X-Git-Url: http://git.xonotic.org/?p=xonotic%2Fdarkplaces.git;a=blobdiff_plain;f=crypto.h;h=306134de96eeb2bb1c743e9cdd50dac05b72b0ea;hp=7b2b9921bca3c030b233834146beeeb0b2d60c87;hb=b99206803156d4bdfe4ce0c83a2db8f9486e09d4;hpb=927bd7b13c9a18fb07a8681c7483f632c7ea32f3 diff --git a/crypto.h b/crypto.h index 7b2b9921..306134de 100644 --- a/crypto.h +++ b/crypto.h @@ -1,8 +1,32 @@ +/* +Copyright (C) 2010-2015 Rudolf Polzer (divVerent) + +This program is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License +as published by the Free Software Foundation; either version 2 +of the License, or (at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +See the GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +*/ + #ifndef CRYPTO_H #define CRYPTO_H -extern cvar_t crypto_developer; -extern cvar_t crypto_aeslevel; +#include +#include "qtypes.h" +struct lhnetaddress_s; + +extern struct cvar_s crypto_developer; +extern struct cvar_s crypto_aeslevel; #define ENCRYPTION_REQUIRED (crypto_aeslevel.integer >= 3) extern int crypto_keyfp_recommended_length; // applies to LOCAL IDs, and to ALL keys @@ -11,8 +35,6 @@ extern int crypto_keyfp_recommended_length; // applies to LOCAL IDs, and to ALL // AES case causes 16 to 31 bytes overhead // SHA256 case causes 16 bytes overhead as we truncate to 128bit -#include "lhnet.h" - #define FP64_SIZE 44 #define DHKEY_SIZE 16 @@ -20,20 +42,22 @@ typedef struct { unsigned char dhkey[DHKEY_SIZE]; // shared key, not NUL terminated char client_idfp[FP64_SIZE+1]; - char client_keyfp[FP64_SIZE+1]; // NULL if signature fail + char client_keyfp[FP64_SIZE+1]; + qbool client_issigned; char server_idfp[FP64_SIZE+1]; - char server_keyfp[FP64_SIZE+1]; // NULL if signature fail - qboolean authenticated; - qboolean use_aes; + char server_keyfp[FP64_SIZE+1]; + qbool server_issigned; + qbool authenticated; + qbool use_aes; void *data; } crypto_t; void Crypto_Init(void); void Crypto_Init_Commands(void); -void Crypto_LoadKeys(void); +void Crypto_LoadKeys(void); // NOTE: when this is called, the SV_LockThreadMutex MUST be active void Crypto_Shutdown(void); -qboolean Crypto_Available(void); +qbool Crypto_Available(void); void sha256(unsigned char *out, const unsigned char *in, int n); // may ONLY be called if Crypto_Available() const void *Crypto_EncryptPacket(crypto_t *crypto, const void *data_src, size_t len_src, void *data_dst, size_t *len_dst, size_t len); const void *Crypto_DecryptPacket(crypto_t *crypto, const void *data_src, size_t len_src, void *data_dst, size_t *len_dst, size_t len); @@ -41,20 +65,20 @@ const void *Crypto_DecryptPacket(crypto_t *crypto, const void *data_src, size_t #define CRYPTO_MATCH 1 // process as usual (packet was used) #define CRYPTO_DISCARD 2 // discard this packet #define CRYPTO_REPLACE 3 // make the buffer the current packet -int Crypto_ClientParsePacket(const char *data_in, size_t len_in, char *data_out, size_t *len_out, lhnetaddress_t *peeraddress); -int Crypto_ServerParsePacket(const char *data_in, size_t len_in, char *data_out, size_t *len_out, lhnetaddress_t *peeraddress); +int Crypto_ClientParsePacket(const char *data_in, size_t len_in, char *data_out, size_t *len_out, struct lhnetaddress_s *peeraddress); +int Crypto_ServerParsePacket(const char *data_in, size_t len_in, char *data_out, size_t *len_out, struct lhnetaddress_s *peeraddress); // if len_out is nonzero, the packet is to be sent to the client -qboolean Crypto_ServerAppendToChallenge(const char *data_in, size_t len_in, char *data_out, size_t *len_out, size_t maxlen); -crypto_t *Crypto_ServerGetInstance(lhnetaddress_t *peeraddress); -qboolean Crypto_ServerFinishInstance(crypto_t *out, crypto_t *in); // also clears allocated memory +qbool Crypto_ServerAppendToChallenge(const char *data_in, size_t len_in, char *data_out, size_t *len_out, size_t maxlen); +crypto_t *Crypto_ServerGetInstance(struct lhnetaddress_s *peeraddress); +qbool Crypto_FinishInstance(crypto_t *out, crypto_t *in); // also clears allocated memory, and frees the instance received by ServerGetInstance const char *Crypto_GetInfoResponseDataString(void); // retrieves a host key for an address (can be exposed to menuqc, or used by the engine to look up stored keys e.g. for server bookmarking) // pointers may be NULL -qboolean Crypto_RetrieveHostKey(lhnetaddress_t *peeraddress, int *keyid, char *keyfp, size_t keyfplen, char *idfp, size_t idfplen, int *aeslevel); -int Crypto_RetrieveLocalKey(int keyid, char *keyfp, size_t keyfplen, char *idfp, size_t idfplen); // return value: -1 if more to come, +1 if valid, 0 if end of list +qbool Crypto_RetrieveHostKey(struct lhnetaddress_s *peeraddress, int *keyid, char *keyfp, size_t keyfplen, char *idfp, size_t idfplen, int *aeslevel, qbool *issigned); +int Crypto_RetrieveLocalKey(int keyid, char *keyfp, size_t keyfplen, char *idfp, size_t idfplen, qbool *issigned); // return value: -1 if more to come, +1 if valid, 0 if end of list size_t Crypto_SignData(const void *data, size_t datasize, int keyid, void *signed_data, size_t signed_size); size_t Crypto_SignDataDetached(const void *data, size_t datasize, int keyid, void *signed_data, size_t signed_size);