1 /*
2  * SRT - Secure, Reliable, Transport
3  * Copyright (c) 2018 Haivision Systems Inc.
4  *
5  * This Source Code Form is subject to the terms of the Mozilla Public
6  * License, v. 2.0. If a copy of the MPL was not distributed with this
7  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8  *
9  */
10 
11 /*****************************************************************************
12 written by
13    Haivision Systems Inc.
14 
15    2011-06-23 (jdube)
16         HaiCrypt initial implementation.
17    2014-03-11 (jdube)
18         Adaptation for SRT.
19 *****************************************************************************/
20 
21 #ifndef HAICRYPT_H
22 #define HAICRYPT_H
23 
24 #include <sys/types.h>
25 #include <stdint.h>
26 
27 #ifdef __cplusplus
28 extern "C" {
29 #endif
30 typedef void *HaiCrypt_Cryspr;
31 
32 HaiCrypt_Cryspr HaiCryptCryspr_Get_Instance (void);     /* Return a default cryspr instance */
33 
34 #define HAICRYPT_CIPHER_BLK_SZ      16  /* AES Block Size */
35 
36 #define HAICRYPT_PWD_MAX_SZ         80  /* MAX password (for Password-based Key Derivation) */
37 #define HAICRYPT_KEY_MAX_SZ         32  /* MAX key */
38 #define HAICRYPT_SECRET_MAX_SZ      (HAICRYPT_PWD_MAX_SZ > HAICRYPT_KEY_MAX_SZ ? HAICRYPT_PWD_MAX_SZ : HAICRYPT_KEY_MAX_SZ)
39 
40 
41 #define HAICRYPT_SALT_SZ            16
42 
43 #define HAICRYPT_WRAPKEY_SIGN_SZ    8       /* RFC3394 AES KeyWrap signature size */
44 
45 #define HAICRYPT_PBKDF2_SALT_LEN    8       /* PKCS#5 PBKDF2 Password based key derivation salt length */
46 #define HAICRYPT_PBKDF2_ITER_CNT    2048    /* PKCS#5 PBKDF2 Password based key derivation iteration count */
47 
48 #define HAICRYPT_TS_PKT_SZ          188     /* Transport Stream packet size */
49 
50 typedef struct {
51 #define HAICRYPT_SECTYP_UNDEF       0
52 #define HAICRYPT_SECTYP_PRESHARED   1       /* Preshared KEK */
53 #define HAICRYPT_SECTYP_PASSPHRASE  2       /* Password */
54         unsigned        typ;
55         size_t          len;
56         unsigned char   str[HAICRYPT_SECRET_MAX_SZ];
57 }HaiCrypt_Secret;
58 
59 typedef struct {
60 #define HAICRYPT_CFG_F_TX       0x01        /* !TX -> RX */
61 #define HAICRYPT_CFG_F_CRYPTO   0x02        /* Perform crypto Tx:Encrypt Rx:Decrypt */
62 #define HAICRYPT_CFG_F_FEC      0x04        /* Do Forward Error Correction */
63         unsigned        flags;
64 
65         HaiCrypt_Secret secret;             /* Security Association */
66 
67         HaiCrypt_Cryspr cryspr;             /* CRYSPR implementation */
68 #define HAICRYPT_DEF_KEY_LENGTH 16          /* default key length (bytes) */
69         size_t  key_len;                    /* SEK length (bytes) */
70 #define HAICRYPT_DEF_DATA_MAX_LENGTH 1500   /* default packet data length (bytes) */
71         size_t  data_max_len;               /* Maximum data_len passed to HaiCrypt (bytes) */
72 
73 #define HAICRYPT_XPT_STANDALONE 0
74 #define HAICRYPT_XPT_SRT        1
75         int             xport;
76 
77 #define HAICRYPT_DEF_KM_TX_PERIOD 1000          /* Keying Material Default Tx Period (msec) */
78         unsigned int    km_tx_period_ms;        /* Keying Material Tx period (msec) */
79 #define HAICRYPT_DEF_KM_REFRESH_RATE 0x1000000  /* Keying Material Default Refresh Rate (pkts) */
80         unsigned int    km_refresh_rate_pkt;    /* Keying Material Refresh Rate (pkts) */
81 #define HAICRYPT_DEF_KM_PRE_ANNOUNCE 0x1000     /* Keying Material Default Pre/Post Announce (pkts) */
82         unsigned int    km_pre_announce_pkt;    /* Keying Material Pre/Post Announce (pkts) */
83 }HaiCrypt_Cfg;
84 
85 typedef enum HaiCrypt_CryptoDir { HAICRYPT_CRYPTO_DIR_RX, HAICRYPT_CRYPTO_DIR_TX } HaiCrypt_CryptoDir;
86 
87 //typedef void *HaiCrypt_Handle;
88 // internally it will be correctly interpreted,
89 // for the outsider it's just some kinda incomplete type
90 // but still if you use any kinda pointer instead, you'll get complaints
91 typedef struct hcrypt_Session_str* HaiCrypt_Handle;
92 
93 
94 
95 int  HaiCrypt_SetLogLevel(int level, int logfa);
96 
97 int  HaiCrypt_Create(const HaiCrypt_Cfg *cfg, HaiCrypt_Handle *phhc);
98 int  HaiCrypt_Clone(HaiCrypt_Handle hhcSrc, HaiCrypt_CryptoDir tx, HaiCrypt_Handle *phhc);
99 int  HaiCrypt_Close(HaiCrypt_Handle hhc);
100 int  HaiCrypt_Tx_GetBuf(HaiCrypt_Handle hhc, size_t data_len, unsigned char **in_p);
101 int  HaiCrypt_Tx_Process(HaiCrypt_Handle hhc, unsigned char *in, size_t in_len,
102                          void *out_p[], size_t out_len_p[], int maxout);
103 int  HaiCrypt_Rx_Process(HaiCrypt_Handle hhc, unsigned char *in, size_t in_len,
104                          void *out_p[], size_t out_len_p[], int maxout);
105 
106 int  HaiCrypt_Tx_GetKeyFlags(HaiCrypt_Handle hhc);
107 int  HaiCrypt_Tx_ManageKeys(HaiCrypt_Handle hhc, void *out_p[], size_t out_len_p[], int maxout);
108 int  HaiCrypt_Tx_Data(HaiCrypt_Handle hhc, unsigned char *pfx, unsigned char *data, size_t data_len);
109 int  HaiCrypt_Rx_Data(HaiCrypt_Handle hhc, unsigned char *pfx, unsigned char *data, size_t data_len);
110 
111 /* Status values */
112 
113 #define HAICRYPT_ERROR -1
114 #define HAICRYPT_ERROR_WRONG_SECRET -2
115 #define HAICRYPT_OK 0
116 
117 
118 #ifdef __cplusplus
119 }
120 #endif
121 
122 #endif /* HAICRYPT_H */
123