cbocovic
/
slitheen


			
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091
							/* Slitheen - a decoy routing system for censorship resistance
 * Copyright (C) 2017 Cecylia Bocovich (cbocovic@uwaterloo.ca)
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, version 3.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 * Additional permission under GNU GPL version 3 section 7
 * 
 * If you modify this Program, or any covered work, by linking or combining
 * it with the OpenSSL library (or a modified version of that library), 
 * containing parts covered by the terms of the OpenSSL Licence and the
 * SSLeay license, the licensors of this Program grant you additional
 * permission to convey the resulting work. Corresponding Source for a
 * non-source form of such a combination shall include the source code
 * for the parts of the OpenSSL library used as well as that of the covered
 * work.
 */

#ifndef CRYPTO_H
#define CRYPTO_H

#include "flow.h"
#include "ptwist.h"

#define n2s(c,s)        ((s=(((unsigned int)(c[0]))<< 8)| \
            (((unsigned int)(c[1]))    )),c+=2)


/* Curves */
#define X25519_KEYLEN        32
#define X25519_BITS          253
#define X25519_SECURITY_BITS 128

#if OPENSSL_VERSION_NUMBER >= 0x1010000eL
typedef struct {
    unsigned char pubkey[X25519_KEYLEN];
    unsigned char *privkey;
} X25519_KEY;
#endif

int update_handshake_hash(flow *f, uint8_t *hs);
int extract_parameters(flow *f, uint8_t *hs);
int encrypt(flow *f, uint8_t *input, uint8_t *output, int32_t len, int32_t incoming, int32_t type, int32_t enc, uint8_t re);
int fake_encrypt(flow *f, int32_t incoming);
int extract_server_random(flow *f, uint8_t *hs);
int compute_master_secret(flow *f);

int PRF(flow *f, uint8_t *secret, int32_t secret_len,
        uint8_t *seed1, int32_t seed1_len,
        uint8_t *seed2, int32_t seed2_len,
        uint8_t *seed3, int32_t seed3_len,
        uint8_t *seed4, int32_t seed4_len,
        uint8_t *output, int32_t output_len);

int mark_finished_hash(flow *f, uint8_t *hs);
int init_ciphers(flow *f);
void generate_client_super_keys(uint8_t *secret, client *c);
int super_encrypt(client *c, uint8_t *data, uint32_t len);
int check_handshake(struct packet_info *info);

int check_tag(byte key[16], const byte privkey[PTWIST_BYTES],
        const byte tag[PTWIST_TAG_BYTES], const byte *context,
        size_t context_len);
#define PRE_MASTER_MAX_LEN BUFSIZ

#define SLITHEEN_KEYGEN_CONST "SLITHEEN_KEYGEN"
#define SLITHEEN_KEYGEN_CONST_SIZE 15

#define SLITHEEN_FINISHED_INPUT_CONST "SLITHEEN_FINISHED"
#define SLITHEEN_FINISHED_INPUT_CONST_SIZE 17

#define SLITHEEN_SUPER_SECRET_SIZE 16 //extracted from slitheen ID tag
#define SLITHEEN_SUPER_CONST "SLITHEEN_SUPER_ENCRYPT"
#define SLITHEEN_SUPER_CONST_SIZE 22

#define TLS_MD_EXTENDED_MASTER_SECRET_CONST "extended master secret"
#define TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE 22

int partial_aes_gcm_tls_cipher(flow *f, unsigned char *out, const unsigned char *in, size_t len, uint8_t env);
void partial_aes_gcm_tls_tag(flow *f, unsigned char *tag, size_t len);

#endif /* CRYPTO_H */