tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

auth.h (6503B)

      1 /*
      2 * auth.h
      3 *
      4 * common interface to authentication functions
      5 *
      6 * David A. McGrew
      7 * Cisco Systems, Inc.
      8 */
      9 
     10 /*
     11 *
     12 * Copyright (c) 2001-2017, Cisco Systems, Inc.
     13 * All rights reserved.
     14 *
     15 * Redistribution and use in source and binary forms, with or without
     16 * modification, are permitted provided that the following conditions
     17 * are met:
     18 *
     19 *   Redistributions of source code must retain the above copyright
     20 *   notice, this list of conditions and the following disclaimer.
     21 *
     22 *   Redistributions in binary form must reproduce the above
     23 *   copyright notice, this list of conditions and the following
     24 *   disclaimer in the documentation and/or other materials provided
     25 *   with the distribution.
     26 *
     27 *   Neither the name of the Cisco Systems, Inc. nor the names of its
     28 *   contributors may be used to endorse or promote products derived
     29 *   from this software without specific prior written permission.
     30 *
     31 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
     32 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
     33 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
     34 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
     35 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
     36 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
     37 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
     38 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     39 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
     40 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
     41 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
     42 * OF THE POSSIBILITY OF SUCH DAMAGE.
     43 *
     44 */
     45 
     46 #ifndef SRTP_AUTH_H
     47 #define SRTP_AUTH_H
     48 
     49 #include "srtp.h"
     50 #include "crypto_types.h" /* for values of auth_type_id_t */
     51 
     52 #ifdef __cplusplus
     53 extern "C" {
     54 #endif
     55 
     56 typedef const struct srtp_auth_type_t *srtp_auth_type_pointer;
     57 typedef struct srtp_auth_t *srtp_auth_pointer_t;
     58 
     59 typedef srtp_err_status_t (*srtp_auth_alloc_func)(srtp_auth_pointer_t *ap,
     60                                                  int key_len,
     61                                                  int out_len);
     62 
     63 typedef srtp_err_status_t (*srtp_auth_init_func)(void *state,
     64                                                 const uint8_t *key,
     65                                                 int key_len);
     66 
     67 typedef srtp_err_status_t (*srtp_auth_dealloc_func)(srtp_auth_pointer_t ap);
     68 
     69 typedef srtp_err_status_t (*srtp_auth_compute_func)(void *state,
     70                                                    const uint8_t *buffer,
     71                                                    int octets_to_auth,
     72                                                    int tag_len,
     73                                                    uint8_t *tag);
     74 
     75 typedef srtp_err_status_t (*srtp_auth_update_func)(void *state,
     76                                                   const uint8_t *buffer,
     77                                                   int octets_to_auth);
     78 
     79 typedef srtp_err_status_t (*srtp_auth_start_func)(void *state);
     80 
     81 /* some syntactic sugar on these function types */
     82 #define srtp_auth_type_alloc(at, a, klen, outlen)                              \
     83    ((at)->alloc((a), (klen), (outlen)))
     84 
     85 #define srtp_auth_init(a, key)                                                 \
     86    (((a)->type)->init((a)->state, (key), ((a)->key_len)))
     87 
     88 #define srtp_auth_compute(a, buf, len, res)                                    \
     89    (((a)->type)->compute((a)->state, (buf), (len), (a)->out_len, (res)))
     90 
     91 #define srtp_auth_update(a, buf, len)                                          \
     92    (((a)->type)->update((a)->state, (buf), (len)))
     93 
     94 #define srtp_auth_start(a) (((a)->type)->start((a)->state))
     95 
     96 #define srtp_auth_dealloc(c) (((c)->type)->dealloc(c))
     97 
     98 /* functions to get information about a particular auth_t */
     99 int srtp_auth_get_key_length(const struct srtp_auth_t *a);
    100 
    101 int srtp_auth_get_tag_length(const struct srtp_auth_t *a);
    102 
    103 int srtp_auth_get_prefix_length(const struct srtp_auth_t *a);
    104 
    105 /*
    106 * srtp_auth_test_case_t is a (list of) key/message/tag values that are
    107 * known to be correct for a particular cipher.  this data can be used
    108 * to test an implementation in an on-the-fly self test of the
    109 * correctness of the implementation.  (see the srtp_auth_type_self_test()
    110 * function below)
    111 */
    112 typedef struct srtp_auth_test_case_t {
    113    int key_length_octets;  /* octets in key            */
    114    const uint8_t *key;     /* key                      */
    115    int data_length_octets; /* octets in data           */
    116    const uint8_t *data;    /* data                     */
    117    int tag_length_octets;  /* octets in tag            */
    118    const uint8_t *tag;     /* tag                      */
    119    const struct srtp_auth_test_case_t
    120        *next_test_case; /* pointer to next testcase */
    121 } srtp_auth_test_case_t;
    122 
    123 /* srtp_auth_type_t */
    124 typedef struct srtp_auth_type_t {
    125    srtp_auth_alloc_func alloc;
    126    srtp_auth_dealloc_func dealloc;
    127    srtp_auth_init_func init;
    128    srtp_auth_compute_func compute;
    129    srtp_auth_update_func update;
    130    srtp_auth_start_func start;
    131    const char *description;
    132    const srtp_auth_test_case_t *test_data;
    133    srtp_auth_type_id_t id;
    134 } srtp_auth_type_t;
    135 
    136 typedef struct srtp_auth_t {
    137    const srtp_auth_type_t *type;
    138    void *state;
    139    int out_len;    /* length of output tag in octets */
    140    int key_len;    /* length of key in octets        */
    141    int prefix_len; /* length of keystream prefix     */
    142 } srtp_auth_t;
    143 
    144 /*
    145 * srtp_auth_type_self_test() tests an auth_type against test cases
    146 * provided in an array of values of key/message/tag that is known to
    147 * be good
    148 */
    149 srtp_err_status_t srtp_auth_type_self_test(const srtp_auth_type_t *at);
    150 
    151 /*
    152 * srtp_auth_type_test() tests an auth_type against external test cases
    153 * provided in an array of values of key/message/tag that is known to
    154 * be good
    155 */
    156 srtp_err_status_t srtp_auth_type_test(const srtp_auth_type_t *at,
    157                                      const srtp_auth_test_case_t *test_data);
    158 
    159 /*
    160 * srtp_replace_auth_type(ct, id)
    161 *
    162 * replaces srtp's kernel's auth type implementation for the auth_type id
    163 * with a new one passed in externally.  The new auth type must pass all the
    164 * existing auth_type's self tests as well as its own.
    165 */
    166 srtp_err_status_t srtp_replace_auth_type(const srtp_auth_type_t *ct,
    167                                         srtp_auth_type_id_t id);
    168 
    169 #ifdef __cplusplus
    170 }
    171 #endif
    172 
    173 #endif /* SRTP_AUTH_H */