1 /*
2 * Copyright (c) 1995,2003 The Regents of the University of California.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the Network Research
16 * Group at Lawrence Berkeley National Laboratory.
17 * 4. Neither the name of the University nor of the Laboratory may be used
18 * to endorse or promote products derived from this software without
19 * specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33 static const char rcsid[] =
34 "@(#) $Header: /usr/mash/src/repository/mash/mash-1/crypt/crypt-rijndael.cc,v 1.2 2003/11/19 19:20:26 aswan Exp $";
35
36 #include "crypt/crypt.h"
37 #include "rtp/inet.h"
38 #include "rtp/rtp.h"
39
40 extern "C" {
41 #include "crypt/rijndael/rijndael-api-fst.h"
42 }
43
44 class CryptRijndael : public Crypt {
45 public:
46 CryptRijndael();
47 ~CryptRijndael();
48 virtual int install_key(const u_int8_t* key);
49 virtual u_char* Encrypt(const u_char* in, int& len);
50 virtual int Decrypt(const u_char* in, int len, u_char* out);
51
52 protected:
53 int decrypt(const u_char* in, int len, u_char* out, int rtcp);
54
55 keyInstance keyInstEncrypt_;
56 keyInstance keyInstDecrypt_;
57 cipherInstance cipherInst_;
58 static int didinit_;
59 u_char* wrkbuf_;
60 };
61
62 class CryptRijndaelCtrl : public CryptRijndael {
63 public:
64 virtual u_char* Encrypt(const u_char* in, int& len);
65 virtual int Decrypt(const u_char* in, int len, u_char* out);
66 };
67
68 static class CryptRijndaelClass : public TclClass {
69 public:
70 CryptRijndaelClass() : TclClass("Crypt/Data/Rijndael") {}
71 TclObject* create(int argc, const char*const* argv) {
72 return (new CryptRijndael);
73 }
74 } rijndael_class;
75
76 static class CryptRijndaelCtrlClass : public TclClass {
77 public:
78 CryptRijndaelCtrlClass() : TclClass("Crypt/Control/Rijndael") {}
79 TclObject* create(int argc, const char*const* argv) {
80 return (new CryptRijndaelCtrl);
81 }
82 } rijndael_ctrl_class;
83
84 CryptRijndael::CryptRijndael()
85 {
86 /* enough extra space for padding and RTCP 4-byte random header */
87 wrkbuf_ = new u_char[2*RTP_MTU + 4 ];
88 }
89
90 CryptRijndael::~CryptRijndael()
91 {
92 delete wrkbuf_;
93 }
94
95 int CryptRijndael::install_key(const u_int8_t* key)
96 {
97 int rc;
98 // int keylen = strlen((const char *) key);
99
100 //
101 // The vic framework gives us an md5 hash which is 16 bytes long.
102 //
103 int keylen = 16;
104 rc = makeKey(&keyInstEncrypt_, DIR_ENCRYPT, keylen * 8, (char *) key);
105 if (rc < 0) {
106 //debug_msg("makeKey failed: %d\n", rc);
107 return (rc);
108 }
109
110 rc = makeKey(&keyInstDecrypt_, DIR_DECRYPT, keylen * 8, (char *) key);
111 if (rc < 0) {
112 //debug_msg("makeKey failed: %d\n", rc);
113 return (rc);
114 }
115
116 rc = cipherInit(&cipherInst_, MODE_ECB, NULL);
117 if (rc < 0) {
118 //debug_msg("ciperInit failed: %d\n", rc);
119 return (rc);
120 }
121
122 return (0);
123 }
124
125 u_char* CryptRijndael::Encrypt(const u_char* in, int& len)
126 {
127 // Pad with zeros to the nearest 8 octet boundary
128 int pad = len & 15;
129 if (pad != 0) {
130 /* pad to an block (16 octet) boundary */
131 pad = 16 - pad;
132 u_char* rh = (u_char*)in;
133 *rh |= 0x20; // set P bit
134 u_char *padding = ((u_char*)in + len);
135 for (int i=1; i<pad; i++)
136 *padding++ = 0;
137 *padding++ = (char)pad;
138 len += pad;
139 }
140
141 int rc = blockEncrypt(&cipherInst_, &keyInstEncrypt_, (unsigned char *) in, len * 8, wrkbuf_);
142 if (rc < 0) {
143 fprintf(stderr, "blockEncrypt failed: %d\n", rc);
144 }
145
146 return (wrkbuf_);
147 }
148
149 int CryptRijndael::decrypt(const u_char* in, int len, u_char* out, int rtcp)
150 {
151 /* check that packet is an integral number of blocks */
152 if ((len & 15) != 0) {
153 ++badpktlen_;
154 return (-1);
155 }
156
157 blockDecrypt(&cipherInst_, &keyInstDecrypt_, (unsigned char *) in, len * 8, out);
158
159 // Strip the header of the first 4 bytes if it is an RTCP packet
160 if (rtcp)
161 {
162 memmove(out, (u_char *)(out+4), (unsigned long)(len-4));
163 len -= 4;
164 }
165
166 if ((out[0] & 0x20) != 0) {
167 /* P bit set - trim off padding */
168 int pad = out[len - 1];
169 if (pad > 15 || pad == 0) {
170 ++badpbit_;
171 return (-1);
172 }
173 len -= pad;
174 }
175 return (len);
176 }
177
178 int CryptRijndael::Decrypt(const u_char* in, int len, u_char* out)
179 {
180 return decrypt(in, len, out, 0);
181 }
182
183 u_char* CryptRijndaelCtrl::Encrypt(const u_char* in, int& len)
184 {
185 // Attach 4 random bytes to the top of the header to reduce chances of a
186 // plaintext attack on the otherwise fixed header.
187 u_int32_t* new_random = (u_int32_t*)wrkbuf_;
188 new_random[0] = random();
189
190 // Copy into the working buffer
191 memcpy((u_char *)(wrkbuf_+4),(u_char *)(in),(unsigned long)(len));
192 len +=4;
193
194 // Pad with zeros to the nearest 8 octet boundary
195 int pad = len & 15;
196 if (pad != 0) {
197 /* pad to an block (8 octet) boundary */
198 pad = 16 - pad;
199 u_char* rh = (wrkbuf_+4);
200 *rh |= 0x20; // set P bit
201 u_char *padding = (wrkbuf_ + len);
202 for (int i=1; i<pad; i++)
203 *padding++ = 0;
204 *padding++ = (char)pad;
205 len += pad;
206 }
207
208 int rc = blockEncrypt(&cipherInst_, &keyInstEncrypt_, wrkbuf_, len * 8, wrkbuf_);
209 if (rc < 0) {
210 fprintf(stderr, "blockEncrypt failed: %d\n", rc);
211 }
212
213 return (wrkbuf_);
214 }
215
216 int CryptRijndaelCtrl::Decrypt(const u_char* in, int len, u_char* out)
217 {
218 return (decrypt(in, len, out, 1));
219 }
220
This page was automatically generated by the
LXR engine.
Visit the LXR main site for more
information.