aboutsummaryrefslogtreecommitdiff
path: root/plugins/crypto-vala/src
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/crypto-vala/src')
-rw-r--r--plugins/crypto-vala/src/cipher.vala152
-rw-r--r--plugins/crypto-vala/src/cipher_converter.vala102
-rw-r--r--plugins/crypto-vala/src/error.vala15
-rw-r--r--plugins/crypto-vala/src/random.vala5
-rw-r--r--plugins/crypto-vala/src/srtp.vala122
5 files changed, 0 insertions, 396 deletions
diff --git a/plugins/crypto-vala/src/cipher.vala b/plugins/crypto-vala/src/cipher.vala
deleted file mode 100644
index 306dafa8..00000000
--- a/plugins/crypto-vala/src/cipher.vala
+++ /dev/null
@@ -1,152 +0,0 @@
-namespace Crypto {
-public class SymmetricCipher {
- private GCrypt.Cipher.Cipher cipher;
-
- public static bool supports(string algo_name) {
- GCrypt.Cipher.Algorithm algo;
- GCrypt.Cipher.Mode mode;
- GCrypt.Cipher.Flag flags;
- return parse(algo_name, out algo, out mode, out flags);
- }
-
- private static unowned string mode_to_string(GCrypt.Cipher.Mode mode) {
- switch (mode) {
- case GCrypt.Cipher.Mode.ECB: return "ECB";
- case GCrypt.Cipher.Mode.CFB: return "CFB";
- case GCrypt.Cipher.Mode.CBC: return "CBC";
- case GCrypt.Cipher.Mode.STREAM: return "STREAM";
- case GCrypt.Cipher.Mode.OFB: return "OFB";
- case GCrypt.Cipher.Mode.CTR: return "CTR";
- case GCrypt.Cipher.Mode.AESWRAP: return "AESWRAP";
- case GCrypt.Cipher.Mode.GCM: return "GCM";
- case GCrypt.Cipher.Mode.POLY1305: return "POLY1305";
- case GCrypt.Cipher.Mode.OCB: return "OCB";
- case GCrypt.Cipher.Mode.CFB8: return "CFB8";
- // case GCrypt.Cipher.Mode.XTS: return "XTS"; // Not supported in gcrypt < 1.8
- }
- return "NONE";
- }
-
- private static GCrypt.Cipher.Mode mode_from_string(string name) {
- switch (name) {
- case "ECB": return GCrypt.Cipher.Mode.ECB;
- case "CFB": return GCrypt.Cipher.Mode.CFB;
- case "CBC": return GCrypt.Cipher.Mode.CBC;
- case "STREAM": return GCrypt.Cipher.Mode.STREAM;
- case "OFB": return GCrypt.Cipher.Mode.OFB;
- case "CTR": return GCrypt.Cipher.Mode.CTR;
- case "AESWRAP": return GCrypt.Cipher.Mode.AESWRAP;
- case "GCM": return GCrypt.Cipher.Mode.GCM;
- case "POLY1305": return GCrypt.Cipher.Mode.POLY1305;
- case "OCB": return GCrypt.Cipher.Mode.OCB;
- case "CFB8": return GCrypt.Cipher.Mode.CFB8;
- // case "XTS": return GCrypt.Cipher.Mode.XTS; // Not supported in gcrypt < 1.8
- }
- return GCrypt.Cipher.Mode.NONE;
- }
-
- private static string flags_to_string(GCrypt.Cipher.Flag flags) {
- string? s = null;
- if ((GCrypt.Cipher.Flag.CBC_MAC & flags) != 0) s = (s == null ? "" : @"$s-") + "MAC";
- if ((GCrypt.Cipher.Flag.CBC_CTS & flags) != 0) s = (s == null ? "" : @"$s-") + "CTS";
- if ((GCrypt.Cipher.Flag.ENABLE_SYNC & flags) != 0) s = (s == null ? "" : @"$s-") + "SYNC";
- if ((GCrypt.Cipher.Flag.SECURE & flags) != 0) s = (s == null ? "" : @"$s-") + "SECURE";
- return s ?? "NONE";
- }
-
- private static GCrypt.Cipher.Flag flag_from_string(string flag_name) {
- if (flag_name == "SECURE") return GCrypt.Cipher.Flag.SECURE;
- if (flag_name == "SYNC") return GCrypt.Cipher.Flag.ENABLE_SYNC;
- if (flag_name == "CTS") return GCrypt.Cipher.Flag.CBC_CTS;
- if (flag_name == "MAC") return GCrypt.Cipher.Flag.CBC_MAC;
- return 0;
- }
-
- private static GCrypt.Cipher.Flag flags_from_string(string flag_names) {
- GCrypt.Cipher.Flag flags = 0;
- foreach(string flag in flag_names.split("-")) {
- flags |= flag_from_string(flag);
- }
- return flags;
- }
-
- private static bool parse(string algo_name, out GCrypt.Cipher.Algorithm algo, out GCrypt.Cipher.Mode mode, out GCrypt.Cipher.Flag flags) {
- algo = GCrypt.Cipher.Algorithm.NONE;
- mode = GCrypt.Cipher.Mode.NONE;
- flags = 0;
- string[] algo_parts = algo_name.split("-", 3);
-
- algo = GCrypt.Cipher.Algorithm.from_string(algo_parts[0]);
- if (algo_parts.length >= 2) {
- mode = mode_from_string(algo_parts[1]);
- }
- if (algo_parts.length == 3) {
- flags |= flags_from_string(algo_parts[2]);
- }
- return to_algo_name(algo, mode, flags) == algo_name;
- }
-
- private static string to_algo_name(GCrypt.Cipher.Algorithm algo = GCrypt.Cipher.Algorithm.NONE, GCrypt.Cipher.Mode mode = GCrypt.Cipher.Mode.NONE, GCrypt.Cipher.Flag flags = 0) {
- if (flags != 0) {
- return @"$algo-$(mode_to_string(mode))-$(flags_to_string(flags))";
- } else if (mode != GCrypt.Cipher.Mode.NONE) {
- return @"$algo-$(mode_to_string(mode))";
- } else {
- return algo.to_string();
- }
- }
-
- public SymmetricCipher(string algo_name) throws Error {
- GCrypt.Cipher.Algorithm algo;
- GCrypt.Cipher.Mode mode;
- GCrypt.Cipher.Flag flags;
- if (parse(algo_name, out algo, out mode, out flags)) {
- this.gcrypt(algo, mode, flags);
- } else {
- throw new Error.ILLEGAL_ARGUMENTS(@"The algorithm $algo_name is not supported");
- }
- }
-
- private SymmetricCipher.gcrypt(GCrypt.Cipher.Algorithm algo, GCrypt.Cipher.Mode mode, GCrypt.Cipher.Flag flags) throws Error {
- may_throw_gcrypt_error(GCrypt.Cipher.Cipher.open(out this.cipher, algo, mode, flags));
- }
-
- public void set_key(uint8[] key) throws Error {
- may_throw_gcrypt_error(cipher.set_key(key));
- }
-
- public void set_iv(uint8[] iv) throws Error {
- may_throw_gcrypt_error(cipher.set_iv(iv));
- }
-
- public void set_counter_vector(uint8[] ctr) throws Error {
- may_throw_gcrypt_error(cipher.set_counter_vector(ctr));
- }
-
- public void reset() throws Error {
- may_throw_gcrypt_error(cipher.reset());
- }
-
- public uint8[] get_tag(size_t taglen) throws Error {
- uint8[] tag = new uint8[taglen];
- may_throw_gcrypt_error(cipher.get_tag(tag));
- return tag;
- }
-
- public void check_tag(uint8[] tag) throws Error {
- may_throw_gcrypt_error(cipher.check_tag(tag));
- }
-
- public void encrypt(uint8[] output, uint8[] input) throws Error {
- may_throw_gcrypt_error(cipher.encrypt(output, input));
- }
-
- public void decrypt(uint8[] output, uint8[] input) throws Error {
- may_throw_gcrypt_error(cipher.decrypt(output, input));
- }
-
- public void sync() throws Error {
- may_throw_gcrypt_error(cipher.sync());
- }
-}
-}
diff --git a/plugins/crypto-vala/src/cipher_converter.vala b/plugins/crypto-vala/src/cipher_converter.vala
deleted file mode 100644
index b2b52c5a..00000000
--- a/plugins/crypto-vala/src/cipher_converter.vala
+++ /dev/null
@@ -1,102 +0,0 @@
-using GLib;
-
-namespace Crypto {
-public abstract class SymmetricCipherConverter : Converter, Object {
- internal SymmetricCipher cipher;
- internal size_t attached_taglen;
-
- public abstract ConverterResult convert(uint8[] inbuf, uint8[] outbuf, ConverterFlags flags, out size_t bytes_read, out size_t bytes_written) throws IOError;
-
- public uint8[] get_tag(size_t taglen) throws Error {
- return cipher.get_tag(taglen);
- }
-
- public void check_tag(uint8[] tag) throws Error {
- cipher.check_tag(tag);
- }
-
- public void reset() {
- try {
- cipher.reset();
- } catch (Crypto.Error e) {
- warning(@"$(e.domain) error while resetting cipher: $(e.message)");
- }
- }
-}
-
-public class SymmetricCipherEncrypter : SymmetricCipherConverter {
- public SymmetricCipherEncrypter(owned SymmetricCipher cipher, size_t attached_taglen = 0) {
- this.cipher = (owned) cipher;
- this.attached_taglen = attached_taglen;
- }
-
- public override ConverterResult convert(uint8[] inbuf, uint8[] outbuf, ConverterFlags flags, out size_t bytes_read, out size_t bytes_written) throws IOError {
- if (inbuf.length > outbuf.length) {
- throw new IOError.NO_SPACE("CipherConverter needs at least the size of input as output space");
- }
- if ((flags & ConverterFlags.INPUT_AT_END) != 0 && inbuf.length + attached_taglen > outbuf.length) {
- throw new IOError.NO_SPACE("CipherConverter needs additional output space to attach tag");
- }
- try {
- if (inbuf.length > 0) {
- cipher.encrypt(outbuf, inbuf);
- }
- bytes_read = inbuf.length;
- bytes_written = inbuf.length;
- if ((flags & ConverterFlags.INPUT_AT_END) != 0) {
- if (attached_taglen > 0) {
- Memory.copy((uint8*)outbuf + inbuf.length, get_tag(attached_taglen), attached_taglen);
- bytes_written = inbuf.length + attached_taglen;
- }
- return ConverterResult.FINISHED;
- }
- if ((flags & ConverterFlags.FLUSH) != 0) {
- return ConverterResult.FLUSHED;
- }
- return ConverterResult.CONVERTED;
- } catch (Crypto.Error e) {
- throw new IOError.FAILED(@"$(e.domain) error while decrypting: $(e.message)");
- }
- }
-}
-
-public class SymmetricCipherDecrypter : SymmetricCipherConverter {
- public SymmetricCipherDecrypter(owned SymmetricCipher cipher, size_t attached_taglen = 0) {
- this.cipher = (owned) cipher;
- this.attached_taglen = attached_taglen;
- }
-
- public override ConverterResult convert(uint8[] inbuf, uint8[] outbuf, ConverterFlags flags, out size_t bytes_read, out size_t bytes_written) throws IOError {
- if (inbuf.length > outbuf.length + attached_taglen) {
- throw new IOError.NO_SPACE("CipherConverter needs at least the size of input as output space");
- }
- if ((flags & ConverterFlags.INPUT_AT_END) != 0 && inbuf.length < attached_taglen) {
- throw new IOError.PARTIAL_INPUT("CipherConverter needs additional input to read tag");
- } else if ((flags & ConverterFlags.INPUT_AT_END) == 0 && inbuf.length < attached_taglen + 1) {
- throw new IOError.PARTIAL_INPUT("CipherConverter needs additional input to make sure to not accidentally read tag");
- }
- try {
- inbuf.length -= (int) attached_taglen;
- if (inbuf.length > 0) {
- cipher.decrypt(outbuf, inbuf);
- }
- bytes_read = inbuf.length;
- bytes_written = inbuf.length;
- inbuf.length += (int) attached_taglen;
- if ((flags & ConverterFlags.INPUT_AT_END) != 0) {
- if (attached_taglen > 0) {
- check_tag(inbuf[(inbuf.length - attached_taglen):inbuf.length]);
- bytes_read = inbuf.length;
- }
- return ConverterResult.FINISHED;
- }
- if ((flags & ConverterFlags.FLUSH) != 0) {
- return ConverterResult.FLUSHED;
- }
- return ConverterResult.CONVERTED;
- } catch (Crypto.Error e) {
- throw new IOError.FAILED(@"$(e.domain) error while decrypting: $(e.message)");
- }
- }
-}
-}
diff --git a/plugins/crypto-vala/src/error.vala b/plugins/crypto-vala/src/error.vala
deleted file mode 100644
index 5007d725..00000000
--- a/plugins/crypto-vala/src/error.vala
+++ /dev/null
@@ -1,15 +0,0 @@
-namespace Crypto {
-
-public errordomain Error {
- ILLEGAL_ARGUMENTS,
- GCRYPT,
- AUTHENTICATION_FAILED,
- UNKNOWN
-}
-
-internal void may_throw_gcrypt_error(GCrypt.Error e) throws Error {
- if (((int)e) != 0) {
- throw new Crypto.Error.GCRYPT(e.to_string());
- }
-}
-} \ No newline at end of file
diff --git a/plugins/crypto-vala/src/random.vala b/plugins/crypto-vala/src/random.vala
deleted file mode 100644
index 3f5d3ba9..00000000
--- a/plugins/crypto-vala/src/random.vala
+++ /dev/null
@@ -1,5 +0,0 @@
-namespace Crypto {
-public static void randomize(uint8[] buffer) {
- GCrypt.Random.randomize(buffer);
-}
-} \ No newline at end of file
diff --git a/plugins/crypto-vala/src/srtp.vala b/plugins/crypto-vala/src/srtp.vala
deleted file mode 100644
index 493afdb0..00000000
--- a/plugins/crypto-vala/src/srtp.vala
+++ /dev/null
@@ -1,122 +0,0 @@
-using Srtp;
-
-public class Crypto.Srtp {
- public const string AES_CM_128_HMAC_SHA1_80 = "AES_CM_128_HMAC_SHA1_80";
- public const string AES_CM_128_HMAC_SHA1_32 = "AES_CM_128_HMAC_SHA1_32";
- public const string F8_128_HMAC_SHA1_80 = "F8_128_HMAC_SHA1_80";
-
- public class Session {
- public bool has_encrypt { get; private set; default = false; }
- public bool has_decrypt { get; private set; default = false; }
-
- private Context encrypt_context;
- private Context decrypt_context;
-
- static construct {
- init();
- install_log_handler(log);
- }
-
- private static void log(LogLevel level, string msg) {
- print(@"SRTP[$level]: $msg\n");
- }
-
- public Session() {
- Context.create(out encrypt_context, null);
- Context.create(out decrypt_context, null);
- }
-
- public uint8[] encrypt_rtp(uint8[] data) throws Error {
- uint8[] buf = new uint8[data.length + MAX_TRAILER_LEN];
- Memory.copy(buf, data, data.length);
- int buf_use = data.length;
- ErrorStatus res = encrypt_context.protect(buf, ref buf_use);
- if (res != ErrorStatus.ok) {
- throw new Error.UNKNOWN(@"SRTP encrypt failed: $res");
- }
- uint8[] ret = new uint8[buf_use];
- GLib.Memory.copy(ret, buf, buf_use);
- return ret;
- }
-
- public uint8[] decrypt_rtp(uint8[] data) throws Error {
- uint8[] buf = new uint8[data.length];
- Memory.copy(buf, data, data.length);
- int buf_use = data.length;
- ErrorStatus res = decrypt_context.unprotect(buf, ref buf_use);
- switch (res) {
- case ErrorStatus.auth_fail:
- throw new Error.AUTHENTICATION_FAILED("SRTP packet failed the message authentication check");
- case ErrorStatus.ok:
- break;
- default:
- throw new Error.UNKNOWN(@"SRTP decrypt failed: $res");
- }
- uint8[] ret = new uint8[buf_use];
- GLib.Memory.copy(ret, buf, buf_use);
- return ret;
- }
-
- public uint8[] encrypt_rtcp(uint8[] data) throws Error {
- uint8[] buf = new uint8[data.length + MAX_TRAILER_LEN + 4];
- Memory.copy(buf, data, data.length);
- int buf_use = data.length;
- ErrorStatus res = encrypt_context.protect_rtcp(buf, ref buf_use);
- if (res != ErrorStatus.ok) {
- throw new Error.UNKNOWN(@"SRTCP encrypt failed: $res");
- }
- uint8[] ret = new uint8[buf_use];
- GLib.Memory.copy(ret, buf, buf_use);
- return ret;
- }
-
- public uint8[] decrypt_rtcp(uint8[] data) throws Error {
- uint8[] buf = new uint8[data.length];
- Memory.copy(buf, data, data.length);
- int buf_use = data.length;
- ErrorStatus res = decrypt_context.unprotect_rtcp(buf, ref buf_use);
- switch (res) {
- case ErrorStatus.auth_fail:
- throw new Error.AUTHENTICATION_FAILED("SRTCP packet failed the message authentication check");
- case ErrorStatus.ok:
- break;
- default:
- throw new Error.UNKNOWN(@"SRTP decrypt failed: $res");
- }
- uint8[] ret = new uint8[buf_use];
- GLib.Memory.copy(ret, buf, buf_use);
- return ret;
- }
-
- private Policy create_policy(string profile) {
- Policy policy = Policy();
- switch (profile) {
- case AES_CM_128_HMAC_SHA1_80:
- policy.rtp.set_aes_cm_128_hmac_sha1_80();
- policy.rtcp.set_aes_cm_128_hmac_sha1_80();
- break;
- }
- return policy;
- }
-
- public void set_encryption_key(string profile, uint8[] key, uint8[] salt) {
- Policy policy = create_policy(profile);
- policy.ssrc.type = SsrcType.any_outbound;
- policy.key = new uint8[key.length + salt.length];
- Memory.copy(policy.key, key, key.length);
- Memory.copy(((uint8*)policy.key) + key.length, salt, salt.length);
- encrypt_context.add_stream(ref policy);
- has_encrypt = true;
- }
-
- public void set_decryption_key(string profile, uint8[] key, uint8[] salt) {
- Policy policy = create_policy(profile);
- policy.ssrc.type = SsrcType.any_inbound;
- policy.key = new uint8[key.length + salt.length];
- Memory.copy(policy.key, key, key.length);
- Memory.copy(((uint8*)policy.key) + key.length, salt, salt.length);
- decrypt_context.add_stream(ref policy);
- has_decrypt = true;
- }
- }
-} \ No newline at end of file