paraslash Paraslash Audio Streaming
About   News   Download   Documentation   Development
Data Structures | Macros | Functions
crypt.h File Reference

Public crypto interface. More...

Data Structures

struct  stream_cipher_context
 Used for client-server communication encryption. More...
 

Macros

#define APC_CHALLENGE_SIZE   64
 The size of the challenge sent to the client. More...
 
#define SESSION_KEY_LEN   32
 Number of bytes of the session key for stream ciphers. More...
 
#define HASH_SIZE   20
 Size of the hash value in bytes. More...
 
#define HASH2_SIZE   32
 Size of the hash value in bytes. More...
 

Functions

int apc_pub_encrypt (struct asymmetric_key *pub, unsigned char *inbuf, unsigned len, unsigned char **outbuf)
 Encrypt a buffer using asymmetric keys. More...
 
int apc_priv_decrypt (const char *key_file, unsigned char **outbuf, unsigned char *inbuf, int inlen)
 Decrypt a buffer using a private key. More...
 
int apc_get_pubkey (const char *key_file, struct asymmetric_key **result)
 Read an asymmetric key from a file. More...
 
void apc_free_pubkey (struct asymmetric_key *key)
 Deallocate a public key. More...
 
void get_random_bytes_or_die (unsigned char *buf, int num)
 Fill a buffer with random content. More...
 
void crypt_init (void)
 Initialize the crypto backend. More...
 
void crypt_shutdown (void)
 Allocate all resources of the crypto backend. More...
 
struct stream_cipher * sc_new (const unsigned char *data, int len)
 Allocate and initialize an aes_ctr128 stream cipher structure. More...
 
void sc_crypt (struct stream_cipher *sc, struct iovec *src, struct iovec *dst)
 Encrypt or decrypt a buffer using a stream cipher. More...
 
_static_inline_ void sc_trafo (struct iovec *src, struct iovec *dst, void *trafo_context)
 Wrapper for sc_crypt() that can be used as a sideband transformation. More...
 
void sc_free (struct stream_cipher *sc)
 Deallocate a stream cipher structure. More...
 
void hash_function (const char *data, unsigned long len, unsigned char *hash)
 Compute the hash of the given input data. More...
 
void hash_to_asc (const unsigned char *hash, char *asc)
 Convert a hash value to ascii format. More...
 
int hash_compare (const unsigned char *h1, const unsigned char *h2)
 Compare two hashes. More...
 
void hash2_function (const char *data, unsigned long len, unsigned char *hash)
 Compute the hash2 of the given input data. More...
 
void hash2_to_asc (const unsigned char *hash, char *asc)
 Convert a hash2 value to ascii format. More...
 
int hash2_compare (const unsigned char *h1, const unsigned char *h2)
 Compare two version 2 hashes. More...
 

Detailed Description

Public crypto interface.

Macro Definition Documentation

◆ APC_CHALLENGE_SIZE

#define APC_CHALLENGE_SIZE   64

The size of the challenge sent to the client.

◆ SESSION_KEY_LEN

#define SESSION_KEY_LEN   32

Number of bytes of the session key for stream ciphers.

◆ HASH_SIZE

#define HASH_SIZE   20

Size of the hash value in bytes.

◆ HASH2_SIZE

#define HASH2_SIZE   32

Size of the hash value in bytes.

Function Documentation

◆ apc_pub_encrypt()

int apc_pub_encrypt ( struct asymmetric_key *  pub,
unsigned char *  inbuf,
unsigned  len,
unsigned char **  outbuf 
)

Encrypt a buffer using asymmetric keys.

Parameters
pubThe public key.
inbufThe input buffer.
lenThe length of inbuf.
outbufThe output buffer will be allocated by the callee.
Returns
The size of the encrypted data on success, negative on errors.

◆ apc_priv_decrypt()

int apc_priv_decrypt ( const char *  key_file,
unsigned char **  outbuf,
unsigned char *  inbuf,
int  inlen 
)

Decrypt a buffer using a private key.

Parameters
key_fileFull path of the key.
outbufThe output buffer is allocated by the callee.
inbufThe encrypted input buffer.
inlenThe length of inbuf.

The outbuf must be large enough to hold at least 512 bytes.

Returns
The size of the recovered plaintext on success, negative on errors.

References check_private_key_file(), and zalloc().

◆ apc_get_pubkey()

int apc_get_pubkey ( const char *  key_file,
struct asymmetric_key **  result 
)

Read an asymmetric key from a file.

Parameters
key_fileThe file containing the key.
resultThe key structure is returned here.
Returns
The size of the key in bytes on success, negative on errors.

References decode_public_key(), PARA_DEBUG_LOG, and zalloc().

◆ apc_free_pubkey()

void apc_free_pubkey ( struct asymmetric_key *  key)

Deallocate a public key.

Parameters
keyPointer to the key structure to free.

This should be called for keys obtained by apc_get_pubkey() if the key is no longer needed.

◆ get_random_bytes_or_die()

void get_random_bytes_or_die ( unsigned char *  buf,
int  num 
)

Fill a buffer with random content.

Parameters
bufThe buffer to fill.
numThe size of buf in bytes.

This function puts num cryptographically strong pseudo-random bytes into buf. If it can not guarantee an unpredictable byte sequence (for example because the PRNG has not been seeded with enough randomness) the function logs an error message and calls exit().

Referenced by crypt_init().

◆ crypt_init()

void crypt_init ( void  )

Initialize the crypto backend.

This function initializes the crypto library and seeds the pseudo random number generator used by random() with a random seed obtained from the crypto implementation. On errors, an error message is logged and the function calls exit().

See also
get_random_bytes_or_die(), srandom(3), random(3), para_random().

References get_random_bytes_or_die(), and PARA_EMERG_LOG.

Referenced by main().

◆ crypt_shutdown()

void crypt_shutdown ( void  )

Allocate all resources of the crypto backend.

◆ sc_new()

struct stream_cipher* sc_new ( const unsigned char *  data,
int  len 
)

Allocate and initialize an aes_ctr128 stream cipher structure.

Parameters
dataThe key.
lenThe size of the key.
Returns
A new stream cipher structure.

References AES_CRT128_BLOCK_SIZE, and alloc().

◆ sc_crypt()

void sc_crypt ( struct stream_cipher *  sc,
struct iovec *  src,
struct iovec *  dst 
)

Encrypt or decrypt a buffer using a stream cipher.

Parameters
scCrypto key.
srcThe source buffer and length.
dstThe destination buffer and length, filled out by the function.

It is up to the implementation to decide whether the crypt operation is performed in place. The caller can tell by looking if the buffers given by src and dst coincide after the call. If (and only if) the crypt operation was not performed in place, the function allocated a new buffer for the result, so dst->iov_base is different from src->iov_base. In this case, the destination buffer must be freed by the caller when it is no longer needed.

Referenced by sc_trafo().

◆ sc_trafo()

_static_inline_ void sc_trafo ( struct iovec *  src,
struct iovec *  dst,
void *  trafo_context 
)

Wrapper for sc_crypt() that can be used as a sideband transformation.

Parameters
srcPassed verbatim to sc_crypt().
dstPassed verbatim to sc_crypt().
trafo_contextMust point to an initialized stream cipher.

References sc_crypt().

Referenced by recv_sb(), and send_sb().

◆ sc_free()

void sc_free ( struct stream_cipher *  sc)

Deallocate a stream cipher structure.

Parameters
scA stream cipher previously obtained by sc_new().

◆ hash_function()

void hash_function ( const char *  data,
unsigned long  len,
unsigned char *  hash 
)

Compute the hash of the given input data.

Parameters
dataPointer to the data to compute the hash value from.
lenThe length of data in bytes.
hashResult pointer.

hash must point to an area at least HASH_SIZE bytes large.

See also
sha(3), openssl(1).

References HASH_SIZE.

◆ hash_to_asc()

void hash_to_asc ( const unsigned char *  hash,
char *  asc 
)

Convert a hash value to ascii format.

Parameters
hashthe hash value.
ascResult pointer.

asc must point to an area of at least 2 * HASH_SIZE + 1 bytes which will be filled by the function with the ascii representation of the hash value given by hash, and a terminating NULL byte.

References HASH_SIZE.

◆ hash_compare()

int hash_compare ( const unsigned char *  h1,
const unsigned char *  h2 
)

Compare two hashes.

Parameters
h1Pointer to the first hash value.
h2Pointer to the second hash value.
Returns
1, -1, or zero, depending on whether h1 is greater than, less than or equal to h2, respectively.

References HASH_SIZE.

◆ hash2_function()

void hash2_function ( const char *  data,
unsigned long  len,
unsigned char *  hash 
)

Compute the hash2 of the given input data.

Parameters
dataPointer to the data to compute the hash value from.
lenThe length of data in bytes.
hashResult pointer.

hash must point to an area at least HASH2_SIZE bytes large.

See also
sha(3), openssl(1).

References HASH2_SIZE.

◆ hash2_to_asc()

void hash2_to_asc ( const unsigned char *  hash,
char *  asc 
)

Convert a hash2 value to ascii format.

Parameters
hashthe hash value.
ascResult pointer.

asc must point to an area of at least 2 * HASH2_SIZE + 1 bytes which will be filled by the function with the ascii representation of the hash value given by hash, and a terminating NULL byte.

References HASH2_SIZE.

◆ hash2_compare()

int hash2_compare ( const unsigned char *  h1,
const unsigned char *  h2 
)

Compare two version 2 hashes.

Parameters
h1Pointer to the first hash value.
h2Pointer to the second hash value.
Returns
1, -1, or zero, depending on whether h1 is greater than, less than or equal to h2, respectively.

References HASH2_SIZE.