2018-12-12 00:38:58 +00:00
|
|
|
#ifndef LLARP_CRYPTO_HPP
|
|
|
|
#define LLARP_CRYPTO_HPP
|
|
|
|
|
2019-01-13 16:30:07 +00:00
|
|
|
#include <crypto/constants.hpp>
|
|
|
|
#include <crypto/types.hpp>
|
|
|
|
|
2019-02-02 23:12:42 +00:00
|
|
|
#include <util/buffer.hpp>
|
2018-12-13 21:28:50 +00:00
|
|
|
|
|
|
|
#include <functional>
|
2019-07-30 23:42:13 +00:00
|
|
|
|
|
|
|
#include <cstdint>
|
2018-12-13 21:28:50 +00:00
|
|
|
|
|
|
|
/**
|
2019-01-11 00:12:43 +00:00
|
|
|
* crypto.hpp
|
2018-12-13 21:28:50 +00:00
|
|
|
*
|
|
|
|
* libsodium abstraction layer
|
|
|
|
* potentially allow libssl support in the future
|
|
|
|
*/
|
|
|
|
|
2018-12-12 00:38:58 +00:00
|
|
|
namespace llarp
|
|
|
|
{
|
2018-12-13 21:28:50 +00:00
|
|
|
/// library crypto configuration
|
|
|
|
struct Crypto
|
|
|
|
{
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual ~Crypto() = 0;
|
|
|
|
|
2019-01-02 01:04:03 +00:00
|
|
|
/// xchacha symmetric cipher
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
xchacha20(const llarp_buffer_t&, const SharedSecret&, const TunnelNonce&) = 0;
|
2019-01-26 15:40:58 +00:00
|
|
|
|
2019-01-02 01:04:03 +00:00
|
|
|
/// xchacha symmetric cipher (multibuffer)
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
xchacha20_alt(
|
|
|
|
const llarp_buffer_t&, const llarp_buffer_t&, const SharedSecret&, const byte_t*) = 0;
|
2019-01-26 15:40:58 +00:00
|
|
|
|
2018-12-13 21:28:50 +00:00
|
|
|
/// path dh creator's side
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
dh_client(SharedSecret&, const PubKey&, const SecretKey&, const TunnelNonce&) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// path dh relay side
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
dh_server(SharedSecret&, const PubKey&, const SecretKey&, const TunnelNonce&) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// transport dh client side
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
transport_dh_client(SharedSecret&, const PubKey&, const SecretKey&, const TunnelNonce&) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// transport dh server side
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
transport_dh_server(SharedSecret&, const PubKey&, const SecretKey&, const TunnelNonce&) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// blake2b 256 bit
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
shorthash(ShortHash&, const llarp_buffer_t&) = 0;
|
2020-01-27 21:30:41 +00:00
|
|
|
/// blake2s 256 bit "hmac" (keyed hash)
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
hmac(byte_t*, const llarp_buffer_t&, const SharedSecret&) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// ed25519 sign
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
sign(Signature&, const SecretKey&, const llarp_buffer_t&) = 0;
|
2020-01-31 04:27:13 +00:00
|
|
|
/// ed25519 sign (custom with derived keys)
|
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
sign(Signature&, const PrivateKey&, const llarp_buffer_t&) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// ed25519 verify
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
verify(const PubKey&, const llarp_buffer_t&, const Signature&) = 0;
|
2020-01-27 21:30:41 +00:00
|
|
|
|
|
|
|
/// derive sub keys for public keys
|
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
derive_subkey(PubKey&, const PubKey&, uint64_t, const AlignedBuffer<32>* = nullptr) = 0;
|
2020-01-27 21:30:41 +00:00
|
|
|
|
2020-01-30 16:34:05 +00:00
|
|
|
/// derive sub keys for private keys
|
2020-01-27 21:30:41 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
derive_subkey_private(
|
|
|
|
PrivateKey&, const SecretKey&, uint64_t, const AlignedBuffer<32>* = nullptr) = 0;
|
2020-01-27 21:30:41 +00:00
|
|
|
|
2019-01-21 15:45:18 +00:00
|
|
|
/// seed to secretkey
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
seed_to_secretkey(llarp::SecretKey&, const llarp::IdentitySecret&) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// randomize buffer
|
2019-02-01 01:58:06 +00:00
|
|
|
virtual void
|
2020-04-07 18:38:56 +00:00
|
|
|
randomize(const llarp_buffer_t&) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// randomizer memory
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual void
|
2020-04-07 18:38:56 +00:00
|
|
|
randbytes(byte_t*, size_t) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// generate signing keypair
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual void
|
2020-04-07 18:38:56 +00:00
|
|
|
identity_keygen(SecretKey&) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// generate encryption keypair
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual void
|
2020-04-07 18:38:56 +00:00
|
|
|
encryption_keygen(SecretKey&) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// generate post quantum encrytion key
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual void
|
2020-04-07 18:38:56 +00:00
|
|
|
pqe_keygen(PQKeyPair&) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// post quantum decrypt (buffer, sharedkey_dst, sec)
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
pqe_decrypt(const PQCipherBlock&, SharedSecret&, const byte_t*) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
/// post quantum encrypt (buffer, sharedkey_dst, pub)
|
2019-01-26 15:40:58 +00:00
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
pqe_encrypt(PQCipherBlock&, SharedSecret&, const PQPubKey&) = 0;
|
2019-11-27 01:40:55 +00:00
|
|
|
|
|
|
|
virtual bool
|
2020-04-07 18:38:56 +00:00
|
|
|
check_identity_privkey(const SecretKey&) = 0;
|
2018-12-13 21:28:50 +00:00
|
|
|
};
|
|
|
|
|
2019-07-30 23:42:13 +00:00
|
|
|
inline Crypto::~Crypto() = default;
|
2019-01-26 15:40:58 +00:00
|
|
|
|
2018-12-13 21:28:50 +00:00
|
|
|
/// return random 64bit unsigned interger
|
|
|
|
uint64_t
|
|
|
|
randint();
|
|
|
|
|
2020-04-07 18:38:56 +00:00
|
|
|
const byte_t*
|
|
|
|
seckey_topublic(const SecretKey& secret);
|
2018-12-13 21:28:50 +00:00
|
|
|
|
2020-04-07 18:38:56 +00:00
|
|
|
const byte_t*
|
|
|
|
pq_keypair_to_public(const PQKeyPair& keypair);
|
2018-12-13 21:28:50 +00:00
|
|
|
|
2020-04-07 18:38:56 +00:00
|
|
|
const byte_t*
|
|
|
|
pq_keypair_to_secret(const PQKeyPair& keypair);
|
2018-12-12 00:38:58 +00:00
|
|
|
|
2019-05-28 19:45:08 +00:00
|
|
|
struct CryptoManager
|
|
|
|
{
|
|
|
|
private:
|
2020-04-07 18:38:56 +00:00
|
|
|
static Crypto* m_crypto;
|
2019-05-28 19:45:08 +00:00
|
|
|
|
2020-04-07 18:38:56 +00:00
|
|
|
Crypto* m_prevCrypto;
|
2019-05-28 19:45:08 +00:00
|
|
|
|
|
|
|
public:
|
2020-04-07 18:38:56 +00:00
|
|
|
CryptoManager(Crypto* crypto) : m_prevCrypto(m_crypto)
|
2019-05-28 19:45:08 +00:00
|
|
|
{
|
|
|
|
m_crypto = crypto;
|
|
|
|
}
|
|
|
|
|
|
|
|
~CryptoManager()
|
|
|
|
{
|
|
|
|
m_crypto = m_prevCrypto;
|
|
|
|
}
|
|
|
|
|
2020-04-07 18:38:56 +00:00
|
|
|
static Crypto*
|
2020-02-22 21:42:16 +00:00
|
|
|
instance()
|
2019-05-28 19:45:08 +00:00
|
|
|
{
|
2020-02-22 21:42:16 +00:00
|
|
|
#ifdef NDEBUG
|
|
|
|
return m_crypto;
|
|
|
|
#else
|
2020-04-07 18:38:56 +00:00
|
|
|
if (m_crypto)
|
2019-05-28 19:45:08 +00:00
|
|
|
return m_crypto;
|
|
|
|
|
2019-07-16 00:40:28 +00:00
|
|
|
assert(false && "Cryptomanager::instance() was undefined");
|
|
|
|
abort();
|
2020-02-22 21:42:16 +00:00
|
|
|
#endif
|
2019-05-28 19:45:08 +00:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2018-12-12 00:38:58 +00:00
|
|
|
} // namespace llarp
|
|
|
|
|
|
|
|
#endif
|