bZRTP
bZRTP is an opensource implementation of ZRTP keys exchange protocol
|
Macros | |
#define | BITS_PRO_INT 8*sizeof(int) |
#define | BITMASK_256_SIZE 256/BITS_PRO_INT |
#define | BITMASK_256_SET_ZERO(bitmask) memset(bitmask, 0, sizeof(int)*BITMASK_256_SIZE) |
#define | BITMASK_256_SET(bitmask, value) bitmask[value/BITS_PRO_INT] |= 1 << (value % BITS_PRO_INT) |
#define | BITMASK_256_UNSET(bitmask, value) bitmask[value/BITS_PRO_INT] &= ~(1 << (value % BITS_PRO_INT)) |
#define | BITMASK_256_CHECK(bitmask, value) (bitmask[value/BITS_PRO_INT] & 1 << (value % BITS_PRO_INT)) |
Functions | |
static uint32_t | bzrtp_key_agreement_algo_list (void) |
uint8_t | bzrtpUtils_getAllAvailableCryptoTypes (uint8_t algoType, uint8_t availableTypes[256]) |
uint8_t | bzrtp_available_key_agreement (uint8_t algos[256]) |
Retrieve the list of available key agreements algorithms. | |
bool_t | bzrtp_is_PQ_available (void) |
check is Post Quantum algorithms are available | |
uint8_t | bzrtpUtils_getAvailableCryptoTypes (uint8_t algoType, uint8_t availableTypes[7]) |
uint8_t | bzrtpUtils_getMandatoryCryptoTypes (uint8_t algoType, uint8_t mandatoryTypes[7]) |
int | bzrtp_keyDerivationFunction (const uint8_t *key, const size_t keyLength, const uint8_t *label, const size_t labelLength, const uint8_t *context, const size_t contextLength, const uint8_t hmacLength, void(*hmacFunction)(const uint8_t *, size_t, const uint8_t *, size_t, uint8_t, uint8_t *), uint8_t *output) |
ZRTP Key Derivation Function as in rfc 4.5.1. | |
void | bzrtp_base32 (uint32_t sas, char *output, int outputSize) |
SAS rendering from 32 bits to 4 characters Function defined in rfc section 5.1.6. | |
void | bzrtp_base256 (uint32_t sas, char *output, int outputSize) |
SAS rendering from 32 bits to pgp word list Function defined in rfc section 5.1.6. | |
uint32_t | bzrtp_CRC32 (uint8_t *input, uint16_t length) |
CRC32 as defined in RFC4960 Appendix B - Polynomial is 0x1EDC6F41. | |
bool_t | bzrtp_isPostQuantum (uint8_t keyAgreementAlgo) |
Check if the keyAgreementAlgo is a post quantum algorithm. | |
int | bzrtp_cryptoAlgoAgreement (bzrtpContext_t *zrtpContext, bzrtpChannelContext_t *zrtpChannelContext, bzrtpHelloMessage_t *peerHelloMessage) |
select a key agreement algorithm from the one available in context and the one provided by peer in Hello Message as described in rfc section 4.1.2 | |
int | bzrtp_updateCryptoFunctionPointers (bzrtpChannelContext_t *zrtpChannelContext) |
Update context crypto function pointer according to related values of choosen algorithms fields (hashAlgo, cipherAlgo, etc..) | |
uint8_t | bzrtp_selectCommonAlgo (uint8_t masterArray[7], uint8_t masterArrayLength, uint8_t *slaveArray, uint8_t slaveArrayLength, uint8_t commonArray[7]) |
Select common algorithm from the given array where algo are represented by their 4 chars string defined in rfc section 5.1.2 to 5.1.6 Master array is the one given the preference order All algo are designed by their uint8_t mapped values. | |
void | bzrtp_addMandatoryCryptoTypesIfNeeded (uint8_t algoType, uint8_t algoTypes[7], uint8_t *algoTypesCount) |
add mandatory crypto functions if they are not already included | |
uint8_t | bzrtp_cryptoAlgoTypeStringToInt (uint8_t algoType[4], uint8_t algoFamily) |
Map the string description of algo type to an int defined in cryptoWrapper.h. | |
void | bzrtp_cryptoAlgoTypeIntToString (uint8_t algoTypeInt, uint8_t algoTypeString[4]) |
Unmap the string description of algo type to an int defined in cryptoWrapper.h. | |
void | bzrtp_DestroyKey (uint8_t *key, size_t keyLength, void *rngContext) |
Destroy a key by setting it to a random number Key is not freed, caller must deal with memory management. Does nothing if the key pointer is NULL. | |
void | bzrtp_destroyKeyMaterial (bzrtpContext_t *zrtpContext, bzrtpChannelContext_t *zrtpChannelContext) |
Destroy all the key material of a channel context. | |
static uint16_t | bzrt_getKEMPublicKeyLength (uint8_t keyAgreementAlgo) |
static uint16_t | bzrt_getKEMCipherTextLength (uint8_t keyAgreementAlgo) |
uint16_t | bzrtp_computeKeyAgreementPublicValueLength (uint8_t keyAgreementAlgo, uint8_t messageType) |
uint16_t | bzrtp_computeKeyAgreementSharedSecretLength (uint8_t keyAgreementAlgo, uint8_t hashLength) |
bool_t | bzrtp_isKem (uint8_t keyAgreementAlgo) |
uint16_t | bzrtp_computeCommitMessageVariableLength (uint8_t keyAgreementAlgo) |
static int | bzrtp_getHashAlgoId (uint8_t hashAlgo) |
Convert the bzrtp hash id to its bctoolbox hash id. | |
bzrtp_KEMContext_t * | bzrtp_createKEMContext (uint8_t keyAgreementAlgo, uint8_t hashAlgo) |
int | bzrtp_KEM_generateKeyPair (bzrtp_KEMContext_t *ctx) |
int | bzrtp_KEM_getPublicKey (bzrtp_KEMContext_t *ctx, uint8_t *publicKey) |
int | bzrtp_KEM_getSharedSecret (bzrtp_KEMContext_t *ctx, uint8_t *sharedSecret) |
int | bzrtp_KEM_encaps (bzrtp_KEMContext_t *ctx, uint8_t *publicKey, uint8_t *cipherText) |
int | bzrtp_KEM_decaps (bzrtp_KEMContext_t *ctx, uint8_t *cipherText) |
int | bzrtp_destroyKEMContext (bzrtp_KEMContext_t *ctx) |
Variables | |
uint32_t | CRC32LookupTable [256] |
#define BITMASK_256_CHECK | ( | bitmask, | |
value | |||
) | (bitmask[value/BITS_PRO_INT] & 1 << (value % BITS_PRO_INT)) |
#define BITMASK_256_SET | ( | bitmask, | |
value | |||
) | bitmask[value/BITS_PRO_INT] |= 1 << (value % BITS_PRO_INT) |
#define BITMASK_256_SET_ZERO | ( | bitmask | ) | memset(bitmask, 0, sizeof(int)*BITMASK_256_SIZE) |
#define BITMASK_256_SIZE 256/BITS_PRO_INT |
#define BITMASK_256_UNSET | ( | bitmask, | |
value | |||
) | bitmask[value/BITS_PRO_INT] &= ~(1 << (value % BITS_PRO_INT)) |
#define BITS_PRO_INT 8*sizeof(int) |
Returns cipher text size in bytes for any supported KEM algo
[in] | keyAgreementAlgo |
Returns public key size in bytes for any supported KEM algo
[in] | keyAgreementAlgo |
void bzrtp_addMandatoryCryptoTypesIfNeeded | ( | uint8_t | algoType, |
uint8_t | algoTypes[7], | ||
uint8_t * | algoTypesCount | ||
) |
add mandatory crypto functions if they are not already included
[in] | algoType | mapped to defines, must be in [ZRTP_HASH_TYPE, ZRTP_CIPHERBLOCK_TYPE, ZRTP_AUTHTAG_TYPE, ZRTP_KEYAGREEMENT_TYPE or ZRTP_SAS_TYPE] |
[in,out] | algoTypes | mapped to uint8_t value of the 4 char strings giving the algo types as string according to rfc section 5.1.2 to 5.1.6 |
[in,out] | algoTypesCount | number of algo types |
Retrieve the list of available key agreements algorithms.
[in/out] | algos an array containing the list of available algorithms mapped on uint8 as defined in this header(ZRTP_KEYAGREEMENT_<ID>). Caller is responsible for the array allocation |
void bzrtp_base256 | ( | uint32_t | sas, |
char * | output, | ||
int | outputSize | ||
) |
SAS rendering from 32 bits to pgp word list Function defined in rfc section 5.1.6.
[in] | sas | The 32 bits SAS |
[out] | output | The output list. Passed in array must be at least 32 bytes |
[in] | outputSize | size of the ouput buffer |
void bzrtp_base32 | ( | uint32_t | sas, |
char * | output, | ||
int | outputSize | ||
) |
SAS rendering from 32 bits to 4 characters Function defined in rfc section 5.1.6.
[in] | sas | The 32 bits SAS |
[out] | output | The 4 chars string to be displayed to user for vocal confirmation |
[in] | outputSize | size of the ouput buffer |
Compute the variable size of data in a Commit message based on the given key agreement algorithm For DH types, it is the hvi size, for KEM types, it is the hvi size + public key size, for preShared or multistream the nonce size
[in] | keyAgreementAlgo | a key agreement algo mapped on a uint8_t |
uint16_t bzrtp_computeKeyAgreementPublicValueLength | ( | uint8_t | keyAgreementAlgo, |
uint8_t | messageTyoe | ||
) |
Return the public value(public key or ciphertext) length in bytes according to given key agreement algorithm and packet type packet type is used to determine public value type when in KEM mode:
[in] | keyAgreementAlgo | The key agreement algo mapped to an integer as defined in cryptoUtils.h |
[in] | messageType | MSGTYPE_COMMIT, MSGTYPE_DHPART1i or MSGTYPE_DHPART2: needed for KEM mode |
uint16_t bzrtp_computeKeyAgreementSharedSecretLength | ( | uint8_t | keyAgreementAlgo, |
uint8_t | hashLength | ||
) |
Return the shared secret size in bytes according to given key agreement algorithm
[in] | keyAgreementAlgo | The key agreement algo mapped to an integer as defined in cryptoUtils.h |
CRC32 as defined in RFC4960 Appendix B - Polynomial is 0x1EDC6F41.
CRC is computed in reverse bit mode (least significant bit first within each byte) reversed value of polynom (0x82F63B78) was used to compute the lookup table (source http://en.wikipedia.org/wiki/Cyclic_redundancy_check#Commonly_used_and_standardized_CRCs)
[in] | input | input data |
[in] | length | length of data in bytes |
bzrtp_KEMContext_t * bzrtp_createKEMContext | ( | uint8_t | keyAgreementAlgo, |
uint8_t | hashAlgo | ||
) |
Create the KEM context
[in] | keyAgreementAlgo | one of ZRTP_KEYAGREEMENT_KYB1, ZRTP_KEYAGREEMENT_KYB2, ZRTP_KEYAGREEMENT_KYB3, ZRTP_KEYAGREEMENT_HQC1, ZRTP_KEYAGREEMENT_HQC2, ZRTP_KEYAGREEMENT_HQC3, ZRTP_KEYAGREEMENT_K255_KYB512, ZRTP_KEYAGREEMENT_K255_HQC128, ZRTP_KEYAGREEMENT_K448_KYB1024, ZRTP_KEYAGREEMENT_K448_HQC256 ZRTP_KEYAGREEMENT_K255_KYB512_HQC128, ZRTP_KEYAGREEMENT_K448_KYB1024_HQC256, |
int bzrtp_cryptoAlgoAgreement | ( | bzrtpContext_t * | zrtpContext, |
bzrtpChannelContext_t * | zrtpChannelContext, | ||
bzrtpHelloMessage_t * | peerHelloMessage | ||
) |
select a key agreement algorithm from the one available in context and the one provided by peer in Hello Message as described in rfc section 4.1.2
[in] | zrtpContext | The context contains the list of available algo |
[out] | zrtpChannelContext | The bzrtp channel context to be updated |
[in] | peerHelloMessage | The peer hello message containing his set of available algos |
return 0 on succes, error code otherwise
Unmap the string description of algo type to an int defined in cryptoWrapper.h.
[in] | algoTypeInt | The integer algo type defined in crypoWrapper.h |
[in] | algoTypeString | The string code for the algorithm as defined in rfc 5.1.2 to 5.1.6 |
Map the string description of algo type to an int defined in cryptoWrapper.h.
[in] | algoType | A 4 chars string containing the algo type as listed in rfc sections 5.1.2 to 5.1.6 |
[in] | algoFamily | The integer mapped algo family (ZRTP_HASH_TYPE, ZRTP_CIPHERBLOCK_TYPE, ZRTP_AUTHTAG_TYPE, ZRTP_KEYAGREEMENT_TYPE or ZRTP_SAS_TYPE) |
int bzrtp_destroyKEMContext | ( | bzrtp_KEMContext_t * | ctx | ) |
Destroy a KEM context. Safely clean any secrets it may holding
[in] | ctx | a valid KEM context |
void bzrtp_DestroyKey | ( | uint8_t * | key, |
size_t | keyLength, | ||
void * | rngContext | ||
) |
Destroy a key by setting it to a random number Key is not freed, caller must deal with memory management. Does nothing if the key pointer is NULL.
[in,out] | key | The key to be destroyed |
[in] | keyLength | The keyLength in bytes |
[in] | rngContext | The context for RNG |
void bzrtp_destroyKeyMaterial | ( | bzrtpContext_t * | zrtpContext, |
bzrtpChannelContext_t * | zrtpChannelContext | ||
) |
Destroy all the key material of a channel context.
[in,out] | zrtpContext | The zrtp context |
[in,out] | zrtpChannelContext | The channel context |
|
static |
Convert the bzrtp hash id to its bctoolbox hash id.
[in] | hashAlgo | bzrtp hash id |
bool_t bzrtp_is_PQ_available | ( | void | ) |
check is Post Quantum algorithms are available
bool_t bzrtp_isKem | ( | uint8_t | keyAgreementAlgo | ) |
Check a given key agrement algorithm is a KEM or not
[in] | keyAgreementAlgo | a key agreement algo mapped on a uint8_t |
bool_t bzrtp_isPostQuantum | ( | uint8_t | keyAgreementAlgo | ) |
Check if the keyAgreementAlgo is a post quantum algorithm.
[in] | keyAgreementAlgo | The key agreement algorithm |
int bzrtp_KEM_decaps | ( | bzrtp_KEMContext_t * | ctx, |
uint8_t * | cipherText | ||
) |
Decapsulate a key, shared secret is stored in the context
[in] | ctx | a valid KEM context holding the secret Key needed to decapsulate |
[in] | cipherText | the encapsulated secret |
int bzrtp_KEM_encaps | ( | bzrtp_KEMContext_t * | ctx, |
uint8_t * | publicKey, | ||
uint8_t * | cipherText | ||
) |
Generate and encapsulate a secret given a public key, shared secret is stored in the context
[in] | ctx | a valid KEM context |
[in] | publicKey | the public key we want to encapsulate to |
[out] | cipherText | the encapsulated secret |
int bzrtp_KEM_generateKeyPair | ( | bzrtp_KEMContext_t * | ctx | ) |
Generate a key pair and store it in the context
int bzrtp_KEM_getPublicKey | ( | bzrtp_KEMContext_t * | ctx, |
uint8_t * | publicKey | ||
) |
Extract the public key from context
[in] | ctx | a valid KEM context |
[out] | publicKey | the key in this context. Data is copied in this buffer, caller must ensure it is the correct size |
int bzrtp_KEM_getSharedSecret | ( | bzrtp_KEMContext_t * | ctx, |
uint8_t * | sharedSecret | ||
) |
Extract the shared secret from context
[in] | ctx | a valid KEM context |
[out] | sharedSecret | the shared secret in this context. Data is copied in this buffer, caller must ensure it is the correct size |
|
static |
int bzrtp_keyDerivationFunction | ( | const uint8_t * | key, |
const size_t | keyLength, | ||
const uint8_t * | label, | ||
const size_t | labelLength, | ||
const uint8_t * | context, | ||
const size_t | contextLength, | ||
const uint8_t | hmacLength, | ||
void(*)(const uint8_t *, size_t, const uint8_t *, size_t, uint8_t, uint8_t *) | hmacFunction, | ||
uint8_t * | output | ||
) |
ZRTP Key Derivation Function as in rfc 4.5.1.
KDF(KI, Label, Context, L) = HMAC(KI, i || Label || 0x00 || Context || L) where
[in] | key | The key for HMAC |
[in] | keyLength | Length of the key in bytes |
[in] | label | A string to be included in the hash |
[in] | labelLength | Length of the label in bytes |
[in] | context | a context string for the key derivation |
[in] | contextLength | Length of the context string in bytes |
[in] | hmacLength | The output of the KDF is the HMAC truncated to the leftmost L bytes |
[in] | hmacFunction | The hashmac function to be used to compute the KDF |
[out] | output | A buffer to store the hmacLength bytes of output |
uint8_t bzrtp_selectCommonAlgo | ( | uint8_t | masterArray[7], |
uint8_t | masterArrayLength, | ||
uint8_t * | slaveArray, | ||
uint8_t | slaveArrayLength, | ||
uint8_t | commonArray[7] | ||
) |
Select common algorithm from the given array where algo are represented by their 4 chars string defined in rfc section 5.1.2 to 5.1.6 Master array is the one given the preference order All algo are designed by their uint8_t mapped values.
[in] | masterArray | The ordered available algo, result will follow this ordering |
[in] | masterArrayLength | Number of valids element in the master array |
[in] | slaveArray | The available algo, order is not taken in account |
[in] | slaveArrayLength | Number of valids element in the slave array |
[out] | commonArray | Common algorithms found, max size 7 |
int bzrtp_updateCryptoFunctionPointers | ( | bzrtpChannelContext_t * | zrtpChannelContext | ) |
Update context crypto function pointer according to related values of choosen algorithms fields (hashAlgo, cipherAlgo, etc..)
[in,out] | zrtpChannelContext | The bzrtp channel context to be updated |
Return available crypto functions. WARNING: this function can return more than 7 items, do not use it for something else than checking the values forced by bzrtp_setSupportedCryptoTypes
Return available crypto functions. If more than 7 are available, returns the 7 first
Return mandatory crypto functions. For now we have
uint32_t CRC32LookupTable[256] |