fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-07 03:10:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/libnm-core/crypto.h
Dan Winship 7c74e71e91 libnm-core: tweak crypto.c APIs 
Update crypto_verify_private_key() and
crypto_verify_private_key_data() to indicate whether the key was
encrypted or not.

Rename crypto_decrypt_private_key() and
crypto_decrypt_private_key_data() to
crypto_decrypt_openssl_private_key*, since that's the only private key
format they deal with, and the old names made them sound more generic
than they were. Also, update the openssl private key parsing code to
recognize unencrypted private keys as well. (Previously we accepted
unencrypted PKCS#8 keys, but not unencrypted openssl-style keys.)
2014-11-21 08:46:07 -05:00

129 lines
4.8 KiB
C
Raw Blame History

/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
/*
* Dan Williams <dcbw@redhat.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA.
*
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#ifndef __CRYPTO_H__
#define __CRYPTO_H__
#include <glib.h>
#define MD5_HASH_LEN 20
#define CIPHER_DES_EDE3_CBC "DES-EDE3-CBC"
#define CIPHER_DES_CBC "DES-CBC"
#define CIPHER_AES_CBC "AES-128-CBC"
typedef enum {
NM_CRYPTO_KEY_TYPE_UNKNOWN = 0,
NM_CRYPTO_KEY_TYPE_RSA,
NM_CRYPTO_KEY_TYPE_DSA
} NMCryptoKeyType;
typedef enum {
NM_CRYPTO_FILE_FORMAT_UNKNOWN = 0,
NM_CRYPTO_FILE_FORMAT_X509,
NM_CRYPTO_FILE_FORMAT_RAW_KEY,
NM_CRYPTO_FILE_FORMAT_PKCS12
} NMCryptoFileFormat;
gboolean crypto_init (GError **error);
void crypto_deinit (void);
GByteArray *crypto_decrypt_openssl_private_key_data (const guint8 *data,
gsize data_len,
const char *password,
NMCryptoKeyType *out_key_type,
GError **error);
GByteArray *crypto_decrypt_openssl_private_key (const char *file,
const char *password,
NMCryptoKeyType *out_key_type,
GError **error);
GByteArray *crypto_load_and_verify_certificate (const char *file,
NMCryptoFileFormat *out_file_format,
GError **error);
gboolean crypto_is_pkcs12_file (const char *file, GError **error);
gboolean crypto_is_pkcs12_data (const guint8 *data, gsize len);
NMCryptoFileFormat crypto_verify_private_key_data (const guint8 *data,
gsize data_len,
const char *password,
gboolean *out_is_encrypted,
GError **error);
NMCryptoFileFormat crypto_verify_private_key (const char *file,
const char *password,
gboolean *out_is_encrypted,
GError **error);
/* Internal utils API bits for crypto providers */
gboolean crypto_md5_hash (const char *salt,
const gsize salt_len,
const char *password,
gsize password_len,
char *buffer,
gsize buflen,
GError **error);
char * crypto_decrypt (const char *cipher,
int key_type,
const guint8 *data,
gsize data_len,
const char *iv,
const gsize iv_len,
const char *key,
const gsize key_len,
gsize *out_len,
GError **error);
char * crypto_encrypt (const char *cipher,
const guint8 *data,
gsize data_len,
const char *iv,
gsize iv_len,
const char *key,
gsize key_len,
gsize *out_len,
GError **error);
gboolean crypto_randomize (void *buffer, gsize buffer_len, GError **error);
NMCryptoFileFormat crypto_verify_cert (const guint8 *data,
gsize len,
GError **error);
gboolean crypto_verify_pkcs12 (const guint8 *data,
gsize data_len,
const char *password,
GError **error);
gboolean crypto_verify_pkcs8 (const guint8 *data,
gsize data_len,
gboolean is_encrypted,
const char *password,
GError **error);
#endif /* __CRYPTO_H__ */
Reference in a new issue View git blame Copy permalink