diff options
Diffstat (limited to 'srtp/crypto/include')
32 files changed, 0 insertions, 3660 deletions
diff --git a/srtp/crypto/include/.cvsignore b/srtp/crypto/include/.cvsignore deleted file mode 100644 index 0e56cf2..0000000 --- a/srtp/crypto/include/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -config.h diff --git a/srtp/crypto/include/CVS/Entries b/srtp/crypto/include/CVS/Entries deleted file mode 100644 index 8107491..0000000 --- a/srtp/crypto/include/CVS/Entries +++ /dev/null @@ -1,29 +0,0 @@ -/.cvsignore/1.1/Thu Sep 29 11:59:01 2005// -/aes.h/1.5/Wed Jul 12 22:22:08 2006// -/aes_cbc.h/1.2/Thu Sep 29 12:36:43 2005// -/aes_icm.h/1.3/Fri Mar 17 21:00:46 2006// -/alloc.h/1.4/Thu Jun 8 17:00:27 2006// -/auth.h/1.3/Thu Jun 8 17:00:27 2006// -/cipher.h/1.6/Wed Jul 12 22:22:08 2006// -/crypto.h/1.2/Wed Jul 12 00:50:56 2006// -/crypto_kernel.h/1.4/Wed Jul 12 00:50:56 2006// -/crypto_math.h/1.4/Thu Jun 8 17:00:27 2006// -/crypto_types.h/1.2/Thu Jun 8 17:00:27 2006// -/cryptoalg.h/1.3/Thu Jun 8 17:00:27 2006// -/datatypes.h/1.15/Wed Jul 12 22:41:57 2006// -/err.h/1.11/Tue Jul 18 19:45:46 2006// -/gf2_8.h/1.4/Thu Jun 8 17:00:27 2006// -/hmac.h/1.5/Thu Jun 8 17:00:27 2006// -/integers.h/1.8/Tue Jul 18 19:45:46 2006// -/kernel_compat.h/1.3/Tue Oct 18 15:27:35 2005// -/key.h/1.3/Thu Jun 8 18:51:27 2006// -/null_auth.h/1.3/Thu Jun 8 17:00:27 2006// -/null_cipher.h/1.3/Thu Jun 8 17:00:27 2006// -/prng.h/1.5/Mon Oct 3 15:52:19 2005// -/rand_source.h/1.4/Thu Jun 8 17:00:27 2006// -/rdb.h/1.1/Mon Sep 26 20:41:14 2005// -/rdbx.h/1.1.1.1/Wed Sep 21 22:51:40 2005// -/sha1.h/1.4/Thu Jun 8 17:00:27 2006// -/stat.h/1.4/Thu Jun 8 17:00:27 2006// -/xfm.h/1.2/Wed Sep 28 14:23:06 2005// -D diff --git a/srtp/crypto/include/CVS/Repository b/srtp/crypto/include/CVS/Repository deleted file mode 100644 index c29d21a..0000000 --- a/srtp/crypto/include/CVS/Repository +++ /dev/null @@ -1 +0,0 @@ -srtp/crypto/include diff --git a/srtp/crypto/include/CVS/Root b/srtp/crypto/include/CVS/Root deleted file mode 100644 index 05e15d8..0000000 --- a/srtp/crypto/include/CVS/Root +++ /dev/null @@ -1 +0,0 @@ -srtp.cvs.sourceforge.net:/cvsroot/srtp diff --git a/srtp/crypto/include/aes.h b/srtp/crypto/include/aes.h deleted file mode 100644 index d965280..0000000 --- a/srtp/crypto/include/aes.h +++ /dev/null @@ -1,84 +0,0 @@ -/* - * aes.h - * - * header file for the AES block cipher - * - * David A. McGrew - * Cisco Systems, Inc. - */ - -/* - * - * Copyright (c) 2001-2006, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#ifndef _AES_H -#define _AES_H - -#include "config.h" - -#include "datatypes.h" -#include "gf2_8.h" - -/* aes internals */ - -typedef v128_t aes_expanded_key_t[11]; - -void -aes_expand_encryption_key(const v128_t *key, - aes_expanded_key_t expanded_key); - -void -aes_expand_decryption_key(const v128_t *key, - aes_expanded_key_t expanded_key); - -void -aes_encrypt(v128_t *plaintext, const aes_expanded_key_t exp_key); - -void -aes_decrypt(v128_t *plaintext, const aes_expanded_key_t exp_key); - -#if 0 -/* - * internal functions - */ - -void -aes_init_sbox(void); - -void -aes_compute_tables(void); -#endif - -#endif /* _AES_H */ diff --git a/srtp/crypto/include/aes_cbc.h b/srtp/crypto/include/aes_cbc.h deleted file mode 100644 index 9fb6682..0000000 --- a/srtp/crypto/include/aes_cbc.h +++ /dev/null @@ -1,50 +0,0 @@ -/* - * aes_cbc.h - * - * Header for AES Cipher Blobk Chaining Mode. - * - * David A. McGrew - * Cisco Systems, Inc. - * - */ - -#ifndef AES_CBC_H -#define AES_CBC_H - -#include "aes.h" -#include "cipher.h" - -typedef struct { - v128_t state; /* cipher chaining state */ - v128_t previous; /* previous ciphertext block */ - aes_expanded_key_t expanded_key; /* the cipher key */ -} aes_cbc_ctx_t; - -err_status_t -aes_cbc_set_key(aes_cbc_ctx_t *c, - const unsigned char *key); - -err_status_t -aes_cbc_encrypt(aes_cbc_ctx_t *c, - unsigned char *buf, - unsigned int *bytes_in_data); - -err_status_t -aes_cbc_context_init(aes_cbc_ctx_t *c, const uint8_t *key, - cipher_direction_t dir); - -err_status_t -aes_cbc_set_iv(aes_cbc_ctx_t *c, void *iv); - -err_status_t -aes_cbc_nist_encrypt(aes_cbc_ctx_t *c, - unsigned char *data, - unsigned int *bytes_in_data); - -err_status_t -aes_cbc_nist_decrypt(aes_cbc_ctx_t *c, - unsigned char *data, - unsigned int *bytes_in_data); - -#endif /* AES_CBC_H */ - diff --git a/srtp/crypto/include/aes_icm.h b/srtp/crypto/include/aes_icm.h deleted file mode 100644 index 17a1ddb..0000000 --- a/srtp/crypto/include/aes_icm.h +++ /dev/null @@ -1,56 +0,0 @@ -/* - * aes_icm.h - * - * Header for AES Integer Counter Mode. - * - * David A. McGrew - * Cisco Systems, Inc. - * - */ - -#ifndef AES_ICM_H -#define AES_ICM_H - -#include "aes.h" -#include "cipher.h" - -typedef struct { - v128_t counter; /* holds the counter value */ - v128_t offset; /* initial offset value */ - v128_t keystream_buffer; /* buffers bytes of keystream */ - aes_expanded_key_t expanded_key; /* the cipher key */ - int bytes_in_buffer; /* number of unused bytes in buffer */ -} aes_icm_ctx_t; - - -err_status_t -aes_icm_context_init(aes_icm_ctx_t *c, - const unsigned char *key); - -err_status_t -aes_icm_set_iv(aes_icm_ctx_t *c, void *iv); - -err_status_t -aes_icm_encrypt(aes_icm_ctx_t *c, - unsigned char *buf, unsigned int *bytes_to_encr); - -err_status_t -aes_icm_output(aes_icm_ctx_t *c, - unsigned char *buf, int bytes_to_output); - -err_status_t -aes_icm_dealloc(cipher_t *c); - -err_status_t -aes_icm_encrypt_ismacryp(aes_icm_ctx_t *c, - unsigned char *buf, - unsigned int *enc_len, - int forIsmacryp); - -err_status_t -aes_icm_alloc_ismacryp(cipher_t **c, - int key_len, - int forIsmacryp); - -#endif /* AES_ICM_H */ - diff --git a/srtp/crypto/include/alloc.h b/srtp/crypto/include/alloc.h deleted file mode 100644 index 5980eed..0000000 --- a/srtp/crypto/include/alloc.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * alloc.h - * - * interface to memory allocation and deallocation, with optional debugging - * - * David A. McGrew - * Cisco Systems, Inc. - */ -/* - * - * Copyright (c) 2001-2006 Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef CRYPTO_ALLOC_H -#define CRYPTO_ALLOC_H - -#include "datatypes.h" - -void * -crypto_alloc(size_t size); - -void -crypto_free(void *ptr); - -#endif /* CRYPTO_ALLOC_H */ diff --git a/srtp/crypto/include/auth.h b/srtp/crypto/include/auth.h deleted file mode 100644 index 295b5f6..0000000 --- a/srtp/crypto/include/auth.h +++ /dev/null @@ -1,159 +0,0 @@ -/* - * auth.h - * - * common interface to authentication functions - * - * David A. McGrew - * Cisco Systems, Inc. - */ - -/* - * - * Copyright (c) 2001-2006, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#ifndef AUTH_H -#define AUTH_H - -#include "datatypes.h" -#include "err.h" /* error codes */ - -typedef struct auth_type_t *auth_type_pointer; -typedef struct auth_t *auth_pointer_t; - -typedef err_status_t (*auth_alloc_func) - (auth_pointer_t *ap, int key_len, int out_len); - -typedef err_status_t (*auth_init_func) - (void *state, const uint8_t *key, int key_len); - -typedef err_status_t (*auth_dealloc_func)(auth_pointer_t ap); - -typedef err_status_t (*auth_compute_func) - (void *state, uint8_t *buffer, int octets_to_auth, - int tag_len, uint8_t *tag); - -typedef err_status_t (*auth_update_func) - (void *state, uint8_t *buffer, int octets_to_auth); - -typedef err_status_t (*auth_start_func)(void *state); - -/* some syntactic sugar on these function types */ - -#define auth_type_alloc(at, a, klen, outlen) \ - ((at)->alloc((a), (klen), (outlen))) - -#define auth_init(a, key) \ - (((a)->type)->init((a)->state, (key), ((a)->key_len))) - -#define auth_compute(a, buf, len, res) \ - (((a)->type)->compute((a)->state, (buf), (len), (a)->out_len, (res))) - -#define auth_update(a, buf, len) \ - (((a)->type)->update((a)->state, (buf), (len))) - -#define auth_start(a)(((a)->type)->start((a)->state)) - -#define auth_dealloc(c) (((c)->type)->dealloc(c)) - -/* functions to get information about a particular auth_t */ - -int -auth_get_key_length(const struct auth_t *a); - -int -auth_get_tag_length(const struct auth_t *a); - -int -auth_get_prefix_length(const struct auth_t *a); - -/* - * auth_test_case_t is a (list of) key/message/tag values that are - * known to be correct for a particular cipher. this data can be used - * to test an implementation in an on-the-fly self test of the - * correcness of the implementation. (see the auth_type_self_test() - * function below) - */ - -typedef struct auth_test_case_t { - int key_length_octets; /* octets in key */ - uint8_t *key; /* key */ - int data_length_octets; /* octets in data */ - uint8_t *data; /* data */ - int tag_length_octets; /* octets in tag */ - uint8_t *tag; /* tag */ - struct auth_test_case_t *next_test_case; /* pointer to next testcase */ -} auth_test_case_t; - -/* auth_type_t */ - -typedef struct auth_type_t { - auth_alloc_func alloc; - auth_dealloc_func dealloc; - auth_init_func init; - auth_compute_func compute; - auth_update_func update; - auth_start_func start; - char *description; - int ref_count; - auth_test_case_t *test_data; - debug_module_t *debug; -} auth_type_t; - -typedef struct auth_t { - auth_type_t *type; - void *state; - int out_len; /* length of output tag in octets */ - int key_len; /* length of key in octets */ - int prefix_len; /* length of keystream prefix */ -} auth_t; - -/* - * auth_type_self_test() tests an auth_type against test cases - * provided in an array of values of key/message/tag that is known to - * be good - */ - -err_status_t -auth_type_self_test(const auth_type_t *at); - -/* - * auth_type_get_ref_count(at) returns the reference count (the number - * of instantiations) of the auth_type_t at - */ - -int -auth_type_get_ref_count(const auth_type_t *at); - -#endif /* AUTH_H */ diff --git a/srtp/crypto/include/cipher.h b/srtp/crypto/include/cipher.h deleted file mode 100644 index 96ee9dc..0000000 --- a/srtp/crypto/include/cipher.h +++ /dev/null @@ -1,218 +0,0 @@ -/* - * cipher.h - * - * common interface to ciphers - * - * David A. McGrew - * Cisco Systems, Inc. - */ -/* - * - * Copyright (c) 2001-2006, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef CIPHER_H -#define CIPHER_H - -#include "datatypes.h" -#include "rdbx.h" /* for xtd_seq_num_t */ -#include "err.h" /* for error codes */ - - -/** - * @brief cipher_direction_t defines a particular cipher operation. - * - * A cipher_direction_t is an enum that describes a particular cipher - * operation, i.e. encryption or decryption. For some ciphers, this - * distinction does not matter, but for others, it is essential. - */ - -typedef enum { - direction_encrypt, /**< encryption (convert plaintext to ciphertext) */ - direction_decrypt, /**< decryption (convert ciphertext to plaintext) */ - direction_any /**< encryption or decryption */ -} cipher_direction_t; - -/* - * the cipher_pointer and cipher_type_pointer definitions are needed - * as cipher_t and cipher_type_t are not yet defined - */ - -typedef struct cipher_type_t *cipher_type_pointer_t; -typedef struct cipher_t *cipher_pointer_t; - -/* - * a cipher_alloc_func_t allocates (but does not initialize) a cipher_t - */ - -typedef err_status_t (*cipher_alloc_func_t) - (cipher_pointer_t *cp, int key_len); - -/* - * a cipher_init_func_t [re-]initializes a cipher_t with a given key - * and direction (i.e., encrypt or decrypt) - */ - -typedef err_status_t (*cipher_init_func_t) - (void *state, const uint8_t *key, cipher_direction_t dir); - -/* a cipher_dealloc_func_t de-allocates a cipher_t */ - -typedef err_status_t (*cipher_dealloc_func_t)(cipher_pointer_t cp); - -/* a cipher_set_segment_func_t sets the segment index of a cipher_t */ - -typedef err_status_t (*cipher_set_segment_func_t) - (void *state, xtd_seq_num_t idx); - -/* a cipher_encrypt_func_t encrypts data in-place */ - -typedef err_status_t (*cipher_encrypt_func_t) - (void *state, uint8_t *buffer, unsigned int *octets_to_encrypt); - -/* a cipher_decrypt_func_t decrypts data in-place */ - -typedef err_status_t (*cipher_decrypt_func_t) - (void *state, uint8_t *buffer, unsigned int *octets_to_decrypt); - -/* - * a cipher_set_nonce_seq_func_t function sets both the nonce - * and the extended sequence number - */ - -typedef err_status_t (*cipher_set_iv_func_t) - (cipher_pointer_t cp, void *iv); - -/* - * cipher_test_case_t is a (list of) key, salt, xtd_seq_num_t, - * plaintext, and ciphertext values that are known to be correct for a - * particular cipher. this data can be used to test an implementation - * in an on-the-fly self test of the correcness of the implementation. - * (see the cipher_type_self_test() function below) - */ - -typedef struct cipher_test_case_t { - int key_length_octets; /* octets in key */ - uint8_t *key; /* key */ - uint8_t *idx; /* packet index */ - int plaintext_length_octets; /* octets in plaintext */ - uint8_t *plaintext; /* plaintext */ - int ciphertext_length_octets; /* octets in plaintext */ - uint8_t *ciphertext; /* ciphertext */ - struct cipher_test_case_t *next_test_case; /* pointer to next testcase */ -} cipher_test_case_t; - -/* cipher_type_t defines the 'metadata' for a particular cipher type */ - -typedef struct cipher_type_t { - cipher_alloc_func_t alloc; - cipher_dealloc_func_t dealloc; - cipher_init_func_t init; - cipher_encrypt_func_t encrypt; - cipher_encrypt_func_t decrypt; - cipher_set_iv_func_t set_iv; - char *description; - int ref_count; - cipher_test_case_t *test_data; - debug_module_t *debug; -} cipher_type_t; - -/* - * cipher_t defines an instantiation of a particular cipher, with fixed - * key length, key and salt values - */ - -typedef struct cipher_t { - cipher_type_t *type; - void *state; - int key_len; -#ifdef FORCE_64BIT_ALIGN - int pad; -#endif -} cipher_t; - -/* some syntactic sugar on these function types */ - -#define cipher_type_alloc(ct, c, klen) ((ct)->alloc((c), (klen))) - -#define cipher_dealloc(c) (((c)->type)->dealloc(c)) - -#define cipher_init(c, k, dir) (((c)->type)->init(((c)->state), (k), (dir))) - -#define cipher_encrypt(c, buf, len) \ - (((c)->type)->encrypt(((c)->state), (buf), (len))) - -#define cipher_decrypt(c, buf, len) \ - (((c)->type)->decrypt(((c)->state), (buf), (len))) - -#define cipher_set_iv(c, n) \ - ((c) ? (((c)->type)->set_iv(((cipher_pointer_t)(c)->state), (n))) : \ - err_status_no_such_op) - -err_status_t -cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output); - - -/* some bookkeeping functions */ - -int -cipher_get_key_length(const cipher_t *c); - - -/* - * cipher_type_self_test() tests a cipher against test cases provided in - * an array of values of key/xtd_seq_num_t/plaintext/ciphertext - * that is known to be good - */ - -err_status_t -cipher_type_self_test(const cipher_type_t *ct); - - -/* - * cipher_bits_per_second(c, l, t) computes (and estimate of) the - * number of bits that a cipher implementation can encrypt in a second - * - * c is a cipher (which MUST be allocated and initialized already), l - * is the length in octets of the test data to be encrypted, and t is - * the number of trials - * - * if an error is encountered, then the value 0 is returned - */ - -uint64_t -cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials); - -#endif /* CIPHER_H */ diff --git a/srtp/crypto/include/config.h b/srtp/crypto/include/config.h deleted file mode 100644 index bf039d9..0000000 --- a/srtp/crypto/include/config.h +++ /dev/null @@ -1,171 +0,0 @@ -/* crypto/include/config.h. Generated by configure. */ -/* config_in.h. Generated from configure.in by autoheader. */ - -/* Define if building for a CISC machine (e.g. Intel). */ -#define CPU_CISC 1 - -/* Define if building for a RISC machine (assume slow byte access). */ -/* #undef CPU_RISC */ - -/* Path to random device */ -#define DEV_URANDOM "/dev/urandom" - -/* Define to compile in dynamic debugging system. */ -#define ENABLE_DEBUGGING 1 - -/* Report errors to this file. */ -/* #undef ERR_REPORTING_FILE */ - -/* Define to use logging to stdout. */ -#define ERR_REPORTING_STDOUT 1 - -/* Define this to use ISMAcryp code. */ -/* #undef GENERIC_AESICM */ - -/* Define to 1 if you have the <arpa/inet.h> header file. */ -#define HAVE_ARPA_INET_H 1 - -/* Define to 1 if you have the <byteswap.h> header file. */ -#define HAVE_BYTESWAP_H 1 - -/* Define to 1 if you have the `inet_aton' function. */ -#define HAVE_INET_ATON 1 - -/* Define to 1 if the system has the type `int16_t'. */ -#define HAVE_INT16_T 1 - -/* Define to 1 if the system has the type `int32_t'. */ -#define HAVE_INT32_T 1 - -/* Define to 1 if the system has the type `int8_t'. */ -#define HAVE_INT8_T 1 - -/* Define to 1 if you have the <inttypes.h> header file. */ -#define HAVE_INTTYPES_H 1 - -/* Define to 1 if you have the `socket' library (-lsocket). */ -/* #undef HAVE_LIBSOCKET */ - -/* Define to 1 if you have the <machine/types.h> header file. */ -/* #undef HAVE_MACHINE_TYPES_H */ - -/* Define to 1 if you have the <memory.h> header file. */ -#define HAVE_MEMORY_H 1 - -/* Define to 1 if you have the <netinet/in.h> header file. */ -#define HAVE_NETINET_IN_H 1 - -/* Define to 1 if you have the `socket' function. */ -#define HAVE_SOCKET 1 - -/* Define to 1 if you have the <stdint.h> header file. */ -#define HAVE_STDINT_H 1 - -/* Define to 1 if you have the <stdlib.h> header file. */ -#define HAVE_STDLIB_H 1 - -/* Define to 1 if you have the <strings.h> header file. */ -#define HAVE_STRINGS_H 1 - -/* Define to 1 if you have the <string.h> header file. */ -#define HAVE_STRING_H 1 - -/* Define to 1 if you have the <syslog.h> header file. */ -#define HAVE_SYSLOG_H 1 - -/* Define to 1 if you have the <sys/int_types.h> header file. */ -/* #undef HAVE_SYS_INT_TYPES_H */ - -/* Define to 1 if you have the <sys/socket.h> header file. */ -#define HAVE_SYS_SOCKET_H 1 - -/* Define to 1 if you have the <sys/stat.h> header file. */ -#define HAVE_SYS_STAT_H 1 - -/* Define to 1 if you have the <sys/types.h> header file. */ -#define HAVE_SYS_TYPES_H 1 - -/* Define to 1 if you have the <sys/uio.h> header file. */ -#define HAVE_SYS_UIO_H 1 - -/* Define to 1 if the system has the type `uint16_t'. */ -#define HAVE_UINT16_T 1 - -/* Define to 1 if the system has the type `uint32_t'. */ -#define HAVE_UINT32_T 1 - -/* Define to 1 if the system has the type `uint64_t'. */ -#define HAVE_UINT64_T 1 - -/* Define to 1 if the system has the type `uint8_t'. */ -#define HAVE_UINT8_T 1 - -/* Define to 1 if you have the <unistd.h> header file. */ -#define HAVE_UNISTD_H 1 - -/* Define to 1 if you have the `usleep' function. */ -#define HAVE_USLEEP 1 - -/* Define to 1 if you have the <windows.h> header file. */ -/* #undef HAVE_WINDOWS_H */ - -/* Define to 1 if you have the <winsock2.h> header file. */ -/* #undef HAVE_WINSOCK2_H */ - -/* Define to use X86 inlined assembly code */ -#define HAVE_X86 1 - -/* Define to the address where bug reports for this package should be sent. */ -#define PACKAGE_BUGREPORT "" - -/* Define to the full name of this package. */ -#define PACKAGE_NAME "" - -/* Define to the full name and version of this package. */ -#define PACKAGE_STRING "" - -/* Define to the one symbol short name of this package. */ -#define PACKAGE_TARNAME "" - -/* Define to the version of this package. */ -#define PACKAGE_VERSION "" - -/* The size of a `unsigned long', as computed by sizeof. */ -#define SIZEOF_UNSIGNED_LONG 4 - -/* The size of a `unsigned long long', as computed by sizeof. */ -#define SIZEOF_UNSIGNED_LONG_LONG 8 - -/* Define to use GDOI. */ -/* #undef SRTP_GDOI */ - -/* Define to compile for kernel contexts. */ -/* #undef SRTP_KERNEL */ - -/* Define to compile for Linux kernel context. */ -/* #undef SRTP_KERNEL_LINUX */ - -/* Define to 1 if you have the ANSI C header files. */ -#define STDC_HEADERS 1 - -/* Write errors to this file */ -/* #undef USE_ERR_REPORTING_FILE */ - -/* Define to use syslog logging. */ -/* #undef USE_SYSLOG */ - -/* Define to 1 if your processor stores words with the most significant byte - first (like Motorola and SPARC, unlike Intel and VAX). */ -/* #undef WORDS_BIGENDIAN */ - -/* Define to empty if `const' does not conform to ANSI C. */ -/* #undef const */ - -/* Define to `__inline__' or `__inline' if that's what the C compiler - calls it, or to nothing if 'inline' is not supported under any name. */ -#ifndef __cplusplus -/* #undef inline */ -#endif - -/* Define to `unsigned' if <sys/types.h> does not define. */ -/* #undef size_t */ diff --git a/srtp/crypto/include/crypto.h b/srtp/crypto/include/crypto.h deleted file mode 100644 index 0e9667d..0000000 --- a/srtp/crypto/include/crypto.h +++ /dev/null @@ -1,43 +0,0 @@ -/* - * crypto.h - * - * API for libcrypto - * - * David A. McGrew - * Cisco Systems, Inc. - */ - -#ifndef CRYPTO_H -#define CRYPTO_H - -/** - * @brief A cipher_type_id_t is an identifier for a particular cipher - * type. - * - * A cipher_type_id_t is an integer that represents a particular - * cipher type, e.g. the Advanced Encryption Standard (AES). A - * NULL_CIPHER is avaliable; this cipher leaves the data unchanged, - * and can be selected to indicate that no encryption is to take - * place. - * - * @ingroup Ciphers - */ -typedef uint32_t cipher_type_id_t; - -/** - * @brief An auth_type_id_t is an identifier for a particular authentication - * function. - * - * An auth_type_id_t is an integer that represents a particular - * authentication function type, e.g. HMAC-SHA1. A NULL_AUTH is - * avaliable; this authentication function performs no computation, - * and can be selected to indicate that no authentication is to take - * place. - * - * @ingroup Authentication - */ -typedef uint32_t auth_type_id_t; - -#endif /* CRYPTO_H */ - - diff --git a/srtp/crypto/include/crypto_kernel.h b/srtp/crypto/include/crypto_kernel.h deleted file mode 100644 index b8cd9be..0000000 --- a/srtp/crypto/include/crypto_kernel.h +++ /dev/null @@ -1,258 +0,0 @@ -/* - * crypto_kernel.h - * - * header for the cryptographic kernel - * - * David A. McGrew - * Cisco Systems, Inc. - */ -/* - * - * Copyright(c) 2001-2006 Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef CRYPTO_KERNEL -#define CRYPTO_KERNEL - -#include "rand_source.h" -#include "prng.h" -#include "cipher.h" -#include "auth.h" -#include "cryptoalg.h" -#include "stat.h" -#include "err.h" -#include "crypto_types.h" -#include "key.h" -#include "crypto.h" - -/* - * crypto_kernel_state_t defines the possible states: - * - * insecure - not yet initialized - * secure - initialized and passed self-tests - */ - -typedef enum { - crypto_kernel_state_insecure, - crypto_kernel_state_secure -} crypto_kernel_state_t; - -/* - * linked list of cipher types - */ - -typedef struct kernel_cipher_type { - cipher_type_id_t id; - cipher_type_t *cipher_type; - struct kernel_cipher_type *next; -} kernel_cipher_type_t; - -/* - * linked list of auth types - */ - -typedef struct kernel_auth_type { - auth_type_id_t id; - auth_type_t *auth_type; - struct kernel_auth_type *next; -} kernel_auth_type_t; - -/* - * linked list of debug modules - */ - -typedef struct kernel_debug_module { - debug_module_t *mod; - struct kernel_debug_module *next; -} kernel_debug_module_t; - - -/* - * crypto_kernel_t is the data structure for the crypto kernel - * - * note that there is *exactly one* instance of this data type, - * a global variable defined in crypto_kernel.c - */ - -typedef struct { - crypto_kernel_state_t state; /* current state of kernel */ - kernel_cipher_type_t *cipher_type_list; /* list of all cipher types */ - kernel_auth_type_t *auth_type_list; /* list of all auth func types */ - kernel_debug_module_t *debug_module_list; /* list of all debug modules */ -} crypto_kernel_t; - - -/* - * crypto_kernel_t external api - */ - - -/* - * The function crypto_kernel_init() initialized the crypto kernel and - * runs the self-test operations on the random number generators and - * crypto algorithms. Possible return values are: - * - * err_status_ok initialization successful - * <other> init failure - * - * If any value other than err_status_ok is returned, the - * crypto_kernel MUST NOT be used. - */ - -err_status_t -crypto_kernel_init(void); - - -/* - * The function crypto_kernel_shutdown() de-initializes the - * crypto_kernel, zeroizes keys and other cryptographic material, and - * deallocates any dynamically allocated memory. Possible return - * values are: - * - * err_status_ok shutdown successful - * <other> shutdown failure - * - */ - -err_status_t -crypto_kernel_shutdown(void); - -/* - * The function crypto_kernel_stats() checks the the crypto_kernel, - * running tests on the ciphers, auth funcs, and rng, and prints out a - * status report. Possible return values are: - * - * err_status_ok all tests were passed - * <other> a test failed - * - */ - -err_status_t -crypto_kernel_status(void); - - -/* - * crypto_kernel_list_debug_modules() outputs a list of debugging modules - * - */ - -err_status_t -crypto_kernel_list_debug_modules(void); - -/* - * crypto_kernel_load_cipher_type() - * - */ - -err_status_t -crypto_kernel_load_cipher_type(cipher_type_t *ct, cipher_type_id_t id); - -err_status_t -crypto_kernel_load_auth_type(auth_type_t *ct, auth_type_id_t id); - -err_status_t -crypto_kernel_load_debug_module(debug_module_t *new_dm); - -/* - * crypto_kernel_alloc_cipher(id, cp, key_len); - * - * allocates a cipher of type id at location *cp, with key length - * key_len octets. Return values are: - * - * err_status_ok no problems - * err_status_alloc_fail an allocation failure occured - * err_status_fail couldn't find cipher with identifier 'id' - */ - -err_status_t -crypto_kernel_alloc_cipher(cipher_type_id_t id, - cipher_pointer_t *cp, - int key_len); - -/* - * crypto_kernel_alloc_auth(id, ap, key_len, tag_len); - * - * allocates an auth function of type id at location *ap, with key - * length key_len octets and output tag length of tag_len. Return - * values are: - * - * err_status_ok no problems - * err_status_alloc_fail an allocation failure occured - * err_status_fail couldn't find auth with identifier 'id' - */ - -err_status_t -crypto_kernel_alloc_auth(auth_type_id_t id, - auth_pointer_t *ap, - int key_len, - int tag_len); - - -/* - * crypto_kernel_set_debug_module(mod_name, v) - * - * sets dynamic debugging to the value v (0 for off, 1 for on) for the - * debug module with the name mod_name - * - * returns err_status_ok on success, err_status_fail otherwise - */ - -err_status_t -crypto_kernel_set_debug_module(char *mod_name, int v); - -/** - * @brief writes a random octet string. - * - * The function call crypto_get_random(dest, len) writes len octets of - * random data to the location to which dest points, and returns an - * error code. This error code @b must be checked, and if a failure is - * reported, the data in the buffer @b must @b not be used. - * - * @warning If the return code is not checked, then non-random - * data may be in the buffer. This function will fail - * unless it is called after crypto_kernel_init(). - * - * @return - * - err_status_ok if no problems occured. - * - [other] a problem occured, and no assumptions should - * be made about the contents of the destination - * buffer. - * - * @ingroup SRTP - */ -err_status_t -crypto_get_random(unsigned char *buffer, unsigned int length); - -#endif /* CRYPTO_KERNEL */ diff --git a/srtp/crypto/include/crypto_math.h b/srtp/crypto/include/crypto_math.h deleted file mode 100644 index c3e7b76..0000000 --- a/srtp/crypto/include/crypto_math.h +++ /dev/null @@ -1,273 +0,0 @@ -/* - * math.h - * - * crypto math operations and data types - * - * David A. McGrew - * Cisco Systems, Inc. - */ -/* - * - * Copyright (c) 2001-2006 Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#ifndef MATH_H -#define MATH_H - -#include "datatypes.h" - -unsigned char -v32_weight(v32_t a); - -unsigned char -v32_distance(v32_t x, v32_t y); - -unsigned int -v32_dot_product(v32_t a, v32_t b); - -char * -v16_bit_string(v16_t x); - -char * -v32_bit_string(v32_t x); - -char * -v64_bit_string(const v64_t *x); - -char * -octet_hex_string(uint8_t x); - -char * -v16_hex_string(v16_t x); - -char * -v32_hex_string(v32_t x); - -char * -v64_hex_string(const v64_t *x); - -int -hex_char_to_nibble(uint8_t c); - -int -is_hex_string(char *s); - -v16_t -hex_string_to_v16(char *s); - -v32_t -hex_string_to_v32(char *s); - -v64_t -hex_string_to_v64(char *s); - -/* the matrix A[] is stored in column format, i.e., A[i] is - the ith column of the matrix */ - -uint8_t -A_times_x_plus_b(uint8_t A[8], uint8_t x, uint8_t b); - -void -v16_copy_octet_string(v16_t *x, const uint8_t s[2]); - -void -v32_copy_octet_string(v32_t *x, const uint8_t s[4]); - -void -v64_copy_octet_string(v64_t *x, const uint8_t s[8]); - -void -v128_add(v128_t *z, v128_t *x, v128_t *y); - -int -octet_string_is_eq(uint8_t *a, uint8_t *b, int len); - -void -octet_string_set_to_zero(uint8_t *s, int len); - - - -/* - * the matrix A[] is stored in column format, i.e., A[i] is the ith - * column of the matrix -*/ -uint8_t -A_times_x_plus_b(uint8_t A[8], uint8_t x, uint8_t b); - - -#if 0 -#if WORDS_BIGENDIAN - -#define _v128_add(z, x, y) { \ - uint64_t tmp; \ - \ - tmp = x->v32[3] + y->v32[3]; \ - z->v32[3] = (uint32_t) tmp; \ - \ - tmp = x->v32[2] + y->v32[2] + (tmp >> 32); \ - z->v32[2] = (uint32_t) tmp; \ - \ - tmp = x->v32[1] + y->v32[1] + (tmp >> 32); \ - z->v32[1] = (uint32_t) tmp; \ - \ - tmp = x->v32[0] + y->v32[0] + (tmp >> 32); \ - z->v32[0] = (uint32_t) tmp; \ -} - -#else /* assume little endian architecture */ - -#define _v128_add(z, x, y) { \ - uint64_t tmp; \ - \ - tmp = htonl(x->v32[3]) + htonl(y->v32[3]); \ - z->v32[3] = ntohl((uint32_t) tmp); \ - \ - tmp = htonl(x->v32[2]) + htonl(y->v32[2]) \ - + htonl(tmp >> 32); \ - z->v32[2] = ntohl((uint32_t) tmp); \ - \ - tmp = htonl(x->v32[1]) + htonl(y->v32[1]) \ - + htonl(tmp >> 32); \ - z->v32[1] = ntohl((uint32_t) tmp); \ - \ - tmp = htonl(x->v32[0]) + htonl(y->v32[0]) \ - + htonl(tmp >> 32); \ - z->v32[0] = ntohl((uint32_t) tmp); \ -} - -#endif /* WORDS_BIGENDIAN */ -#endif - -#ifdef DATATYPES_USE_MACROS /* little functions are really macros */ - -#define v128_set_to_zero(z) _v128_set_to_zero(z) -#define v128_copy(z, x) _v128_copy(z, x) -#define v128_xor(z, x, y) _v128_xor(z, x, y) -#define v128_and(z, x, y) _v128_and(z, x, y) -#define v128_or(z, x, y) _v128_or(z, x, y) -#define v128_complement(x) _v128_complement(x) -#define v128_is_eq(x, y) _v128_is_eq(x, y) -#define v128_xor_eq(x, y) _v128_xor_eq(x, y) -#define v128_get_bit(x, i) _v128_get_bit(x, i) -#define v128_set_bit(x, i) _v128_set_bit(x, i) -#define v128_clear_bit(x, i) _v128_clear_bit(x, i) -#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y) - -#else - -void -v128_set_to_zero(v128_t *x); - -int -v128_is_eq(const v128_t *x, const v128_t *y); - -void -v128_copy(v128_t *x, const v128_t *y); - -void -v128_xor(v128_t *z, v128_t *x, v128_t *y); - -void -v128_and(v128_t *z, v128_t *x, v128_t *y); - -void -v128_or(v128_t *z, v128_t *x, v128_t *y); - -void -v128_complement(v128_t *x); - -int -v128_get_bit(const v128_t *x, int i); - -void -v128_set_bit(v128_t *x, int i) ; - -void -v128_clear_bit(v128_t *x, int i); - -void -v128_set_bit_to(v128_t *x, int i, int y); - -#endif /* DATATYPES_USE_MACROS */ - -/* - * octet_string_is_eq(a,b, len) returns 1 if the length len strings a - * and b are not equal, returns 0 otherwise - */ - -int -octet_string_is_eq(uint8_t *a, uint8_t *b, int len); - -void -octet_string_set_to_zero(uint8_t *s, int len); - - -/* - * functions manipulating bit_vector_t - * - * A bitvector_t consists of an array of words and an integer - * representing the number of significant bits stored in the array. - * The bits are packed as follows: the least significant bit is that - * of word[0], while the most significant bit is the nth most - * significant bit of word[m], where length = bits_per_word * m + n. - * - */ - -#define bits_per_word 32 -#define bytes_per_word 4 - -typedef struct { - uint32_t length; - uint32_t *word; -} bitvector_t; - -int -bitvector_alloc(bitvector_t *v, unsigned long length); - -void -bitvector_set_bit(bitvector_t *v, int bit_index); - -int -bitvector_get_bit(const bitvector_t *v, int bit_index); - -int -bitvector_print_hex(const bitvector_t *v, FILE *stream); - -int -bitvector_set_from_hex(bitvector_t *v, char *string); - -#endif /* MATH_H */ - - - diff --git a/srtp/crypto/include/crypto_types.h b/srtp/crypto/include/crypto_types.h deleted file mode 100644 index 0ce50f4..0000000 --- a/srtp/crypto/include/crypto_types.h +++ /dev/null @@ -1,206 +0,0 @@ -/* - * crypto_types.h - * - * constants for cipher types and auth func types - * - * David A. McGrew - * Cisco Systems, Inc. - */ -/* - * - * Copyright(c) 2001-2006 Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#ifndef CRYPTO_TYPES_H -#define CRYPTO_TYPES_H - -/** - * @defgroup Algos Cryptographic Algorithms - * - * - * This library provides several different cryptographic algorithms, - * each of which can be selected by using the cipher_type_id_t and - * auth_type_id_t. These algorithms are documented below. - * - * Authentication functions that use the Universal Security Transform - * (UST) must be used in conjunction with a cipher other than the null - * cipher. These functions require a per-message pseudorandom input - * that is generated by the cipher. - * - * The identifiers STRONGHOLD_AUTH and STRONGHOLD_CIPHER identify the - * strongest available authentication function and cipher, - * respectively. They are resolved at compile time to the strongest - * available algorithm. The stronghold algorithms can serve as did - * the keep of a medieval fortification; they provide the strongest - * defense (or the last refuge). - * - * @{ - */ - -/** - * @defgroup Ciphers Cipher Types - * - * @brief Each cipher type is identified by an unsigned integer. The - * cipher types available in this edition of libSRTP are given - * by the #defines below. - * - * A cipher_type_id_t is an identifier for a cipher_type; only values - * given by the #defines above (or those present in the file - * crypto_types.h) should be used. - * - * The identifier STRONGHOLD_CIPHER indicates the strongest available - * cipher, allowing an application to choose the strongest available - * algorithm without any advance knowledge about the avaliable - * algorithms. - * - * @{ - */ - -/** - * @brief The null cipher performs no encryption. - * - * The NULL_CIPHER leaves its inputs unaltered, during both the - * encryption and decryption operations. This cipher can be chosen - * to indicate that no encryption is to be performed. - */ -#define NULL_CIPHER 0 - -/** - * @brief AES-128 Integer Counter Mode (AES ICM) - * - * AES-128 ICM is the variant of counter mode that is used by Secure RTP. - * This cipher uses a 16-octet key and a 30-octet offset (or salt) value. - */ -#define AES_128_ICM 1 - -/** - * @brief SEAL 3.0 - * - * SEAL is the Software-Optimized Encryption Algorithm of Coppersmith - * and Rogaway. Nota bene: this cipher is IBM proprietary. - */ -#define SEAL 2 - -/** - * @brief AES-128 Integer Counter Mode (AES ICM) - * - * AES-128 ICM is the variant of counter mode that is used by Secure RTP. - * This cipher uses a 16-octet key and a 30-octet offset (or salt) value. - */ -#define AES_128_CBC 3 - -/** - * @brief Strongest available cipher. - * - * This identifier resolves to the strongest cipher type available. - */ -#define STRONGHOLD_CIPHER AES_128_ICM - -/** - * @} - */ - - - -/** - * @defgroup Authentication Authentication Function Types - * - * @brief Each authentication function type is identified by an - * unsigned integer. The authentication function types available in - * this edition of libSRTP are given by the #defines below. - * - * An auth_type_id_t is an identifier for an authentication function type; - * only values given by the #defines above (or those present in the - * file crypto_types.h) should be used. - * - * The identifier STRONGHOLD_AUTH indicates the strongest available - * authentication function, allowing an application to choose the - * strongest available algorithm without any advance knowledge about - * the avaliable algorithms. The stronghold algorithms can serve as - * did the keep of a medieval fortification; they provide the - * strongest defense (or the last refuge). - * - * @{ - */ - -/** - * @brief The null authentication function performs no authentication. - * - * The NULL_AUTH function does nothing, and can be selected to indicate - * that authentication should not be performed. - */ -#define NULL_AUTH 0 - -/** - * @brief UST with TMMH Version 2 - * - * UST_TMMHv2 implements the Truncated Multi-Modular Hash using - * UST. This function must be used in conjunction with a cipher other - * than the null cipher. - * with a cipher. - */ -#define UST_TMMHv2 1 - -/** - * @brief (UST) AES-128 XORMAC - * - * UST_AES_128_XMAC implements AES-128 XORMAC, using UST. Nota bene: - * the XORMAC algorithm is IBM proprietary. - */ -#define UST_AES_128_XMAC 2 - -/** - * @brief HMAC-SHA1 - * - * HMAC_SHA1 implements the Hash-based MAC using the NIST Secure - * Hash Algorithm version 1 (SHA1). - */ -#define HMAC_SHA1 3 - -/** - * @brief Strongest available authentication function. - * - * This identifier resolves to the strongest available authentication - * function. - */ -#define STRONGHOLD_AUTH HMAC_SHA1 - -/** - * @} - */ -/** - * @} - */ - -#endif /* CRYPTO_TYPES_H */ diff --git a/srtp/crypto/include/cryptoalg.h b/srtp/crypto/include/cryptoalg.h deleted file mode 100644 index d9f0441..0000000 --- a/srtp/crypto/include/cryptoalg.h +++ /dev/null @@ -1,133 +0,0 @@ -/* - * cryptoalg.h - * - * API for authenticated encryption crypto algorithms - * - * David A. McGrew - * Cisco Systems, Inc. - */ -/* - * - * Copyright (c) 2001-2006 Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#ifndef CRYPTOALG_H -#define CRYPTOALG_H - -#include "err.h" - -/** - * @defgroup Crypto Cryptography - * - * Zed uses a simple interface to a cryptographic transform. - * - * @{ - */ - -/** - * @brief applies a crypto algorithm - * - * The function pointer cryptoalg_func_t points to a function that - * implements a crypto transform, and provides a uniform API for - * accessing crypto mechanisms. - * - * @param key location of secret key - * - * @param clear data to be authenticated but not encrypted - * - * @param clear_len length of data to be authenticated but not encrypted - * - * @param iv location to write the Initialization Vector (IV) - * - * @param protect location of the data to be encrypted and - * authenticated (before the function call), and the ciphertext - * and authentication tag (after the call) - * - * @param protected_len location of the length of the data to be - * encrypted and authenticated (before the function call), and the - * length of the ciphertext (after the call) - * - */ - -typedef err_status_t (*cryptoalg_func_t) - (void *key, - const void *clear, - unsigned clear_len, - void *iv, - void *protect, - unsigned *protected_len); - -typedef -err_status_t (*cryptoalg_inv_t) - (void *key, /* location of secret key */ - const void *clear, /* data to be authenticated only */ - unsigned clear_len, /* length of data to be authenticated only */ - void *iv, /* location of iv */ - void *opaque, /* data to be decrypted and authenticated */ - unsigned *opaque_len /* location of the length of data to be - * decrypted and authd (before and after) - */ - ); - -typedef struct cryptoalg_ctx_t { - cryptoalg_func_t enc; - cryptoalg_inv_t dec; - unsigned key_len; - unsigned iv_len; - unsigned auth_tag_len; - unsigned max_expansion; -} cryptoalg_ctx_t; - -typedef cryptoalg_ctx_t *cryptoalg_t; - -#define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len) - -#define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len) - -#define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len) - -int -cryptoalg_get_id(cryptoalg_t c); - -cryptoalg_t -cryptoalg_find_by_id(int id); - - -/** - * @} - */ - -#endif /* CRYPTOALG_H */ - - diff --git a/srtp/crypto/include/datatypes.h b/srtp/crypto/include/datatypes.h deleted file mode 100644 index 4f86b55..0000000 --- a/srtp/crypto/include/datatypes.h +++ /dev/null @@ -1,427 +0,0 @@ -/* - * datatypes.h - * - * data types for bit vectors and finite fields - * - * David A. McGrew - * Cisco Systems, Inc. - */ - -/* - * - * Copyright (c) 2001-2006, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef _DATATYPES_H -#define _DATATYPES_H - -#include "integers.h" /* definitions of uint32_t, et cetera */ -#include "alloc.h" - -#include <stdarg.h> - -#ifndef SRTP_KERNEL -# include <stdio.h> -# include <string.h> -# include <time.h> -# ifdef HAVE_NETINET_IN_H -# include <netinet/in.h> -# elif defined HAVE_WINSOCK2_H -# include <winsock2.h> -# endif -#endif - - -/* if DATATYPES_USE_MACROS is defined, then little functions are macros */ -#define DATATYPES_USE_MACROS - -typedef union { - uint8_t v8[2]; - uint16_t value; -} v16_t; - -typedef union { - uint8_t v8[4]; - uint16_t v16[2]; - uint32_t value; -} v32_t; - -typedef union { - uint8_t v8[8]; - uint16_t v16[4]; - uint32_t v32[2]; - uint64_t value; -} v64_t; - -typedef union { - uint8_t v8[16]; - uint16_t v16[8]; - uint32_t v32[4]; - uint64_t v64[2]; -} v128_t; - - - -/* some useful and simple math functions */ - -#define pow_2(X) ( (unsigned int)1 << (X) ) /* 2^X */ - -#define pow_minus_one(X) ( (X) ? -1 : 1 ) /* (-1)^X */ - - -/* - * octet_get_weight(x) returns the hamming weight (number of bits equal to - * one) in the octet x - */ - -int -octet_get_weight(uint8_t octet); - -char * -octet_bit_string(uint8_t x); - -#define MAX_PRINT_STRING_LEN 1024 - -char * -octet_string_hex_string(const void *str, int length); - -char * -v128_bit_string(v128_t *x); - -char * -v128_hex_string(v128_t *x); - -uint8_t -nibble_to_hex_char(uint8_t nibble); - -char * -char_to_hex_string(char *x, int num_char); - -uint8_t -hex_string_to_octet(char *s); - -/* - * hex_string_to_octet_string(raw, hex, len) converts the hexadecimal - * string at *hex (of length len octets) to the equivalent raw data - * and writes it to *raw. - * - * if a character in the hex string that is not a hexadeciaml digit - * (0123456789abcdefABCDEF) is encountered, the function stops writing - * data to *raw - * - * the number of hex digits copied (which is two times the number of - * octets in *raw) is returned - */ - -int -hex_string_to_octet_string(char *raw, char *hex, int len); - -v128_t -hex_string_to_v128(char *s); - -void -v128_copy_octet_string(v128_t *x, const uint8_t s[16]); - -void -v128_left_shift(v128_t *x, int index); - -void -v128_right_shift(v128_t *x, int index); - -/* - * the following macros define the data manipulation functions - * - * If DATATYPES_USE_MACROS is defined, then these macros are used - * directly (and function call overhead is avoided). Otherwise, - * the macros are used through the functions defined in datatypes.c - * (and the compiler provides better warnings). - */ - -#define _v128_set_to_zero(x) \ -( \ - (x)->v32[0] = 0, \ - (x)->v32[1] = 0, \ - (x)->v32[2] = 0, \ - (x)->v32[3] = 0 \ -) - -#define _v128_copy(x, y) \ -( \ - (x)->v32[0] = (y)->v32[0], \ - (x)->v32[1] = (y)->v32[1], \ - (x)->v32[2] = (y)->v32[2], \ - (x)->v32[3] = (y)->v32[3] \ -) - -#define _v128_xor(z, x, y) \ -( \ - (z)->v32[0] = (x)->v32[0] ^ (y)->v32[0], \ - (z)->v32[1] = (x)->v32[1] ^ (y)->v32[1], \ - (z)->v32[2] = (x)->v32[2] ^ (y)->v32[2], \ - (z)->v32[3] = (x)->v32[3] ^ (y)->v32[3] \ -) - -#define _v128_and(z, x, y) \ -( \ - (z)->v32[0] = (x)->v32[0] & (y)->v32[0], \ - (z)->v32[1] = (x)->v32[1] & (y)->v32[1], \ - (z)->v32[2] = (x)->v32[2] & (y)->v32[2], \ - (z)->v32[3] = (x)->v32[3] & (y)->v32[3] \ -) - -#define _v128_or(z, x, y) \ -( \ - (z)->v32[0] = (x)->v32[0] | (y)->v32[0], \ - (z)->v32[1] = (x)->v32[1] | (y)->v32[1], \ - (z)->v32[2] = (x)->v32[2] | (y)->v32[2], \ - (z)->v32[3] = (x)->v32[3] | (y)->v32[3] \ -) - -#define _v128_complement(x) \ -( \ - (x)->v32[0] = ~(x)->v32[0], \ - (x)->v32[1] = ~(x)->v32[1], \ - (x)->v32[2] = ~(x)->v32[2], \ - (x)->v32[3] = ~(x)->v32[3] \ -) - -/* ok for NO_64BIT_MATH if it can compare uint64_t's (even as structures) */ -#define _v128_is_eq(x, y) \ - (((x)->v64[0] == (y)->v64[0]) && ((x)->v64[1] == (y)->v64[1])) - - -#ifdef NO_64BIT_MATH -#define _v128_xor_eq(z, x) \ -( \ - (z)->v32[0] ^= (x)->v32[0], \ - (z)->v32[1] ^= (x)->v32[1], \ - (z)->v32[2] ^= (x)->v32[2], \ - (z)->v32[3] ^= (x)->v32[3] \ -) -#else -#define _v128_xor_eq(z, x) \ -( \ - (z)->v64[0] ^= (x)->v64[0], \ - (z)->v64[1] ^= (x)->v64[1] \ -) -#endif - -/* NOTE! This assumes an odd ordering! */ -/* This will not be compatible directly with math on some processors */ -/* bit 0 is first 32-bit word, low order bit. in little-endian, that's - the first byte of the first 32-bit word. In big-endian, that's - the 3rd byte of the first 32-bit word */ -/* The get/set bit code is used by the replay code ONLY, and it doesn't - really care which bit is which. AES does care which bit is which, but - doesn't use the 128-bit get/set or 128-bit shifts */ - -#define _v128_get_bit(x, bit) \ -( \ - ((((x)->v32[(bit) >> 5]) >> ((bit) & 31)) & 1) \ -) - -#define _v128_set_bit(x, bit) \ -( \ - (((x)->v32[(bit) >> 5]) |= ((uint32_t)1 << ((bit) & 31))) \ -) - -#define _v128_clear_bit(x, bit) \ -( \ - (((x)->v32[(bit) >> 5]) &= ~((uint32_t)1 << ((bit) & 31))) \ -) - -#define _v128_set_bit_to(x, bit, value) \ -( \ - (value) ? _v128_set_bit(x, bit) : \ - _v128_clear_bit(x, bit) \ -) - - -#if 0 -/* nothing uses this */ -#ifdef WORDS_BIGENDIAN - -#define _v128_add(z, x, y) { \ - uint64_t tmp; \ - \ - tmp = x->v32[3] + y->v32[3]; \ - z->v32[3] = (uint32_t) tmp; \ - \ - tmp = x->v32[2] + y->v32[2] + (tmp >> 32); \ - z->v32[2] = (uint32_t) tmp; \ - \ - tmp = x->v32[1] + y->v32[1] + (tmp >> 32); \ - z->v32[1] = (uint32_t) tmp; \ - \ - tmp = x->v32[0] + y->v32[0] + (tmp >> 32); \ - z->v32[0] = (uint32_t) tmp; \ -} - -#else /* assume little endian architecture */ - -#define _v128_add(z, x, y) { \ - uint64_t tmp; \ - \ - tmp = htonl(x->v32[3]) + htonl(y->v32[3]); \ - z->v32[3] = ntohl((uint32_t) tmp); \ - \ - tmp = htonl(x->v32[2]) + htonl(y->v32[2]) \ - + htonl(tmp >> 32); \ - z->v32[2] = ntohl((uint32_t) tmp); \ - \ - tmp = htonl(x->v32[1]) + htonl(y->v32[1]) \ - + htonl(tmp >> 32); \ - z->v32[1] = ntohl((uint32_t) tmp); \ - \ - tmp = htonl(x->v32[0]) + htonl(y->v32[0]) \ - + htonl(tmp >> 32); \ - z->v32[0] = ntohl((uint32_t) tmp); \ -} -#endif /* WORDS_BIGENDIAN */ -#endif /* 0 */ - - -#ifdef DATATYPES_USE_MACROS /* little functions are really macros */ - -#define v128_set_to_zero(z) _v128_set_to_zero(z) -#define v128_copy(z, x) _v128_copy(z, x) -#define v128_xor(z, x, y) _v128_xor(z, x, y) -#define v128_and(z, x, y) _v128_and(z, x, y) -#define v128_or(z, x, y) _v128_or(z, x, y) -#define v128_complement(x) _v128_complement(x) -#define v128_is_eq(x, y) _v128_is_eq(x, y) -#define v128_xor_eq(x, y) _v128_xor_eq(x, y) -#define v128_get_bit(x, i) _v128_get_bit(x, i) -#define v128_set_bit(x, i) _v128_set_bit(x, i) -#define v128_clear_bit(x, i) _v128_clear_bit(x, i) -#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y) - -#else - -void -v128_set_to_zero(v128_t *x); - -int -v128_is_eq(const v128_t *x, const v128_t *y); - -void -v128_copy(v128_t *x, const v128_t *y); - -void -v128_xor(v128_t *z, v128_t *x, v128_t *y); - -void -v128_and(v128_t *z, v128_t *x, v128_t *y); - -void -v128_or(v128_t *z, v128_t *x, v128_t *y); - -void -v128_complement(v128_t *x); - -int -v128_get_bit(const v128_t *x, int i); - -void -v128_set_bit(v128_t *x, int i) ; - -void -v128_clear_bit(v128_t *x, int i); - -void -v128_set_bit_to(v128_t *x, int i, int y); - -#endif /* DATATYPES_USE_MACROS */ - -/* - * octet_string_is_eq(a,b, len) returns 1 if the length len strings a - * and b are not equal, returns 0 otherwise - */ - -int -octet_string_is_eq(uint8_t *a, uint8_t *b, int len); - -void -octet_string_set_to_zero(uint8_t *s, int len); - - -#ifndef SRTP_KERNEL_LINUX - -/* - * Convert big endian integers to CPU byte order. - */ -#ifdef WORDS_BIGENDIAN -/* Nothing to do. */ -# define be32_to_cpu(x) (x) -# define be64_to_cpu(x) (x) -#elif defined(HAVE_BYTESWAP_H) -/* We have (hopefully) optimized versions in byteswap.h */ -# include <byteswap.h> -# define be32_to_cpu(x) bswap_32((x)) -# define be64_to_cpu(x) bswap_64((x)) -#else - -#if defined(__GNUC__) && defined(HAVE_X86) -/* Fall back. */ -static inline uint32_t be32_to_cpu(uint32_t v) { - /* optimized for x86. */ - asm("bswap %0" : "=r" (v) : "0" (v)); - return v; -} -# else /* HAVE_X86 */ -# ifdef HAVE_NETINET_IN_H -# include <netinet/in.h> -# elif defined HAVE_WINSOCK2_H -# include <winsock2.h> -# endif -# define be32_to_cpu(x) ntohl((x)) -# endif /* HAVE_X86 */ - -static inline uint64_t be64_to_cpu(uint64_t v) { -# ifdef NO_64BIT_MATH - /* use the make64 functions to do 64-bit math */ - v = make64(htonl(low32(v)),htonl(high32(v))); -# else - /* use the native 64-bit math */ - v= (uint64_t)((be32_to_cpu((uint32_t)(v >> 32))) | (((uint64_t)be32_to_cpu((uint32_t)v)) << 32)); -# endif - return v; -} - -#endif /* ! SRTP_KERNEL_LINUX */ - -#endif /* WORDS_BIGENDIAN */ - -#endif /* _DATATYPES_H */ diff --git a/srtp/crypto/include/err.h b/srtp/crypto/include/err.h deleted file mode 100644 index 1a6e170..0000000 --- a/srtp/crypto/include/err.h +++ /dev/null @@ -1,174 +0,0 @@ -/* - * err.h - * - * error status codes - * - * David A. McGrew - * Cisco Systems, Inc. - */ -/* - * - * Copyright (c) 2001-2006, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef ERR_H -#define ERR_H - -#include "datatypes.h" - -/** - * @defgroup Error Error Codes - * - * Error status codes are represented by the enumeration err_status_t. - * - * @{ - */ - - -/* - * @brief err_status_t defines error codes. - * - * The enumeration err_status_t defines error codes. Note that the - * value of err_status_ok is equal to zero, which can simplify error - * checking somewhat. - * - */ -typedef enum { - err_status_ok = 0, /**< nothing to report */ - err_status_fail = 1, /**< unspecified failure */ - err_status_bad_param = 2, /**< unsupported parameter */ - err_status_alloc_fail = 3, /**< couldn't allocate memory */ - err_status_dealloc_fail = 4, /**< couldn't deallocate properly */ - err_status_init_fail = 5, /**< couldn't initialize */ - err_status_terminus = 6, /**< can't process as much data as requested */ - err_status_auth_fail = 7, /**< authentication failure */ - err_status_cipher_fail = 8, /**< cipher failure */ - err_status_replay_fail = 9, /**< replay check failed (bad index) */ - err_status_replay_old = 10, /**< replay check failed (index too old) */ - err_status_algo_fail = 11, /**< algorithm failed test routine */ - err_status_no_such_op = 12, /**< unsupported operation */ - err_status_no_ctx = 13, /**< no appropriate context found */ - err_status_cant_check = 14, /**< unable to perform desired validation */ - err_status_key_expired = 15, /**< can't use key any more */ - err_status_socket_err = 16, /**< error in use of socket */ - err_status_signal_err = 17, /**< error in use POSIX signals */ - err_status_nonce_bad = 18, /**< nonce check failed */ - err_status_read_fail = 19, /**< couldn't read data */ - err_status_write_fail = 20, /**< couldn't write data */ - err_status_parse_err = 21, /**< error pasring data */ - err_status_encode_err = 22, /**< error encoding data */ - err_status_semaphore_err = 23,/**< error while using semaphores */ - err_status_pfkey_err = 24 /**< error while using pfkey */ -} err_status_t; - -/** - * @} - */ - -typedef enum { - err_level_emergency = 0, - err_level_alert, - err_level_critical, - err_level_error, - err_level_warning, - err_level_notice, - err_level_info, - err_level_debug, - err_level_none -} err_reporting_level_t; - -/* - * err_reporting_init prepares the error system. If - * ERR_REPORTING_SYSLOG is defined, it will open syslog. - * - * The ident argument is a string that will be prepended to - * all syslog messages. It is conventionally argv[0]. - */ - -err_status_t -err_reporting_init(char *ident); - -#ifdef SRTP_KERNEL_LINUX -extern err_reporting_level_t err_level; -#else - -/* - * keydaemon_report_error reports a 'printf' formatted error - * string, followed by a an arg list. The priority argument - * is equivalent to that defined for syslog. - * - * Errors will be reported to ERR_REPORTING_FILE, if defined, and to - * syslog, if ERR_REPORTING_SYSLOG is defined. - * - */ - -void -err_report(int priority, char *format, ...); -#endif /* ! SRTP_KERNEL_LINUX */ - - -/* - * debug_module_t defines a debug module - */ - -typedef struct { - int on; /* 1 if debugging is on, 0 if it is off */ - char *name; /* printable name for debug module */ -} debug_module_t; - -#ifdef ENABLE_DEBUGGING - -#define debug_on(mod) (mod).on = 1 - -#define debug_off(mod) (mod).on = 0 - -/* use err_report() to report debug message */ -#define debug_print(mod, format, arg) \ - if (mod.on) err_report(err_level_debug, ("%s: " format "\n"), mod.name, arg) -#define debug_print2(mod, format, arg1,arg2) \ - if (mod.on) err_report(err_level_debug, ("%s: " format "\n"), mod.name, arg1,arg2) - -#else - -/* define macros to do nothing */ -#define debug_print(mod, format, arg) - -#define debug_on(mod) - -#define debug_off(mod) - -#endif - -#endif /* ERR_H */ diff --git a/srtp/crypto/include/gf2_8.h b/srtp/crypto/include/gf2_8.h deleted file mode 100644 index 098d37c..0000000 --- a/srtp/crypto/include/gf2_8.h +++ /dev/null @@ -1,79 +0,0 @@ -/* - * gf2_8.h - * - * GF(256) implementation - * - * David A. McGrew - * Cisco Systems, Inc. - */ - -/* - * - * Copyright (c) 2001-2006, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef GF2_8_H -#define GF2_8_H - -#include "datatypes.h" /* for uint8_t definition */ - -typedef uint8_t gf2_8; - -#define gf2_8_field_polynomial 0x1B - -/* - * gf2_8_shift(x) returns - */ - -/* - * gf2_8_shift(z) returns the result of the GF(2^8) 'multiply by x' - * operation, using the field representation from AES; that is, the - * next gf2_8 value in the cyclic representation of that field. The - * value z should be an uint8_t. - */ - -#define gf2_8_shift(z) (((z) & 128) ? \ - (((z) << 1) ^ gf2_8_field_polynomial) : ((z) << 1)) - -gf2_8 -gf2_8_compute_inverse(gf2_8 x); - -void -test_gf2_8(void); - -gf2_8 -gf2_8_multiply(gf2_8 x, gf2_8 y); - -#endif /* GF2_8_H */ diff --git a/srtp/crypto/include/hmac.h b/srtp/crypto/include/hmac.h deleted file mode 100644 index 262c0e2..0000000 --- a/srtp/crypto/include/hmac.h +++ /dev/null @@ -1,78 +0,0 @@ -/* - * hmac.h - * - * interface to hmac auth_type_t - * - * David A. McGrew - * Cisco Systems, Inc. - * - */ -/* - * - * Copyright (c) 2001-2006, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#ifndef HMAC_H -#define HMAC_H - -#include "auth.h" -#include "sha1.h" - -typedef struct { - uint8_t opad[64]; - sha1_ctx_t ctx; - sha1_ctx_t init_ctx; -} hmac_ctx_t; - -err_status_t -hmac_alloc(auth_t **a, int key_len, int out_len); - -err_status_t -hmac_dealloc(auth_t *a); - -err_status_t -hmac_init(hmac_ctx_t *state, const uint8_t *key, int key_len); - -err_status_t -hmac_start(hmac_ctx_t *state); - -err_status_t -hmac_update(hmac_ctx_t *state, const uint8_t *message, int msg_octets); - -err_status_t -hmac_compute(hmac_ctx_t *state, const void *message, - int msg_octets, int tag_len, uint8_t *result); - - -#endif /* HMAC_H */ diff --git a/srtp/crypto/include/integers.h b/srtp/crypto/include/integers.h deleted file mode 100644 index 7010efd..0000000 --- a/srtp/crypto/include/integers.h +++ /dev/null @@ -1,147 +0,0 @@ -/* - * integers.h - * - * defines integer types (or refers to their definitions) - * - * David A. McGrew - * Cisco Systems, Inc. - */ - -/* - * - * Copyright (c) 2001-2006, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef INTEGERS_H -#define INTEGERS_H - -#include "config.h" /* configuration file, using autoconf */ - -#ifdef SRTP_KERNEL - -#include "kernel_compat.h" - -#else /* SRTP_KERNEL */ - -/* use standard integer definitions, if they're available */ -#ifdef HAVE_STDLIB_H -# include <stdlib.h> -#endif -#ifdef HAVE_STDINT_H -# include <stdint.h> -#endif -#ifdef HAVE_INTTYPES_H -# include <inttypes.h> -#endif -#ifdef HAVE_SYS_TYPES_H -# include <sys/types.h> -#endif -#ifdef HAVE_SYS_INT_TYPES_H -# include <sys/int_types.h> /* this exists on Sun OS */ -#endif -#ifdef HAVE_MACHINE_TYPES_H -# include <machine/types.h> -#endif - -/* Can we do 64 bit integers? */ -#ifndef HAVE_UINT64_T -# if SIZEOF_UNSIGNED_LONG == 8 -typedef unsigned long uint64_t; -# elif SIZEOF_UNSIGNED_LONG_LONG == 8 -typedef unsigned long long uint64_t; -# else -# define NO_64BIT_MATH 1 -# endif -#endif - -/* Reasonable defaults for 32 bit machines - you may need to - * edit these definitions for your own machine. */ -#ifndef HAVE_UINT8_T -typedef unsigned char uint8_t; -#endif -#ifndef HAVE_UINT16_T -typedef unsigned short int uint16_t; -#endif -#ifndef HAVE_UINT32_T -typedef unsigned int uint32_t; -#endif - - -#ifdef NO_64BIT_MATH -typedef double uint64_t; -/* assert that sizeof(double) == 8 */ -extern uint64_t make64(uint32_t high, uint32_t low); -extern uint32_t high32(uint64_t value); -extern uint32_t low32(uint64_t value); -#endif - -#endif /* SRTP_KERNEL */ - -/* These macros are to load and store 32-bit values from un-aligned - addresses. This is required for processors that do not allow unaligned - loads. */ -#ifdef ALIGNMENT_32BIT_REQUIRED -/* Note that if it's in a variable, you can memcpy it */ -#ifdef WORDS_BIGENDIAN -#define PUT_32(addr,value) \ - { \ - ((unsigned char *) (addr))[0] = (value >> 24); \ - ((unsigned char *) (addr))[1] = (value >> 16) & 0xff; \ - ((unsigned char *) (addr))[2] = (value >> 8) & 0xff; \ - ((unsigned char *) (addr))[3] = (value) & 0xff; \ - } -#define GET_32(addr) ((((unsigned char *) (addr))[0] << 24) | \ - (((unsigned char *) (addr))[1] << 16) | \ - (((unsigned char *) (addr))[2] << 8) | \ - (((unsigned char *) (addr))[3])) -#else -#define PUT_32(addr,value) \ - { \ - ((unsigned char *) (addr))[3] = (value >> 24); \ - ((unsigned char *) (addr))[2] = (value >> 16) & 0xff; \ - ((unsigned char *) (addr))[1] = (value >> 8) & 0xff; \ - ((unsigned char *) (addr))[0] = (value) & 0xff; \ - } -#define GET_32(addr) ((((unsigned char *) (addr))[3] << 24) | \ - (((unsigned char *) (addr))[2] << 16) | \ - (((unsigned char *) (addr))[1] << 8) | \ - (((unsigned char *) (addr))[0])) -#endif // WORDS_BIGENDIAN -#else -#define PUT_32(addr,value) *(((uint32_t *) (addr)) = (value) -#define GET_32(addr) (*(((uint32_t *) (addr))) -#endif - -#endif /* INTEGERS_H */ diff --git a/srtp/crypto/include/kernel_compat.h b/srtp/crypto/include/kernel_compat.h deleted file mode 100644 index 59d1898..0000000 --- a/srtp/crypto/include/kernel_compat.h +++ /dev/null @@ -1,84 +0,0 @@ -/* - * kernel_compat.h - * - * Compatibility stuff for building in kernel context where standard - * C headers and library are not available. - * - * Marcus Sundberg - * Ingate Systems AB - */ -/* - * - * Copyright(c) 2005 Ingate Systems AB - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the author(s) nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#ifndef KERNEL_COMPAT_H -#define KERNEL_COMPAT_H - -#ifdef SRTP_KERNEL_LINUX - -#include <linux/kernel.h> -#include <linux/slab.h> -#include <linux/sched.h> -#include <linux/random.h> -#include <linux/byteorder/generic.h> - - -#define err_report(priority, ...) \ - do {\ - if (priority <= err_level) {\ - printk(__VA_ARGS__);\ - }\ - }while(0) - -#define clock() (jiffies) -#define time(x) (jiffies) - -/* rand() implementation. */ -#define RAND_MAX 32767 - -static inline int rand(void) -{ - uint32_t temp; - get_random_bytes(&temp, sizeof(temp)); - return temp % (RAND_MAX+1); -} - -/* stdio/stdlib implementation. */ -#define printf(...) printk(__VA_ARGS__) -#define exit(n) panic("%s:%d: exit(%d)\n", __FILE__, __LINE__, (n)) - -#endif /* SRTP_KERNEL_LINUX */ - -#endif /* KERNEL_COMPAT_H */ diff --git a/srtp/crypto/include/key.h b/srtp/crypto/include/key.h deleted file mode 100644 index e7e0744..0000000 --- a/srtp/crypto/include/key.h +++ /dev/null @@ -1,82 +0,0 @@ -/* - * key.h - * - * key usage limits enforcement - * - * David A. Mcgrew - * Cisco Systems, Inc. - */ -/* - * - * Copyright (c) 2001-2006 Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#ifndef KEY_H -#define KEY_H - -#include "rdbx.h" /* for xtd_seq_num_t */ -#include "err.h" - -typedef struct key_limit_ctx_t *key_limit_t; - -typedef enum { - key_event_normal, - key_event_soft_limit, - key_event_hard_limit -} key_event_t; - -err_status_t -key_limit_set(key_limit_t key, const xtd_seq_num_t s); - -err_status_t -key_limit_clone(key_limit_t original, key_limit_t *new_key); - -err_status_t -key_limit_check(const key_limit_t key); - -key_event_t -key_limit_update(key_limit_t key); - -typedef enum { - key_state_normal, - key_state_past_soft_limit, - key_state_expired -} key_state_t; - -typedef struct key_limit_ctx_t { - xtd_seq_num_t num_left; - key_state_t state; -} key_limit_ctx_t; - -#endif /* KEY_H */ diff --git a/srtp/crypto/include/null_auth.h b/srtp/crypto/include/null_auth.h deleted file mode 100644 index 44f9a4a..0000000 --- a/srtp/crypto/include/null_auth.h +++ /dev/null @@ -1,68 +0,0 @@ -/* - * null-auth.h - * - * David A. McGrew - * Cisco Systems, Inc. - * - */ - -/* - * - * Copyright (c) 2001-2006, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#ifndef NULL_AUTH_H -#define NULL_AUTH_H - -#include "auth.h" - -typedef struct { - char foo; -} null_auth_ctx_t; - -err_status_t -null_auth_alloc(auth_t **a, int key_len, int out_len); - -err_status_t -null_auth_dealloc(auth_t *a); - -err_status_t -null_auth_init(null_auth_ctx_t *state, const uint8_t *key, int key_len); - -err_status_t -null_auth_compute (null_auth_ctx_t *state, uint8_t *message, - int msg_octets, int tag_len, uint8_t *result); - - -#endif /* NULL_AUTH_H */ diff --git a/srtp/crypto/include/null_cipher.h b/srtp/crypto/include/null_cipher.h deleted file mode 100644 index 7d6bbdd..0000000 --- a/srtp/crypto/include/null_cipher.h +++ /dev/null @@ -1,80 +0,0 @@ -/* - * null-cipher.h - * - * header file for the null cipher - * - * - * David A. McGrew - * Cisco Systems, Inc. - */ - -/* - * - * Copyright (c) 2001-2006, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef NULL_CIPHER_H -#define NULL_CIPHER_H - -#include "datatypes.h" -#include "cipher.h" - -typedef struct { - char foo ;/* empty, for now */ -} null_cipher_ctx_t; - - -/* - * none of these functions do anything (though future versions may keep - * track of bytes encrypted, number of instances, and/or other info). - */ - -err_status_t -null_cipher_init(null_cipher_ctx_t *c, const uint8_t *key); - -err_status_t -null_cipher_set_segment(null_cipher_ctx_t *c, - unsigned long index); - -err_status_t -null_cipher_encrypt(null_cipher_ctx_t *c, - unsigned char *buf, unsigned int *bytes_to_encr); - - -err_status_t -null_cipher_encrypt_aligned(null_cipher_ctx_t *c, - unsigned char *buf, int bytes_to_encr); - -#endif /* NULL_CIPHER_H */ diff --git a/srtp/crypto/include/prng.h b/srtp/crypto/include/prng.h deleted file mode 100644 index fb96b5e..0000000 --- a/srtp/crypto/include/prng.h +++ /dev/null @@ -1,54 +0,0 @@ -/* - * prng.h - * - * pseudorandom source - * - * David A. McGrew - * Cisco Systems, Inc. - */ - -#ifndef PRNG_H -#define PRNG_H - -#include "rand_source.h" /* for rand_source_func_t definition */ -#include "aes.h" /* for aes */ -#include "aes_icm.h" /* for aes ctr */ - -#define MAX_PRNG_OUT_LEN 0xffffffffU - -/* - * x917_prng is an ANSI X9.17-like AES-based PRNG - */ - -typedef struct { - v128_t state; /* state data */ - aes_expanded_key_t key; /* secret key */ - uint32_t octet_count; /* number of octets output since last init */ - rand_source_func_t rand; /* random source for re-initialization */ -} x917_prng_t; - -err_status_t -x917_prng_init(rand_source_func_t random_source); - -err_status_t -x917_prng_get_octet_string(uint8_t *dest, uint32_t len); - - -/* - * ctr_prng is an AES-CTR based PRNG - */ - -typedef struct { - uint32_t octet_count; /* number of octets output since last init */ - aes_icm_ctx_t state; /* state data */ - rand_source_func_t rand; /* random source for re-initialization */ -} ctr_prng_t; - -err_status_t -ctr_prng_init(rand_source_func_t random_source); - -err_status_t -ctr_prng_get_octet_string(void *dest, uint32_t len); - - -#endif diff --git a/srtp/crypto/include/rand_source.h b/srtp/crypto/include/rand_source.h deleted file mode 100644 index b4c2110..0000000 --- a/srtp/crypto/include/rand_source.h +++ /dev/null @@ -1,91 +0,0 @@ -/* - * rand_source.h - * - * implements a random source based on /dev/random - * - * David A. McGrew - * Cisco Systems, Inc. - */ -/* - * - * Copyright(c) 2001-2006 Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef RAND_SOURCE -#define RAND_SOURCE - -#include "err.h" -#include "datatypes.h" - -err_status_t -rand_source_init(void); - -/* - * rand_source_get_octet_string() writes a random octet string. - * - * The function call rand_source_get_octet_string(dest, len) writes - * len octets of random data to the location to which dest points, - * and returns an error code. This error code should be checked, - * and if a failure is reported, the data in the buffer MUST NOT - * be used. - * - * warning: If the return code is not checked, then non-random - * data may inadvertently be used. - * - * returns: - * - err_status_ok if no problems occured. - * - [other] a problem occured, and no assumptions should - * be made about the contents of the destination - * buffer. - */ - -err_status_t -rand_source_get_octet_string(void *dest, uint32_t length); - -err_status_t -rand_source_deinit(void); - -/* - * function prototype for a random source function - * - * A rand_source_func_t writes num_octets at the location indicated by - * dest and returns err_status_ok. Any other return value indicates - * failure. - */ - -typedef err_status_t (*rand_source_func_t) - (void *dest, uint32_t num_octets); - -#endif /* RAND_SOURCE */ diff --git a/srtp/crypto/include/rdb.h b/srtp/crypto/include/rdb.h deleted file mode 100644 index 5a26c5e..0000000 --- a/srtp/crypto/include/rdb.h +++ /dev/null @@ -1,94 +0,0 @@ -/* - * replay-database.h - * - * interface for a replay database for packet security - * - * David A. McGrew - * Cisco Systems, Inc. - */ - - -#ifndef REPLAY_DB_H -#define REPLAY_DB_H - -#include "integers.h" /* for uint32_t */ -#include "datatypes.h" /* for v128_t */ -#include "err.h" /* for err_status_t */ - -/* - * if the ith least significant bit is one, then the packet index - * window_end-i is in the database - */ - -typedef struct { - uint32_t window_start; /* packet index of the first bit in bitmask */ - v128_t bitmask; -} rdb_t; - -#define rdb_bits_in_bitmask (8*sizeof(v128_t)) - -/* - * rdb init - * - * initalizes rdb - * - * returns err_status_ok on success, err_status_t_fail otherwise - */ - -err_status_t -rdb_init(rdb_t *rdb); - - -/* - * rdb_check - * - * checks to see if index appears in rdb - * - * returns err_status_fail if the index already appears in rdb, - * returns err_status_ok otherwise - */ - -err_status_t -rdb_check(const rdb_t *rdb, uint32_t index); - -/* - * rdb_add_index - * - * adds index to rdb_t (and does *not* check if index appears in db) - * - * returns err_status_ok on success, err_status_fail otherwise - * - */ - -err_status_t -rdb_add_index(rdb_t *rdb, uint32_t index); - -/* - * the functions rdb_increment() and rdb_get_value() are for use by - * senders, not receivers - DO NOT use these functions on the same - * rdb_t upon which rdb_add_index is used! - */ - - -/* - * rdb_increment(db) increments the sequence number in db, if it is - * not too high - * - * return values: - * - * err_status_ok no problem - * err_status_key_expired sequence number too high - * - */ -err_status_t -rdb_increment(rdb_t *rdb); - -/* - * rdb_get_value(db) returns the current sequence number of db - */ - -uint32_t -rdb_get_value(const rdb_t *rdb); - - -#endif /* REPLAY_DB_H */ diff --git a/srtp/crypto/include/rdbx.h b/srtp/crypto/include/rdbx.h deleted file mode 100644 index ce9ecf6..0000000 --- a/srtp/crypto/include/rdbx.h +++ /dev/null @@ -1,146 +0,0 @@ -/* - * rdbx.h - * - * replay database with extended packet indices, using a rollover counter - * - * David A. McGrew - * Cisco Systems, Inc. - * - */ - -#ifndef RDBX_H -#define RDBX_H - -#include "datatypes.h" -#include "err.h" - -/* #define ROC_TEST */ - -#ifndef ROC_TEST - -typedef uint16_t sequence_number_t; /* 16 bit sequence number */ -typedef uint32_t rollover_counter_t; /* 32 bit rollover counter */ - -#else /* use small seq_num and roc datatypes for testing purposes */ - -typedef unsigned char sequence_number_t; /* 8 bit sequence number */ -typedef uint16_t rollover_counter_t; /* 16 bit rollover counter */ - -#endif - -#define seq_num_median (1 << (8*sizeof(sequence_number_t) - 1)) -#define seq_num_max (1 << (8*sizeof(sequence_number_t))) - -/* - * An xtd_seq_num_t is a 64-bit unsigned integer used as an 'extended' - * sequence number. - */ - -typedef uint64_t xtd_seq_num_t; - - -/* - * An rdbx_t is a replay database with extended range; it uses an - * xtd_seq_num_t and a bitmask of recently received indices. - */ - -typedef struct { - xtd_seq_num_t index; - v128_t bitmask; -} rdbx_t; - - -/* - * rdbx_init(rdbx_ptr) - * - * initializes the rdbx pointed to by its argument, setting the - * rollover counter and sequence number to zero - */ - -err_status_t -rdbx_init(rdbx_t *rdbx); - - -/* - * rdbx_estimate_index(rdbx, guess, s) - * - * given an rdbx and a sequence number s (from a newly arrived packet), - * sets the contents of *guess to contain the best guess of the packet - * index to which s corresponds, and returns the difference between - * *guess and the locally stored synch info - */ - -int -rdbx_estimate_index(const rdbx_t *rdbx, - xtd_seq_num_t *guess, - sequence_number_t s); - -/* - * rdbx_check(rdbx, delta); - * - * rdbx_check(&r, delta) checks to see if the xtd_seq_num_t - * which is at rdbx->window_start + delta is in the rdb - * - */ - -err_status_t -rdbx_check(const rdbx_t *rdbx, int difference); - -/* - * replay_add_index(rdbx, delta) - * - * adds the xtd_seq_num_t at rdbx->window_start + delta to replay_db - * (and does *not* check if that xtd_seq_num_t appears in db) - * - * this function should be called *only* after replay_check has - * indicated that the index does not appear in the rdbx, and a mutex - * should protect the rdbx between these calls if necessary. - */ - -err_status_t -rdbx_add_index(rdbx_t *rdbx, int delta); - -/* - * xtd_seq_num_t functions - these are *internal* functions of rdbx, and - * shouldn't be used to manipulate rdbx internal values. use the rdbx - * api instead! - */ - - -/* index_init(&pi) initializes a packet index pi (sets it to zero) */ - -void -index_init(xtd_seq_num_t *pi); - -/* index_advance(&pi, s) advances a xtd_seq_num_t forward by s */ - -void -index_advance(xtd_seq_num_t *pi, sequence_number_t s); - - -/* - * index_guess(local, guess, s) - * - * given a xtd_seq_num_t local (which represents the highest - * known-to-be-good index) and a sequence number s (from a newly - * arrived packet), sets the contents of *guess to contain the best - * guess of the packet index to which s corresponds, and returns the - * difference between *guess and *local - */ - -int -index_guess(const xtd_seq_num_t *local, - xtd_seq_num_t *guess, - sequence_number_t s); - - -#endif /* RDBX_H */ - - - - - - - - - diff --git a/srtp/crypto/include/sha1.h b/srtp/crypto/include/sha1.h deleted file mode 100644 index e3af4d4..0000000 --- a/srtp/crypto/include/sha1.h +++ /dev/null @@ -1,108 +0,0 @@ -/* - * sha1.h - * - * interface to the Secure Hash Algorithm v.1 (SHA-1), specified in - * FIPS 180-1 - * - * David A. McGrew - * Cisco Systems, Inc. - */ - -/* - * - * Copyright (c) 2001-2006, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#ifndef SHA1_H -#define SHA1_H - -#include "err.h" -#include "datatypes.h" - -typedef struct { - uint32_t H[5]; /* state vector */ - uint32_t M[16]; /* message buffer */ - int octets_in_buffer; /* octets of message in buffer */ - uint32_t num_bits_in_msg; /* total number of bits in message */ -} sha1_ctx_t; - -/* - * sha1(&ctx, msg, len, output) hashes the len octets starting at msg - * into the SHA1 context, then writes the result to the 20 octets at - * output - * - */ - -void -sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]); - -/* - * sha1_init(&ctx) initializes the SHA1 context ctx - * - * sha1_update(&ctx, msg, len) hashes the len octets starting at msg - * into the SHA1 context - * - * sha1_final(&ctx, output) performs the final processing of the SHA1 - * context and writes the result to the 20 octets at output - * - */ - -void -sha1_init(sha1_ctx_t *ctx); - -void -sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg); - -void -sha1_final(sha1_ctx_t *ctx, uint32_t output[5]); - -/* - * The sha1_core function is INTERNAL to SHA-1, but it is declared - * here because it is also used by the cipher SEAL 3.0 in its key - * setup algorithm. - */ - -/* - * sha1_core(M, H) computes the core sha1 compression function, where M is - * the next part of the message and H is the intermediate state {H0, - * H1, ...} - * - * this function does not do any of the padding required in the - * complete sha1 function - */ - -void -sha1_core(const uint32_t M[16], uint32_t hash_value[5]); - -#endif /* SHA1_H */ diff --git a/srtp/crypto/include/stat.h b/srtp/crypto/include/stat.h deleted file mode 100644 index e28b131..0000000 --- a/srtp/crypto/include/stat.h +++ /dev/null @@ -1,69 +0,0 @@ -/* - * stats.h - * - * interface to statistical test functions - * - * David A. McGrew - * Cisco Systems, Inc. - */ - -/* - * - * Copyright(c) 2001-2006, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef STAT_H -#define STAT_H - -#include "datatypes.h" /* for uint8_t */ -#include "err.h" /* for err_status_t */ -#include "rand_source.h" /* for rand_source_func_t definition */ - -err_status_t -stat_test_monobit(uint8_t *data); - -err_status_t -stat_test_poker(uint8_t *data); - -err_status_t -stat_test_runs(uint8_t *data); - -err_status_t -stat_test_rand_source(rand_source_func_t rs); - -err_status_t -stat_test_rand_source_with_repetition(rand_source_func_t source, unsigned num_trials); - -#endif /* STAT_H */ diff --git a/srtp/crypto/include/xfm.h b/srtp/crypto/include/xfm.h deleted file mode 100644 index 5837149..0000000 --- a/srtp/crypto/include/xfm.h +++ /dev/null @@ -1,139 +0,0 @@ -/* - * xfm.h - * - * interface for abstract crypto transform - * - * David A. McGrew - * Cisco Systems, Inc. - */ - -#ifndef XFM_H -#define XFM_H - -#include "crypto_kernel.h" -#include "err.h" - -/** - * @defgroup Crypto Cryptography - * - * A simple interface to an abstract cryptographic transform that - * provides both confidentiality and message authentication. - * - * @{ - */ - -/** - * @brief applies a crypto transform - * - * The function pointer xfm_func_t points to a function that - * implements a crypto transform, and provides a uniform API for - * accessing crypto mechanisms. - * - * @param key location of secret key - * - * @param clear data to be authenticated only - * - * @param clear_len length of data to be authenticated only - * - * @param iv location to write the Initialization Vector (IV) - * - * @param protect location of the data to be encrypted and - * authenticated (before the function call), and the ciphertext - * and authentication tag (after the call) - * - * @param protected_len location of the length of the data to be - * encrypted and authenticated (before the function call), and the - * length of the ciphertext (after the call) - * - * @param auth_tag location to write auth tag - */ - -typedef err_status_t (*xfm_func_t) - (void *key, - void *clear, - unsigned clear_len, - void *iv, - void *protect, - unsigned *protected_len, - void *auth_tag - ); - -typedef -err_status_t (*xfm_inv_t) - (void *key, /* location of secret key */ - void *clear, /* data to be authenticated only */ - unsigned clear_len, /* length of data to be authenticated only */ - void *iv, /* location of iv */ - void *opaque, /* data to be decrypted and authenticated */ - unsigned *opaque_len, /* location of the length of data to be - * decrypted and authd (before and after) - */ - void *auth_tag /* location of auth tag */ - ); - -typedef struct xfm_ctx_t { - xfm_func_t func; - xfm_inv_t inv; - unsigned key_len; - unsigned iv_len; - unsigned auth_tag_len; -} xfm_ctx_t; - -typedef xfm_ctx_t *xfm_t; - -#define xfm_get_key_len(xfm) ((xfm)->key_len) - -#define xfm_get_iv_len(xfm) ((xfm)->iv_len) - -#define xfm_get_auth_tag_len(xfm) ((xfm)->auth_tag_len) - - -/* cryptoalgo - 5/28 */ - -typedef err_status_t (*cryptoalg_func_t) - (void *key, - void *clear, - unsigned clear_len, - void *iv, - void *opaque, - unsigned *opaque_len - ); - -typedef -err_status_t (*cryptoalg_inv_t) - (void *key, /* location of secret key */ - void *clear, /* data to be authenticated only */ - unsigned clear_len, /* length of data to be authenticated only */ - void *iv, /* location of iv */ - void *opaque, /* data to be decrypted and authenticated */ - unsigned *opaque_len /* location of the length of data to be - * decrypted and authd (before and after) - */ - ); - -typedef struct cryptoalg_ctx_t { - cryptoalg_func_t enc; - cryptoalg_inv_t dec; - unsigned key_len; - unsigned iv_len; - unsigned auth_tag_len; - unsigned max_expansion; -} cryptoalg_ctx_t; - -typedef cryptoalg_ctx_t *cryptoalg_t; - -#define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len) - -#define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len) - -#define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len) - - - -/** - * @} - */ - -#endif /* XFM_H */ - - |