHA256CTX;
40 typedef mbedtls_md_context_t *SHA384CTX;
41 typedef mbedtls_md_context_t *SHA512CTX;
42 typedef mbedtls_md_context_t *MD5CTX;
43 typedef mbedtls_md_context_t *HMACCTX;
44 typedef mbedtls_md_context_t *EVPCTX;
46 #define SHA_DIGEST_LENGTH 20 47 #define SHA_DIGEST_LEN SHA_DIGEST_LENGTH 48 #define MD5_DIGEST_LEN 16 49 #define SHA256_DIGEST_LENGTH 32 50 #define SHA256_DIGEST_LEN SHA256_DIGEST_LENGTH 51 #define SHA384_DIGEST_LENGTH 48 52 #define SHA384_DIGEST_LEN SHA384_DIGEST_LENGTH 53 #define SHA512_DIGEST_LENGTH 64 54 #define SHA512_DIGEST_LEN SHA512_DIGEST_LENGTH 56 #ifndef EVP_MAX_MD_SIZE 57 #define EVP_MAX_MD_SIZE 64 60 #define EVP_DIGEST_LEN EVP_MAX_MD_SIZE 62 typedef mbedtls_mpi *bignum;
63 typedef const mbedtls_mpi *const_bignum;
64 typedef void* bignum_CTX;
67 #define NID_mbedtls_nistp256 0 68 #define NID_mbedtls_nistp384 1 69 #define NID_mbedtls_nistp521 2 71 struct mbedtls_ecdsa_sig {
76 bignum ssh_mbedcry_bn_new(
void);
77 void ssh_mbedcry_bn_free(bignum num);
78 unsigned char *ssh_mbedcry_bn2num(const_bignum num,
int radix);
79 int ssh_mbedcry_rand(bignum rnd,
int bits,
int top,
int bottom);
80 int ssh_mbedcry_is_bit_set(bignum num,
size_t pos);
81 int ssh_mbedcry_rand_range(bignum dest, bignum max);
82 int ssh_mbedcry_hex2bn(bignum *dest,
char *data);
84 #define bignum_new() ssh_mbedcry_bn_new() 85 #define bignum_safe_free(num) do { \ 86 if ((num) != NULL) { \ 87 ssh_mbedcry_bn_free(num); \ 91 #define bignum_ctx_new() NULL 92 #define bignum_ctx_free(num) do {(num) = NULL;} while(0) 93 #define bignum_ctx_invalid(ctx) (ctx == NULL?0:1) 94 #define bignum_set_word(bn, n) (mbedtls_mpi_lset(bn, n)==0?1:0) 96 #define bignum_bin2bn(data, datalen, bn) do { \ 97 *(bn) = bignum_new(); \ 98 if (*(bn) != NULL) { \ 99 mbedtls_mpi_read_binary(*(bn), data, datalen); \ 102 #define bignum_bn2dec(num) ssh_mbedcry_bn2num(num, 10) 103 #define bignum_dec2bn(data, bn) mbedtls_mpi_read_string(bn, 10, data) 104 #define bignum_bn2hex(num, dest) (*dest)=ssh_mbedcry_bn2num(num, 16) 105 #define bignum_hex2bn(data, dest) ssh_mbedcry_hex2bn(dest, data) 106 #define bignum_rand(rnd, bits) ssh_mbedcry_rand((rnd), (bits), 0, 1) 107 #define bignum_rand_range(rnd, max) ssh_mbedcry_rand_range(rnd, max) 108 #define bignum_mod_exp(dest, generator, exp, modulo, ctx) \ 109 (mbedtls_mpi_exp_mod(dest, generator, exp, modulo, NULL)==0?1:0) 110 #define bignum_add(dest, a, b) mbedtls_mpi_add_mpi(dest, a, b) 111 #define bignum_sub(dest, a, b) mbedtls_mpi_sub_mpi(dest, a, b) 112 #define bignum_mod(dest, a, b, ctx) \ 113 (mbedtls_mpi_mod_mpi(dest, a, b) == 0 ? 1 : 0) 114 #define bignum_num_bytes(num) mbedtls_mpi_size(num) 115 #define bignum_num_bits(num) mbedtls_mpi_bitlen(num) 116 #define bignum_is_bit_set(num, bit) ssh_mbedcry_is_bit_set(num, bit) 117 #define bignum_bn2bin(num, len, ptr) mbedtls_mpi_write_binary(num, ptr, \ 118 mbedtls_mpi_size(num)) 119 #define bignum_cmp(num1, num2) mbedtls_mpi_cmp_mpi(num1, num2) 120 #define bignum_rshift1(dest, src) mbedtls_mpi_copy(dest, src), mbedtls_mpi_shift_r(dest, 1) 121 #define bignum_dup(orig, dest) do { \ 122 if (*(dest) == NULL) { \ 123 *(dest) = bignum_new(); \ 125 if (*(dest) != NULL) { \ 126 mbedtls_mpi_copy(orig, *(dest)); \ 130 mbedtls_ctr_drbg_context *ssh_get_mbedtls_ctr_drbg_context(
void);
132 int ssh_mbedtls_random(
void *where,
int len,
int strong);
134 ssh_string make_ecpoint_string(
const mbedtls_ecp_group *g,
const 135 mbedtls_ecp_point *p);
137 #define ssh_fips_mode() false