diff options
Diffstat (limited to 'src/plugins/wireguard/wireguard_key.c')
-rwxr-xr-x | src/plugins/wireguard/wireguard_key.c | 126 |
1 files changed, 126 insertions, 0 deletions
diff --git a/src/plugins/wireguard/wireguard_key.c b/src/plugins/wireguard/wireguard_key.c new file mode 100755 index 00000000000..db8c4864492 --- /dev/null +++ b/src/plugins/wireguard/wireguard_key.c @@ -0,0 +1,126 @@ +/* + * Copyright (c) 2020 Doc.ai and/or its affiliates. + * Copyright (c) 2005-2011 Jouni Malinen <j@w1.fi>. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <wireguard/wireguard_key.h> +#include <openssl/evp.h> + +bool +curve25519_gen_shared (u8 shared_key[CURVE25519_KEY_SIZE], + const u8 secret_key[CURVE25519_KEY_SIZE], + const u8 basepoint[CURVE25519_KEY_SIZE]) +{ + + bool ret; + EVP_PKEY_CTX *ctx; + size_t key_len; + + EVP_PKEY *peerkey = NULL; + EVP_PKEY *pkey = + EVP_PKEY_new_raw_private_key (EVP_PKEY_X25519, NULL, secret_key, + CURVE25519_KEY_SIZE); + + ret = true; + + ctx = EVP_PKEY_CTX_new (pkey, NULL); + if (EVP_PKEY_derive_init (ctx) <= 0) + { + ret = false; + goto out; + } + + peerkey = + EVP_PKEY_new_raw_public_key (EVP_PKEY_X25519, NULL, basepoint, + CURVE25519_KEY_SIZE); + if (EVP_PKEY_derive_set_peer (ctx, peerkey) <= 0) + { + ret = false; + goto out; + } + + key_len = CURVE25519_KEY_SIZE; + if (EVP_PKEY_derive (ctx, shared_key, &key_len) <= 0) + { + ret = false; + } + +out: + EVP_PKEY_CTX_free (ctx); + EVP_PKEY_free (pkey); + EVP_PKEY_free (peerkey); + return ret; +} + +bool +curve25519_gen_public (u8 public_key[CURVE25519_KEY_SIZE], + const u8 secret_key[CURVE25519_KEY_SIZE]) +{ + size_t pub_len; + EVP_PKEY *pkey = + EVP_PKEY_new_raw_private_key (EVP_PKEY_X25519, NULL, secret_key, + CURVE25519_KEY_SIZE); + pub_len = CURVE25519_KEY_SIZE; + if (!EVP_PKEY_get_raw_public_key (pkey, public_key, &pub_len)) + { + EVP_PKEY_free (pkey); + return false; + } + EVP_PKEY_free (pkey); + return true; +} + +bool +curve25519_gen_secret (u8 secret_key[CURVE25519_KEY_SIZE]) +{ + size_t secret_len; + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id (EVP_PKEY_X25519, NULL); + EVP_PKEY_keygen_init (pctx); + EVP_PKEY_keygen (pctx, &pkey); + EVP_PKEY_CTX_free (pctx); + + secret_len = CURVE25519_KEY_SIZE; + if (!EVP_PKEY_get_raw_private_key (pkey, secret_key, &secret_len)) + { + EVP_PKEY_free (pkey); + return false; + } + EVP_PKEY_free (pkey); + return true; +} + +bool +key_to_base64 (const u8 * src, size_t src_len, u8 * out) +{ + if (!EVP_EncodeBlock (out, src, src_len)) + return false; + return true; +} + +bool +key_from_base64 (const u8 * src, size_t src_len, u8 * out) +{ + if (EVP_DecodeBlock (out, src, src_len - 1) <= 0) + return false; + return true; +} + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ |