1*90e502c7SAndroid Build Coastguard Worker /* 2*90e502c7SAndroid Build Coastguard Worker * crypto_kernel.h 3*90e502c7SAndroid Build Coastguard Worker * 4*90e502c7SAndroid Build Coastguard Worker * header for the cryptographic kernel 5*90e502c7SAndroid Build Coastguard Worker * 6*90e502c7SAndroid Build Coastguard Worker * David A. McGrew 7*90e502c7SAndroid Build Coastguard Worker * Cisco Systems, Inc. 8*90e502c7SAndroid Build Coastguard Worker */ 9*90e502c7SAndroid Build Coastguard Worker /* 10*90e502c7SAndroid Build Coastguard Worker * 11*90e502c7SAndroid Build Coastguard Worker * Copyright(c) 2001-2017 Cisco Systems, Inc. 12*90e502c7SAndroid Build Coastguard Worker * All rights reserved. 13*90e502c7SAndroid Build Coastguard Worker * 14*90e502c7SAndroid Build Coastguard Worker * Redistribution and use in source and binary forms, with or without 15*90e502c7SAndroid Build Coastguard Worker * modification, are permitted provided that the following conditions 16*90e502c7SAndroid Build Coastguard Worker * are met: 17*90e502c7SAndroid Build Coastguard Worker * 18*90e502c7SAndroid Build Coastguard Worker * Redistributions of source code must retain the above copyright 19*90e502c7SAndroid Build Coastguard Worker * notice, this list of conditions and the following disclaimer. 20*90e502c7SAndroid Build Coastguard Worker * 21*90e502c7SAndroid Build Coastguard Worker * Redistributions in binary form must reproduce the above 22*90e502c7SAndroid Build Coastguard Worker * copyright notice, this list of conditions and the following 23*90e502c7SAndroid Build Coastguard Worker * disclaimer in the documentation and/or other materials provided 24*90e502c7SAndroid Build Coastguard Worker * with the distribution. 25*90e502c7SAndroid Build Coastguard Worker * 26*90e502c7SAndroid Build Coastguard Worker * Neither the name of the Cisco Systems, Inc. nor the names of its 27*90e502c7SAndroid Build Coastguard Worker * contributors may be used to endorse or promote products derived 28*90e502c7SAndroid Build Coastguard Worker * from this software without specific prior written permission. 29*90e502c7SAndroid Build Coastguard Worker * 30*90e502c7SAndroid Build Coastguard Worker * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 31*90e502c7SAndroid Build Coastguard Worker * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 32*90e502c7SAndroid Build Coastguard Worker * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 33*90e502c7SAndroid Build Coastguard Worker * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 34*90e502c7SAndroid Build Coastguard Worker * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 35*90e502c7SAndroid Build Coastguard Worker * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 36*90e502c7SAndroid Build Coastguard Worker * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 37*90e502c7SAndroid Build Coastguard Worker * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 38*90e502c7SAndroid Build Coastguard Worker * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 39*90e502c7SAndroid Build Coastguard Worker * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 40*90e502c7SAndroid Build Coastguard Worker * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 41*90e502c7SAndroid Build Coastguard Worker * OF THE POSSIBILITY OF SUCH DAMAGE. 42*90e502c7SAndroid Build Coastguard Worker * 43*90e502c7SAndroid Build Coastguard Worker */ 44*90e502c7SAndroid Build Coastguard Worker 45*90e502c7SAndroid Build Coastguard Worker #ifndef CRYPTO_KERNEL 46*90e502c7SAndroid Build Coastguard Worker #define CRYPTO_KERNEL 47*90e502c7SAndroid Build Coastguard Worker 48*90e502c7SAndroid Build Coastguard Worker #include "cipher.h" 49*90e502c7SAndroid Build Coastguard Worker #include "auth.h" 50*90e502c7SAndroid Build Coastguard Worker #include "err.h" 51*90e502c7SAndroid Build Coastguard Worker #include "crypto_types.h" 52*90e502c7SAndroid Build Coastguard Worker #include "key.h" 53*90e502c7SAndroid Build Coastguard Worker 54*90e502c7SAndroid Build Coastguard Worker #ifdef __cplusplus 55*90e502c7SAndroid Build Coastguard Worker extern "C" { 56*90e502c7SAndroid Build Coastguard Worker #endif 57*90e502c7SAndroid Build Coastguard Worker 58*90e502c7SAndroid Build Coastguard Worker /* 59*90e502c7SAndroid Build Coastguard Worker * crypto_kernel_state_t defines the possible states: 60*90e502c7SAndroid Build Coastguard Worker * 61*90e502c7SAndroid Build Coastguard Worker * insecure - not yet initialized 62*90e502c7SAndroid Build Coastguard Worker * secure - initialized and passed self-tests 63*90e502c7SAndroid Build Coastguard Worker */ 64*90e502c7SAndroid Build Coastguard Worker typedef enum { 65*90e502c7SAndroid Build Coastguard Worker srtp_crypto_kernel_state_insecure, 66*90e502c7SAndroid Build Coastguard Worker srtp_crypto_kernel_state_secure 67*90e502c7SAndroid Build Coastguard Worker } srtp_crypto_kernel_state_t; 68*90e502c7SAndroid Build Coastguard Worker 69*90e502c7SAndroid Build Coastguard Worker /* 70*90e502c7SAndroid Build Coastguard Worker * linked list of cipher types 71*90e502c7SAndroid Build Coastguard Worker */ 72*90e502c7SAndroid Build Coastguard Worker typedef struct srtp_kernel_cipher_type { 73*90e502c7SAndroid Build Coastguard Worker srtp_cipher_type_id_t id; 74*90e502c7SAndroid Build Coastguard Worker const srtp_cipher_type_t *cipher_type; 75*90e502c7SAndroid Build Coastguard Worker struct srtp_kernel_cipher_type *next; 76*90e502c7SAndroid Build Coastguard Worker } srtp_kernel_cipher_type_t; 77*90e502c7SAndroid Build Coastguard Worker 78*90e502c7SAndroid Build Coastguard Worker /* 79*90e502c7SAndroid Build Coastguard Worker * linked list of auth types 80*90e502c7SAndroid Build Coastguard Worker */ 81*90e502c7SAndroid Build Coastguard Worker typedef struct srtp_kernel_auth_type { 82*90e502c7SAndroid Build Coastguard Worker srtp_auth_type_id_t id; 83*90e502c7SAndroid Build Coastguard Worker const srtp_auth_type_t *auth_type; 84*90e502c7SAndroid Build Coastguard Worker struct srtp_kernel_auth_type *next; 85*90e502c7SAndroid Build Coastguard Worker } srtp_kernel_auth_type_t; 86*90e502c7SAndroid Build Coastguard Worker 87*90e502c7SAndroid Build Coastguard Worker /* 88*90e502c7SAndroid Build Coastguard Worker * linked list of debug modules 89*90e502c7SAndroid Build Coastguard Worker */ 90*90e502c7SAndroid Build Coastguard Worker typedef struct srtp_kernel_debug_module { 91*90e502c7SAndroid Build Coastguard Worker srtp_debug_module_t *mod; 92*90e502c7SAndroid Build Coastguard Worker struct srtp_kernel_debug_module *next; 93*90e502c7SAndroid Build Coastguard Worker } srtp_kernel_debug_module_t; 94*90e502c7SAndroid Build Coastguard Worker 95*90e502c7SAndroid Build Coastguard Worker /* 96*90e502c7SAndroid Build Coastguard Worker * crypto_kernel_t is the data structure for the crypto kernel 97*90e502c7SAndroid Build Coastguard Worker * 98*90e502c7SAndroid Build Coastguard Worker * note that there is *exactly one* instance of this data type, 99*90e502c7SAndroid Build Coastguard Worker * a global variable defined in crypto_kernel.c 100*90e502c7SAndroid Build Coastguard Worker */ 101*90e502c7SAndroid Build Coastguard Worker typedef struct { 102*90e502c7SAndroid Build Coastguard Worker srtp_crypto_kernel_state_t state; /* current state of kernel */ 103*90e502c7SAndroid Build Coastguard Worker srtp_kernel_cipher_type_t *cipher_type_list; /* list of all cipher types */ 104*90e502c7SAndroid Build Coastguard Worker srtp_kernel_auth_type_t *auth_type_list; /* list of all auth func types */ 105*90e502c7SAndroid Build Coastguard Worker srtp_kernel_debug_module_t 106*90e502c7SAndroid Build Coastguard Worker *debug_module_list; /* list of all debug modules */ 107*90e502c7SAndroid Build Coastguard Worker } srtp_crypto_kernel_t; 108*90e502c7SAndroid Build Coastguard Worker 109*90e502c7SAndroid Build Coastguard Worker /* 110*90e502c7SAndroid Build Coastguard Worker * srtp_crypto_kernel_t external api 111*90e502c7SAndroid Build Coastguard Worker */ 112*90e502c7SAndroid Build Coastguard Worker 113*90e502c7SAndroid Build Coastguard Worker /* 114*90e502c7SAndroid Build Coastguard Worker * The function srtp_crypto_kernel_init() initialized the crypto kernel and 115*90e502c7SAndroid Build Coastguard Worker * runs the self-test operations on the random number generators and 116*90e502c7SAndroid Build Coastguard Worker * crypto algorithms. Possible return values are: 117*90e502c7SAndroid Build Coastguard Worker * 118*90e502c7SAndroid Build Coastguard Worker * srtp_err_status_ok initialization successful 119*90e502c7SAndroid Build Coastguard Worker * <other> init failure 120*90e502c7SAndroid Build Coastguard Worker * 121*90e502c7SAndroid Build Coastguard Worker * If any value other than srtp_err_status_ok is returned, the 122*90e502c7SAndroid Build Coastguard Worker * crypto_kernel MUST NOT be used. 123*90e502c7SAndroid Build Coastguard Worker */ 124*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_crypto_kernel_init(void); 125*90e502c7SAndroid Build Coastguard Worker 126*90e502c7SAndroid Build Coastguard Worker /* 127*90e502c7SAndroid Build Coastguard Worker * The function srtp_crypto_kernel_shutdown() de-initializes the 128*90e502c7SAndroid Build Coastguard Worker * crypto_kernel, zeroizes keys and other cryptographic material, and 129*90e502c7SAndroid Build Coastguard Worker * deallocates any dynamically allocated memory. Possible return 130*90e502c7SAndroid Build Coastguard Worker * values are: 131*90e502c7SAndroid Build Coastguard Worker * 132*90e502c7SAndroid Build Coastguard Worker * srtp_err_status_ok shutdown successful 133*90e502c7SAndroid Build Coastguard Worker * <other> shutdown failure 134*90e502c7SAndroid Build Coastguard Worker * 135*90e502c7SAndroid Build Coastguard Worker */ 136*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_crypto_kernel_shutdown(void); 137*90e502c7SAndroid Build Coastguard Worker 138*90e502c7SAndroid Build Coastguard Worker /* 139*90e502c7SAndroid Build Coastguard Worker * The function srtp_crypto_kernel_stats() checks the the crypto_kernel, 140*90e502c7SAndroid Build Coastguard Worker * running tests on the ciphers, auth funcs, and rng, and prints out a 141*90e502c7SAndroid Build Coastguard Worker * status report. Possible return values are: 142*90e502c7SAndroid Build Coastguard Worker * 143*90e502c7SAndroid Build Coastguard Worker * srtp_err_status_ok all tests were passed 144*90e502c7SAndroid Build Coastguard Worker * <other> a test failed 145*90e502c7SAndroid Build Coastguard Worker * 146*90e502c7SAndroid Build Coastguard Worker */ 147*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_crypto_kernel_status(void); 148*90e502c7SAndroid Build Coastguard Worker 149*90e502c7SAndroid Build Coastguard Worker /* 150*90e502c7SAndroid Build Coastguard Worker * srtp_crypto_kernel_list_debug_modules() outputs a list of debugging modules 151*90e502c7SAndroid Build Coastguard Worker * 152*90e502c7SAndroid Build Coastguard Worker */ 153*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_crypto_kernel_list_debug_modules(void); 154*90e502c7SAndroid Build Coastguard Worker 155*90e502c7SAndroid Build Coastguard Worker /* 156*90e502c7SAndroid Build Coastguard Worker * srtp_crypto_kernel_load_cipher_type() 157*90e502c7SAndroid Build Coastguard Worker * 158*90e502c7SAndroid Build Coastguard Worker */ 159*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_crypto_kernel_load_cipher_type( 160*90e502c7SAndroid Build Coastguard Worker const srtp_cipher_type_t *ct, 161*90e502c7SAndroid Build Coastguard Worker srtp_cipher_type_id_t id); 162*90e502c7SAndroid Build Coastguard Worker 163*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_crypto_kernel_load_auth_type(const srtp_auth_type_t *ct, 164*90e502c7SAndroid Build Coastguard Worker srtp_auth_type_id_t id); 165*90e502c7SAndroid Build Coastguard Worker 166*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_crypto_kernel_load_debug_module( 167*90e502c7SAndroid Build Coastguard Worker srtp_debug_module_t *new_dm); 168*90e502c7SAndroid Build Coastguard Worker 169*90e502c7SAndroid Build Coastguard Worker /* 170*90e502c7SAndroid Build Coastguard Worker * srtp_crypto_kernel_alloc_cipher(id, cp, key_len); 171*90e502c7SAndroid Build Coastguard Worker * 172*90e502c7SAndroid Build Coastguard Worker * allocates a cipher of type id at location *cp, with key length 173*90e502c7SAndroid Build Coastguard Worker * key_len octets. Return values are: 174*90e502c7SAndroid Build Coastguard Worker * 175*90e502c7SAndroid Build Coastguard Worker * srtp_err_status_ok no problems 176*90e502c7SAndroid Build Coastguard Worker * srtp_err_status_alloc_fail an allocation failure occured 177*90e502c7SAndroid Build Coastguard Worker * srtp_err_status_fail couldn't find cipher with identifier 'id' 178*90e502c7SAndroid Build Coastguard Worker */ 179*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_crypto_kernel_alloc_cipher(srtp_cipher_type_id_t id, 180*90e502c7SAndroid Build Coastguard Worker srtp_cipher_pointer_t *cp, 181*90e502c7SAndroid Build Coastguard Worker int key_len, 182*90e502c7SAndroid Build Coastguard Worker int tag_len); 183*90e502c7SAndroid Build Coastguard Worker 184*90e502c7SAndroid Build Coastguard Worker /* 185*90e502c7SAndroid Build Coastguard Worker * srtp_crypto_kernel_alloc_auth(id, ap, key_len, tag_len); 186*90e502c7SAndroid Build Coastguard Worker * 187*90e502c7SAndroid Build Coastguard Worker * allocates an auth function of type id at location *ap, with key 188*90e502c7SAndroid Build Coastguard Worker * length key_len octets and output tag length of tag_len. Return 189*90e502c7SAndroid Build Coastguard Worker * values are: 190*90e502c7SAndroid Build Coastguard Worker * 191*90e502c7SAndroid Build Coastguard Worker * srtp_err_status_ok no problems 192*90e502c7SAndroid Build Coastguard Worker * srtp_err_status_alloc_fail an allocation failure occured 193*90e502c7SAndroid Build Coastguard Worker * srtp_err_status_fail couldn't find auth with identifier 'id' 194*90e502c7SAndroid Build Coastguard Worker */ 195*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_crypto_kernel_alloc_auth(srtp_auth_type_id_t id, 196*90e502c7SAndroid Build Coastguard Worker srtp_auth_pointer_t *ap, 197*90e502c7SAndroid Build Coastguard Worker int key_len, 198*90e502c7SAndroid Build Coastguard Worker int tag_len); 199*90e502c7SAndroid Build Coastguard Worker 200*90e502c7SAndroid Build Coastguard Worker /* 201*90e502c7SAndroid Build Coastguard Worker * srtp_crypto_kernel_set_debug_module(mod_name, v) 202*90e502c7SAndroid Build Coastguard Worker * 203*90e502c7SAndroid Build Coastguard Worker * sets dynamic debugging to the value v (0 for off, 1 for on) for the 204*90e502c7SAndroid Build Coastguard Worker * debug module with the name mod_name 205*90e502c7SAndroid Build Coastguard Worker * 206*90e502c7SAndroid Build Coastguard Worker * returns srtp_err_status_ok on success, srtp_err_status_fail otherwise 207*90e502c7SAndroid Build Coastguard Worker */ 208*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_crypto_kernel_set_debug_module(const char *mod_name, 209*90e502c7SAndroid Build Coastguard Worker int v); 210*90e502c7SAndroid Build Coastguard Worker 211*90e502c7SAndroid Build Coastguard Worker #ifdef __cplusplus 212*90e502c7SAndroid Build Coastguard Worker } 213*90e502c7SAndroid Build Coastguard Worker #endif 214*90e502c7SAndroid Build Coastguard Worker 215*90e502c7SAndroid Build Coastguard Worker #endif /* CRYPTO_KERNEL */ 216