98 lines
3.8 KiB
C++
98 lines
3.8 KiB
C++
/*
|
|
Copyright (c) 2009-2010 Christopher A. Taylor. All rights reserved.
|
|
|
|
Redistribution and use in source and binary forms, with or without
|
|
modification, are permitted provided that the following conditions are met:
|
|
|
|
* Redistributions of source code must retain the above copyright notice,
|
|
this list of conditions and the following disclaimer.
|
|
* Redistributions in binary form must reproduce the above copyright notice,
|
|
this list of conditions and the following disclaimer in the documentation
|
|
and/or other materials provided with the distribution.
|
|
* Neither the name of LibCat nor the names of its contributors may be used
|
|
to endorse or promote products derived from this software without
|
|
specific prior written permission.
|
|
|
|
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
|
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
|
|
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
POSSIBILITY OF SUCH DAMAGE.
|
|
*/
|
|
|
|
#ifndef CAT_KEY_AGREEMENT_RESPONDER_HPP
|
|
#define CAT_KEY_AGREEMENT_RESPONDER_HPP
|
|
|
|
#include <cat/crypt/tunnel/KeyAgreement.hpp>
|
|
#include <cat/crypt/tunnel/AuthenticatedEncryption.hpp>
|
|
#include <cat/threads/Atomic.hpp>
|
|
|
|
#if defined(CAT_NO_ATOMIC_ADD) || defined(CAT_NO_ATOMIC_SET)
|
|
# include <cat/threads/Mutex.hpp>
|
|
# define CAT_NO_ATOMIC_RESPONDER
|
|
#endif
|
|
|
|
namespace cat {
|
|
|
|
|
|
class CAT_EXPORT KeyAgreementResponder : public KeyAgreementCommon
|
|
{
|
|
Leg *b; // Responder's private key (kept secret)
|
|
Leg *B; // Responder's public key (pre-shared with initiator)
|
|
Leg *B_neutral; // Endian-neutral B
|
|
Leg *G_MultPrecomp; // 8-bit table for multiplication
|
|
Leg *y[2]; // Responder's ephemeral private key (kept secret)
|
|
Leg *Y_neutral[2]; // Responder's ephemeral public key (shared online with initiator)
|
|
|
|
#if defined(CAT_NO_ATOMIC_RESPONDER)
|
|
Mutex m_thread_id_mutex;
|
|
#endif // CAT_NO_ATOMIC_RESPONDER
|
|
|
|
volatile u32 ChallengeCount;
|
|
volatile u32 ActiveY;
|
|
|
|
void Rekey(BigTwistedEdwards *math, FortunaOutput *csprng);
|
|
bool AllocateMemory();
|
|
void FreeMemory();
|
|
|
|
public:
|
|
KeyAgreementResponder();
|
|
~KeyAgreementResponder();
|
|
|
|
bool Initialize(BigTwistedEdwards *math, FortunaOutput *csprng,
|
|
const u8 *responder_public_key, int public_bytes,
|
|
const u8 *responder_private_key, int private_bytes);
|
|
|
|
public:
|
|
bool ProcessChallenge(BigTwistedEdwards *math, FortunaOutput *csprng,
|
|
const u8 *initiator_challenge, int challenge_bytes,
|
|
u8 *responder_answer, int answer_bytes, Skein *key_hash);
|
|
|
|
inline bool KeyEncryption(Skein *key_hash, AuthenticatedEncryption *auth_enc, const char *key_name)
|
|
{
|
|
return auth_enc->SetKey(KeyBytes, key_hash, false, key_name);
|
|
}
|
|
|
|
// Public key is filled if proof succeeds, and will return true
|
|
bool VerifyInitiatorIdentity(BigTwistedEdwards *math,
|
|
const u8 *responder_answer, int answer_bytes,
|
|
const u8 *proof, int proof_bytes,
|
|
u8 *public_key, int public_bytes);
|
|
|
|
public:
|
|
bool Sign(BigTwistedEdwards *math, FortunaOutput *csprng,
|
|
const u8 *message, int message_bytes,
|
|
u8 *signature, int signature_bytes);
|
|
};
|
|
|
|
|
|
} // namespace cat
|
|
|
|
#endif // CAT_KEY_AGREEMENT_RESPONDER_HPP
|