Mixe for Privacy and Anonymity in the Internet
CASymCipherGCM.hpp
Go to the documentation of this file.
1 /*
2 Copyright (c) 2000, The JAP-Team
3 All rights reserved.
4 Redistribution and use in source and binary forms, with or without modification,
5 are permitted provided that the following conditions are met:
6 
7  - Redistributions of source code must retain the above copyright notice,
8  this list of conditions and the following disclaimer.
9 
10  - Redistributions in binary form must reproduce the above copyright notice,
11  this list of conditions and the following disclaimer in the documentation and/or
12  other materials provided with the distribution.
13 
14  - Neither the name of the University of Technology Dresden, Germany nor the names of its contributors
15  may be used to endorse or promote products derived from this software without specific
16  prior written permission.
17 
18 
19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS
20 OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21 AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS
22 BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
23 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
24 OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
25 IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE
27 */
28 #ifndef __CASYMCIPHERGCM__
29 #define __CASYMCIPHERGCM__
30 
31 #define KEY_SIZE 16
32 
33 #include "CALockAble.hpp"
34 #include "CAMutex.hpp"
38 class CASymCipherGCM
39 #if !defined ONLY_LOCAL_PROXY || defined INCLUDE_MIDDLE_MIX
40  :public CALockAble
41 #endif
42  {
43  public:
44  CASymCipherGCM()
45  {
46  m_bKeySet=false;
47 
48 
49  m_nEncMsgCounter = 0;
50  m_pEncMsgIV = new UINT32[3];
51  memset(m_pEncMsgIV, 0, 12);
52  m_nDecMsgCounter = 0;
53  m_pDecMsgIV = new UINT32[3];
54  memset(m_pDecMsgIV, 0, 12);
55 
56  m_pGCMCtxEnc = NULL;
57  m_pGCMCtxDec = NULL;
58 
59  m_pcsEnc = new CAMutex();
60  m_pcsDec = new CAMutex();
61  }
62 
63  ~CASymCipherGCM()
64  {
65 #ifndef ONLY_LOCAL_PROXY
66  waitForDestroy();
67 #endif
68 
69  delete [] m_pEncMsgIV;
70  m_pEncMsgIV = NULL;
71  delete [] m_pDecMsgIV;
72  m_pDecMsgIV = NULL;
73 
74 #ifndef USE_OPENSSL_GCM
75  delete m_pGCMCtxEnc;
76  delete m_pGCMCtxDec;
77 #else
78  CRYPTO_gcm128_release(m_pGCMCtxEnc);
79  CRYPTO_gcm128_release(m_pGCMCtxDec);
80 #endif
81 
82  m_pGCMCtxEnc = NULL;
83  m_pGCMCtxDec = NULL;
84 
85  delete m_pcsEnc;
86  m_pcsEnc = NULL;
87  delete m_pcsDec;
88  m_pcsDec = NULL;
89  }
90  bool isKeyValid()
91  {
92  return m_bKeySet;
93  }
94 
95  void setGCMKeys(UINT8* keyRecv, UINT8* keySend)
96  {
97 
98 #ifndef USE_OPENSSL_GCM
99  m_pGCMCtxEnc = new gcm_ctx_64k;
100  m_pGCMCtxDec = new gcm_ctx_64k;
101 #else
102  //Note the have to provide *some* key (OpenSSL API enforced --> so the use the variables we have anyway..)
103  // The Key will be overriden by a call to setKeyGCM in any case!
104  AES_set_encrypt_key(m_iv1, 128, m_keyAES1);
105  m_pGCMCtxEnc = CRYPTO_gcm128_new(m_keyAES1, (block128_f)AES_encrypt);
106  m_pGCMCtxDec = CRYPTO_gcm128_new(m_keyAES1, (block128_f)AES_encrypt);
107 #endif
108 
109 
110 
111 #ifndef USE_OPENSSL_GCM
112  if (m_pGCMCtxDec != NULL)
113  delete m_pGCMCtxDec;
114  if (m_pGCMCtxEnc != NULL)
115  delete m_pGCMCtxEnc;
116 
117  m_pGCMCtxEnc = new gcm_ctx_64k;
118  m_pGCMCtxDec = new gcm_ctx_64k;
119  gcm_init_64k(m_pGCMCtxEnc, keySend, 128);
120  gcm_init_64k(m_pGCMCtxDec, keyRecv, 128);
121 #else
122  AES_set_encrypt_key(keyRecv, 128, m_keyAES1);
123  AES_set_encrypt_key(keySend, 128, m_keyAES2);
124  CRYPTO_gcm128_release(m_pGCMCtxEnc);
125  CRYPTO_gcm128_release(m_pGCMCtxDec);
126  m_pGCMCtxEnc = CRYPTO_gcm128_new(m_keyAES2, (block128_f)AES_encrypt);
127  m_pGCMCtxDec = CRYPTO_gcm128_new(m_keyAES1, (block128_f)AES_encrypt);
128 #endif
129  //reset IV
130  m_nEncMsgCounter = 0;
131  memset(m_pEncMsgIV, 0, 12);
132  m_nDecMsgCounter = 0;
133  memset(m_pDecMsgIV, 0, 12);
134 
135  }
136  SINT32 encryptMessage(const UINT8* in, UINT32 inlen, UINT8* out)
137  {
138 #ifdef NO_ENCRYPTION
139  memmove(out, in, inlen);
140  return E_SUCCESS;
141 #endif
142 
143  //m_pcsEnc->lock();
144  m_pEncMsgIV[2] = htonl(m_nEncMsgCounter);
145  m_nEncMsgCounter++;
146 #ifndef USE_OPENSSL_GCM
147  gcm_encrypt_64k(m_pGCMCtxEnc, m_pEncMsgIV, in, inlen, out, (UINT32*)(out + inlen));
148 #else
149  CRYPTO_gcm128_setiv(m_pGCMCtxEnc, (UINT8*)m_pEncMsgIV, 12);
150  CRYPTO_gcm128_encrypt(m_pGCMCtxEnc, in, out, inlen);
151  CRYPTO_gcm128_tag(m_pGCMCtxEnc, out + inlen, 16);
152 #endif
153  //m_pcsEnc->unlock();
154  return E_SUCCESS;
155  }
156  SINT32 decryptMessage(const UINT8* in, UINT32 inlen, UINT8* out, bool integrityCheck)
157  {
158 #ifdef NO_ENCRYPTION
159  memmove(out, in, inlen);
160  return E_SUCCESS;
161 #endif
162 
163  SINT32 ret = E_UNKNOWN;
164  //m_pcsDec->lock();
165  m_pDecMsgIV[2] = htonl(m_nDecMsgCounter);
166  if (integrityCheck)
167  {
168  m_nDecMsgCounter++;
169 #ifndef USE_OPENSSL_GCM
170  ret = ::gcm_decrypt_64k(m_pGCMCtxDec, m_pDecMsgIV, in, inlen - 16, in + inlen - 16, out);
171 #else
172  CRYPTO_gcm128_setiv(m_pGCMCtxDec, (UINT8*)m_pDecMsgIV, 12);
173  CRYPTO_gcm128_decrypt(m_pGCMCtxDec, in, out, inlen - 16);
174  ret = CRYPTO_gcm128_finish(m_pGCMCtxDec, in + inlen - 16, 16);
175 #endif
176  }
177  else
178  {
179 #ifndef USE_OPENSSL_GCM
180  ret = ::gcm_decrypt_64k(m_pGCMCtxDec, m_pDecMsgIV, in, inlen, out);
181 #else
182  CRYPTO_gcm128_setiv(m_pGCMCtxDec, (UINT8*)m_pDecMsgIV, 12);
183  ret = CRYPTO_gcm128_decrypt(m_pGCMCtxDec, in, out, inlen);
184 #endif
185  }
186  //m_pcsDec->unlock();
187 #ifndef USE_OPENSSL_GCM
188  if (ret == 0)
189 #else
190  if (ret != 0)
191 #endif
192  return E_UNKNOWN;
193  return E_SUCCESS;
194 
195  }
196 
197 
198  private:
199  CAMutex* m_pcsEnc;
200  CAMutex* m_pcsDec;
201 #ifndef USE_OPENSSL_GCM
202  gcm_ctx_64k* m_pGCMCtxEnc;
203  gcm_ctx_64k* m_pGCMCtxDec;
204 #else
205  GCM128_CONTEXT* m_pGCMCtxEnc;
206  GCM128_CONTEXT* m_pGCMCtxDec;
207 #endif
208  UINT32 m_nEncMsgCounter;
209  UINT32* m_pEncMsgIV;
210  UINT32 m_nDecMsgCounter;
211  UINT32* m_pDecMsgIV;
212 
213  protected:
214  bool m_bKeySet;
215  };
216 
217 #endif
INCLUDE_MIDDLE_MIX
#define INCLUDE_MIDDLE_MIX
Definition: StdAfx.h:276
SINT32
signed int SINT32
Definition: basetypedefs.h:132
UINT8
unsigned char UINT8
Definition: basetypedefs.h:135
UINT32
unsigned int UINT32
Definition: basetypedefs.h:131
CALockAble
From this class other classes could be derived, which need some kind from "locking" in memory.
Definition: CALockAble.hpp:41
CALockAble::waitForDestroy
SINT32 waitForDestroy()
If called checks if the reference counter equals zero.
Definition: CALockAble.hpp:82
CASymCipherGCM
This class could be used for encryption/decryption of data (streams) with AES using 128bit GCM mode.
Definition: CASymCipherGCM.hpp:42
CASymCipherGCM::setGCMKeys
void setGCMKeys(UINT8 *keyRecv, UINT8 *keySend)
Definition: CASymCipherGCM.hpp:95
CASymCipherGCM::m_pGCMCtxDec
gcm_ctx_64k * m_pGCMCtxDec
Definition: CASymCipherGCM.hpp:203
CASymCipherGCM::m_pGCMCtxEnc
gcm_ctx_64k * m_pGCMCtxEnc
Definition: CASymCipherGCM.hpp:202
CASymCipherGCM::encryptMessage
SINT32 encryptMessage(const UINT8 *in, UINT32 inlen, UINT8 *out)
Definition: CASymCipherGCM.hpp:136
CASymCipherGCM::decryptMessage
SINT32 decryptMessage(const UINT8 *in, UINT32 inlen, UINT8 *out, bool integrityCheck)
Definition: CASymCipherGCM.hpp:156
E_SUCCESS
const SINT32 E_SUCCESS
Definition: errorcodes.hpp:2
E_UNKNOWN
#define E_UNKNOWN
Definition: errorcodes.hpp:3
Generated on Sat Jul 22 2023 00:20:12 for Mixe for Privacy and Anonymity in the Internet by doxygen 1.9.1