123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559 |
- /*
- * crypto_kernel.c
- *
- * header for the cryptographic kernel
- *
- * David A. McGrew
- * Cisco Systems, Inc.
- */
- /*
- *
- * Copyright(c) 2001-2017 Cisco Systems, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * Neither the name of the Cisco Systems, Inc. nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
- #ifdef HAVE_CONFIG_H
- #include <config.h>
- #endif
- #include "alloc.h"
- #include "crypto_kernel.h"
- #include "cipher_types.h"
- /* the debug module for the crypto_kernel */
- srtp_debug_module_t srtp_mod_crypto_kernel = {
- 0, /* debugging is off by default */
- "crypto kernel" /* printable name for module */
- };
- /* crypto_kernel is a global variable, the only one of its datatype */
- srtp_crypto_kernel_t crypto_kernel = {
- srtp_crypto_kernel_state_insecure, /* start off in insecure state */
- NULL, /* no cipher types yet */
- NULL, /* no auth types yet */
- NULL /* no debug modules yet */
- };
- #define MAX_RNG_TRIALS 25
- srtp_err_status_t srtp_crypto_kernel_init()
- {
- srtp_err_status_t status;
- /* check the security state */
- if (crypto_kernel.state == srtp_crypto_kernel_state_secure) {
- /*
- * we're already in the secure state, but we've been asked to
- * re-initialize, so we just re-run the self-tests and then return
- */
- return srtp_crypto_kernel_status();
- }
- /* initialize error reporting system */
- status = srtp_err_reporting_init();
- if (status) {
- return status;
- }
- /* load debug modules */
- status = srtp_crypto_kernel_load_debug_module(&srtp_mod_crypto_kernel);
- if (status) {
- return status;
- }
- status = srtp_crypto_kernel_load_debug_module(&srtp_mod_auth);
- if (status) {
- return status;
- }
- status = srtp_crypto_kernel_load_debug_module(&srtp_mod_cipher);
- if (status) {
- return status;
- }
- status = srtp_crypto_kernel_load_debug_module(&srtp_mod_alloc);
- if (status) {
- return status;
- }
- /* load cipher types */
- status = srtp_crypto_kernel_load_cipher_type(&srtp_null_cipher,
- SRTP_NULL_CIPHER);
- if (status) {
- return status;
- }
- status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_icm_128,
- SRTP_AES_ICM_128);
- if (status) {
- return status;
- }
- status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_icm_256,
- SRTP_AES_ICM_256);
- if (status) {
- return status;
- }
- status = srtp_crypto_kernel_load_debug_module(&srtp_mod_aes_icm);
- if (status) {
- return status;
- }
- #ifdef GCM
- status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_icm_192,
- SRTP_AES_ICM_192);
- if (status) {
- return status;
- }
- status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_gcm_128,
- SRTP_AES_GCM_128);
- if (status) {
- return status;
- }
- status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_gcm_256,
- SRTP_AES_GCM_256);
- if (status) {
- return status;
- }
- status = srtp_crypto_kernel_load_debug_module(&srtp_mod_aes_gcm);
- if (status) {
- return status;
- }
- #endif
- /* load auth func types */
- status = srtp_crypto_kernel_load_auth_type(&srtp_null_auth, SRTP_NULL_AUTH);
- if (status) {
- return status;
- }
- status = srtp_crypto_kernel_load_auth_type(&srtp_hmac, SRTP_HMAC_SHA1);
- if (status) {
- return status;
- }
- status = srtp_crypto_kernel_load_debug_module(&srtp_mod_hmac);
- if (status) {
- return status;
- }
- /* change state to secure */
- crypto_kernel.state = srtp_crypto_kernel_state_secure;
- return srtp_err_status_ok;
- }
- srtp_err_status_t srtp_crypto_kernel_status()
- {
- srtp_err_status_t status;
- srtp_kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list;
- srtp_kernel_auth_type_t *atype = crypto_kernel.auth_type_list;
- /* for each cipher type, describe and test */
- while (ctype != NULL) {
- srtp_err_report(srtp_err_level_info, "cipher: %s\n",
- ctype->cipher_type->description);
- srtp_err_report(srtp_err_level_info, " self-test: ");
- status = srtp_cipher_type_self_test(ctype->cipher_type);
- if (status) {
- srtp_err_report(srtp_err_level_error, "failed with error code %d\n",
- status);
- exit(status);
- }
- srtp_err_report(srtp_err_level_info, "passed\n");
- ctype = ctype->next;
- }
- /* for each auth type, describe and test */
- while (atype != NULL) {
- srtp_err_report(srtp_err_level_info, "auth func: %s\n",
- atype->auth_type->description);
- srtp_err_report(srtp_err_level_info, " self-test: ");
- status = srtp_auth_type_self_test(atype->auth_type);
- if (status) {
- srtp_err_report(srtp_err_level_error, "failed with error code %d\n",
- status);
- exit(status);
- }
- srtp_err_report(srtp_err_level_info, "passed\n");
- atype = atype->next;
- }
- srtp_crypto_kernel_list_debug_modules();
- return srtp_err_status_ok;
- }
- srtp_err_status_t srtp_crypto_kernel_list_debug_modules()
- {
- srtp_kernel_debug_module_t *dm = crypto_kernel.debug_module_list;
- /* describe each debug module */
- srtp_err_report(srtp_err_level_info, "debug modules loaded:\n");
- while (dm != NULL) {
- srtp_err_report(srtp_err_level_info, " %s ", dm->mod->name);
- if (dm->mod->on) {
- srtp_err_report(srtp_err_level_info, "(on)\n");
- } else {
- srtp_err_report(srtp_err_level_info, "(off)\n");
- }
- dm = dm->next;
- }
- return srtp_err_status_ok;
- }
- srtp_err_status_t srtp_crypto_kernel_shutdown()
- {
- /*
- * free dynamic memory used in crypto_kernel at present
- */
- /* walk down cipher type list, freeing memory */
- while (crypto_kernel.cipher_type_list != NULL) {
- srtp_kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list;
- crypto_kernel.cipher_type_list = ctype->next;
- debug_print(srtp_mod_crypto_kernel, "freeing memory for cipher %s",
- ctype->cipher_type->description);
- srtp_crypto_free(ctype);
- }
- /* walk down authetication module list, freeing memory */
- while (crypto_kernel.auth_type_list != NULL) {
- srtp_kernel_auth_type_t *atype = crypto_kernel.auth_type_list;
- crypto_kernel.auth_type_list = atype->next;
- debug_print(srtp_mod_crypto_kernel,
- "freeing memory for authentication %s",
- atype->auth_type->description);
- srtp_crypto_free(atype);
- }
- /* walk down debug module list, freeing memory */
- while (crypto_kernel.debug_module_list != NULL) {
- srtp_kernel_debug_module_t *kdm = crypto_kernel.debug_module_list;
- crypto_kernel.debug_module_list = kdm->next;
- debug_print(srtp_mod_crypto_kernel,
- "freeing memory for debug module %s", kdm->mod->name);
- srtp_crypto_free(kdm);
- }
- /* return to insecure state */
- crypto_kernel.state = srtp_crypto_kernel_state_insecure;
- return srtp_err_status_ok;
- }
- static inline srtp_err_status_t srtp_crypto_kernel_do_load_cipher_type(
- const srtp_cipher_type_t *new_ct,
- srtp_cipher_type_id_t id,
- int replace)
- {
- srtp_kernel_cipher_type_t *ctype;
- srtp_kernel_cipher_type_t *new_ctype = NULL;
- srtp_err_status_t status;
- /* defensive coding */
- if (new_ct == NULL) {
- return srtp_err_status_bad_param;
- }
- if (new_ct->id != id) {
- return srtp_err_status_bad_param;
- }
- /* check cipher type by running self-test */
- status = srtp_cipher_type_self_test(new_ct);
- if (status) {
- return status;
- }
- /* walk down list, checking if this type is in the list already */
- ctype = crypto_kernel.cipher_type_list;
- while (ctype != NULL) {
- if (id == ctype->id) {
- if (!replace) {
- return srtp_err_status_bad_param;
- }
- status =
- srtp_cipher_type_test(new_ct, ctype->cipher_type->test_data);
- if (status) {
- return status;
- }
- new_ctype = ctype;
- break;
- } else if (new_ct == ctype->cipher_type) {
- return srtp_err_status_bad_param;
- }
- ctype = ctype->next;
- }
- /* if not found, put new_ct at the head of the list */
- if (ctype == NULL) {
- /* allocate memory */
- new_ctype = (srtp_kernel_cipher_type_t *)srtp_crypto_alloc(
- sizeof(srtp_kernel_cipher_type_t));
- if (new_ctype == NULL) {
- return srtp_err_status_alloc_fail;
- }
- new_ctype->next = crypto_kernel.cipher_type_list;
- /* set head of list to new cipher type */
- crypto_kernel.cipher_type_list = new_ctype;
- }
- /* set fields */
- new_ctype->cipher_type = new_ct;
- new_ctype->id = id;
- return srtp_err_status_ok;
- }
- srtp_err_status_t srtp_crypto_kernel_load_cipher_type(
- const srtp_cipher_type_t *new_ct,
- srtp_cipher_type_id_t id)
- {
- return srtp_crypto_kernel_do_load_cipher_type(new_ct, id, 0);
- }
- srtp_err_status_t srtp_replace_cipher_type(const srtp_cipher_type_t *new_ct,
- srtp_cipher_type_id_t id)
- {
- return srtp_crypto_kernel_do_load_cipher_type(new_ct, id, 1);
- }
- srtp_err_status_t srtp_crypto_kernel_do_load_auth_type(
- const srtp_auth_type_t *new_at,
- srtp_auth_type_id_t id,
- int replace)
- {
- srtp_kernel_auth_type_t *atype;
- srtp_kernel_auth_type_t *new_atype = NULL;
- srtp_err_status_t status;
- /* defensive coding */
- if (new_at == NULL) {
- return srtp_err_status_bad_param;
- }
- if (new_at->id != id) {
- return srtp_err_status_bad_param;
- }
- /* check auth type by running self-test */
- status = srtp_auth_type_self_test(new_at);
- if (status) {
- return status;
- }
- /* walk down list, checking if this type is in the list already */
- atype = crypto_kernel.auth_type_list;
- while (atype != NULL) {
- if (id == atype->id) {
- if (!replace) {
- return srtp_err_status_bad_param;
- }
- status = srtp_auth_type_test(new_at, atype->auth_type->test_data);
- if (status) {
- return status;
- }
- new_atype = atype;
- break;
- } else if (new_at == atype->auth_type) {
- return srtp_err_status_bad_param;
- }
- atype = atype->next;
- }
- /* if not found, put new_at at the head of the list */
- if (atype == NULL) {
- /* allocate memory */
- new_atype = (srtp_kernel_auth_type_t *)srtp_crypto_alloc(
- sizeof(srtp_kernel_auth_type_t));
- if (new_atype == NULL) {
- return srtp_err_status_alloc_fail;
- }
- new_atype->next = crypto_kernel.auth_type_list;
- /* set head of list to new auth type */
- crypto_kernel.auth_type_list = new_atype;
- }
- /* set fields */
- new_atype->auth_type = new_at;
- new_atype->id = id;
- return srtp_err_status_ok;
- }
- srtp_err_status_t srtp_crypto_kernel_load_auth_type(
- const srtp_auth_type_t *new_at,
- srtp_auth_type_id_t id)
- {
- return srtp_crypto_kernel_do_load_auth_type(new_at, id, 0);
- }
- srtp_err_status_t srtp_replace_auth_type(const srtp_auth_type_t *new_at,
- srtp_auth_type_id_t id)
- {
- return srtp_crypto_kernel_do_load_auth_type(new_at, id, 1);
- }
- const srtp_cipher_type_t *srtp_crypto_kernel_get_cipher_type(
- srtp_cipher_type_id_t id)
- {
- srtp_kernel_cipher_type_t *ctype;
- /* walk down list, looking for id */
- ctype = crypto_kernel.cipher_type_list;
- while (ctype != NULL) {
- if (id == ctype->id) {
- return ctype->cipher_type;
- }
- ctype = ctype->next;
- }
- /* haven't found the right one, indicate failure by returning NULL */
- return NULL;
- }
- srtp_err_status_t srtp_crypto_kernel_alloc_cipher(srtp_cipher_type_id_t id,
- srtp_cipher_pointer_t *cp,
- int key_len,
- int tag_len)
- {
- const srtp_cipher_type_t *ct;
- /*
- * if the crypto_kernel is not yet initialized, we refuse to allocate
- * any ciphers - this is a bit extra-paranoid
- */
- if (crypto_kernel.state != srtp_crypto_kernel_state_secure) {
- return srtp_err_status_init_fail;
- }
- ct = srtp_crypto_kernel_get_cipher_type(id);
- if (!ct) {
- return srtp_err_status_fail;
- }
- return ((ct)->alloc(cp, key_len, tag_len));
- }
- const srtp_auth_type_t *srtp_crypto_kernel_get_auth_type(srtp_auth_type_id_t id)
- {
- srtp_kernel_auth_type_t *atype;
- /* walk down list, looking for id */
- atype = crypto_kernel.auth_type_list;
- while (atype != NULL) {
- if (id == atype->id) {
- return atype->auth_type;
- }
- atype = atype->next;
- }
- /* haven't found the right one, indicate failure by returning NULL */
- return NULL;
- }
- srtp_err_status_t srtp_crypto_kernel_alloc_auth(srtp_auth_type_id_t id,
- srtp_auth_pointer_t *ap,
- int key_len,
- int tag_len)
- {
- const srtp_auth_type_t *at;
- /*
- * if the crypto_kernel is not yet initialized, we refuse to allocate
- * any auth functions - this is a bit extra-paranoid
- */
- if (crypto_kernel.state != srtp_crypto_kernel_state_secure) {
- return srtp_err_status_init_fail;
- }
- at = srtp_crypto_kernel_get_auth_type(id);
- if (!at) {
- return srtp_err_status_fail;
- }
- return ((at)->alloc(ap, key_len, tag_len));
- }
- srtp_err_status_t srtp_crypto_kernel_load_debug_module(
- srtp_debug_module_t *new_dm)
- {
- srtp_kernel_debug_module_t *kdm, *new;
- /* defensive coding */
- if (new_dm == NULL || new_dm->name == NULL) {
- return srtp_err_status_bad_param;
- }
- /* walk down list, checking if this type is in the list already */
- kdm = crypto_kernel.debug_module_list;
- while (kdm != NULL) {
- if (strncmp(new_dm->name, kdm->mod->name, 64) == 0) {
- return srtp_err_status_bad_param;
- }
- kdm = kdm->next;
- }
- /* put new_dm at the head of the list */
- /* allocate memory */
- new = (srtp_kernel_debug_module_t *)srtp_crypto_alloc(
- sizeof(srtp_kernel_debug_module_t));
- if (new == NULL) {
- return srtp_err_status_alloc_fail;
- }
- /* set fields */
- new->mod = new_dm;
- new->next = crypto_kernel.debug_module_list;
- /* set head of list to new cipher type */
- crypto_kernel.debug_module_list = new;
- return srtp_err_status_ok;
- }
- srtp_err_status_t srtp_crypto_kernel_set_debug_module(const char *name, int on)
- {
- srtp_kernel_debug_module_t *kdm;
- /* walk down list, checking if this type is in the list already */
- kdm = crypto_kernel.debug_module_list;
- while (kdm != NULL) {
- if (strncmp(name, kdm->mod->name, 64) == 0) {
- kdm->mod->on = on;
- return srtp_err_status_ok;
- }
- kdm = kdm->next;
- }
- return srtp_err_status_fail;
- }
|