2
0

auth.h 6.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173
  1. /*
  2. * auth.h
  3. *
  4. * common interface to authentication functions
  5. *
  6. * David A. McGrew
  7. * Cisco Systems, Inc.
  8. */
  9. /*
  10. *
  11. * Copyright (c) 2001-2017, Cisco Systems, Inc.
  12. * All rights reserved.
  13. *
  14. * Redistribution and use in source and binary forms, with or without
  15. * modification, are permitted provided that the following conditions
  16. * are met:
  17. *
  18. * Redistributions of source code must retain the above copyright
  19. * notice, this list of conditions and the following disclaimer.
  20. *
  21. * Redistributions in binary form must reproduce the above
  22. * copyright notice, this list of conditions and the following
  23. * disclaimer in the documentation and/or other materials provided
  24. * with the distribution.
  25. *
  26. * Neither the name of the Cisco Systems, Inc. nor the names of its
  27. * contributors may be used to endorse or promote products derived
  28. * from this software without specific prior written permission.
  29. *
  30. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  31. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  32. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
  33. * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
  34. * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
  35. * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  36. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  37. * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  38. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  39. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  40. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  41. * OF THE POSSIBILITY OF SUCH DAMAGE.
  42. *
  43. */
  44. #ifndef SRTP_AUTH_H
  45. #define SRTP_AUTH_H
  46. #include "srtp.h"
  47. #include "crypto_types.h" /* for values of auth_type_id_t */
  48. #ifdef __cplusplus
  49. extern "C" {
  50. #endif
  51. typedef const struct srtp_auth_type_t *srtp_auth_type_pointer;
  52. typedef struct srtp_auth_t *srtp_auth_pointer_t;
  53. typedef srtp_err_status_t (*srtp_auth_alloc_func)(srtp_auth_pointer_t *ap,
  54. int key_len,
  55. int out_len);
  56. typedef srtp_err_status_t (*srtp_auth_init_func)(void *state,
  57. const uint8_t *key,
  58. int key_len);
  59. typedef srtp_err_status_t (*srtp_auth_dealloc_func)(srtp_auth_pointer_t ap);
  60. typedef srtp_err_status_t (*srtp_auth_compute_func)(void *state,
  61. const uint8_t *buffer,
  62. int octets_to_auth,
  63. int tag_len,
  64. uint8_t *tag);
  65. typedef srtp_err_status_t (*srtp_auth_update_func)(void *state,
  66. const uint8_t *buffer,
  67. int octets_to_auth);
  68. typedef srtp_err_status_t (*srtp_auth_start_func)(void *state);
  69. /* some syntactic sugar on these function types */
  70. #define srtp_auth_type_alloc(at, a, klen, outlen) \
  71. ((at)->alloc((a), (klen), (outlen)))
  72. #define srtp_auth_init(a, key) \
  73. (((a)->type)->init((a)->state, (key), ((a)->key_len)))
  74. #define srtp_auth_compute(a, buf, len, res) \
  75. (((a)->type)->compute((a)->state, (buf), (len), (a)->out_len, (res)))
  76. #define srtp_auth_update(a, buf, len) \
  77. (((a)->type)->update((a)->state, (buf), (len)))
  78. #define srtp_auth_start(a) (((a)->type)->start((a)->state))
  79. #define srtp_auth_dealloc(c) (((c)->type)->dealloc(c))
  80. /* functions to get information about a particular auth_t */
  81. int srtp_auth_get_key_length(const struct srtp_auth_t *a);
  82. int srtp_auth_get_tag_length(const struct srtp_auth_t *a);
  83. int srtp_auth_get_prefix_length(const struct srtp_auth_t *a);
  84. /*
  85. * srtp_auth_test_case_t is a (list of) key/message/tag values that are
  86. * known to be correct for a particular cipher. this data can be used
  87. * to test an implementation in an on-the-fly self test of the
  88. * correctness of the implementation. (see the srtp_auth_type_self_test()
  89. * function below)
  90. */
  91. typedef struct srtp_auth_test_case_t {
  92. int key_length_octets; /* octets in key */
  93. const uint8_t *key; /* key */
  94. int data_length_octets; /* octets in data */
  95. const uint8_t *data; /* data */
  96. int tag_length_octets; /* octets in tag */
  97. const uint8_t *tag; /* tag */
  98. const struct srtp_auth_test_case_t
  99. *next_test_case; /* pointer to next testcase */
  100. } srtp_auth_test_case_t;
  101. /* srtp_auth_type_t */
  102. typedef struct srtp_auth_type_t {
  103. srtp_auth_alloc_func alloc;
  104. srtp_auth_dealloc_func dealloc;
  105. srtp_auth_init_func init;
  106. srtp_auth_compute_func compute;
  107. srtp_auth_update_func update;
  108. srtp_auth_start_func start;
  109. const char *description;
  110. const srtp_auth_test_case_t *test_data;
  111. srtp_auth_type_id_t id;
  112. } srtp_auth_type_t;
  113. typedef struct srtp_auth_t {
  114. const srtp_auth_type_t *type;
  115. void *state;
  116. int out_len; /* length of output tag in octets */
  117. int key_len; /* length of key in octets */
  118. int prefix_len; /* length of keystream prefix */
  119. } srtp_auth_t;
  120. /*
  121. * srtp_auth_type_self_test() tests an auth_type against test cases
  122. * provided in an array of values of key/message/tag that is known to
  123. * be good
  124. */
  125. srtp_err_status_t srtp_auth_type_self_test(const srtp_auth_type_t *at);
  126. /*
  127. * srtp_auth_type_test() tests an auth_type against external test cases
  128. * provided in an array of values of key/message/tag that is known to
  129. * be good
  130. */
  131. srtp_err_status_t srtp_auth_type_test(const srtp_auth_type_t *at,
  132. const srtp_auth_test_case_t *test_data);
  133. /*
  134. * srtp_replace_auth_type(ct, id)
  135. *
  136. * replaces srtp's kernel's auth type implementation for the auth_type id
  137. * with a new one passed in externally. The new auth type must pass all the
  138. * existing auth_type's self tests as well as its own.
  139. */
  140. srtp_err_status_t srtp_replace_auth_type(const srtp_auth_type_t *ct,
  141. srtp_auth_type_id_t id);
  142. #ifdef __cplusplus
  143. }
  144. #endif
  145. #endif /* SRTP_AUTH_H */