From 294cf482ea49f690ac9eaad52f2574a90b2e51e6 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Mon, 16 May 2016 16:25:09 +0100 Subject: Convert cipher.hh to plain C --- include/olm/cipher.h | 134 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 134 insertions(+) create mode 100644 include/olm/cipher.h (limited to 'include/olm/cipher.h') diff --git a/include/olm/cipher.h b/include/olm/cipher.h new file mode 100644 index 0000000..0d6fd5b --- /dev/null +++ b/include/olm/cipher.h @@ -0,0 +1,134 @@ +/* Copyright 2015 OpenMarket Ltd + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef OLM_CIPHER_H_ +#define OLM_CIPHER_H_ + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +struct olm_cipher; + +struct cipher_ops { + /** + * Returns the length of the message authentication code that will be + * appended to the output. + */ + size_t (*mac_length)(const struct olm_cipher *cipher); + + /** + * Returns the length of cipher-text for a given length of plain-text. + */ + size_t (*encrypt_ciphertext_length)(const struct olm_cipher *cipher, + size_t plaintext_length); + + /* + * Encrypts the plain-text into the output buffer and authenticates the + * contents of the output buffer covering both cipher-text and any other + * associated data in the output buffer. + * + * |---------------------------------------output_length-->| + * output |--ciphertext_length-->| |---mac_length-->| + * ciphertext + * + * The plain-text pointers and cipher-text pointers may be the same. + * + * Returns size_t(-1) if the length of the cipher-text or the output + * buffer is too small. Otherwise returns the length of the output buffer. + */ + size_t (*encrypt)( + const struct olm_cipher *cipher, + uint8_t const * key, size_t key_length, + uint8_t const * plaintext, size_t plaintext_length, + uint8_t * ciphertext, size_t ciphertext_length, + uint8_t * output, size_t output_length + ); + + /** + * Returns the maximum length of plain-text that a given length of + * cipher-text can contain. + */ + size_t (*decrypt_max_plaintext_length)( + const struct olm_cipher *cipher, + size_t ciphertext_length + ); + + /** + * Authenticates the input and decrypts the cipher-text into the plain-text + * buffer. + * + * |----------------------------------------input_length-->| + * input |--ciphertext_length-->| |---mac_length-->| + * ciphertext + * + * The plain-text pointers and cipher-text pointers may be the same. + * + * Returns size_t(-1) if the length of the plain-text buffer is too + * small or if the authentication check fails. Otherwise returns the length + * of the plain text. + */ + size_t (*decrypt)( + const struct olm_cipher *cipher, + uint8_t const * key, size_t key_length, + uint8_t const * input, size_t input_length, + uint8_t const * ciphertext, size_t ciphertext_length, + uint8_t * plaintext, size_t max_plaintext_length + ); + + /** destroy any private data associated with this cipher */ + void (*destruct)(struct olm_cipher *cipher); +}; + +struct olm_cipher { + const struct cipher_ops *ops; + /* cipher-specific fields follow */ +}; + +struct olm_cipher_aes_sha_256 { + struct olm_cipher base_cipher; + + uint8_t const * kdf_info; + size_t kdf_info_length; +}; + + +/** + * initialises a cipher type which uses AES256 for encryption and SHA256 for + * authentication. + * + * cipher: structure to be initialised + * + * kdf_info: context string for the HKDF used for deriving the AES256 key, HMAC + * key, and AES IV, from the key material passed to encrypt/decrypt. Note that + * this is NOT copied so must have a lifetime at least as long as the cipher + * instance. + * + * kdf_info_length: length of context string kdf_info + */ +struct olm_cipher *olm_cipher_aes_sha_256_init( + struct olm_cipher_aes_sha_256 *cipher, + uint8_t const * kdf_info, + size_t kdf_info_length); + + +#ifdef __cplusplus +} /* extern "C" */ +#endif + +#endif /* OLM_CIPHER_H_ */ -- cgit v1.2.3 From 444ef1f70687c340ba1b0b2a22d6e63c734d5f9e Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 20 May 2016 11:59:31 +0100 Subject: Prefix for internal symbols Give a load of internal symbols "_olm_" prefixes. This better delineates the public and private interfaces in the module, and helps avoid internal symbols leaking out and possibly being abused. --- include/olm/cipher.h | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) (limited to 'include/olm/cipher.h') diff --git a/include/olm/cipher.h b/include/olm/cipher.h index 0d6fd5b..3296c37 100644 --- a/include/olm/cipher.h +++ b/include/olm/cipher.h @@ -23,20 +23,22 @@ extern "C" { #endif -struct olm_cipher; +struct _olm_cipher; -struct cipher_ops { +struct _olm_cipher_ops { /** * Returns the length of the message authentication code that will be * appended to the output. */ - size_t (*mac_length)(const struct olm_cipher *cipher); + size_t (*mac_length)(const struct _olm_cipher *cipher); /** * Returns the length of cipher-text for a given length of plain-text. */ - size_t (*encrypt_ciphertext_length)(const struct olm_cipher *cipher, - size_t plaintext_length); + size_t (*encrypt_ciphertext_length)( + const struct _olm_cipher *cipher, + size_t plaintext_length + ); /* * Encrypts the plain-text into the output buffer and authenticates the @@ -53,7 +55,7 @@ struct cipher_ops { * buffer is too small. Otherwise returns the length of the output buffer. */ size_t (*encrypt)( - const struct olm_cipher *cipher, + const struct _olm_cipher *cipher, uint8_t const * key, size_t key_length, uint8_t const * plaintext, size_t plaintext_length, uint8_t * ciphertext, size_t ciphertext_length, @@ -65,7 +67,7 @@ struct cipher_ops { * cipher-text can contain. */ size_t (*decrypt_max_plaintext_length)( - const struct olm_cipher *cipher, + const struct _olm_cipher *cipher, size_t ciphertext_length ); @@ -84,7 +86,7 @@ struct cipher_ops { * of the plain text. */ size_t (*decrypt)( - const struct olm_cipher *cipher, + const struct _olm_cipher *cipher, uint8_t const * key, size_t key_length, uint8_t const * input, size_t input_length, uint8_t const * ciphertext, size_t ciphertext_length, @@ -92,16 +94,16 @@ struct cipher_ops { ); /** destroy any private data associated with this cipher */ - void (*destruct)(struct olm_cipher *cipher); + void (*destruct)(struct _olm_cipher *cipher); }; -struct olm_cipher { - const struct cipher_ops *ops; +struct _olm_cipher { + const struct _olm_cipher_ops *ops; /* cipher-specific fields follow */ }; -struct olm_cipher_aes_sha_256 { - struct olm_cipher base_cipher; +struct _olm_cipher_aes_sha_256 { + struct _olm_cipher base_cipher; uint8_t const * kdf_info; size_t kdf_info_length; @@ -121,8 +123,8 @@ struct olm_cipher_aes_sha_256 { * * kdf_info_length: length of context string kdf_info */ -struct olm_cipher *olm_cipher_aes_sha_256_init( - struct olm_cipher_aes_sha_256 *cipher, +struct _olm_cipher *_olm_cipher_aes_sha_256_init( + struct _olm_cipher_aes_sha_256 *cipher, uint8_t const * kdf_info, size_t kdf_info_length); -- cgit v1.2.3 From d4a3c8dbaa6730519d3b6b13004e7fd9ea288870 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Tue, 24 May 2016 09:56:01 +0100 Subject: Remove 'destruct' from cipher_ops We never delete a cipher, and the destruct op is empty, so it's a bit pointless --- include/olm/cipher.h | 3 --- 1 file changed, 3 deletions(-) (limited to 'include/olm/cipher.h') diff --git a/include/olm/cipher.h b/include/olm/cipher.h index 3296c37..5f7185c 100644 --- a/include/olm/cipher.h +++ b/include/olm/cipher.h @@ -92,9 +92,6 @@ struct _olm_cipher_ops { uint8_t const * ciphertext, size_t ciphertext_length, uint8_t * plaintext, size_t max_plaintext_length ); - - /** destroy any private data associated with this cipher */ - void (*destruct)(struct _olm_cipher *cipher); }; struct _olm_cipher { -- cgit v1.2.3 From 2fd28a66824bda7b86c08b065736009c39761987 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Tue, 24 May 2016 12:06:47 +0100 Subject: Rewrite _olm_cipher_aes_sha_256 initialisation Replace the init-static-var dance with some preprocessor macros --- include/olm/cipher.h | 31 ++++++++++++++++++------------- 1 file changed, 18 insertions(+), 13 deletions(-) (limited to 'include/olm/cipher.h') diff --git a/include/olm/cipher.h b/include/olm/cipher.h index 5f7185c..b26f8ba 100644 --- a/include/olm/cipher.h +++ b/include/olm/cipher.h @@ -102,28 +102,33 @@ struct _olm_cipher { struct _olm_cipher_aes_sha_256 { struct _olm_cipher base_cipher; + /** context string for the HKDF used for deriving the AES256 key, HMAC key, + * and AES IV, from the key material passed to encrypt/decrypt. + */ uint8_t const * kdf_info; + + /** length of context string kdf_info */ size_t kdf_info_length; }; +extern const struct _olm_cipher_ops _olm_cipher_aes_sha_256_ops; /** - * initialises a cipher type which uses AES256 for encryption and SHA256 for - * authentication. - * - * cipher: structure to be initialised + * get an initializer for an instance of struct _olm_cipher_aes_sha_256. * - * kdf_info: context string for the HKDF used for deriving the AES256 key, HMAC - * key, and AES IV, from the key material passed to encrypt/decrypt. Note that - * this is NOT copied so must have a lifetime at least as long as the cipher - * instance. + * To use it, declare: * - * kdf_info_length: length of context string kdf_info + * struct _olm_cipher_aes_sha_256 MY_CIPHER = + * OLM_CIPHER_INIT_AES_SHA_256("MY_KDF"); + * struct _olm_cipher *cipher = OLM_CIPHER_BASE(&MY_CIPHER); */ -struct _olm_cipher *_olm_cipher_aes_sha_256_init( - struct _olm_cipher_aes_sha_256 *cipher, - uint8_t const * kdf_info, - size_t kdf_info_length); +#define OLM_CIPHER_INIT_AES_SHA_256(KDF_INFO) { \ + .base_cipher = { &_olm_cipher_aes_sha_256_ops },\ + .kdf_info = (uint8_t *)(KDF_INFO), \ + .kdf_info_length = sizeof(KDF_INFO) - 1 \ +} +#define OLM_CIPHER_BASE(CIPHER) \ + (&((CIPHER)->base_cipher)) #ifdef __cplusplus -- cgit v1.2.3