1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
/*
* Dan Williams <dcbw@redhat.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2008 Red Hat, Inc.
*/
#include <glib.h>
#define MD5_HASH_LEN 20
#define CIPHER_DES_EDE3_CBC "DES-EDE3-CBC"
#define CIPHER_DES_CBC "DES-CBC"
enum {
NM_CRYPTO_ERR_NONE = 0,
NM_CRYPTO_ERR_INIT_FAILED,
NM_CRYPTO_ERR_CANT_READ_FILE,
NM_CRYPTO_ERR_FILE_FORMAT_INVALID,
NM_CRYPTO_ERR_CERT_FORMAT_INVALID,
NM_CRYPTO_ERR_DECODE_FAILED,
NM_CRYPTO_ERR_OUT_OF_MEMORY,
NM_CRYPTO_ERR_UNKNOWN_KEY_TYPE,
NM_CRYPTO_ERR_UNKNOWN_CIPHER,
NM_CRYPTO_ERR_RAW_IV_INVALID,
NM_CRYPTO_ERR_MD5_INIT_FAILED,
NM_CRYPTO_ERR_CIPHER_INIT_FAILED,
NM_CRYPTO_ERR_CIPHER_SET_KEY_FAILED,
NM_CRYPTO_ERR_CIPHER_SET_IV_FAILED,
NM_CRYPTO_ERR_CIPHER_DECRYPT_FAILED,
NM_CRYPTO_ERR_INVALID_PASSWORD,
};
typedef enum {
NM_CRYPTO_KEY_TYPE_UNKNOWN = 0,
NM_CRYPTO_KEY_TYPE_RSA,
NM_CRYPTO_KEY_TYPE_DSA,
NM_CRYPTO_KEY_TYPE_ENCRYPTED
} NMCryptoKeyType;
typedef enum {
NM_CRYPTO_FILE_FORMAT_UNKNOWN = 0,
NM_CRYPTO_FILE_FORMAT_X509,
NM_CRYPTO_FILE_FORMAT_RAW_KEY,
NM_CRYPTO_FILE_FORMAT_PKCS12
} NMCryptoFileFormat;
#define NM_CRYPTO_ERROR _nm_crypto_error_quark ()
GQuark _nm_crypto_error_quark (void);
gboolean crypto_init (GError **error);
void crypto_deinit (void);
GByteArray * crypto_get_private_key_data (GByteArray *contents,
const char *password,
NMCryptoKeyType *out_key_type,
NMCryptoFileFormat *out_file_format,
GError **error);
GByteArray * crypto_get_private_key (const char *file,
const char *password,
NMCryptoKeyType *out_key_type,
NMCryptoFileFormat *out_file_format,
GError **error);
GByteArray * crypto_load_and_verify_certificate (const char *file,
NMCryptoFileFormat *out_file_format,
GError **error);
gboolean crypto_is_pkcs12_file (const char *file, GError **error);
gboolean crypto_is_pkcs12_data (const GByteArray *data);
/* Internal utils API bits for crypto providers */
gboolean crypto_md5_hash (const char *salt,
const gsize salt_len,
const char *password,
gsize password_len,
char *buffer,
gsize buflen,
GError **error);
char * crypto_decrypt (const char *cipher,
int key_type,
GByteArray *data,
const char *iv,
const gsize iv_len,
const char *key,
const gsize key_len,
gsize *out_len,
GError **error);
NMCryptoFileFormat crypto_verify_cert (const unsigned char *data,
gsize len,
GError **error);
gboolean crypto_verify_pkcs12 (const GByteArray *data,
const char *password,
GError **error);
|
