Wireshark 4.5.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
wsgcrypt.h
Go to the documentation of this file.
1
15#ifndef __WSGCRYPT_H__
16#define __WSGCRYPT_H__
17
18#include <wireshark.h>
19#include <gcrypt.h>
20
21#define HASH_MD5_LENGTH 16
22#define HASH_SHA1_LENGTH 20
23#define HASH_SHA2_224_LENGTH 28
24#define HASH_SHA2_256_LENGTH 32
25#define HASH_SHA2_384_LENGTH 48
26#define HASH_SHA2_512_LENGTH 64
27#define AEAD_AES_128_GCM_KEY_LENGTH 16
28#define AEAD_AES_256_GCM_KEY_LENGTH 32
29#define AEAD_CHACHA20POLY1305_KEY_LENGTH 32
30#define AEAD_MAX_KEY_LENGTH 32
31#define HPKE_AEAD_NONCE_LENGTH 12
32#define HPKE_HKDF_SHA256 1
33#define HPKE_HKDF_SHA384 2
34#define HPKE_HKDF_SHA512 3
35#define HPKE_AEAD_AES_128_GCM 1
36#define HPKE_AEAD_AES_256_GCM 2
37#define HPKE_AEAD_CHACHA20POLY1305 3
38#define HPKE_SUIT_ID_LEN 10
39#define HPKE_SUIT_PREFIX "HPKE"
40#define HPKE_VERSION_ID "HPKE-v1"
41#define HPKE_MAX_KDF_LEN HASH_SHA2_512_LENGTH
42#define HPKE_MODE_BASE 0
43#define HPKE_MODE_PSK 1
44#define HPKE_MODE_AUTH 2
45#define HPKE_MODE_AUTH_PSK 3
46
47/* Convenience function to calculate the HMAC from the data in BUFFER
48 of size LENGTH with key KEY of size KEYLEN using the algorithm ALGO avoiding the creating of a
49 hash object. The hash is returned in the caller provided buffer
50 DIGEST which must be large enough to hold the digest of the given
51 algorithm. */
52WS_DLL_PUBLIC gcry_error_t ws_hmac_buffer(int algo, void *digest, const void *buffer, size_t length, const void *key, size_t keylen);
53
54WS_DLL_PUBLIC gcry_error_t ws_cmac_buffer(int algo, void *digest, const void *buffer, size_t length, const void *key, size_t keylen);
55
56/* Convenience function to encrypt 8 bytes in BUFFER with DES using the 56 bits KEY expanded to
57 64 bits as key, encrypted data is returned in OUTPUT which must be at least 8 bytes large */
58WS_DLL_PUBLIC void crypt_des_ecb(uint8_t *output, const uint8_t *buffer, const uint8_t *key56);
59
60/* Convenience function for RSA decryption. Returns decrypted length on success, 0 on failure */
61WS_DLL_PUBLIC size_t rsa_decrypt_inplace(const unsigned len, unsigned char* data, gcry_sexp_t pk, bool pkcs1_padding, char **err);
62
76WS_DLL_PUBLIC gcry_error_t
77hkdf_expand(int hashalgo, const uint8_t *prk, unsigned prk_len, const uint8_t *info, unsigned info_len,
78 uint8_t *out, unsigned out_len);
79
80/*
81 * Calculate HKDF-Extract(salt, IKM) -> PRK according to RFC 5869.
82 * Caller MUST ensure that 'prk' is large enough to store the digest from hash
83 * algorithm 'hashalgo' (e.g. 32 bytes for SHA-256).
84 */
85static inline gcry_error_t
86hkdf_extract(int hashalgo, const uint8_t *salt, size_t salt_len, const uint8_t *ikm, size_t ikm_len, uint8_t *prk)
87{
88 /* PRK = HMAC-Hash(salt, IKM) where salt is key, and IKM is input. */
89 return ws_hmac_buffer(hashalgo, prk, ikm, ikm_len, salt, salt_len);
90}
91
92/*
93 * Convenience functions for Hybrid Public Key Encryption (HPKE) according
94 * to RFC 9180. Note these lengths must fit into a 16-bit integer so
95 * that the I2OSP(L, 2) call in ExpandedLabel returns without error.
96*/
97WS_DLL_PUBLIC uint16_t
98hpke_hkdf_len(uint16_t kdf_id);
99
100WS_DLL_PUBLIC uint16_t
101hpke_aead_key_len(uint16_t aead_id);
102
103WS_DLL_PUBLIC uint16_t
104hpke_aead_nonce_len(uint16_t aead_id);
105
106WS_DLL_PUBLIC void
107hpke_suite_id(uint16_t kem_id, uint16_t kdf_id, uint16_t aead_id, uint8_t *suite_id);
108
109WS_DLL_PUBLIC gcry_error_t
110hpke_key_schedule(uint16_t kdf_id, uint16_t aead_id, const uint8_t *salt, unsigned salt_len, const uint8_t *suite_id,
111 const uint8_t *ikm, unsigned ikm_len, uint8_t mode, uint8_t *key, uint8_t *base_nonce);
112
113WS_DLL_PUBLIC gcry_error_t
114hpke_setup_aead(gcry_cipher_hd_t* cipher, uint16_t aead_id, uint8_t *key);
115
116WS_DLL_PUBLIC gcry_error_t
117hpke_set_nonce(gcry_cipher_hd_t cipher, uint64_t seq, uint8_t *base_nonce, size_t nonce_len);
118
119#endif /* __WSGCRYPT_H__ */
Definition mcast_stream.h:30
Definition file-pcapng.h:57
WS_DLL_PUBLIC gcry_error_t hkdf_expand(int hashalgo, const uint8_t *prk, unsigned prk_len, const uint8_t *info, unsigned info_len, uint8_t *out, unsigned out_len)
Definition wsgcrypt.c:166