Commit 865e3bfa authored by johan's avatar johan
Browse files

Compatible with polarssl version 1.3

parent 26022db5
...@@ -31,12 +31,28 @@ if test "$found_cunit" = "no" ; then ...@@ -31,12 +31,28 @@ if test "$found_cunit" = "no" ; then
]) ])
fi fi
dnl check polarssl
AC_ARG_WITH( polarssl,
[ --with-polarssl Set prefix where polarssl can be found (ex:/usr, /usr/local)[default=PREFIX] ],
[ polarssl_prefix=${withval}],[ polarssl_prefix=${prefix} ])
if test "$polarssl_prefix" != "NONE" ; then
POLARSSL_CFLAGS="-I${polarssl_prefix}/include"
POLARSSL_LIBS="-L${polarssl_prefix}/lib"
fi
POLARSSL_LIBS="$POLARSSL_LIBS -lpolarssl"
AC_SUBST(POLARSSL_LIBS)
AC_SUBST(POLARSSL_CFLAGS)
dnl check libxml2 dnl check libxml2
PKG_CHECK_MODULES(LIBXML2, [libxml-2.0] ,[libxml2_found=yes] ,foo=bar) PKG_CHECK_MODULES(LIBXML2, [libxml-2.0] ,[libxml2_found=yes] ,foo=bar)
if test "$libxml2_found" != "yes" ; then if test "$libxml2_found" != "yes" ; then
AC_MSG_WARN([libxml2 not found. Disabling cache.)]) AC_MSG_WARN([libxml2 not found. Disabling cache.])
else else
AC_DEFINE(HAVE_LIBXML2,1,[defined when libxml2 is available]) ] AC_DEFINE(HAVE_LIBXML2,1,[defined when libxml2 is available])
fi fi
if test "$found_cunit" = "no" ; then if test "$found_cunit" = "no" ; then
...@@ -60,14 +76,12 @@ AC_ARG_ENABLE(tests, ...@@ -60,14 +76,12 @@ AC_ARG_ENABLE(tests,
) )
AM_CONDITIONAL(ENABLE_TESTS, test x$tests_enabled = xyes && test x$found_cunit = xyes) AM_CONDITIONAL(ENABLE_TESTS, test x$tests_enabled = xyes && test x$found_cunit = xyes)
CFLAGS="$CFLAGS -Wall -std=c89" CFLAGS="$CFLAGS -Wall -std=c99"
if test $GCC = yes && test $wall_werror = yes; then if test $GCC = yes && test $wall_werror = yes; then
CFLAGS="$CFLAGS -Werror " CFLAGS="$CFLAGS -Werror "
fi fi
LIBS="$LIBS -lpolarssl "
# Create the following files from their .in counterparts # Create the following files from their .in counterparts
AC_CONFIG_FILES([ AC_CONFIG_FILES([
Makefile Makefile
......
lib_LTLIBRARIES = libbzrtp.la lib_LTLIBRARIES = libbzrtp.la
libbzrtp_la_LIBADD= $(LIBXML2_LIBS) libbzrtp_la_LIBADD= $(LIBXML2_LIBS) $(POLARSSL_LIBS)
libbzrtp_la_SOURCES= bzrtp.c cryptoPolarssl.c cryptoUtils.c packetParser.c zidCache.c stateMachine.c libbzrtp_la_SOURCES= bzrtp.c cryptoPolarssl.c cryptoUtils.c packetParser.c zidCache.c stateMachine.c
libbzrtp_la_LDFLAGS=-fvisibility=hidden -no-undefined libbzrtp_la_LDFLAGS=-fvisibility=hidden -no-undefined
AM_CPPFLAGS= -I$(top_srcdir)/include AM_CPPFLAGS= -I$(top_srcdir)/include
AM_CFLAGS=$(LIBXML2_CFLAGS) AM_CFLAGS= $(POLARSSL_CFLAGS) $(LIBXML2_CFLAGS)
...@@ -23,22 +23,24 @@ ...@@ -23,22 +23,24 @@
*/ */
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
/* Random number generator */ /* Random number generator */
#include "polarssl/entropy.h" #include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h" #include "polarssl/ctr_drbg.h"
/* Hashs */ /* Hash function sha1(sha2 is different for polarssl v1.2 and v1.3 ) */
#include "polarssl/sha2.h"
#include "polarssl/sha1.h" #include "polarssl/sha1.h"
/* Symmetric encryption */
#include "polarssl/aes.h"
/* Asymmetrics encryption */ /* Asymmetrics encryption */
#include "polarssl/dhm.h" #include "polarssl/dhm.h"
/* Symmetric encryption */
#include "polarssl/aes.h"
#include "cryptoWrapper.h" #include "cryptoWrapper.h"
/*** Common functions to polarSSL version 1.2 and 1.3 ***/
/** Return available crypto functions. For now we have /** Return available crypto functions. For now we have
* *
* - Hash: HMAC-SHA256(Mandatory) * - Hash: HMAC-SHA256(Mandatory)
...@@ -126,58 +128,6 @@ int bzrtpCrypto_destroyRNG(bzrtpRNGContext_t *context) { ...@@ -126,58 +128,6 @@ int bzrtpCrypto_destroyRNG(bzrtpRNGContext_t *context) {
return 0; return 0;
} }
/*
* @brief SHA256 wrapper
* @param[in] input Input data buffer
* @param[in] inputLength Input data length in bytes
* @param[in] hmacLength Lenght of output required in bytes, HMAC output is truncated to the hmacLenght left bytes. 32 bytes maximum
* @param[out] output Output data buffer.
*
*/
void bzrtpCrypto_sha256(const uint8_t *input,
uint32_t inputLength,
uint8_t hashLength,
uint8_t *output)
{
uint8_t hashOutput[32];
sha2(input, inputLength, hashOutput, 0); /* last param to zero to select SHA256 and not SHA224 */
/* check output length, can't be>32 */
if (hashLength>32) {
memcpy(output, hashOutput, 32);
} else {
memcpy(output, hashOutput, hashLength);
}
}
/*
* HMAC-SHA-256 wrapper
* @param[in] key HMAC secret key
* @param[in] keyLength HMAC key length
* @param[in] input Input data buffer
* @param[in] inputLength Input data length
* @param[in] hmacLength Lenght of output required in bytes, HMAC output is truncated to the hmacLenght left bytes. 32 bytes maximum
* @param[out] output Output data buffer.
*
*/
void bzrtpCrypto_hmacSha256(const uint8_t *key,
uint8_t keyLength,
const uint8_t *input,
uint32_t inputLength,
uint8_t hmacLength,
uint8_t *output)
{
uint8_t hmacOutput[32];
sha2_hmac(key, keyLength, input, inputLength, hmacOutput, 0); /* last param to zero to select SHA256 and not SHA224 */
/* check output length, can't be>32 */
if (hmacLength>32) {
memcpy(output, hmacOutput, 32);
} else {
memcpy(output, hmacOutput, hmacLength);
}
}
/* /*
* @brief HMAC-SHA1 wrapper * @brief HMAC-SHA1 wrapper
* @param[in] key HMAC secret key * @param[in] key HMAC secret key
...@@ -206,6 +156,85 @@ void bzrtpCrypto_hmacSha1(const uint8_t *key, ...@@ -206,6 +156,85 @@ void bzrtpCrypto_hmacSha1(const uint8_t *key,
} }
} }
/* initialise de DHM context according to requested algorithm */
bzrtpDHMContext_t *bzrtpCrypto_CreateDHMContext(uint8_t DHMAlgo, uint8_t secretLength)
{
/* create the context */
bzrtpDHMContext_t *context = (bzrtpDHMContext_t *)malloc(sizeof(bzrtpDHMContext_t));
memset (context, 0, sizeof(bzrtpDHMContext_t));
/* create the polarssl context for DHM */
dhm_context *polarsslDhmContext=(dhm_context *)malloc(sizeof(dhm_context));
memset(polarsslDhmContext, 0, sizeof(dhm_context));
context->cryptoModuleData=(void *)polarsslDhmContext;
/* initialise pointer to NULL to ensure safe call to free() when destroying context */
context->secret = NULL;
context->self = NULL;
context->key = NULL;
context->peer = NULL;
/* set parameters in the context */
context->algo=DHMAlgo;
context->secretLength = secretLength;
switch (DHMAlgo) {
case ZRTP_KEYAGREEMENT_DH2k:
/* set P and G in the polarssl context */
if ((mpi_read_string(&(polarsslDhmContext->P), 16, POLARSSL_DHM_RFC3526_MODP_2048_P) != 0) ||
(mpi_read_string(&(polarsslDhmContext->G), 16, POLARSSL_DHM_RFC3526_MODP_2048_G) != 0)) {
return NULL;
}
context->primeLength=256;
polarsslDhmContext->len=256;
break;
case ZRTP_KEYAGREEMENT_DH3k:
/* set P and G in the polarssl context */
if ((mpi_read_string(&(polarsslDhmContext->P), 16, POLARSSL_DHM_RFC3526_MODP_3072_P) != 0) ||
(mpi_read_string(&(polarsslDhmContext->G), 16, POLARSSL_DHM_RFC3526_MODP_3072_G) != 0)) {
return NULL;
}
context->primeLength=384;
polarsslDhmContext->len=384;
break;
default:
free(context);
return NULL;
break;
}
return context;
}
/* generate the random secret and compute the public value */
void bzrtpCrypto_DHMCreatePublic(bzrtpDHMContext_t *context, int (*rngFunction)(void *, uint8_t *, uint16_t), void *rngContext) {
/* get the polarssl context */
dhm_context *polarsslContext = (dhm_context *)context->cryptoModuleData;
/* allocate output buffer */
context->self = (uint8_t *)malloc(context->primeLength*sizeof(uint8_t));
dhm_make_public(polarsslContext, context->secretLength, context->self, context->primeLength, (int (*)(void *, unsigned char *, size_t))rngFunction, rngContext);
}
/* clean DHM context */
void bzrtpCrypto_DestroyDHMContext(bzrtpDHMContext_t *context) {
if (context!= NULL) {
/* get the polarssl context */
dhm_context *polarsslContext = (dhm_context *)context->cryptoModuleData;
dhm_free(polarsslContext);
free(context->cryptoModuleData);
free(context->secret);
free(context->self);
free(context->key);
free(context->peer);
free(context);
}
}
/* /*
* @brief Wrapper for AES-128 in CFB128 mode encryption * @brief Wrapper for AES-128 in CFB128 mode encryption
* Both key and IV must be 16 bytes long, IV is not updated * Both key and IV must be 16 bytes long, IV is not updated
...@@ -270,66 +299,141 @@ void bzrtpCrypto_aes128CfbDecrypt(const uint8_t key[16], ...@@ -270,66 +299,141 @@ void bzrtpCrypto_aes128CfbDecrypt(const uint8_t key[16],
aes_crypt_cfb128 (&context, AES_DECRYPT, inputLength, &iv_offset, IVbuffer, input, output); aes_crypt_cfb128 (&context, AES_DECRYPT, inputLength, &iv_offset, IVbuffer, input, output);
} }
/* initialise de DHM context according to requested algorithm */ /*** End of code common to polarSSL version 1.2 and 1.3 ***/
bzrtpDHMContext_t *bzrtpCrypto_CreateDHMContext(uint8_t DHMAlgo, uint8_t secretLength)
{
/* create the context */
bzrtpDHMContext_t *context = (bzrtpDHMContext_t *)malloc(sizeof(bzrtpDHMContext_t));
memset (context, 0, sizeof(bzrtpDHMContext_t));
/* create the polarssl context for DHM */ /* check polarssl version */
dhm_context *polarsslDhmContext=(dhm_context *)malloc(sizeof(dhm_context)); #include <polarssl/version.h>
memset(polarsslDhmContext, 0, sizeof(dhm_context)); #if POLARSSL_VERSION_NUMBER >= 0x01030000 /* for Polarssl version 1.3 */
context->cryptoModuleData=(void *)polarsslDhmContext;
/* initialise pointer to NULL to ensure safe call to free() when destroying context */ /* Hashs */
context->secret = NULL; #include "polarssl/sha256.h"
context->self = NULL;
context->key = NULL;
context->peer = NULL;
/* set parameters in the context */ /*
context->algo=DHMAlgo; * @brief SHA256 wrapper
context->secretLength = secretLength; * @param[in] input Input data buffer
switch (DHMAlgo) { * @param[in] inputLength Input data length in bytes
case ZRTP_KEYAGREEMENT_DH2k: * @param[in] hmacLength Lenght of output required in bytes, HMAC output is truncated to the hmacLenght left bytes. 32 bytes maximum
/* set P and G in the polarssl context */ * @param[out] output Output data buffer.
if ((mpi_read_string(&(polarsslDhmContext->P), 16, POLARSSL_DHM_RFC3526_MODP_2048_P) != 0) || *
(mpi_read_string(&(polarsslDhmContext->G), 16, POLARSSL_DHM_RFC3526_MODP_2048_G) != 0)) { */
return NULL; void bzrtpCrypto_sha256(const uint8_t *input,
} uint32_t inputLength,
context->primeLength=256; uint8_t hashLength,
polarsslDhmContext->len=256; uint8_t *output)
break; {
case ZRTP_KEYAGREEMENT_DH3k: uint8_t hashOutput[32];
/* set P and G in the polarssl context */ sha256(input, inputLength, hashOutput, 0); /* last param to zero to select SHA256 and not SHA224 */
if ((mpi_read_string(&(polarsslDhmContext->P), 16, POLARSSL_DHM_RFC3526_MODP_3072_P) != 0) ||
(mpi_read_string(&(polarsslDhmContext->G), 16, POLARSSL_DHM_RFC3526_MODP_3072_G) != 0)) { /* check output length, can't be>32 */
return NULL; if (hashLength>32) {
} memcpy(output, hashOutput, 32);
context->primeLength=384; } else {
polarsslDhmContext->len=384; memcpy(output, hashOutput, hashLength);
break;
default:
free(context);
return NULL;
break;
} }
}
return context; /*
* HMAC-SHA-256 wrapper
* @param[in] key HMAC secret key
* @param[in] keyLength HMAC key length
* @param[in] input Input data buffer
* @param[in] inputLength Input data length
* @param[in] hmacLength Lenght of output required in bytes, HMAC output is truncated to the hmacLenght left bytes. 32 bytes maximum
* @param[out] output Output data buffer.
*
*/
void bzrtpCrypto_hmacSha256(const uint8_t *key,
uint8_t keyLength,
const uint8_t *input,
uint32_t inputLength,
uint8_t hmacLength,
uint8_t *output)
{
uint8_t hmacOutput[32];
sha256_hmac(key, keyLength, input, inputLength, hmacOutput, 0); /* last param to zero to select SHA256 and not SHA224 */
/* check output length, can't be>32 */
if (hmacLength>32) {
memcpy(output, hmacOutput, 32);
} else {
memcpy(output, hmacOutput, hmacLength);
}
} }
/* generate the random secret and compute the public value */ /* compute secret - the ->peer field of context must have been set before calling this function */
void bzrtpCrypto_DHMCreatePublic(bzrtpDHMContext_t *context, int (*rngFunction)(void *, uint8_t *, uint16_t), void *rngContext) { void bzrtpCrypto_DHMComputeSecret(bzrtpDHMContext_t *context, int (*rngFunction)(void *, uint8_t *, uint16_t), void *rngContext) {
/* get the polarssl context */ /* get the polarssl context */
dhm_context *polarsslContext = (dhm_context *)context->cryptoModuleData; dhm_context *polarsslContext = (dhm_context *)context->cryptoModuleData;
/* allocate output buffer */ /* import the peer public value G^Y mod P in the polar ssl context */
context->self = (uint8_t *)malloc(context->primeLength*sizeof(uint8_t)); dhm_read_public(polarsslContext, context->peer, context->primeLength);
/*dhm_make_public(polarsslContext, context->secretLength, context->self, context->primeLength, ctr_drbg_random, (void *)&(polarsslRNGContext->rngContext)); */ /* compute the secret key */
dhm_make_public(polarsslContext, context->secretLength, context->self, context->primeLength, (int (*)(void *, unsigned char *, size_t))rngFunction, rngContext); uint16_t keyLength= context->primeLength; /* undocumented but this value seems to be in/out, so we must set it to the expected key length */
context->key = (uint8_t *)malloc(keyLength*sizeof(uint8_t)); /* allocate key buffer */
dhm_calc_secret(polarsslContext, context->key, (size_t *)(&keyLength), (int (*)(void *, unsigned char *, size_t))rngFunction, rngContext);
}
#else /* POLAR SSL VERSION 1.2 */
/* Hashs */
#include "polarssl/sha2.h"
/* Asymmetrics encryption */
#include "polarssl/dhm.h"
/*
* @brief SHA256 wrapper
* @param[in] input Input data buffer
* @param[in] inputLength Input data length in bytes
* @param[in] hmacLength Lenght of output required in bytes, HMAC output is truncated to the hmacLenght left bytes. 32 bytes maximum
* @param[out] output Output data buffer.
*
*/
void bzrtpCrypto_sha256(const uint8_t *input,
uint32_t inputLength,
uint8_t hashLength,
uint8_t *output)
{
uint8_t hashOutput[32];
sha2(input, inputLength, hashOutput, 0); /* last param to zero to select SHA256 and not SHA224 */
/* check output length, can't be>32 */
if (hashLength>32) {
memcpy(output, hashOutput, 32);
} else {
memcpy(output, hashOutput, hashLength);
}
}
/*
* HMAC-SHA-256 wrapper
* @param[in] key HMAC secret key
* @param[in] keyLength HMAC key length
* @param[in] input Input data buffer
* @param[in] inputLength Input data length
* @param[in] hmacLength Lenght of output required in bytes, HMAC output is truncated to the hmacLenght left bytes. 32 bytes maximum
* @param[out] output Output data buffer.
*
*/
void bzrtpCrypto_hmacSha256(const uint8_t *key,
uint8_t keyLength,
const uint8_t *input,
uint32_t inputLength,
uint8_t hmacLength,
uint8_t *output)
{
uint8_t hmacOutput[32];
sha2_hmac(key, keyLength, input, inputLength, hmacOutput, 0); /* last param to zero to select SHA256 and not SHA224 */
/* check output length, can't be>32 */
if (hmacLength>32) {
memcpy(output, hmacOutput, 32);
} else {
memcpy(output, hmacOutput, hmacLength);
}
} }
/* compute secret - the ->peer field of context must have been set before calling this function */ /* compute secret - the ->peer field of context must have been set before calling this function */
...@@ -346,20 +450,4 @@ void bzrtpCrypto_DHMComputeSecret(bzrtpDHMContext_t *context, int (*rngFunction) ...@@ -346,20 +450,4 @@ void bzrtpCrypto_DHMComputeSecret(bzrtpDHMContext_t *context, int (*rngFunction)
dhm_calc_secret(polarsslContext, context->key, (size_t *)(&keyLength)); dhm_calc_secret(polarsslContext, context->key, (size_t *)(&keyLength));
} }
/* clean DHM context */ #endif /* POLARSSL Version 1.2 */
void bzrtpCrypto_DestroyDHMContext(bzrtpDHMContext_t *context) {
if (context!= NULL) {
/* get the polarssl context */
dhm_context *polarsslContext = (dhm_context *)context->cryptoModuleData;
dhm_free(polarsslContext);
free(context->cryptoModuleData);
free(context->secret);
free(context->self);
free(context->key);
free(context->peer);
free(context);
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment