tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

crypto_kernel.h (6909B)

      1 /*
      2 * crypto_kernel.h
      3 *
      4 * header for the cryptographic kernel
      5 *
      6 * David A. McGrew
      7 * Cisco Systems, Inc.
      8 */
      9 /*
     10 *
     11 * Copyright(c) 2001-2017 Cisco Systems, Inc.
     12 * All rights reserved.
     13 *
     14 * Redistribution and use in source and binary forms, with or without
     15 * modification, are permitted provided that the following conditions
     16 * are met:
     17 *
     18 *   Redistributions of source code must retain the above copyright
     19 *   notice, this list of conditions and the following disclaimer.
     20 *
     21 *   Redistributions in binary form must reproduce the above
     22 *   copyright notice, this list of conditions and the following
     23 *   disclaimer in the documentation and/or other materials provided
     24 *   with the distribution.
     25 *
     26 *   Neither the name of the Cisco Systems, Inc. nor the names of its
     27 *   contributors may be used to endorse or promote products derived
     28 *   from this software without specific prior written permission.
     29 *
     30 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
     31 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
     32 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
     33 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
     34 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
     35 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
     36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
     37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
     39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
     40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
     41 * OF THE POSSIBILITY OF SUCH DAMAGE.
     42 *
     43 */
     44 
     45 #ifndef CRYPTO_KERNEL
     46 #define CRYPTO_KERNEL
     47 
     48 #include "cipher.h"
     49 #include "auth.h"
     50 #include "err.h"
     51 #include "crypto_types.h"
     52 #include "key.h"
     53 
     54 #ifdef __cplusplus
     55 extern "C" {
     56 #endif
     57 
     58 /*
     59 * crypto_kernel_state_t defines the possible states:
     60 *
     61 *    insecure - not yet initialized
     62 *    secure   - initialized and passed self-tests
     63 */
     64 typedef enum {
     65    srtp_crypto_kernel_state_insecure,
     66    srtp_crypto_kernel_state_secure
     67 } srtp_crypto_kernel_state_t;
     68 
     69 /*
     70 * linked list of cipher types
     71 */
     72 typedef struct srtp_kernel_cipher_type {
     73    srtp_cipher_type_id_t id;
     74    const srtp_cipher_type_t *cipher_type;
     75    struct srtp_kernel_cipher_type *next;
     76 } srtp_kernel_cipher_type_t;
     77 
     78 /*
     79 * linked list of auth types
     80 */
     81 typedef struct srtp_kernel_auth_type {
     82    srtp_auth_type_id_t id;
     83    const srtp_auth_type_t *auth_type;
     84    struct srtp_kernel_auth_type *next;
     85 } srtp_kernel_auth_type_t;
     86 
     87 /*
     88 * linked list of debug modules
     89 */
     90 typedef struct srtp_kernel_debug_module {
     91    srtp_debug_module_t *mod;
     92    struct srtp_kernel_debug_module *next;
     93 } srtp_kernel_debug_module_t;
     94 
     95 /*
     96 * crypto_kernel_t is the data structure for the crypto kernel
     97 *
     98 * note that there is *exactly one* instance of this data type,
     99 * a global variable defined in crypto_kernel.c
    100 */
    101 typedef struct {
    102    srtp_crypto_kernel_state_t state; /* current state of kernel     */
    103    srtp_kernel_cipher_type_t *cipher_type_list; /* list of all cipher types */
    104    srtp_kernel_auth_type_t *auth_type_list; /* list of all auth func types */
    105    srtp_kernel_debug_module_t
    106        *debug_module_list; /* list of all debug modules   */
    107 } srtp_crypto_kernel_t;
    108 
    109 /*
    110 * srtp_crypto_kernel_t external api
    111 */
    112 
    113 /*
    114 * The function srtp_crypto_kernel_init() initialized the crypto kernel and
    115 * runs the self-test operations on the random number generators and
    116 * crypto algorithms.  Possible return values are:
    117 *
    118 *    srtp_err_status_ok    initialization successful
    119 *    <other>               init failure
    120 *
    121 * If any value other than srtp_err_status_ok is returned, the
    122 * crypto_kernel MUST NOT be used.
    123 */
    124 srtp_err_status_t srtp_crypto_kernel_init(void);
    125 
    126 /*
    127 * The function srtp_crypto_kernel_shutdown() de-initializes the
    128 * crypto_kernel, zeroizes keys and other cryptographic material, and
    129 * deallocates any dynamically allocated memory.  Possible return
    130 * values are:
    131 *
    132 *    srtp_err_status_ok     shutdown successful
    133 *    <other>                shutdown failure
    134 *
    135 */
    136 srtp_err_status_t srtp_crypto_kernel_shutdown(void);
    137 
    138 /*
    139 * The function srtp_crypto_kernel_stats() checks the the crypto_kernel,
    140 * running tests on the ciphers, auth funcs, and rng, and prints out a
    141 * status report.  Possible return values are:
    142 *
    143 *    srtp_err_status_ok     all tests were passed
    144 *    <other>                a test failed
    145 *
    146 */
    147 srtp_err_status_t srtp_crypto_kernel_status(void);
    148 
    149 /*
    150 * srtp_crypto_kernel_list_debug_modules() outputs a list of debugging modules
    151 *
    152 */
    153 srtp_err_status_t srtp_crypto_kernel_list_debug_modules(void);
    154 
    155 /*
    156 * srtp_crypto_kernel_load_cipher_type()
    157 *
    158 */
    159 srtp_err_status_t srtp_crypto_kernel_load_cipher_type(
    160    const srtp_cipher_type_t *ct,
    161    srtp_cipher_type_id_t id);
    162 
    163 srtp_err_status_t srtp_crypto_kernel_load_auth_type(const srtp_auth_type_t *ct,
    164                                                    srtp_auth_type_id_t id);
    165 
    166 srtp_err_status_t srtp_crypto_kernel_load_debug_module(
    167    srtp_debug_module_t *new_dm);
    168 
    169 /*
    170 * srtp_crypto_kernel_alloc_cipher(id, cp, key_len);
    171 *
    172 * allocates a cipher of type id at location *cp, with key length
    173 * key_len octets.  Return values are:
    174 *
    175 *    srtp_err_status_ok           no problems
    176 *    srtp_err_status_alloc_fail   an allocation failure occured
    177 *    srtp_err_status_fail         couldn't find cipher with identifier 'id'
    178 */
    179 srtp_err_status_t srtp_crypto_kernel_alloc_cipher(srtp_cipher_type_id_t id,
    180                                                  srtp_cipher_pointer_t *cp,
    181                                                  int key_len,
    182                                                  int tag_len);
    183 
    184 /*
    185 * srtp_crypto_kernel_alloc_auth(id, ap, key_len, tag_len);
    186 *
    187 * allocates an auth function of type id at location *ap, with key
    188 * length key_len octets and output tag length of tag_len.  Return
    189 * values are:
    190 *
    191 *    srtp_err_status_ok           no problems
    192 *    srtp_err_status_alloc_fail   an allocation failure occured
    193 *    srtp_err_status_fail         couldn't find auth with identifier 'id'
    194 */
    195 srtp_err_status_t srtp_crypto_kernel_alloc_auth(srtp_auth_type_id_t id,
    196                                                srtp_auth_pointer_t *ap,
    197                                                int key_len,
    198                                                int tag_len);
    199 
    200 /*
    201 * srtp_crypto_kernel_set_debug_module(mod_name, v)
    202 *
    203 * sets dynamic debugging to the value v (0 for off, 1 for on) for the
    204 * debug module with the name mod_name
    205 *
    206 * returns srtp_err_status_ok on success, srtp_err_status_fail otherwise
    207 */
    208 srtp_err_status_t srtp_crypto_kernel_set_debug_module(const char *mod_name,
    209                                                      int v);
    210 
    211 #ifdef __cplusplus
    212 }
    213 #endif
    214 
    215 #endif /* CRYPTO_KERNEL */