search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix a heap overflow found by debuger, and make it harder to make that mistake again
[tor/rransom.git] / src / common / crypto.h
blob9cfb41444b0db873df4cc23fd287110dfdac6db7
1 /* Copyright (c) 2001, Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2011, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6
7 /**
8 * \file crypto.h
9 *
10 * \brief Headers for crypto.c
11 **/
12
13 #ifndef _TOR_CRYPTO_H
14 #define _TOR_CRYPTO_H
15
16 #include <stdio.h>
17 #include "torint.h"
18
19 /** Length of the output of our message digest. */
20 #define DIGEST_LEN 20
21 /** Length of our symmetric cipher's keys. */
22 #define CIPHER_KEY_LEN 16
23 /** Length of our symmetric cipher's IV. */
24 #define CIPHER_IV_LEN 16
25 /** Length of our public keys. */
26 #define PK_BYTES (1024/8)
27 /** Length of our DH keys. */
28 #define DH_BYTES (1024/8)
29
30 /** Length of a message digest when encoded in base64 with trailing = signs
31 * removed. */
32 #define BASE64_DIGEST_LEN 27
33
34 /** Constants used to indicate no padding for public-key encryption */
35 #define PK_NO_PADDING 60000
36 /** Constants used to indicate PKCS1 padding for public-key encryption */
37 #define PK_PKCS1_PADDING 60001
38 /** Constants used to indicate OAEP padding for public-key encryption */
39 #define PK_PKCS1_OAEP_PADDING 60002
40
41 /** Number of bytes added for PKCS1 padding. */
42 #define PKCS1_PADDING_OVERHEAD 11
43 /** Number of bytes added for PKCS1-OAEP padding. */
44 #define PKCS1_OAEP_PADDING_OVERHEAD 42
45
46 /** Length of encoded public key fingerprints, including space; but not
47 * including terminating NUL. */
48 #define FINGERPRINT_LEN 49
49 /** Length of hex encoding of SHA1 digest, not including final NUL. */
50 #define HEX_DIGEST_LEN 40
51
52 typedef struct crypto_pk_env_t crypto_pk_env_t;
53 typedef struct crypto_cipher_env_t crypto_cipher_env_t;
54 typedef struct crypto_digest_env_t crypto_digest_env_t;
55 typedef struct crypto_dh_env_t crypto_dh_env_t;
56
57 /* global state */
58 int crypto_global_init(int hardwareAccel);
59 void crypto_thread_cleanup(void);
60 int crypto_global_cleanup(void);
61
62 /* environment setup */
63 crypto_pk_env_t *crypto_new_pk_env(void);
64 void crypto_free_pk_env(crypto_pk_env_t *env);
65
66 /* convenience function: wraps crypto_create_crypto_env, set_key, and init. */
67 crypto_cipher_env_t *crypto_create_init_cipher(const char *key,
68 int encrypt_mode);
69
70 crypto_cipher_env_t *crypto_new_cipher_env(void);
71 void crypto_free_cipher_env(crypto_cipher_env_t *env);
72
73 /* public key crypto */
74 int crypto_pk_generate_key(crypto_pk_env_t *env);
75
76 int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env,
77 const char *keyfile);
78 int crypto_pk_write_public_key_to_string(crypto_pk_env_t *env,
79 char **dest, size_t *len);
80 int crypto_pk_write_private_key_to_string(crypto_pk_env_t *env,
81 char **dest, size_t *len);
82 int crypto_pk_read_public_key_from_string(crypto_pk_env_t *env,
83 const char *src, size_t len);
84 int crypto_pk_read_private_key_from_string(crypto_pk_env_t *env,
85 const char *s);
86 int crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
87 const char *fname);
88
89 int crypto_pk_check_key(crypto_pk_env_t *env);
90 int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b);
91 size_t crypto_pk_keysize(crypto_pk_env_t *env);
92 crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *orig);
93 crypto_pk_env_t *crypto_pk_copy_full(crypto_pk_env_t *orig);
94 int crypto_pk_key_is_private(const crypto_pk_env_t *key);
95
96 int crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to, size_t tolen,
97 const char *from, size_t fromlen, int padding);
98 int crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to, size_t tolen,
99 const char *from, size_t fromlen,
100 int padding, int warnOnFailure);
101 int crypto_pk_public_checksig(crypto_pk_env_t *env, char *to, size_t tolen,
102 const char *from, size_t fromlen);
103 int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
104 size_t datalen, const char *sig, size_t siglen);
105 int crypto_pk_private_sign(crypto_pk_env_t *env, char *to, size_t tolen,
106 const char *from, size_t fromlen);
107 int crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to, size_t tolen,
108 const char *from, size_t fromlen);
109 int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env, char *to,
110 size_t tolen,
111 const char *from, size_t fromlen,
112 int padding, int force);
113 int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env, char *to,
114 size_t tolen,
115 const char *from, size_t fromlen,
116 int padding, int warnOnFailure);
117
118 int crypto_pk_asn1_encode(crypto_pk_env_t *pk, char *dest, size_t dest_len);
119 crypto_pk_env_t *crypto_pk_asn1_decode(const char *str, size_t len);
120 int crypto_pk_get_digest(crypto_pk_env_t *pk, char *digest_out);
121 int crypto_pk_get_fingerprint(crypto_pk_env_t *pk, char *fp_out,int add_space);
122 int crypto_pk_check_fingerprint_syntax(const char *s);
123
124 /* symmetric crypto */
125 int crypto_cipher_generate_key(crypto_cipher_env_t *env);
126 int crypto_cipher_set_key(crypto_cipher_env_t *env, const char *key);
127 void crypto_cipher_generate_iv(char *iv_out);
128 int crypto_cipher_set_iv(crypto_cipher_env_t *env, const char *iv);
129 const char *crypto_cipher_get_key(crypto_cipher_env_t *env);
130 int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env);
131 int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env);
132
133 int crypto_cipher_encrypt(crypto_cipher_env_t *env, char *to,
134 const char *from, size_t fromlen);
135 int crypto_cipher_decrypt(crypto_cipher_env_t *env, char *to,
136 const char *from, size_t fromlen);
137 int crypto_cipher_crypt_inplace(crypto_cipher_env_t *env, char *d, size_t len);
138
139 int crypto_cipher_encrypt_with_iv(crypto_cipher_env_t *env,
140 char *to, size_t tolen,
141 const char *from, size_t fromlen);
142 int crypto_cipher_decrypt_with_iv(crypto_cipher_env_t *env,
143 char *to, size_t tolen,
144 const char *from, size_t fromlen);
145
146 /* SHA-1 */
147 int crypto_digest(char *digest, const char *m, size_t len);
148 crypto_digest_env_t *crypto_new_digest_env(void);
149 void crypto_free_digest_env(crypto_digest_env_t *digest);
150 void crypto_digest_add_bytes(crypto_digest_env_t *digest, const char *data,
151 size_t len);
152 void crypto_digest_get_digest(crypto_digest_env_t *digest,
153 char *out, size_t out_len);
154 crypto_digest_env_t *crypto_digest_dup(const crypto_digest_env_t *digest);
155 void crypto_digest_assign(crypto_digest_env_t *into,
156 const crypto_digest_env_t *from);
157 void crypto_hmac_sha1(char *hmac_out,
158 const char *key, size_t key_len,
159 const char *msg, size_t msg_len);
160
161 /* Key negotiation */
162 crypto_dh_env_t *crypto_dh_new(void);
163 int crypto_dh_get_bytes(crypto_dh_env_t *dh);
164 int crypto_dh_generate_public(crypto_dh_env_t *dh);
165 int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey_out,
166 size_t pubkey_out_len);
167 ssize_t crypto_dh_compute_secret(crypto_dh_env_t *dh,
168 const char *pubkey, size_t pubkey_len,
169 char *secret_out, size_t secret_out_len);
170 void crypto_dh_free(crypto_dh_env_t *dh);
171 int crypto_expand_key_material(const char *key_in, size_t in_len,
172 char *key_out, size_t key_out_len);
173
174 /* random numbers */
175 int crypto_seed_rng(int startup);
176 int crypto_rand(char *to, size_t n);
177 int crypto_rand_int(unsigned int max);
178 uint64_t crypto_rand_uint64(uint64_t max);
179
180 char *crypto_random_hostname(int min_rand_len, int max_rand_len,
181 const char *prefix, const char *suffix);
182
183 struct smartlist_t;
184 void *smartlist_choose(const struct smartlist_t *sl);
185 void smartlist_shuffle(struct smartlist_t *sl);
186
187 int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen);
188 int base64_decode(char *dest, size_t destlen, const char *src, size_t srclen);
189 /** Characters that can appear (case-insensitively) in a base-32 encoding. */
190 #define BASE32_CHARS "abcdefghijklmnopqrstuvwxyz234567"
191 void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen);
192 int base32_decode(char *dest, size_t destlen, const char *src, size_t srclen);
193
194 int digest_to_base64(char *d64, const char *digest);
195 int digest_from_base64(char *digest, const char *d64);
196
197 /** Length of RFC2440-style S2K specifier: the first 8 bytes are a salt, the
198 * 9th describes how much iteration to do. */
199 #define S2K_SPECIFIER_LEN 9
200 void secret_to_key(char *key_out, size_t key_out_len, const char *secret,
201 size_t secret_len, const char *s2k_specifier);
202
203 #ifdef CRYPTO_PRIVATE
204 /* Prototypes for private functions only used by tortls.c and crypto.c */
205 struct rsa_st;
206 struct evp_pkey_st;
207 struct dh_st;
208 struct rsa_st *_crypto_pk_env_get_rsa(crypto_pk_env_t *env);
209 crypto_pk_env_t *_crypto_new_pk_env_rsa(struct rsa_st *rsa);
210 crypto_pk_env_t *_crypto_new_pk_env_evp_pkey(struct evp_pkey_st *pkey);
211 struct evp_pkey_st *_crypto_pk_env_get_evp_pkey(crypto_pk_env_t *env,
212 int private);
213 struct dh_st *_crypto_dh_env_get_dh(crypto_dh_env_t *dh);
214 /* Prototypes for private functions only used by crypto.c and test.c*/
215 void add_spaces_to_fp(char *out, size_t outlen, const char *in);
216 #endif
217
218 #endif
219