bZRTP
bZRTP is an opensource implementation of ZRTP keys exchange protocol
|
Go to the source code of this file.
Macros | |
#define | ZRTP_CRYPTOAGREEMENT_INVALIDCONTEXT 0x1001 |
#define | ZRTP_CRYPTOAGREEMENT_INVALIDMESSAGE 0x1002 |
#define | ZRTP_CRYPTOAGREEMENT_INVALIDSELFALGO 0x1003 |
#define | ZRTP_CRYPTOAGREEMENT_NOCOMMONALGOFOUND 0x1004 |
#define | ZRTP_CRYPTOAGREEMENT_INVALIDCIPHER 0x1005 |
#define | ZRTP_CRYPTOAGREEMENT_INVALIDHASH 0x1006 |
#define | ZRTP_CRYPTOAGREEMENT_INVALIDAUTHTAG 0x1007 |
#define | ZRTP_CRYPTOAGREEMENT_INVALIDSAS 0x1008 |
Typedefs | |
typedef struct bzrtp_KEMContext_struct | bzrtp_KEMContext_t |
Functions | |
uint8_t | bzrtpUtils_getAvailableCryptoTypes (uint8_t algoType, uint8_t availableTypes[7]) |
uint8_t | bzrtpUtils_getAllAvailableCryptoTypes (uint8_t algoType, uint8_t availableTypes[256]) |
BZRTP_EXPORT int | bzrtp_keyDerivationFunction (const uint8_t *key, const size_t keyLength, const uint8_t *label, const size_t labelLength, const uint8_t *context, const size_t contextLength, const uint8_t hmacLength, void(*hmacFunction)(const uint8_t *, size_t, const uint8_t *, size_t, uint8_t, uint8_t *), uint8_t *output) |
ZRTP Key Derivation Function as in rfc 4.5.1. | |
void | bzrtp_base32 (uint32_t sas, char *output, int outputSize) |
SAS rendering from 32 bits to 4 characters Function defined in rfc section 5.1.6. | |
void | bzrtp_base256 (uint32_t sas, char *output, int outputSize) |
SAS rendering from 32 bits to pgp word list Function defined in rfc section 5.1.6. | |
BZRTP_EXPORT uint32_t | bzrtp_CRC32 (uint8_t *input, uint16_t length) |
CRC32 as defined in RFC4960 Appendix B - Polynomial is 0x1EDC6F41. | |
bool_t | bzrtp_isPostQuantum (uint8_t keyAgreementAlgo) |
Check if the keyAgreementAlgo is a post quantum algorithm. | |
BZRTP_EXPORT int | bzrtp_cryptoAlgoAgreement (bzrtpContext_t *zrtpContext, bzrtpChannelContext_t *zrtpChannelContext, bzrtpHelloMessage_t *peerHelloMessage) |
select a key agreement algorithm from the one available in context and the one provided by peer in Hello Message as described in rfc section 4.1.2 | |
BZRTP_EXPORT int | bzrtp_updateCryptoFunctionPointers (bzrtpChannelContext_t *zrtpChannelContext) |
Update context crypto function pointer according to related values of choosen algorithms fields (hashAlgo, cipherAlgo, etc..) | |
uint8_t | bzrtp_selectCommonAlgo (uint8_t masterArray[7], uint8_t masterArrayLength, uint8_t *slaveArray, uint8_t slaveArrayLength, uint8_t commonArray[7]) |
Select common algorithm from the given array where algo are represented by their 4 chars string defined in rfc section 5.1.2 to 5.1.6 Master array is the one given the preference order All algo are designed by their uint8_t mapped values. | |
BZRTP_EXPORT void | bzrtp_addMandatoryCryptoTypesIfNeeded (uint8_t algoType, uint8_t algoTypes[7], uint8_t *algoTypesCount) |
add mandatory crypto functions if they are not already included | |
BZRTP_EXPORT uint8_t | bzrtp_cryptoAlgoTypeStringToInt (uint8_t algoType[4], uint8_t algoFamily) |
Map the string description of algo type to an int defined in cryptoWrapper.h. | |
BZRTP_EXPORT void | bzrtp_cryptoAlgoTypeIntToString (uint8_t algoTypeInt, uint8_t algoTypeString[4]) |
Unmap the string description of algo type to an int defined in cryptoWrapper.h. | |
BZRTP_EXPORT void | bzrtp_DestroyKey (uint8_t *key, size_t keyLength, void *rngContext) |
Destroy a key by setting it to a random number Key is not freed, caller must deal with memory management. Does nothing if the key pointer is NULL. | |
void | bzrtp_destroyKeyMaterial (bzrtpContext_t *zrtpContext, bzrtpChannelContext_t *zrtpChannelContext) |
Destroy all the key material of a channel context. | |
BZRTP_EXPORT uint16_t | bzrtp_computeKeyAgreementPublicValueLength (uint8_t keyAgreementAlgo, uint8_t messageTyoe) |
uint16_t | bzrtp_computeKeyAgreementSharedSecretLength (uint8_t keyAgreementAlgo, uint8_t hashLength) |
bool_t | bzrtp_isKem (uint8_t keyAgreementAlgo) |
uint16_t | bzrtp_computeCommitMessageVariableLength (uint8_t keyAgreementAlgo) |
bzrtp_KEMContext_t * | bzrtp_createKEMContext (uint8_t keyAgreementAlgo, uint8_t hashAlgo) |
int | bzrtp_KEM_generateKeyPair (bzrtp_KEMContext_t *ctx) |
int | bzrtp_KEM_getPublicKey (bzrtp_KEMContext_t *ctx, uint8_t *publicKey) |
int | bzrtp_KEM_getSharedSecret (bzrtp_KEMContext_t *ctx, uint8_t *sharedSecret) |
int | bzrtp_KEM_encaps (bzrtp_KEMContext_t *ctx, uint8_t *publicKey, uint8_t *cipherText) |
int | bzrtp_KEM_decaps (bzrtp_KEMContext_t *ctx, uint8_t *cipherText) |
int | bzrtp_destroyKEMContext (bzrtp_KEMContext_t *ctx) |
#define ZRTP_CRYPTOAGREEMENT_INVALIDAUTHTAG 0x1007 |
#define ZRTP_CRYPTOAGREEMENT_INVALIDCIPHER 0x1005 |
#define ZRTP_CRYPTOAGREEMENT_INVALIDCONTEXT 0x1001 |
#define ZRTP_CRYPTOAGREEMENT_INVALIDHASH 0x1006 |
#define ZRTP_CRYPTOAGREEMENT_INVALIDMESSAGE 0x1002 |
#define ZRTP_CRYPTOAGREEMENT_INVALIDSAS 0x1008 |
#define ZRTP_CRYPTOAGREEMENT_INVALIDSELFALGO 0x1003 |
#define ZRTP_CRYPTOAGREEMENT_NOCOMMONALGOFOUND 0x1004 |
typedef struct bzrtp_KEMContext_struct bzrtp_KEMContext_t |
BZRTP_EXPORT void bzrtp_addMandatoryCryptoTypesIfNeeded | ( | uint8_t | algoType, |
uint8_t | algoTypes[7], | ||
uint8_t * | algoTypesCount | ||
) |
add mandatory crypto functions if they are not already included
[in] | algoType | mapped to defines, must be in [ZRTP_HASH_TYPE, ZRTP_CIPHERBLOCK_TYPE, ZRTP_AUTHTAG_TYPE, ZRTP_KEYAGREEMENT_TYPE or ZRTP_SAS_TYPE] |
[in,out] | algoTypes | mapped to uint8_t value of the 4 char strings giving the algo types as string according to rfc section 5.1.2 to 5.1.6 |
[in,out] | algoTypesCount | number of algo types |
void bzrtp_base256 | ( | uint32_t | sas, |
char * | output, | ||
int | outputSize | ||
) |
SAS rendering from 32 bits to pgp word list Function defined in rfc section 5.1.6.
[in] | sas | The 32 bits SAS |
[out] | output | The output list. Passed in array must be at least 32 bytes |
[in] | outputSize | size of the ouput buffer |
void bzrtp_base32 | ( | uint32_t | sas, |
char * | output, | ||
int | outputSize | ||
) |
SAS rendering from 32 bits to 4 characters Function defined in rfc section 5.1.6.
[in] | sas | The 32 bits SAS |
[out] | output | The 4 chars string to be displayed to user for vocal confirmation |
[in] | outputSize | size of the ouput buffer |
Compute the variable size of data in a Commit message based on the given key agreement algorithm For DH types, it is the hvi size, for KEM types, it is the hvi size + public key size, for preShared or multistream the nonce size
[in] | keyAgreementAlgo | a key agreement algo mapped on a uint8_t |
BZRTP_EXPORT uint16_t bzrtp_computeKeyAgreementPublicValueLength | ( | uint8_t | keyAgreementAlgo, |
uint8_t | messageTyoe | ||
) |
Return the public value(public key or ciphertext) length in bytes according to given key agreement algorithm and packet type packet type is used to determine public value type when in KEM mode:
[in] | keyAgreementAlgo | The key agreement algo mapped to an integer as defined in cryptoUtils.h |
[in] | messageType | MSGTYPE_COMMIT, MSGTYPE_DHPART1i or MSGTYPE_DHPART2: needed for KEM mode |
uint16_t bzrtp_computeKeyAgreementSharedSecretLength | ( | uint8_t | keyAgreementAlgo, |
uint8_t | hashLength | ||
) |
Return the shared secret size in bytes according to given key agreement algorithm
[in] | keyAgreementAlgo | The key agreement algo mapped to an integer as defined in cryptoUtils.h |
BZRTP_EXPORT uint32_t bzrtp_CRC32 | ( | uint8_t * | input, |
uint16_t | length | ||
) |
CRC32 as defined in RFC4960 Appendix B - Polynomial is 0x1EDC6F41.
CRC is computed in reverse bit mode (least significant bit first within each byte) reversed value of polynom (0x82F63B78) was used to compute the lookup table (source http://en.wikipedia.org/wiki/Cyclic_redundancy_check#Commonly_used_and_standardized_CRCs)
[in] | input | input data |
[in] | length | length of data in bytes |
bzrtp_KEMContext_t * bzrtp_createKEMContext | ( | uint8_t | keyAgreementAlgo, |
uint8_t | hashAlgo | ||
) |
Create the KEM context
[in] | keyAgreementAlgo | one of ZRTP_KEYAGREEMENT_KYB1, ZRTP_KEYAGREEMENT_KYB2, ZRTP_KEYAGREEMENT_KYB3, ZRTP_KEYAGREEMENT_HQC1, ZRTP_KEYAGREEMENT_HQC2, ZRTP_KEYAGREEMENT_HQC3, ZRTP_KEYAGREEMENT_K255_KYB512, ZRTP_KEYAGREEMENT_K255_HQC128, ZRTP_KEYAGREEMENT_K448_KYB1024, ZRTP_KEYAGREEMENT_K448_HQC256 ZRTP_KEYAGREEMENT_K255_KYB512_HQC128, ZRTP_KEYAGREEMENT_K448_KYB1024_HQC256, |
BZRTP_EXPORT int bzrtp_cryptoAlgoAgreement | ( | bzrtpContext_t * | zrtpContext, |
bzrtpChannelContext_t * | zrtpChannelContext, | ||
bzrtpHelloMessage_t * | peerHelloMessage | ||
) |
select a key agreement algorithm from the one available in context and the one provided by peer in Hello Message as described in rfc section 4.1.2
[in] | zrtpContext | The context contains the list of available algo |
[out] | zrtpChannelContext | The bzrtp channel context to be updated |
[in] | peerHelloMessage | The peer hello message containing his set of available algos |
return 0 on succes, error code otherwise
BZRTP_EXPORT void bzrtp_cryptoAlgoTypeIntToString | ( | uint8_t | algoTypeInt, |
uint8_t | algoTypeString[4] | ||
) |
Unmap the string description of algo type to an int defined in cryptoWrapper.h.
[in] | algoTypeInt | The integer algo type defined in crypoWrapper.h |
[in] | algoTypeString | The string code for the algorithm as defined in rfc 5.1.2 to 5.1.6 |
BZRTP_EXPORT uint8_t bzrtp_cryptoAlgoTypeStringToInt | ( | uint8_t | algoType[4], |
uint8_t | algoFamily | ||
) |
Map the string description of algo type to an int defined in cryptoWrapper.h.
[in] | algoType | A 4 chars string containing the algo type as listed in rfc sections 5.1.2 to 5.1.6 |
[in] | algoFamily | The integer mapped algo family (ZRTP_HASH_TYPE, ZRTP_CIPHERBLOCK_TYPE, ZRTP_AUTHTAG_TYPE, ZRTP_KEYAGREEMENT_TYPE or ZRTP_SAS_TYPE) |
int bzrtp_destroyKEMContext | ( | bzrtp_KEMContext_t * | ctx | ) |
Destroy a KEM context. Safely clean any secrets it may holding
[in] | ctx | a valid KEM context |
BZRTP_EXPORT void bzrtp_DestroyKey | ( | uint8_t * | key, |
size_t | keyLength, | ||
void * | rngContext | ||
) |
Destroy a key by setting it to a random number Key is not freed, caller must deal with memory management. Does nothing if the key pointer is NULL.
[in,out] | key | The key to be destroyed |
[in] | keyLength | The keyLength in bytes |
[in] | rngContext | The context for RNG |
void bzrtp_destroyKeyMaterial | ( | bzrtpContext_t * | zrtpContext, |
bzrtpChannelContext_t * | zrtpChannelContext | ||
) |
Destroy all the key material of a channel context.
[in,out] | zrtpContext | The zrtp context |
[in,out] | zrtpChannelContext | The channel context |
bool_t bzrtp_isKem | ( | uint8_t | keyAgreementAlgo | ) |
Check a given key agrement algorithm is a KEM or not
[in] | keyAgreementAlgo | a key agreement algo mapped on a uint8_t |
bool_t bzrtp_isPostQuantum | ( | uint8_t | keyAgreementAlgo | ) |
Check if the keyAgreementAlgo is a post quantum algorithm.
[in] | keyAgreementAlgo | The key agreement algorithm |
int bzrtp_KEM_decaps | ( | bzrtp_KEMContext_t * | ctx, |
uint8_t * | cipherText | ||
) |
Decapsulate a key, shared secret is stored in the context
[in] | ctx | a valid KEM context holding the secret Key needed to decapsulate |
[in] | cipherText | the encapsulated secret |
int bzrtp_KEM_encaps | ( | bzrtp_KEMContext_t * | ctx, |
uint8_t * | publicKey, | ||
uint8_t * | cipherText | ||
) |
Generate and encapsulate a secret given a public key, shared secret is stored in the context
[in] | ctx | a valid KEM context |
[in] | publicKey | the public key we want to encapsulate to |
[out] | cipherText | the encapsulated secret |
int bzrtp_KEM_generateKeyPair | ( | bzrtp_KEMContext_t * | ctx | ) |
Generate a key pair and store it in the context
int bzrtp_KEM_getPublicKey | ( | bzrtp_KEMContext_t * | ctx, |
uint8_t * | publicKey | ||
) |
Extract the public key from context
[in] | ctx | a valid KEM context |
[out] | publicKey | the key in this context. Data is copied in this buffer, caller must ensure it is the correct size |
int bzrtp_KEM_getSharedSecret | ( | bzrtp_KEMContext_t * | ctx, |
uint8_t * | sharedSecret | ||
) |
Extract the shared secret from context
[in] | ctx | a valid KEM context |
[out] | sharedSecret | the shared secret in this context. Data is copied in this buffer, caller must ensure it is the correct size |
BZRTP_EXPORT int bzrtp_keyDerivationFunction | ( | const uint8_t * | key, |
const size_t | keyLength, | ||
const uint8_t * | label, | ||
const size_t | labelLength, | ||
const uint8_t * | context, | ||
const size_t | contextLength, | ||
const uint8_t | hmacLength, | ||
void(*)(const uint8_t *, size_t, const uint8_t *, size_t, uint8_t, uint8_t *) | hmacFunction, | ||
uint8_t * | output | ||
) |
ZRTP Key Derivation Function as in rfc 4.5.1.
KDF(KI, Label, Context, L) = HMAC(KI, i || Label || 0x00 || Context || L) where
[in] | key | The key for HMAC |
[in] | keyLength | Length of the key in bytes |
[in] | label | A string to be included in the hash |
[in] | labelLength | Length of the label in bytes |
[in] | context | a context string for the key derivation |
[in] | contextLength | Length of the context string in bytes |
[in] | hmacLength | The output of the KDF is the HMAC truncated to the leftmost L bytes |
[in] | hmacFunction | The hashmac function to be used to compute the KDF |
[out] | output | A buffer to store the hmacLength bytes of output |
uint8_t bzrtp_selectCommonAlgo | ( | uint8_t | masterArray[7], |
uint8_t | masterArrayLength, | ||
uint8_t * | slaveArray, | ||
uint8_t | slaveArrayLength, | ||
uint8_t | commonArray[7] | ||
) |
Select common algorithm from the given array where algo are represented by their 4 chars string defined in rfc section 5.1.2 to 5.1.6 Master array is the one given the preference order All algo are designed by their uint8_t mapped values.
[in] | masterArray | The ordered available algo, result will follow this ordering |
[in] | masterArrayLength | Number of valids element in the master array |
[in] | slaveArray | The available algo, order is not taken in account |
[in] | slaveArrayLength | Number of valids element in the slave array |
[out] | commonArray | Common algorithms found, max size 7 |
BZRTP_EXPORT int bzrtp_updateCryptoFunctionPointers | ( | bzrtpChannelContext_t * | zrtpChannelContext | ) |
Update context crypto function pointer according to related values of choosen algorithms fields (hashAlgo, cipherAlgo, etc..)
[in,out] | zrtpChannelContext | The bzrtp channel context to be updated |
Return available crypto functions. WARNING: this function can return more than 7 items, do not use it for something else than checking the values forced by bzrtp_setSupportedCryptoTypes
Return available crypto functions. If more than 7 are available, returns the 7 first