wps_crypto_openssl.c

WiFi Protected Setup (WPS) 又叫Simple config。 是无线局域网领域推出的新协议

/*
 *  WPS_CRYPTO_OPENSSL.C : WPS Encrypt/Decrypt Interface Implemented upon OpenSSL
 * 
 *  ver       date        author      comment
 *  0.0.1     07/12/25    Gao Hua     First
 */

#include "wps_crypto.h"

#include <openssl/bn.h>
#include <openssl/dh.h>
#include <openssl/md5.h>
#include <openssl/sha.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/aes.h>
#include <openssl/rand.h>


WPS_DH_P WPS_dh_new(void)
{
	DH *r = DH_new();
	return (WPS_DH_P)r;
}

void WPS_dh_free(WPS_DH_P pDH)
{
	DH *r = (DH *)pDH;
	DH_free(r);
}

int WPS_dh_generate_pubkey(WPS_DH_P pDH, const WPS_char *p, const WPS_char *g, WPS_u8 *PubKeyBuff, int BuffLen)
{
	if (pDH == NULL || p == NULL || g == NULL || PubKeyBuff == NULL) {
		return -1;
	}
	
	DH *dh = (DH *)pDH;	
	BN_hex2bn(&(dh->p), p);
	BN_hex2bn(&(dh->g), g);
	
	if (DH_generate_key(dh) == 0) {
		return -1;
	}

	int pk_len = BN_num_bytes(dh->pub_key);
	if (pk_len > BuffLen) {
		return -1;
	}
	
	BN_bn2bin(dh->pub_key, PubKeyBuff);
	
	return pk_len;
}

int WPS_dh_sharedkey_size(WPS_DH_P pDH)
{
	if (pDH == NULL) {
		return -1;
	}
	
	DH *dh = (DH *)pDH;
	return DH_size(dh);
}

int WPS_dh_compute_sharedkey(WPS_DH_P pDH, const WPS_u8 *HisPubKey, int HisPubKeyLen, WPS_u8 *SharedKeyBuff, int BuffLen)
{
	if (pDH == NULL || HisPubKey == NULL || SharedKeyBuff == NULL) {
		return -1;
	}
		
	DH *dh = (DH *)pDH;
	int len = DH_size(dh);
	if (len > BuffLen) {
		return -1;
	}
	
	BIGNUM *a = BN_new();
	BN_bin2bn(HisPubKey, HisPubKeyLen, a);
	
	if (DH_compute_key(SharedKeyBuff, a, dh) == -1)	{
		BN_free(a);
		return -1;
	}
	
	BN_free(a);
	return len;
}

int WPS_Md5(const WPS_u8 *Input, int InputLen, WPS_u8 *Output, int OutputBuffLen)
{
	if (OutputBuffLen < MD5_DIGEST_LENGTH) {
		return -1;
	}

	unsigned char md[MD5_DIGEST_LENGTH];
	EVP_Digest(Input, InputLen, md, NULL, EVP_md5(), NULL);
	WPS_MEM_CPY(Output, md, MD5_DIGEST_LENGTH);
	return 0;
}

int WPS_Sha256(const WPS_u8 *Input, int InputLen, WPS_u8 *Output, int OutputBuffLen)
{
	if (OutputBuffLen < SHA256_DIGEST_LENGTH) {
		return -1;
	}

	unsigned char md[SHA256_DIGEST_LENGTH];
	EVP_Digest(Input, InputLen, md, NULL, EVP_sha256(), NULL);
	WPS_MEM_CPY(Output, md, SHA256_DIGEST_LENGTH);
	return 0;
}

int WPS_HMAC_Sha256(const WPS_u8 *Key, int KeyLen, const WPS_u8 *Input, int InputLen, WPS_u8 *Output, int OutputBuffLen)
{
	if (OutputBuffLen < SHA256_DIGEST_LENGTH) {
		return -1;
	}

	unsigned char hmac[SHA256_DIGEST_LENGTH];
	unsigned int len;

	HMAC(EVP_sha256(), Key, KeyLen, Input, InputLen, hmac, &len);
	if (len == SHA256_DIGEST_LENGTH)
	{
		WPS_MEM_CPY(Output, hmac, SHA256_DIGEST_LENGTH);
		return 0;
	}
	else
	{
		return -1;
	}
}

int WPS_AES_CBC_Encrypt(const WPS_u8 *Key, int KeyLen, WPS_u8 *IV, int IVLen, const WPS_u8 *Input, int InputLen, WPS_u8 *Output, int OutputBuffLen)
{
	if (KeyLen != 16 || IVLen != 16 || OutputBuffLen < InputLen) {
		return -1;
	}

	AES_KEY AESkey;
	AES_set_encrypt_key(Key, 128, &AESkey);
	AES_cbc_encrypt(Input, Output, InputLen, &AESkey, IV, AES_ENCRYPT);

	return 0;
}

int WPS_AES_CBC_Decrypt(const WPS_u8 *Key, int KeyLen, WPS_u8 *IV, int IVLen, const WPS_u8 *Input, int InputLen, WPS_u8 *Output, int OutputBuffLen)
{
	if (KeyLen != 16 || IVLen != 16 || OutputBuffLen < InputLen) {
		return -1;
	}

	AES_KEY AESkey;
	AES_set_decrypt_key(Key, 128, &AESkey);
	AES_cbc_encrypt(Input, Output, InputLen, &AESkey, IV, AES_DECRYPT);

	return 0;
}

int WPS_Rand(WPS_u8 *Buff, int BuffLen)
{
	char seed[] = "OpenSSL rand seed.";
	
	RAND_seed(seed, sizeof(seed));
	return RAND_bytes(Buff, BuffLen);
}