netwerk/srtp/src/crypto/include/cipher.h@6474c204b198 (annotated)
netwerk/srtp/src/crypto/include/cipher.h
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | /* |
| michael@0 | 2 | * cipher.h |
| michael@0 | 3 | * |
| michael@0 | 4 | * common interface to ciphers |
| michael@0 | 5 | * |
| michael@0 | 6 | * David A. McGrew |
| michael@0 | 7 | * Cisco Systems, Inc. |
| michael@0 | 8 | */ |
| michael@0 | 9 | /* |
| michael@0 | 10 | * |
| michael@0 | 11 | * Copyright (c) 2001-2006, Cisco Systems, Inc. |
| michael@0 | 12 | * All rights reserved. |
| michael@0 | 13 | * |
| michael@0 | 14 | * Redistribution and use in source and binary forms, with or without |
| michael@0 | 15 | * modification, are permitted provided that the following conditions |
| michael@0 | 16 | * are met: |
| michael@0 | 17 | * |
| michael@0 | 18 | * Redistributions of source code must retain the above copyright |
| michael@0 | 19 | * notice, this list of conditions and the following disclaimer. |
| michael@0 | 20 | * |
| michael@0 | 21 | * Redistributions in binary form must reproduce the above |
| michael@0 | 22 | * copyright notice, this list of conditions and the following |
| michael@0 | 23 | * disclaimer in the documentation and/or other materials provided |
| michael@0 | 24 | * with the distribution. |
| michael@0 | 25 | * |
| michael@0 | 26 | * Neither the name of the Cisco Systems, Inc. nor the names of its |
| michael@0 | 27 | * contributors may be used to endorse or promote products derived |
| michael@0 | 28 | * from this software without specific prior written permission. |
| michael@0 | 29 | * |
| michael@0 | 30 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| michael@0 | 31 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| michael@0 | 32 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
| michael@0 | 33 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
| michael@0 | 34 | * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, |
| michael@0 | 35 | * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES |
| michael@0 | 36 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR |
| michael@0 | 37 | * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| michael@0 | 38 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
| michael@0 | 39 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| michael@0 | 40 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| michael@0 | 41 | * OF THE POSSIBILITY OF SUCH DAMAGE. |
| michael@0 | 42 | * |
| michael@0 | 43 | */ |
| michael@0 | 44 | |
| michael@0 | 45 | |
| michael@0 | 46 | #ifndef CIPHER_H |
| michael@0 | 47 | #define CIPHER_H |
| michael@0 | 48 | |
| michael@0 | 49 | #include "datatypes.h" |
| michael@0 | 50 | #include "rdbx.h" /* for xtd_seq_num_t */ |
| michael@0 | 51 | #include "err.h" /* for error codes */ |
| michael@0 | 52 | #include "crypto.h" /* for cipher_type_id_t */ |
| michael@0 | 53 | #include "crypto_types.h" /* for values of cipher_type_id_t */ |
| michael@0 | 54 | |
| michael@0 | 55 | |
| michael@0 | 56 | /** |
| michael@0 | 57 | * @brief cipher_direction_t defines a particular cipher operation. |
| michael@0 | 58 | * |
| michael@0 | 59 | * A cipher_direction_t is an enum that describes a particular cipher |
| michael@0 | 60 | * operation, i.e. encryption or decryption. For some ciphers, this |
| michael@0 | 61 | * distinction does not matter, but for others, it is essential. |
| michael@0 | 62 | */ |
| michael@0 | 63 | |
| michael@0 | 64 | typedef enum { |
| michael@0 | 65 | direction_encrypt, /**< encryption (convert plaintext to ciphertext) */ |
| michael@0 | 66 | direction_decrypt, /**< decryption (convert ciphertext to plaintext) */ |
| michael@0 | 67 | direction_any /**< encryption or decryption */ |
| michael@0 | 68 | } cipher_direction_t; |
| michael@0 | 69 | |
| michael@0 | 70 | /* |
| michael@0 | 71 | * the cipher_pointer and cipher_type_pointer definitions are needed |
| michael@0 | 72 | * as cipher_t and cipher_type_t are not yet defined |
| michael@0 | 73 | */ |
| michael@0 | 74 | |
| michael@0 | 75 | typedef struct cipher_type_t *cipher_type_pointer_t; |
| michael@0 | 76 | typedef struct cipher_t *cipher_pointer_t; |
| michael@0 | 77 | |
| michael@0 | 78 | /* |
| michael@0 | 79 | * a cipher_alloc_func_t allocates (but does not initialize) a cipher_t |
| michael@0 | 80 | */ |
| michael@0 | 81 | |
| michael@0 | 82 | typedef err_status_t (*cipher_alloc_func_t) |
| michael@0 | 83 | (cipher_pointer_t *cp, int key_len); |
| michael@0 | 84 | |
| michael@0 | 85 | /* |
| michael@0 | 86 | * a cipher_init_func_t [re-]initializes a cipher_t with a given key |
| michael@0 | 87 | * and direction (i.e., encrypt or decrypt) |
| michael@0 | 88 | */ |
| michael@0 | 89 | |
| michael@0 | 90 | typedef err_status_t (*cipher_init_func_t) |
| michael@0 | 91 | (void *state, const uint8_t *key, int key_len, cipher_direction_t dir); |
| michael@0 | 92 | |
| michael@0 | 93 | /* a cipher_dealloc_func_t de-allocates a cipher_t */ |
| michael@0 | 94 | |
| michael@0 | 95 | typedef err_status_t (*cipher_dealloc_func_t)(cipher_pointer_t cp); |
| michael@0 | 96 | |
| michael@0 | 97 | /* a cipher_set_segment_func_t sets the segment index of a cipher_t */ |
| michael@0 | 98 | |
| michael@0 | 99 | typedef err_status_t (*cipher_set_segment_func_t) |
| michael@0 | 100 | (void *state, xtd_seq_num_t idx); |
| michael@0 | 101 | |
| michael@0 | 102 | /* a cipher_encrypt_func_t encrypts data in-place */ |
| michael@0 | 103 | |
| michael@0 | 104 | typedef err_status_t (*cipher_encrypt_func_t) |
| michael@0 | 105 | (void *state, uint8_t *buffer, unsigned int *octets_to_encrypt); |
| michael@0 | 106 | |
| michael@0 | 107 | /* a cipher_decrypt_func_t decrypts data in-place */ |
| michael@0 | 108 | |
| michael@0 | 109 | typedef err_status_t (*cipher_decrypt_func_t) |
| michael@0 | 110 | (void *state, uint8_t *buffer, unsigned int *octets_to_decrypt); |
| michael@0 | 111 | |
| michael@0 | 112 | /* |
| michael@0 | 113 | * a cipher_set_iv_func_t function sets the current initialization vector |
| michael@0 | 114 | */ |
| michael@0 | 115 | |
| michael@0 | 116 | typedef err_status_t (*cipher_set_iv_func_t) |
| michael@0 | 117 | (cipher_pointer_t cp, void *iv); |
| michael@0 | 118 | |
| michael@0 | 119 | /* |
| michael@0 | 120 | * cipher_test_case_t is a (list of) key, salt, xtd_seq_num_t, |
| michael@0 | 121 | * plaintext, and ciphertext values that are known to be correct for a |
| michael@0 | 122 | * particular cipher. this data can be used to test an implementation |
| michael@0 | 123 | * in an on-the-fly self test of the correcness of the implementation. |
| michael@0 | 124 | * (see the cipher_type_self_test() function below) |
| michael@0 | 125 | */ |
| michael@0 | 126 | |
| michael@0 | 127 | typedef struct cipher_test_case_t { |
| michael@0 | 128 | int key_length_octets; /* octets in key */ |
| michael@0 | 129 | uint8_t *key; /* key */ |
| michael@0 | 130 | uint8_t *idx; /* packet index */ |
| michael@0 | 131 | int plaintext_length_octets; /* octets in plaintext */ |
| michael@0 | 132 | uint8_t *plaintext; /* plaintext */ |
| michael@0 | 133 | int ciphertext_length_octets; /* octets in plaintext */ |
| michael@0 | 134 | uint8_t *ciphertext; /* ciphertext */ |
| michael@0 | 135 | struct cipher_test_case_t *next_test_case; /* pointer to next testcase */ |
| michael@0 | 136 | } cipher_test_case_t; |
| michael@0 | 137 | |
| michael@0 | 138 | /* cipher_type_t defines the 'metadata' for a particular cipher type */ |
| michael@0 | 139 | |
| michael@0 | 140 | typedef struct cipher_type_t { |
| michael@0 | 141 | cipher_alloc_func_t alloc; |
| michael@0 | 142 | cipher_dealloc_func_t dealloc; |
| michael@0 | 143 | cipher_init_func_t init; |
| michael@0 | 144 | cipher_encrypt_func_t encrypt; |
| michael@0 | 145 | cipher_encrypt_func_t decrypt; |
| michael@0 | 146 | cipher_set_iv_func_t set_iv; |
| michael@0 | 147 | char *description; |
| michael@0 | 148 | int ref_count; |
| michael@0 | 149 | cipher_test_case_t *test_data; |
| michael@0 | 150 | debug_module_t *debug; |
| michael@0 | 151 | cipher_type_id_t id; |
| michael@0 | 152 | } cipher_type_t; |
| michael@0 | 153 | |
| michael@0 | 154 | /* |
| michael@0 | 155 | * cipher_t defines an instantiation of a particular cipher, with fixed |
| michael@0 | 156 | * key length, key and salt values |
| michael@0 | 157 | */ |
| michael@0 | 158 | |
| michael@0 | 159 | typedef struct cipher_t { |
| michael@0 | 160 | cipher_type_t *type; |
| michael@0 | 161 | void *state; |
| michael@0 | 162 | int key_len; |
| michael@0 | 163 | #ifdef FORCE_64BIT_ALIGN |
| michael@0 | 164 | int pad; |
| michael@0 | 165 | #endif |
| michael@0 | 166 | } cipher_t; |
| michael@0 | 167 | |
| michael@0 | 168 | /* some syntactic sugar on these function types */ |
| michael@0 | 169 | |
| michael@0 | 170 | #define cipher_type_alloc(ct, c, klen) ((ct)->alloc((c), (klen))) |
| michael@0 | 171 | |
| michael@0 | 172 | #define cipher_dealloc(c) (((c)->type)->dealloc(c)) |
| michael@0 | 173 | |
| michael@0 | 174 | #define cipher_init(c, k, dir) (((c)->type)->init(((c)->state), (k), ((c)->key_len), (dir))) |
| michael@0 | 175 | |
| michael@0 | 176 | #define cipher_encrypt(c, buf, len) \ |
| michael@0 | 177 | (((c)->type)->encrypt(((c)->state), (buf), (len))) |
| michael@0 | 178 | |
| michael@0 | 179 | #define cipher_decrypt(c, buf, len) \ |
| michael@0 | 180 | (((c)->type)->decrypt(((c)->state), (buf), (len))) |
| michael@0 | 181 | |
| michael@0 | 182 | #define cipher_set_iv(c, n) \ |
| michael@0 | 183 | ((c) ? (((c)->type)->set_iv(((cipher_pointer_t)(c)->state), (n))) : \ |
| michael@0 | 184 | err_status_no_such_op) |
| michael@0 | 185 | |
| michael@0 | 186 | err_status_t |
| michael@0 | 187 | cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output); |
| michael@0 | 188 | |
| michael@0 | 189 | |
| michael@0 | 190 | /* some bookkeeping functions */ |
| michael@0 | 191 | |
| michael@0 | 192 | int |
| michael@0 | 193 | cipher_get_key_length(const cipher_t *c); |
| michael@0 | 194 | |
| michael@0 | 195 | |
| michael@0 | 196 | /* |
| michael@0 | 197 | * cipher_type_self_test() tests a cipher against test cases provided in |
| michael@0 | 198 | * an array of values of key/xtd_seq_num_t/plaintext/ciphertext |
| michael@0 | 199 | * that is known to be good |
| michael@0 | 200 | */ |
| michael@0 | 201 | |
| michael@0 | 202 | err_status_t |
| michael@0 | 203 | cipher_type_self_test(const cipher_type_t *ct); |
| michael@0 | 204 | |
| michael@0 | 205 | |
| michael@0 | 206 | /* |
| michael@0 | 207 | * cipher_type_test() tests a cipher against external test cases provided in |
| michael@0 | 208 | * an array of values of key/xtd_seq_num_t/plaintext/ciphertext |
| michael@0 | 209 | * that is known to be good |
| michael@0 | 210 | */ |
| michael@0 | 211 | |
| michael@0 | 212 | err_status_t |
| michael@0 | 213 | cipher_type_test(const cipher_type_t *ct, const cipher_test_case_t *test_data); |
| michael@0 | 214 | |
| michael@0 | 215 | |
| michael@0 | 216 | /* |
| michael@0 | 217 | * cipher_bits_per_second(c, l, t) computes (and estimate of) the |
| michael@0 | 218 | * number of bits that a cipher implementation can encrypt in a second |
| michael@0 | 219 | * |
| michael@0 | 220 | * c is a cipher (which MUST be allocated and initialized already), l |
| michael@0 | 221 | * is the length in octets of the test data to be encrypted, and t is |
| michael@0 | 222 | * the number of trials |
| michael@0 | 223 | * |
| michael@0 | 224 | * if an error is encountered, then the value 0 is returned |
| michael@0 | 225 | */ |
| michael@0 | 226 | |
| michael@0 | 227 | uint64_t |
| michael@0 | 228 | cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials); |
| michael@0 | 229 | |
| michael@0 | 230 | #endif /* CIPHER_H */ |
