"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "include/h235/h235crypto.h" between
h323plus-1_26_9.tar.gz and h323plus-1_27_0.tar.gz

About: H.323 Plus offers libraries for voice (VoIP) and videoconferencing using H.323.

h235crypto.h  (h323plus-1_26_9):h235crypto.h  (h323plus-1_27_0)
/* /*
* h235crypto.h * h235crypto.h
* *
* H.235 crypto engine class. * H.235 crypto engine class.
* *
* H323Plus library * H323Plus library
* *
* Copyright (c) 2012-2013 Jan Willamowius * Copyright (c) 2012-2018 Jan Willamowius
* *
* The contents of this file are subject to the Mozilla Public License * The contents of this file are subject to the Mozilla Public License
* Version 1.1 (the "License"); you may not use this file except in * Version 1.1 (the "License"); you may not use this file except in
* compliance with the License. You may obtain a copy of the License at * compliance with the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/ * http://www.mozilla.org/MPL/
* *
* Alternatively, the contents of this file may be used under the terms * Alternatively, the contents of this file may be used under the terms
* of the General Public License (the "GNU License"), in which case the * of the General Public License (the "GNU License"), in which case the
* provisions of GNU License are applicable instead of those * provisions of GNU License are applicable instead of those
* above. If you wish to allow use of your version of this file only * above. If you wish to allow use of your version of this file only
skipping to change at line 47 skipping to change at line 47
#ifndef H235MEDIA_H #ifndef H235MEDIA_H
#define H235MEDIA_H #define H235MEDIA_H
#include <ptlib.h> #include <ptlib.h>
extern "C" { extern "C" {
#include <openssl/evp.h> #include <openssl/evp.h>
} }
// H.235.6 says no more than 2^62 blocks, Schneier says no more than 2^32 blocks in CBC mode // H.235.6 says no more than 2^62 blocks, Bruce Schneier says no more than 2^32 blocks in CBC mode
#define AES_KEY_LIMIT 4294967295U // 2^32-1 #define AES_KEY_LIMIT 4294967295U // 2^32-1
// helper routines not present in OpenSSL // helper routines not present in OpenSSL
int EVP_EncryptUpdate_cts(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, class H235CryptoHelper
const unsigned char *in, int inl); {
int EVP_EncryptFinal_cts(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); public:
int EVP_DecryptUpdate_cts(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, H235CryptoHelper();
const unsigned char *in, int inl);
int EVP_DecryptFinal_cts(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); void Reset();
int EVP_DecryptFinal_relaxed(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
; // Ciphertext stealing (CTS) methods
int EncryptUpdateCTS(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
int EncryptFinalCTS(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
int DecryptUpdateCTS(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
int DecryptFinalCTS(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
// Relaxed decryption that doesn't verify contents of the padding in the last
decrypted block
int DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
int DecryptFinalRelaxed(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
private:
H235CryptoHelper(H235CryptoHelper const&);
H235CryptoHelper& operator= (H235CryptoHelper const&);
// Encryption algorithm only used as part of the decryption implementation
int EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
private:
//! Saved partial block of input data
unsigned char buf[EVP_MAX_BLOCK_LENGTH];
//! Last processed block of output data
unsigned char final_buf[EVP_MAX_BLOCK_LENGTH];
//! Number of bytes in buf
int buf_len;
//! Indicates whether the final buffer is used
int final_used;
};
class H235CryptoEngine : public PObject class H235CryptoEngine : public PObject
{ {
PCLASSINFO(H235CryptoEngine, PObject); PCLASSINFO(H235CryptoEngine, PObject);
public: public:
/**@name Constructor */ /**@name Constructor */
//@{ //@{
/** Create a H.235 crypto engine /** Create a H.235 crypto engine
skipping to change at line 103 skipping to change at line 135
/** Decrypt In Place /** Decrypt In Place
*/ */
PINDEX DecryptInPlace(const BYTE * inData, PINDEX inLength, BYTE * outData, unsigned char * ivSequence, bool & rtpPadding); PINDEX DecryptInPlace(const BYTE * inData, PINDEX inLength, BYTE * outData, unsigned char * ivSequence, bool & rtpPadding);
/** Generate a random key of a size suitable for the alogorithm /** Generate a random key of a size suitable for the alogorithm
*/ */
PBYTEArray GenerateRandomKey(); // Use internal Algorithm and set PBYTEArray GenerateRandomKey(); // Use internal Algorithm and set
PBYTEArray GenerateRandomKey(const PString & algorithmOID); // Use assigned Algorithm PBYTEArray GenerateRandomKey(const PString & algorithmOID); // Use assigned Algorithm
PString GetAlgorithmOID() const { return m_algorithmOID; } PString GetAlgorithmOID() const { return m_algorithmOID; }
PBoolean IsMaxBlocksPerKeyReached() const { return m_operationCnt > AES_KEY_ LIMIT; } PBoolean IsMaxBlocksPerKeyReached() const { return m_operationCnt > AES_KEY_ LIMIT; }
void ResetBlockCount() { m_operationCnt = 0; } void ResetBlockCount() { m_operationCnt = 0; }
protected: protected:
static void SetIV(unsigned char * iv, unsigned char * ivSequence, unsigned i vLen); static void SetIV(unsigned char * iv, unsigned char * ivSequence, unsigned i vLen);
EVP_CIPHER_CTX m_encryptCtx, m_decryptCtx; EVP_CIPHER_CTX *m_encryptCtx, *m_decryptCtx;
H235CryptoHelper m_encryptHelper, m_decryptHelper;
PString m_algorithmOID; // eg. "2.16.840.1.101.3.4.1.2" PString m_algorithmOID; // eg. "2.16.840.1.101.3.4.1.2"
PUInt64 m_operationCnt; // 8 byte integer PUInt64 m_operationCnt; // 8 byte integer
PBoolean m_initialised; PBoolean m_initialised;
unsigned char m_iv[EVP_MAX_IV_LENGTH]; unsigned char m_iv[EVP_MAX_IV_LENGTH];
int m_enc_blockSize; int m_enc_blockSize;
int m_enc_ivLength; int m_enc_ivLength;
int m_dec_blockSize; int m_dec_blockSize;
int m_dec_ivLength; int m_dec_ivLength;
skipping to change at line 183 skipping to change at line 216
/** Write Frame /** Write Frame
*/ */
PBoolean WriteFrame(RTP_DataFrame & frame); PBoolean WriteFrame(RTP_DataFrame & frame);
/** Write Frame (Memory InPlace) /** Write Frame (Memory InPlace)
*/ */
PBoolean WriteFrameInPlace(RTP_DataFrame & frame); PBoolean WriteFrameInPlace(RTP_DataFrame & frame);
//@} //@}
PString GetAlgorithmOID() const { return m_context.GetAlgorithmOID(); } PString GetAlgorithmOID() const { return m_context.GetAlgorithmOID(); }
private: private:
H235_DiffieHellman & m_dh; H235_DiffieHellman & m_dh;
H235CryptoEngine m_context; /// Media encryption H235CryptoEngine m_context; /// Media encryption
H235CryptoEngine m_dhcontext; /// Media key encryption H235CryptoEngine m_dhcontext; /// Media key encryption
PBoolean m_isInitialised; /// Is Initialised PBoolean m_isInitialised; /// Is Initialised
PBoolean m_isMaster; PBoolean m_isMaster;
PBYTEArray m_crytoMasterKey; PBYTEArray m_crytoMasterKey;
int m_dhkeyLen; int m_dhkeyLen;
 End of changes. 6 change blocks. 
13 lines changed or deleted 46 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)