X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=crypt.h;h=d2c2b32024ccdaa1d35af2b7b3813976040f61e7;hp=6bd8179bbe90b8162bcc7d3a9af5736cd21d2677;hb=6a7393e2abdcf30dd4201b84a417d08f6136e8d6;hpb=b62e2796b85c7d7f3138fe729f4637853e0fafe0 diff --git a/crypt.h b/crypt.h index 6bd8179b..d2c2b320 100644 --- a/crypt.h +++ b/crypt.h @@ -4,42 +4,70 @@ * Licensed under the GPL v2. For licencing details see COPYING. */ -/** \file crypt.h prototypes for the RSA crypt functions */ +/** \file crypt.h Public crypto interface. */ -#include -int para_encrypt_buffer(RSA* rsa, unsigned char *inbuf, unsigned len, - unsigned char *outbuf); -int para_decrypt_buffer(char *key_file, unsigned char *outbuf, unsigned char *inbuf, - unsigned rsa_inlen); -int get_rsa_key(char *key_file, RSA **rsa, int private); -void rsa_free(RSA *rsa); +/** \cond used to distinguish between loading of private/public key */ +#define LOAD_PUBLIC_KEY 0 +#define LOAD_PRIVATE_KEY 1 +#define CHALLENGE_SIZE 64 +/** \endcond **/ + +/* asymetric (public key) crypto */ + +/** Opaque structure for public and private keys. */ +struct asymmetric_key; + +int pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf, + unsigned len, unsigned char *outbuf); +int priv_decrypt(const char *key_file, unsigned char *outbuf, + unsigned char *inbuf, int inlen); +int get_asymmetric_key(const char *key_file, int private, + struct asymmetric_key **result); +void free_asymmetric_key(struct asymmetric_key *key); + +/* random numbers */ void get_random_bytes_or_die(unsigned char *buf, int num); void init_random_seed_or_die(void); +/* stream cipher declarations and prototypes */ + +/** Opaque structure for stream ciphers. */ +struct stream_cipher; +/** Number of bytes of the session key for stream ciphers. */ +#define SESSION_KEY_LEN 32 /** - * Used on the server-side for client-server communication encryption. + * Used for client-server communication encryption. * - * The traffic between (the forked child of) para_server and the remote - * client process is crypted by a RC4 session key. This structure contains - * the RC4 keys and the file descriptor for which these keys should be used. + * The traffic between (the forked child of) para_server and the remote client + * process is crypted by a symmetric session key. This structure contains the + * keys for the stream cipher and the file descriptor for which these keys + * should be used. */ -struct rc4_context { +struct stream_cipher_context { /** The socket file descriptor. */ int fd; - /** Key used for sending data. */ - RC4_KEY recv_key; /** Key used for receiving data. */ - RC4_KEY send_key; + struct stream_cipher *recv; + /** Key used for sending data. */ + struct stream_cipher *send; }; -int rc4_send_bin_buffer(struct rc4_context *rc4c, const char *buf, size_t len); -int rc4_send_buffer(struct rc4_context *rc4c, const char *buf); -__printf_2_3 int rc4_send_va_buffer(struct rc4_context *rc4c, const char *fmt, ...); -int rc4_recv_bin_buffer(struct rc4_context *rcc, char *buf, size_t size); -int rc4_recv_buffer(struct rc4_context *rcc, char *buf, size_t size); +struct stream_cipher *sc_new(const unsigned char *data, int len); +void sc_free(struct stream_cipher *sc); +int sc_send_bin_buffer(struct stream_cipher_context *scc, const char *buf, + size_t len); +int sc_send_buffer(struct stream_cipher_context *scc, const char *buf); +__printf_2_3 int sc_send_va_buffer(struct stream_cipher_context *scc, + const char *fmt, ...); +int sc_recv_bin_buffer(struct stream_cipher_context *scc, char *buf, + size_t size); +int sc_recv_buffer(struct stream_cipher_context *scc, char *buf, size_t size); -/** \cond used to distinguish between loading of private/public key */ -#define LOAD_PUBLIC_KEY 0 -#define LOAD_PRIVATE_KEY 1 -#define CHALLENGE_SIZE 64 -/** \endcond **/ +/* hashing */ + +/** Size of the hash value in bytes. */ +#define HASH_SIZE 20 + +void hash_function(const char *data, unsigned long len, unsigned char *hash); +void hash_to_asc(unsigned char *hash, char *asc); +int hash_compare(unsigned char *h1, unsigned char *h2);