From fd3381002564c87b85feb2d1947a588e8ca6fdf9 Mon Sep 17 00:00:00 2001 From: Dimitri Staessens Date: Fri, 29 Sep 2023 13:15:00 +0200 Subject: lib: Make crypt.c independent source file The cryptography functions were in a C source that was directly imported into dev.c, enabling ECDHE+AES256 symmetric key encryption on flows. Now crypt.c is an independent source file with associated crypt.h header, to prepare for security management and configuration in the IRMd. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders --- include/ouroboros/crypt.h | 56 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 include/ouroboros/crypt.h (limited to 'include') diff --git a/include/ouroboros/crypt.h b/include/ouroboros/crypt.h new file mode 100644 index 00000000..dd58d798 --- /dev/null +++ b/include/ouroboros/crypt.h @@ -0,0 +1,56 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2023 + * + * Cryptography + * + * Dimitri Staessens + * Sander Vrijders + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., http://www.fsf.org/about/contact/. + */ + +#ifndef OUROBOROS_LIB_CRYPT_H +#define OUROBOROS_LIB_CRYPT_H + +#include + +#define SYMMKEYSZ 32 + +struct crypt_info { + uint16_t flags; + void * ctx; + uint8_t key[SYMMKEYSZ]; +}; + +int crypt_dh_pkp_create(void ** pkp, + uint8_t * pk); + +void crypt_dh_pkp_destroy(void * pkp); + +int crypt_dh_derive(void * pkp, + uint8_t * pk, + size_t len, + uint8_t * s); + +int crypt_encrypt(struct crypt_info * info, + struct shm_du_buff * sdb); + +int crypt_decrypt(struct crypt_info * info, + struct shm_du_buff * sdb); + +int crypt_init(struct crypt_info * info); + +void crypt_fini(struct crypt_info * info); + +#endif /* OUROBOROS_LIB_CRYPT_H */ \ No newline at end of file -- cgit v1.2.3