2
0

cipher.h 9.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248
  1. /*
  2. * cipher.h
  3. *
  4. * common interface to ciphers
  5. *
  6. * David A. McGrew
  7. * Cisco Systems, Inc.
  8. */
  9. /*
  10. *
  11. * Copyright (c) 2001-2017 Cisco Systems, Inc.
  12. * All rights reserved.
  13. *
  14. * Redistribution and use in source and binary forms, with or without
  15. * modification, are permitted provided that the following conditions
  16. * are met:
  17. *
  18. * Redistributions of source code must retain the above copyright
  19. * notice, this list of conditions and the following disclaimer.
  20. *
  21. * Redistributions in binary form must reproduce the above
  22. * copyright notice, this list of conditions and the following
  23. * disclaimer in the documentation and/or other materials provided
  24. * with the distribution.
  25. *
  26. * Neither the name of the Cisco Systems, Inc. nor the names of its
  27. * contributors may be used to endorse or promote products derived
  28. * from this software without specific prior written permission.
  29. *
  30. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  31. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  32. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
  33. * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
  34. * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
  35. * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  36. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  37. * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  38. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  39. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  40. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  41. * OF THE POSSIBILITY OF SUCH DAMAGE.
  42. *
  43. */
  44. #ifndef SRTP_CIPHER_H
  45. #define SRTP_CIPHER_H
  46. #include "srtp.h"
  47. #include "crypto_types.h" /* for values of cipher_type_id_t */
  48. #ifdef __cplusplus
  49. extern "C" {
  50. #endif
  51. /*
  52. * srtp_cipher_direction_t defines a particular cipher operation.
  53. *
  54. * A srtp_cipher_direction_t is an enum that describes a particular cipher
  55. * operation, i.e. encryption or decryption. For some ciphers, this
  56. * distinction does not matter, but for others, it is essential.
  57. */
  58. typedef enum {
  59. srtp_direction_encrypt, /**< encryption (convert plaintext to ciphertext) */
  60. srtp_direction_decrypt, /**< decryption (convert ciphertext to plaintext) */
  61. srtp_direction_any /**< encryption or decryption */
  62. } srtp_cipher_direction_t;
  63. /*
  64. * the srtp_cipher_pointer_t definition is needed
  65. * as srtp_cipher_t is not yet defined
  66. */
  67. typedef struct srtp_cipher_t *srtp_cipher_pointer_t;
  68. /*
  69. * a srtp_cipher_alloc_func_t allocates (but does not initialize) a
  70. * srtp_cipher_t
  71. */
  72. typedef srtp_err_status_t (*srtp_cipher_alloc_func_t)(srtp_cipher_pointer_t *cp,
  73. int key_len,
  74. int tag_len);
  75. /*
  76. * a srtp_cipher_init_func_t [re-]initializes a cipher_t with a given key
  77. */
  78. typedef srtp_err_status_t (*srtp_cipher_init_func_t)(void *state,
  79. const uint8_t *key);
  80. /* a srtp_cipher_dealloc_func_t de-allocates a cipher_t */
  81. typedef srtp_err_status_t (*srtp_cipher_dealloc_func_t)(
  82. srtp_cipher_pointer_t cp);
  83. /*
  84. * a srtp_cipher_set_aad_func_t processes the AAD data for AEAD ciphers
  85. */
  86. typedef srtp_err_status_t (*srtp_cipher_set_aad_func_t)(void *state,
  87. const uint8_t *aad,
  88. uint32_t aad_len);
  89. /* a srtp_cipher_encrypt_func_t encrypts data in-place */
  90. typedef srtp_err_status_t (*srtp_cipher_encrypt_func_t)(
  91. void *state,
  92. uint8_t *buffer,
  93. unsigned int *octets_to_encrypt);
  94. /* a srtp_cipher_decrypt_func_t decrypts data in-place */
  95. typedef srtp_err_status_t (*srtp_cipher_decrypt_func_t)(
  96. void *state,
  97. uint8_t *buffer,
  98. unsigned int *octets_to_decrypt);
  99. /*
  100. * a srtp_cipher_set_iv_func_t function sets the current initialization vector
  101. */
  102. typedef srtp_err_status_t (*srtp_cipher_set_iv_func_t)(
  103. void *state,
  104. uint8_t *iv,
  105. srtp_cipher_direction_t direction);
  106. /*
  107. * a cipher_get_tag_func_t function is used to get the authentication
  108. * tag that was calculated by an AEAD cipher.
  109. */
  110. typedef srtp_err_status_t (*srtp_cipher_get_tag_func_t)(void *state,
  111. uint8_t *tag,
  112. uint32_t *len);
  113. /*
  114. * srtp_cipher_test_case_t is a (list of) key, salt, plaintext, ciphertext,
  115. * and aad values that are known to be correct for a
  116. * particular cipher. this data can be used to test an implementation
  117. * in an on-the-fly self test of the correctness of the implementation.
  118. * (see the srtp_cipher_type_self_test() function below)
  119. */
  120. typedef struct srtp_cipher_test_case_t {
  121. int key_length_octets; /* octets in key */
  122. const uint8_t *key; /* key */
  123. uint8_t *idx; /* packet index */
  124. unsigned int plaintext_length_octets; /* octets in plaintext */
  125. const uint8_t *plaintext; /* plaintext */
  126. unsigned int ciphertext_length_octets; /* octets in plaintext */
  127. const uint8_t *ciphertext; /* ciphertext */
  128. int aad_length_octets; /* octets in AAD */
  129. const uint8_t *aad; /* AAD */
  130. int tag_length_octets; /* Length of AEAD tag */
  131. const struct srtp_cipher_test_case_t
  132. *next_test_case; /* pointer to next testcase */
  133. } srtp_cipher_test_case_t;
  134. /* srtp_cipher_type_t defines the 'metadata' for a particular cipher type */
  135. typedef struct srtp_cipher_type_t {
  136. srtp_cipher_alloc_func_t alloc;
  137. srtp_cipher_dealloc_func_t dealloc;
  138. srtp_cipher_init_func_t init;
  139. srtp_cipher_set_aad_func_t set_aad;
  140. srtp_cipher_encrypt_func_t encrypt;
  141. srtp_cipher_encrypt_func_t decrypt;
  142. srtp_cipher_set_iv_func_t set_iv;
  143. srtp_cipher_get_tag_func_t get_tag;
  144. const char *description;
  145. const srtp_cipher_test_case_t *test_data;
  146. srtp_cipher_type_id_t id;
  147. } srtp_cipher_type_t;
  148. /*
  149. * srtp_cipher_t defines an instantiation of a particular cipher, with fixed
  150. * key length, key and salt values
  151. */
  152. typedef struct srtp_cipher_t {
  153. const srtp_cipher_type_t *type;
  154. void *state;
  155. int key_len;
  156. int algorithm;
  157. } srtp_cipher_t;
  158. /* some bookkeeping functions */
  159. int srtp_cipher_get_key_length(const srtp_cipher_t *c);
  160. /*
  161. * srtp_cipher_type_self_test() tests a cipher against test cases provided in
  162. * an array of values of key/srtp_xtd_seq_num_t/plaintext/ciphertext
  163. * that is known to be good
  164. */
  165. srtp_err_status_t srtp_cipher_type_self_test(const srtp_cipher_type_t *ct);
  166. /*
  167. * srtp_cipher_type_test() tests a cipher against external test cases provided
  168. * in
  169. * an array of values of key/srtp_xtd_seq_num_t/plaintext/ciphertext
  170. * that is known to be good
  171. */
  172. srtp_err_status_t srtp_cipher_type_test(
  173. const srtp_cipher_type_t *ct,
  174. const srtp_cipher_test_case_t *test_data);
  175. /*
  176. * srtp_cipher_bits_per_second(c, l, t) computes (an estimate of) the
  177. * number of bits that a cipher implementation can encrypt in a second
  178. *
  179. * c is a cipher (which MUST be allocated and initialized already), l
  180. * is the length in octets of the test data to be encrypted, and t is
  181. * the number of trials
  182. *
  183. * if an error is encountered, then the value 0 is returned
  184. */
  185. uint64_t srtp_cipher_bits_per_second(srtp_cipher_t *c,
  186. int octets_in_buffer,
  187. int num_trials);
  188. srtp_err_status_t srtp_cipher_type_alloc(const srtp_cipher_type_t *ct,
  189. srtp_cipher_t **c,
  190. int key_len,
  191. int tlen);
  192. srtp_err_status_t srtp_cipher_dealloc(srtp_cipher_t *c);
  193. srtp_err_status_t srtp_cipher_init(srtp_cipher_t *c, const uint8_t *key);
  194. srtp_err_status_t srtp_cipher_set_iv(srtp_cipher_t *c,
  195. uint8_t *iv,
  196. int direction);
  197. srtp_err_status_t srtp_cipher_output(srtp_cipher_t *c,
  198. uint8_t *buffer,
  199. uint32_t *num_octets_to_output);
  200. srtp_err_status_t srtp_cipher_encrypt(srtp_cipher_t *c,
  201. uint8_t *buffer,
  202. uint32_t *num_octets_to_output);
  203. srtp_err_status_t srtp_cipher_decrypt(srtp_cipher_t *c,
  204. uint8_t *buffer,
  205. uint32_t *num_octets_to_output);
  206. srtp_err_status_t srtp_cipher_get_tag(srtp_cipher_t *c,
  207. uint8_t *buffer,
  208. uint32_t *tag_len);
  209. srtp_err_status_t srtp_cipher_set_aad(srtp_cipher_t *c,
  210. const uint8_t *aad,
  211. uint32_t aad_len);
  212. /*
  213. * srtp_replace_cipher_type(ct, id)
  214. *
  215. * replaces srtp's existing cipher implementation for the cipher_type id
  216. * with a new one passed in externally. The new cipher must pass all the
  217. * existing cipher_type's self tests as well as its own.
  218. */
  219. srtp_err_status_t srtp_replace_cipher_type(const srtp_cipher_type_t *ct,
  220. srtp_cipher_type_id_t id);
  221. #ifdef __cplusplus
  222. }
  223. #endif
  224. #endif /* SRTP_CIPHER_H */