1 /* Copyright (C) 2009-2014, Martin Johansson <martin@fatbob.nu> 2 Copyright (C) 2005-2014, Thorvald Natvig <thorvald@natvig.com> 3 4 All rights reserved. 5 6 Redistribution and use in source and binary forms, with or without 7 modification, are permitted provided that the following conditions 8 are met: 9 10 - Redistributions of source code must retain the above copyright notice, 11 this list of conditions and the following disclaimer. 12 - Redistributions in binary form must reproduce the above copyright notice, 13 this list of conditions and the following disclaimer in the documentation 14 and/or other materials provided with the distribution. 15 - Neither the name of the Developers nor the names of its contributors may 16 be used to endorse or promote products derived from this software without 17 specific prior written permission. 18 19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 22 A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR 23 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 24 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 25 PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 26 PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 27 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 28 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 29 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 */ 31 #ifndef CRYPTSTATE_H_34564356 32 #define CRYPTSTATE_H_34564356 33 34 #include "byteorder.h" 35 #include "config.h" 36 37 #if defined(USE_POLARSSL) 38 39 #include <polarssl/havege.h> 40 #include <polarssl/aes.h> 41 42 #define CRYPT_AES_KEY aes_context 43 #define AES_BLOCK_SIZE 16 44 45 #define CRYPT_RANDOM_BYTES(dest, size) RAND_bytes((unsigned char *)(dest), (size)) 46 #define CRYPT_SET_ENC_KEY(dest, source, size) aes_setkey_enc((dest), (source), (size)); 47 #define CRYPT_SET_DEC_KEY(dest, source, size) aes_setkey_dec((dest), (source), (size)); 48 49 #define CRYPT_AES_ENCRYPT(src, dst, cryptstate) aes_crypt_ecb(&(cryptstate)->encrypt_key, AES_ENCRYPT, (unsigned char *)(src), (unsigned char *)(dst)); 50 #define CRYPT_AES_DECRYPT(src, dst, cryptstate) aes_crypt_ecb(&(cryptstate)->decrypt_key, AES_DECRYPT, (unsigned char *)(src), (unsigned char *)(dst)); 51 52 #elif defined(USE_MBEDTLS) 53 54 #include <mbedtls/havege.h> 55 #include <mbedtls/aes.h> 56 57 #define CRYPT_AES_KEY mbedtls_aes_context 58 #define AES_BLOCK_SIZE 16 59 60 #define CRYPT_RANDOM_BYTES(dest, size) RAND_bytes((unsigned char *)(dest), (size)) 61 #define CRYPT_SET_ENC_KEY(dest, source, size) mbedtls_aes_setkey_enc((dest), (source), (size)); 62 #define CRYPT_SET_DEC_KEY(dest, source, size) mbedtls_aes_setkey_dec((dest), (source), (size)); 63 64 #define CRYPT_AES_ENCRYPT(src, dst, cryptstate) mbedtls_aes_crypt_ecb(&(cryptstate)->encrypt_key, MBEDTLS_AES_ENCRYPT, (unsigned char *)(src), (unsigned char *)(dst)); 65 #define CRYPT_AES_DECRYPT(src, dst, cryptstate) mbedtls_aes_crypt_ecb(&(cryptstate)->decrypt_key, MBEDTLS_AES_DECRYPT, (unsigned char *)(src), (unsigned char *)(dst)); 66 67 #elif defined(USE_GNUTLS) 68 69 #include <nettle/aes.h> 70 #include <gnutls/gnutls.h> 71 #include <gnutls/crypto.h> 72 73 #define CRYPT_AES_KEY struct aes_ctx 74 #define CRYPT_RANDOM_BYTES(dest, size) gnutls_rnd(GNUTLS_RND_KEY, (dest), (size)) 75 #define CRYPT_SET_ENC_KEY(dest, source, size) aes_set_encrypt_key((dest), (size)/8, (source)); 76 #define CRYPT_SET_DEC_KEY(dest, source, size) aes_set_decrypt_key((dest), (size)/8, (source)); 77 78 #define CRYPT_AES_ENCRYPT(src, dest, ctx) aes_encrypt(&(ctx)->encrypt_key, AES_BLOCK_SIZE, (uint8_t *)(dest), (uint8_t *)(src)) 79 #define CRYPT_AES_DECRYPT(src, dest, ctx) aes_decrypt(&(ctx)->decrypt_key, AES_BLOCK_SIZE, (uint8_t *)(dest), (uint8_t *)(src)) 80 81 #else 82 83 #include <openssl/rand.h> 84 #include <openssl/aes.h> 85 86 #define CRYPT_AES_KEY AES_KEY 87 #define CRYPT_RANDOM_BYTES(dest, size) RAND_bytes((unsigned char *)(dest), (size)) 88 #define CRYPT_SET_ENC_KEY(dest, source, size) AES_set_encrypt_key((source), (size), (dest)); 89 #define CRYPT_SET_DEC_KEY(dest, source, size) AES_set_decrypt_key((source), (size), (dest)); 90 91 #define CRYPT_AES_ENCRYPT(src, dst, cryptstate) AES_encrypt((unsigned char *)(src), (unsigned char *)(dst), &(cryptstate)->encrypt_key); 92 #define CRYPT_AES_DECRYPT(src, dst, cryptstate) AES_decrypt((unsigned char *)(src), (unsigned char *)(dst), &(cryptstate)->decrypt_key); 93 94 #endif 95 96 #include <stdint.h> 97 #include "timer.h" 98 #include "types.h" 99 100 typedef struct CryptState { 101 uint8_t raw_key[AES_BLOCK_SIZE]; 102 uint8_t encrypt_iv[AES_BLOCK_SIZE]; 103 uint8_t decrypt_iv[AES_BLOCK_SIZE]; 104 uint8_t decrypt_history[0x100]; 105 106 unsigned int uiGood; 107 unsigned int uiLate; 108 unsigned int uiLost; 109 unsigned int uiResync; 110 111 unsigned int uiRemoteGood; 112 unsigned int uiRemoteLate; 113 unsigned int uiRemoteLost; 114 unsigned int uiRemoteResync; 115 116 CRYPT_AES_KEY encrypt_key; 117 CRYPT_AES_KEY decrypt_key; 118 119 etimer_t tLastGood; 120 etimer_t tLastRequest; 121 bool_t bInit; 122 } cryptState_t; 123 124 void CryptState_init(cryptState_t *cs); 125 bool_t CryptState_isValid(cryptState_t *cs); 126 void CryptState_genKey(cryptState_t *cs); 127 void CryptState_setKey(cryptState_t *cs, const unsigned char *rkey, const unsigned char *eiv, const unsigned char *div); 128 void CryptState_setDecryptIV(cryptState_t *cs, const unsigned char *iv); 129 130 bool_t CryptState_decrypt(cryptState_t *cs, const unsigned char *source, unsigned char *dst, unsigned int crypted_length); 131 void CryptState_encrypt(cryptState_t *cs, const unsigned char *source, unsigned char *dst, unsigned int plain_length); 132 133 #endif 134