X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=crypt.h;h=21abe41f68cd8c5b335cc133b5c6f3050869c4ee;hp=54586aa64e59eb01ad98a538676d567fcb9f2f71;hb=1d54a5412ef39590022e6dd4448881f267e96d0b;hpb=ae0e4594c6a0312c5b4b4c0bde86f9c12253d11b diff --git a/crypt.h b/crypt.h index 54586aa6..21abe41f 100644 --- a/crypt.h +++ b/crypt.h @@ -1,37 +1,111 @@ /* - * Copyright (C) 2005-2007 Andre Noll + * Copyright (C) 2005-2011 Andre Noll * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA. + * Licensed under the GPL v2. For licencing details see COPYING. */ -/** \file crypt.h prototypes for the RSA crypt functions */ +/** \file crypt.h Prototypes for paraslash crypto functions. */ + +/** Opaque structure for public and private keys. */ +struct asymmetric_key; -#include -int para_decrypt_challenge(char *key_file, long unsigned *challenge_nr, - unsigned char *buf, unsigned rsa_inlen); -int para_encrypt_challenge(RSA* rsa, long unsigned challenge_nr, - unsigned char *outbuf); -int para_encrypt_buffer(RSA* rsa, unsigned char *inbuf, unsigned len, - unsigned char *outbuf); -int para_decrypt_buffer(char *key_file, unsigned char *outbuf, unsigned char *inbuf, - unsigned rsa_inlen); -int get_rsa_key(char *key_file, RSA **rsa, int private); +int pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf, + unsigned len, unsigned char *outbuf); +int priv_decrypt(const char *key_file, unsigned char *outbuf, + unsigned char *inbuf, int inlen); +int get_asymmetric_key(const char *key_file, int private, + struct asymmetric_key **result); +void free_asymmetric_key(struct asymmetric_key *key); -void rsa_free(RSA *rsa); +void get_random_bytes_or_die(unsigned char *buf, int num); +void init_random_seed_or_die(void); + +/** Opaque structure for stream cipher crypto. */ +struct stream_cipher; + +/** Number of bytes of the session key. */ +#define SESSION_KEY_LEN 32 + +/** + * Used on the server-side for client-server communication encryption. + * + * The traffic between (the forked child of) para_server and the remote client + * process is crypted by a symmetric session key. This structure contains the + * keys for the stream cipher and the file descriptor for which these keys + * should be used. + */ +struct stream_cipher_context { + /** The socket file descriptor. */ + int fd; + /** Key used for receiving data. */ + struct stream_cipher *recv; + /** Key used for sending data. */ + struct stream_cipher *send; +}; + +struct stream_cipher *sc_new(const unsigned char *data, int len); +void sc_free(struct stream_cipher *sc); + +int sc_send_bin_buffer(struct stream_cipher_context *scc, const char *buf, + size_t len); +int sc_send_buffer(struct stream_cipher_context *scc, const char *buf); +__printf_2_3 int sc_send_va_buffer(struct stream_cipher_context *scc, + const char *fmt, ...); +int sc_recv_bin_buffer(struct stream_cipher_context *scc, char *buf, + size_t size); +int sc_recv_buffer(struct stream_cipher_context *scc, char *buf, size_t size); /** \cond used to distinguish between loading of private/public key */ #define LOAD_PUBLIC_KEY 0 #define LOAD_PRIVATE_KEY 1 +#define CHALLENGE_SIZE 64 /** \endcond **/ + +/** Size of the hash value in bytes. */ +#define HASH_SIZE 20 + +void hash_function(const char *data, unsigned long len, unsigned char *hash); + +/** + * Compare two hashes. + * + * \param h1 Pointer to the first hash value. + * \param h2 Pointer to the second hash value. + * + * \return 1, -1, or zero, depending on whether \a h1 is greater than, + * less than or equal to h2, respectively. + */ +_static_inline_ int hash_compare(unsigned char *h1, unsigned char *h2) +{ + int i; + + for (i = 0; i < HASH_SIZE; i++) { + if (h1[i] < h2[i]) + return -1; + if (h1[i] > h2[i]) + return 1; + } + return 0; +} + +/** + * Convert a hash value to ascii format. + * + * \param hash the hash value. + * \param asc Result pointer. + * + * \a asc must point to an area of at least 2 * \p HASH_SIZE + 1 bytes which + * will be filled by the function with the ascii representation of the hash + * value given by \a hash, and a terminating \p NULL byte. + */ +_static_inline_ void hash_to_asc(unsigned char *hash, char *asc) +{ + int i; + const char hexchar[] = "0123456789abcdef"; + + for (i = 0; i < HASH_SIZE; i++) { + asc[2 * i] = hexchar[hash[i] >> 4]; + asc[2 * i + 1] = hexchar[hash[i] & 0xf]; + } + asc[2 * HASH_SIZE] = '\0'; +}