premiere-libtorrent/include/libtorrent/pe_crypto.hpp

306 lines
8.2 KiB
C++

/*
Copyright (c) 2007, Un Shyam
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the distribution.
* Neither the name of the author nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef TORRENT_DISABLE_ENCRYPTION
#ifndef TORRENT_PE_CRYPTO_HPP_INCLUDED
#define TORRENT_PE_CRYPTO_HPP_INCLUDED
#include "libtorrent/config.hpp"
#ifdef TORRENT_USE_GCRYPT
#include <gcrypt.h>
#elif defined TORRENT_USE_OPENSSL
#include <openssl/rc4.h>
#include <openssl/evp.h>
#include <openssl/aes.h>
#else
// RC4 state from libtomcrypt
struct rc4 {
int x, y;
unsigned char buf[256];
};
void TORRENT_EXPORT rc4_init(const unsigned char* in, unsigned long len, rc4 *state);
unsigned long TORRENT_EXPORT rc4_encrypt(unsigned char *out, unsigned long outlen, rc4 *state);
#endif
#include "libtorrent/peer_id.hpp" // For sha1_hash
#include "libtorrent/assert.hpp"
namespace libtorrent
{
class TORRENT_EXPORT dh_key_exchange
{
public:
dh_key_exchange();
bool good() const { return true; }
// Get local public key, always 96 bytes
char const* get_local_key() const;
// read remote_pubkey, generate and store shared secret in
// m_dh_shared_secret.
int compute_secret(const char* remote_pubkey);
char const* get_secret() const { return m_dh_shared_secret; }
sha1_hash const& get_hash_xor_mask() const { return m_xor_mask; }
private:
int get_local_key_size() const
{ return sizeof(m_dh_local_key); }
char m_dh_local_key[96];
char m_dh_local_secret[96];
char m_dh_shared_secret[96];
sha1_hash m_xor_mask;
};
struct encryption_handler
{
virtual void set_incoming_key(unsigned char const* key, int len) = 0;
virtual void set_outgoing_key(unsigned char const* key, int len) = 0;
virtual void encrypt(char* pos, int len) = 0;
virtual void decrypt(char* pos, int len) = 0;
virtual ~encryption_handler() {}
};
struct rc4_handler : encryption_handler
{
public:
// Input longkeys must be 20 bytes
rc4_handler()
: m_encrypt(false)
, m_decrypt(false)
{
#ifdef TORRENT_USE_GCRYPT
gcry_cipher_open(&m_rc4_incoming, GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM, 0);
gcry_cipher_open(&m_rc4_outgoing, GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM, 0);
#endif
};
void set_incoming_key(unsigned char const* key, int len)
{
m_decrypt = true;
#ifdef TORRENT_USE_GCRYPT
gcry_cipher_close(m_rc4_incoming);
gcry_cipher_open(&m_rc4_incoming, GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM, 0);
gcry_cipher_setkey(m_rc4_incoming, key, len);
#elif defined TORRENT_USE_OPENSSL
RC4_set_key(&m_remote_key, len, key);
#else
rc4_init(key, len, &m_rc4_incoming);
#endif
// Discard first 1024 bytes
char buf[1024];
decrypt(buf, 1024);
}
void set_outgoing_key(unsigned char const* key, int len)
{
m_encrypt = true;
#ifdef TORRENT_USE_GCRYPT
gcry_cipher_close(m_rc4_outgoing);
gcry_cipher_open(&m_rc4_outgoing, GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM, 0);
gcry_cipher_setkey(m_rc4_outgoing, key, len);
#elif defined TORRENT_USE_OPENSSL
RC4_set_key(&m_local_key, len, key);
#else
rc4_init(key, len, &m_rc4_outgoing);
#endif
// Discard first 1024 bytes
char buf[1024];
encrypt(buf, 1024);
}
~rc4_handler()
{
#ifdef TORRENT_USE_GCRYPT
gcry_cipher_close(m_rc4_incoming);
gcry_cipher_close(m_rc4_outgoing);
#endif
};
void encrypt(char* pos, int len)
{
if (!m_encrypt) return;
TORRENT_ASSERT(len >= 0);
TORRENT_ASSERT(pos);
#ifdef TORRENT_USE_GCRYPT
gcry_cipher_encrypt(m_rc4_outgoing, pos, len, 0, 0);
#elif defined TORRENT_USE_OPENSSL
RC4(&m_local_key, len, (const unsigned char*)pos, (unsigned char*)pos);
#else
rc4_encrypt((unsigned char*)pos, len, &m_rc4_outgoing);
#endif
}
void decrypt(char* pos, int len)
{
if (!m_decrypt) return;
TORRENT_ASSERT(len >= 0);
TORRENT_ASSERT(pos);
#ifdef TORRENT_USE_GCRYPT
gcry_cipher_decrypt(m_rc4_incoming, pos, len, 0, 0);
#elif defined TORRENT_USE_OPENSSL
RC4(&m_remote_key, len, (const unsigned char*)pos, (unsigned char*)pos);
#else
rc4_encrypt((unsigned char*)pos, len, &m_rc4_incoming);
#endif
}
private:
#ifdef TORRENT_USE_GCRYPT
gcry_cipher_hd_t m_rc4_incoming;
gcry_cipher_hd_t m_rc4_outgoing;
#elif defined TORRENT_USE_OPENSSL
RC4_KEY m_local_key; // Key to encrypt outgoing data
RC4_KEY m_remote_key; // Key to decrypt incoming data
#else
rc4 m_rc4_incoming;
rc4 m_rc4_outgoing;
#endif
// determines whether or not encryption and decryption is enabled
bool m_encrypt;
bool m_decrypt;
};
#ifdef TORRENT_USE_OPENSSL
struct aes256_handler : encryption_handler
{
aes256_handler() : m_enc_pos(0), m_dec_pos(0)
{
EVP_CIPHER_CTX_init(&m_enc);
EVP_CIPHER_CTX_init(&m_dec);
}
~aes256_handler()
{
EVP_CIPHER_CTX_cleanup(&m_enc);
EVP_CIPHER_CTX_cleanup(&m_dec);
}
void set_incoming_key(unsigned char const* in_key, int len)
{
const int nrounds = 5;
boost::uint8_t salt[8] = { 0xf1, 0x03, 0x46, 0xe2, 0xb1, 0xa8, 0x29, 0x63 };
boost::uint8_t key[32];
boost::uint8_t iv[32];
EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), salt, in_key, len, nrounds, key, iv);
TORRENT_ASSERT(len == 32);
EVP_EncryptInit_ex(&m_enc, EVP_aes_256_cbc(), NULL, key, iv);
// since we're using the AES as a stream cipher, both the encrypt and
// decrypt context will in fact only _encrypt_ stuff, so initializing
// this as encrypt is not a typo
EVP_EncryptInit_ex(&m_dec, EVP_aes_256_cbc(), NULL, key, iv);
m_enc_pos = 0;
m_dec_pos = 0;
std::memcpy(m_enc_state, iv, sizeof(m_enc_state));
std::memcpy(m_dec_state, iv, sizeof(m_enc_state));
}
void set_outgoing_key(unsigned char const* key, int len) { /* no-op */ }
void encrypt(char* pos, int len)
{
while (len > 0)
{
while (m_enc_pos < AES_BLOCK_SIZE && len > 0)
{
*pos ^= m_enc_state[m_enc_pos];
++m_enc_pos;
++pos;
--len;
}
if (m_enc_pos == AES_BLOCK_SIZE)
{
next_block(&m_enc, m_enc_state);
m_enc_pos = 0;
}
}
}
void decrypt(char* pos, int len)
{
while (len > 0)
{
while (m_dec_pos < AES_BLOCK_SIZE && len > 0)
{
*pos ^= m_dec_state[m_dec_pos];
++m_dec_pos;
++pos;
--len;
}
if (m_dec_pos == AES_BLOCK_SIZE)
{
next_block(&m_dec, m_dec_state);
m_dec_pos = 0;
}
}
}
private:
// we're turning the AES block-cipher into a stream cipher. This
// function will produce the next block in the sequence of
// block-sized buffers. We're using "Output feedback" (OFB) mode.
void next_block(EVP_CIPHER_CTX* ctx, boost::uint8_t* pad)
{
int outlen = AES_BLOCK_SIZE;
EVP_EncryptUpdate(ctx, pad, &outlen, pad, AES_BLOCK_SIZE);
TORRENT_ASSERT(outlen == AES_BLOCK_SIZE);
}
EVP_CIPHER_CTX m_enc;
EVP_CIPHER_CTX m_dec;
boost::uint8_t m_enc_state[AES_BLOCK_SIZE];
boost::uint8_t m_dec_state[AES_BLOCK_SIZE];
int m_enc_pos;
int m_dec_pos;
};
#endif // TORRENT_USE_OPENSSL
} // namespace libtorrent
#endif // TORRENT_PE_CRYPTO_HPP_INCLUDED
#endif // TORRENT_DISABLE_ENCRYPTION