1 /* Copyright (c) 2004 Shevek (srs@anarres.org)
2  * All rights reserved.
3  *
4  * This file is a part of libsrs2 from http://www.libsrs2.org/
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, under the terms of either the GNU General Public
8  * License version 2 or the BSD license, at the discretion of the
9  * user. Copies of these licenses have been included in the libsrs2
10  * distribution. See the the file called LICENSE for more
11  * information.
12  */
13 
14 #ifndef __SRS2_H__
15 #define __SRS2_H__
16 
17 #ifndef __BEGIN_DECLS
18 #define __BEGIN_DECLS
19 #define __END_DECLS
20 #endif
21 
22 __BEGIN_DECLS
23 
24 #define SRS_VERSION_MAJOR			1
25 #define SRS_VERSION_MINOR			0
26 #define SRS_VERSION_PATCHLEVEL		14
27 #define SRS_VERSION_FROM(m, n, p)	(((m) << 16) + ((n) << 8) + (p))
28 #define SRS_VERSION		SRS_VERSION_FROM(SRS_VERSION_MAJOR, \
29 										SRS_VERSION_MINOR, \
30 										SRS_VERSION_PATCHLEVEL)
31 
32 /* This is ugly, but reasonably safe. */
33 #undef TRUE
34 #define TRUE 1
35 #undef FALSE
36 #define FALSE 0
37 
38 #define SRSSEP	'='
39 #define SRS0TAG	"SRS0"
40 #define SRS1TAG	"SRS1"
41 
42 /* Error codes */
43 
44 #define SRS_ERRTYPE_MASK		0xF000
45 #define SRS_ERRTYPE_NONE		0x0000
46 #define SRS_ERRTYPE_CONFIG		0x1000
47 #define SRS_ERRTYPE_INPUT		0x2000
48 #define SRS_ERRTYPE_SYNTAX		0x4000
49 #define SRS_ERRTYPE_SRS			0x8000
50 
51 #define SRS_SUCCESS				(0)
52 #define SRS_ENOTSRSADDRESS		(1)
53 #define SRS_ENOTREWRITTEN		(2)
54 
55 #define SRS_ENOSECRETS			(SRS_ERRTYPE_CONFIG | 1)
56 #define SRS_ESEPARATORINVALID	(SRS_ERRTYPE_CONFIG | 2)
57 
58 #define SRS_ENOSENDERATSIGN		(SRS_ERRTYPE_INPUT | 1)
59 #define SRS_EBUFTOOSMALL		(SRS_ERRTYPE_INPUT | 2)
60 
61 #define SRS_ENOSRS0HOST			(SRS_ERRTYPE_SYNTAX | 1)
62 #define SRS_ENOSRS0USER			(SRS_ERRTYPE_SYNTAX | 2)
63 #define SRS_ENOSRS0HASH			(SRS_ERRTYPE_SYNTAX | 3)
64 #define SRS_ENOSRS0STAMP		(SRS_ERRTYPE_SYNTAX | 4)
65 #define SRS_ENOSRS1HOST			(SRS_ERRTYPE_SYNTAX | 5)
66 #define SRS_ENOSRS1USER			(SRS_ERRTYPE_SYNTAX | 6)
67 #define SRS_ENOSRS1HASH			(SRS_ERRTYPE_SYNTAX | 7)
68 #define	SRS_EBADTIMESTAMPCHAR	(SRS_ERRTYPE_SYNTAX | 8)
69 #define SRS_EHASHTOOSHORT		(SRS_ERRTYPE_SYNTAX | 9)
70 
71 #define SRS_ETIMESTAMPOUTOFDATE	(SRS_ERRTYPE_SRS | 1)
72 #define SRS_EHASHINVALID		(SRS_ERRTYPE_SRS | 2)
73 
74 #define SRS_ERROR_TYPE(x) ((x) & SRS_ERRTYPE_MASK)
75 
76 /* SRS implementation */
77 
78 #define SRS_IS_SRS_ADDRESS(x) ( \
79 				(strncasecmp((x), "SRS", 3) == 0) && \
80 				(strchr("01", (x)[3]) != NULL) && \
81 				(strchr("-+=", (x)[4]) != NULL) \
82 			)
83 
84 typedef void *(*srs_malloc_t)(size_t);
85 typedef void *(*srs_realloc_t)(void *, size_t);
86 typedef void (*srs_free_t)(void *);
87 
88 typedef int srs_bool;
89 
90 typedef
91 struct _srs_t {
92 	/* Rewriting parameters */
93 	char	**secrets;
94 	int		  numsecrets;
95 	char	  separator;
96 
97 	/* Security parameters */
98 	int		  maxage;			/* Maximum allowed age in seconds */
99 	int		  hashlength;
100 	int		  hashmin;
101 
102 	/* Behaviour parameters */
103 	srs_bool  alwaysrewrite;	/* Rewrite even into same domain? */
104 	srs_bool  noforward;		/* Never perform forwards rewriting */
105 	srs_bool  noreverse;		/* Never perform reverse rewriting */
106 	char	**neverrewrite;		/* A list of non-rewritten domains */
107 } srs_t;
108 
109 /* Interface */
110 int		 srs_set_malloc(srs_malloc_t m, srs_realloc_t r, srs_free_t f);
111 srs_t	*srs_new();
112 void	 srs_init(srs_t *srs);
113 void	 srs_free(srs_t *srs);
114 int		 srs_forward(srs_t *srs, char *buf, int buflen,
115 				const char *sender, const char *alias);
116 int		 srs_forward_alloc(srs_t *srs, char **sptr,
117 				const char *sender, const char *alias);
118 int		 srs_reverse(srs_t *srs, char *buf, int buflen,
119 				const char *sender);
120 int		 srs_reverse_alloc(srs_t *srs, char **sptr, const char *sender);
121 const char *
122 		 srs_strerror(int code);
123 int		 srs_add_secret(srs_t *srs, const char *secret);
124 const char *
125 		 srs_get_secret(srs_t *srs, int idx);
126 	/* You probably shouldn't call these. */
127 int		 srs_timestamp_create(srs_t *srs, char *buf, time_t now);
128 int		 srs_timestamp_check(srs_t *srs, const char *stamp);
129 
130 #define SRS_PARAM_DECLARE(n, t) \
131 	int srs_set_ ## n (srs_t *srs, t value); \
132 	t srs_get_ ## n (srs_t *srs);
133 
134 SRS_PARAM_DECLARE(alwaysrewrite, srs_bool)
135 SRS_PARAM_DECLARE(separator, char)
136 SRS_PARAM_DECLARE(maxage, int)
137 SRS_PARAM_DECLARE(hashlength, int)
138 SRS_PARAM_DECLARE(hashmin, int)
139 SRS_PARAM_DECLARE(noforward, srs_bool)
140 SRS_PARAM_DECLARE(noreverse, srs_bool)
141 
142 /* SHA1 implementation */
143 
144 typedef unsigned long	ULONG;	 /* 32-or-more-bit quantity */
145 typedef unsigned char	sha_byte;
146 
147 #define SHA_BLOCKSIZE				64
148 #define SHA_DIGESTSIZE				20
149 
150 typedef struct {
151 	ULONG digest[5];				/* message digest */
152 	ULONG count_lo, count_hi;		/* 64-bit bit count */
153 	sha_byte data[SHA_BLOCKSIZE];		/* SHA data buffer */
154 	int local;						/* unprocessed amount in data */
155 } SHA_INFO;
156 
157 typedef
158 struct _srs_hmac_ctx_t {
159 	SHA_INFO	sctx;
160 	char		ipad[SHA_BLOCKSIZE + 1];
161 	char		opad[SHA_BLOCKSIZE + 1];
162 } srs_hmac_ctx_t;
163 
164 void	 srs_hmac_init(srs_hmac_ctx_t *ctx, char *secret, int len);
165 void	 srs_hmac_update(srs_hmac_ctx_t *ctx, char *data, int len);
166 void	 srs_hmac_fini(srs_hmac_ctx_t *ctx, char *out);
167 
168 
169 __END_DECLS
170 
171 #endif
172