taigrr/arduinolibs
1
0
Fork 0
mirror of https://github.com/taigrr/arduinolibs synced 2025-01-18 04:33:12 -08:00
Code Issues Projects Releases Wiki Activity

Noise protocol implementation

Browse Source
This commit is contained in:
Rhys Weatherley 2018-06-10 16:32:18 +10:00
parent b9fefc6a76
commit 7423609e64
73 changed files with 6800 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -22,6 +22,12 @@ improvements, please contact the author Rhys Weatherley via
Recent significant changes to the library Recent significant changes to the library
----------------------------------------- -----------------------------------------
XXX 2018:
* KeyRing for storing key pairs and other key material in EEPROM or Flash.
* Add better functions to Curve25519 and Ed25519 for generating key pairs.
* Noise and NoiseLink protocols.
Apr 2018: Apr 2018:
* Acorn128 and Ascon128 authenticated ciphers (finalists in the CAESAR AEAD * Acorn128 and Ascon128 authenticated ciphers (finalists in the CAESAR AEAD

1
doc/Doxyfile
View File

@ -661,6 +661,7 @@ INPUT = ../libraries/Crypto \
../libraries/NewHope \ ../libraries/NewHope \
../libraries/RingOscillatorNoiseSource \ ../libraries/RingOscillatorNoiseSource \
../libraries/TransistorNoiseSource \ ../libraries/TransistorNoiseSource \
../libraries/NoiseProtocol/src \
. .
# This tag can be used to specify the character encoding of the source files # This tag can be used to specify the character encoding of the source files

1
doc/crypto.dox
View File

@ -43,6 +43,7 @@ in the repository:
\li Message authenticators: Poly1305, GHASH, OMAC \li Message authenticators: Poly1305, GHASH, OMAC
\li Public key algorithms: Curve25519, Ed25519, P521 \li Public key algorithms: Curve25519, Ed25519, P521
\li Random number generation: \link RNGClass RNG\endlink \li Random number generation: \link RNGClass RNG\endlink
\li Storage of key pairs and other key material in EEPROM or Flash: KeyRing
Reduced memory versions of some algorithms (encryption is slower, but the Reduced memory versions of some algorithms (encryption is slower, but the
RAM required for the key schedule is less): RAM required for the key schedule is less):

37
host/Crypto/Makefile
View File

@ -6,12 +6,14 @@ SRCDIR = $(TOPDIR)/libraries/Crypto
SRCDIR2 = $(TOPDIR)/libraries/NewHope SRCDIR2 = $(TOPDIR)/libraries/NewHope
SRCDIR3 = $(TOPDIR)/libraries/CryptoLW SRCDIR3 = $(TOPDIR)/libraries/CryptoLW
SRCDIR4 = $(TOPDIR)/libraries/CryptoLegacy SRCDIR4 = $(TOPDIR)/libraries/CryptoLegacy
SRCDIR5 = $(TOPDIR)/libraries/NoiseProtocol
#VPATH = $(SRCDIR) #VPATH = $(SRCDIR)
vpath %.cpp $(SRCDIR) vpath %.cpp $(SRCDIR)
vpath %.cpp $(SRCDIR2) vpath %.cpp $(SRCDIR2)
vpath %.cpp $(SRCDIR3)/src vpath %.cpp $(SRCDIR3)/src
vpath %.cpp $(SRCDIR4)/src vpath %.cpp $(SRCDIR4)/src
vpath %.cpp $(SRCDIR5)/src
vpath %.o . vpath %.o .
vpath %.ino $(SRCDIR)/examples vpath %.ino $(SRCDIR)/examples
vpath %.ino $(SRCDIR2)/examples vpath %.ino $(SRCDIR2)/examples
@ -27,6 +29,7 @@ CPPFLAGS = \
-I$(TOPDIR)/libraries/CryptoLW/src \ -I$(TOPDIR)/libraries/CryptoLW/src \
-I$(TOPDIR)/libraries/CryptoLegacy/src \ -I$(TOPDIR)/libraries/CryptoLegacy/src \
-I$(TOPDIR)/libraries/NewHope \ -I$(TOPDIR)/libraries/NewHope \
-I$(TOPDIR)/libraries/NoiseProtocol \
-DHOST_BUILD -DHOST_BUILD
CXXFLAGS = -g -Wall $(CPPFLAGS) CXXFLAGS = -g -Wall $(CPPFLAGS)
@ -58,6 +61,7 @@ SOURCES = \
GHASH.cpp \ GHASH.cpp \
Hash.cpp \ Hash.cpp \
KeccakCore.cpp \ KeccakCore.cpp \
KeyRing.cpp \
NewHope.cpp \ NewHope.cpp \
NoiseSource.cpp \ NoiseSource.cpp \
OFB.cpp \ OFB.cpp \
@ -76,6 +80,39 @@ SOURCES = \
XOF.cpp \ XOF.cpp \
XTS.cpp XTS.cpp
SOURCES += \
NoiseCipherState_AESGCM.cpp \
NoiseCipherState_ChaChaPoly.cpp \
NoiseCipherState.cpp \
NoiseDHState_Curve25519.cpp \
NoiseDHState.cpp \
NoiseHandshakeState.cpp \
Noise_IK_25519_AESGCM_SHA256.cpp \
Noise_IK_25519_ChaChaPoly_BLAKE2s.cpp \
Noise_IK_25519_ChaChaPoly_SHA256.cpp \
Noise_IK.cpp \
NoiseNamespace.cpp \
Noise_NNpsk0_25519_AESGCM_SHA256.cpp \
Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s.cpp \
Noise_NNpsk0_25519_ChaChaPoly_SHA256.cpp \
Noise_NNpsk0.cpp \
Noise_Pipes_25519_AESGCM_SHA256.cpp \
Noise_Pipes_25519_ChaChaPoly_BLAKE2s.cpp \
Noise_Pipes_25519_ChaChaPoly_SHA256.cpp \
NoiseProtocolDescriptor.cpp \
NoiseSymmetricState_AESGCM_SHA256.cpp \
NoiseSymmetricState_ChaChaPoly_BLAKE2s.cpp \
NoiseSymmetricState_ChaChaPoly_SHA256.cpp \
NoiseSymmetricState.cpp \
Noise_XX_25519_AESGCM_SHA256.cpp \
Noise_XX_25519_ChaChaPoly_BLAKE2s.cpp \
Noise_XX_25519_ChaChaPoly_SHA256.cpp \
Noise_XX.cpp \
Noise_XXfallback_25519_AESGCM_SHA256.cpp \
Noise_XXfallback_25519_ChaChaPoly_BLAKE2s.cpp \
Noise_XXfallback_25519_ChaChaPoly_SHA256.cpp \
Noise_XXfallback.cpp
SKETCHES = \ SKETCHES = \
TestAcorn/TestAcorn.ino \ TestAcorn/TestAcorn.ino \
TestAES/TestAES.ino \ TestAES/TestAES.ino \

18
libraries/Crypto/Curve25519.cpp
View File

@ -70,12 +70,15 @@
* algorithms with the curve. Normally applications should use dh1() * algorithms with the curve. Normally applications should use dh1()
* and dh2() directly instead. * and dh2() directly instead.
* *
* The secret \a s value may point to a key pair that was generated by the
* Curve25519::generateKeyPair() function.
*
* \return Returns true if the function was evaluated; false if \a x is * \return Returns true if the function was evaluated; false if \a x is
* not a proper member of the field modulo (2^255 - 19). * not a proper member of the field modulo (2^255 - 19).
* *
* Reference: <a href="http://tools.ietf.org/html/rfc7748">RFC 7748</a> * Reference: <a href="http://tools.ietf.org/html/rfc7748">RFC 7748</a>
* *
* \sa dh1(), dh2() * \sa dh1(), dh2(), generateKeyPair()
*/ */
bool Curve25519::eval(uint8_t result[32], const uint8_t s[32], const uint8_t x[32]) bool Curve25519::eval(uint8_t result[32], const uint8_t s[32], const uint8_t x[32])
{ {
@ -297,6 +300,19 @@ bool Curve25519::dh2(uint8_t k[32], uint8_t f[32])
return (bool)((weak ^ 0x01) & 0x01); return (bool)((weak ^ 0x01) & 0x01);
} }
/**
* \brief Generatea a key pair for the Curve25519 algorithm.
*
* \param keyPair Buffer that returns the key pair, consisting of the
* 32-byte private key followed by the 32-byte public key.
*
* \sa eval()
*/
void Curve25519::generateKeyPair(uint8_t keyPair[64])
{
dh1(keyPair + 32, keyPair);
}
/** /**
* \brief Determines if a Curve25519 point is weak for contributory behaviour. * \brief Determines if a Curve25519 point is weak for contributory behaviour.
* *

2
libraries/Crypto/Curve25519.h
View File

@ -35,6 +35,8 @@ public:
static void dh1(uint8_t k[32], uint8_t f[32]); static void dh1(uint8_t k[32], uint8_t f[32]);
static bool dh2(uint8_t k[32], uint8_t f[32]); static bool dh2(uint8_t k[32], uint8_t f[32]);
static void generateKeyPair(uint8_t keyPair[64]);
#if defined(TEST_CURVE25519_FIELD_OPS) #if defined(TEST_CURVE25519_FIELD_OPS)
public: public:
#else #else

39
libraries/Crypto/Ed25519.cpp
View File

@ -64,6 +64,19 @@
* } * }
* \endcode * \endcode
* *
* As an alternative, the private and public components of the key pair
* can be generated as a single 64-byte value:
*
* \code
* uint8_t keyPair[64];
* Ed25519::generateKeyPair(keyPair);
* Ed25519::sign(signature, keyPair, message, N);
* \endcode
*
* The 64-byte key pair consists of the 32-byte private key followed by
* the 32-byte public key. This should be compatible with other libraries
* that produce and use 64-byte Ed25519 key values.
*
* \note The public functions in this class need a substantial amount of * \note The public functions in this class need a substantial amount of
* stack space to store intermediate results while the curve function is * stack space to store intermediate results while the curve function is
* being evaluated. About 1.5k of free stack space is recommended for safety. * being evaluated. About 1.5k of free stack space is recommended for safety.
@ -173,6 +186,18 @@ void Ed25519::sign(uint8_t signature[64], const uint8_t privateKey[32],
clean(rB); clean(rB);
} }
/**
* \fn void Ed25519::sign(uint8_t signature[64], const uint8_t keyPair[64], const void *message, size_t len)
* \brief Signs a message using a specific Ed25519 key pair.
*
* \param signature The signature value.
* \param keyPair The key pair to use to sign the message.
* \param message Points to the message to be signed.
* \param len The length of the \a message to be signed.
*
* \sa verify(), generateKeyPair()
*/
/** /**
* \brief Verifies a signature using a specific Ed25519 public key. * \brief Verifies a signature using a specific Ed25519 public key.
* *
@ -271,6 +296,20 @@ void Ed25519::derivePublicKey(uint8_t publicKey[32], const uint8_t privateKey[32
clean(ptA); clean(ptA);
} }
/**
* \brief Generatea a key pair for the Ed25519 algorithm.
*
* \param keyPair Buffer that returns the key pair, consisting of the
* 32-byte private key followed by the 32-byte public key.
*
* \sa sign()
*/
void Ed25519::generateKeyPair(uint8_t keyPair[64])
{
generatePrivateKey(keyPair);
derivePublicKey(keyPair + 32, keyPair);
}
/** /**
* \brief Reduces a number modulo q that was specified in a 512 bit buffer. * \brief Reduces a number modulo q that was specified in a 512 bit buffer.
* *

10
libraries/Crypto/Ed25519.h
View File

@ -32,12 +32,16 @@ public:
static void sign(uint8_t signature[64], const uint8_t privateKey[32], static void sign(uint8_t signature[64], const uint8_t privateKey[32],
const uint8_t publicKey[32], const void *message, const uint8_t publicKey[32], const void *message,
size_t len); size_t len);
static void sign(uint8_t signature[64], const uint8_t keyPair[64],
const void *message, size_t len);
static bool verify(const uint8_t signature[64], const uint8_t publicKey[32], static bool verify(const uint8_t signature[64], const uint8_t publicKey[32],
const void *message, size_t len); const void *message, size_t len);
static void generatePrivateKey(uint8_t privateKey[32]); static void generatePrivateKey(uint8_t privateKey[32]);
static void derivePublicKey(uint8_t publicKey[32], const uint8_t privateKey[32]); static void derivePublicKey(uint8_t publicKey[32], const uint8_t privateKey[32]);
static void generateKeyPair(uint8_t keyPair[64]);
private: private:
// Constructor and destructor are private - cannot instantiate this class. // Constructor and destructor are private - cannot instantiate this class.
Ed25519(); Ed25519();
@ -68,4 +72,10 @@ private:
static void deriveKeys(SHA512 *hash, limb_t *a, const uint8_t privateKey[32]); static void deriveKeys(SHA512 *hash, limb_t *a, const uint8_t privateKey[32]);
}; };
inline void Ed25519::sign(uint8_t signature[64], const uint8_t keyPair[64],
const void *message, size_t len)
{
sign(signature, keyPair, keyPair + 32, message, len);
}
#endif #endif

366
libraries/Crypto/KeyRing.cpp Normal file
View File

@ -0,0 +1,366 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "KeyRing.h"
/**
* \class KeyRing KeyRing.h <KeyRing.h>
* \brief Permanent storage for key material.
*
* This class provides permanent storage for local key pairs, remote public
* keys, shared symmetric keys, and other data on a device. Other data may
* be certificates, configuration data, or any other information that
* isn't strictly key material.
*
* As an example, the following code will generate a new Curve25519
* key pair and save it into permanent storage as the default key pair
* for the device:
*
* \code
* uint8_t keyPair[64];
* Curve25519::generateKeyPair(keyPair);
* KeyRing::setLocalKeyPair(KeyRing::LocalCurve25519Default, keyPair, 64);
* \endcode
*
* Later, when the application needs the key pair it does the following:
*
* \code
* uint8_t keyPair[64];
* if (!KeyRing::getLocalKeyPair(KeyRing::LocalCurve25519Default, keyPair, 64)) {
* Serial.println("Curve25519 key pair not found!");
* } else {
* // Make use of the key pair.
* ...
* }
* \endcode
*
* The key ring data is not encrypted in the permanent storage, so the
* data may be compromised if the device is captured. The application can
* arrange to encrypt the values separately before calling the set functions
* in this class.
*
* The data is not encrypted by default because it creates a chicken-and-egg
* problem: where is the encryption key itself stored if the device does
* not have some way to enter a passphrase at runtime? We therefore leave
* the issue of key ring encryption up to the application.
*
* The amount of key data that can be stored is limited by the size of
* the permanent storage mechanism on the device:
*
* \li AVR devices will use no more than 1/2 of the available EEPROM
* space, starting at the end of EEPROM and working backwards.
* \li Arduino Due and ESP8266 allocate up to 8K of flash memory for key data.
* \li ESP32 storage is built on top of that chip's Non-Volatile Storage (NVS)
* mechanism, and is limited only by the maximum NVS size.
*
* If a device is not currently supported, then requests to store values
* in the key ring will fail. Requests to retrieve values from the key
* ring will return nothing.
*/
/**
* \var KeyRing::LocalCurve25519Default
* \brief Identifier for the default local Curve25519 key pair on the device.
*/
/**
* \var KeyRing::RemoteCurve25519Default
* \brief Identifier for the default remote Curve25519 public key for the
* primary remote device that this device will be communicating with.
*/
/**
* \var KeyRing::LocalEd25519Default
* \brief Identifier for the default local Ed25519 key pair on the device.
*/
/**
* \var KeyRing::RemoteEd25519Default
* \brief Identifier for the default remote Ed25519 public key for the
* primary remote device that this device will be communicating with.
*/
/**
* \fn bool KeyRing::setLocalKeyPair(uint16_t id, const void *pair, size_t size)
* \brief Sets a local key pair in permanent storage.
*
* \param id Identifier for the key pair to distinguish multiple key pairs
* in the permanent storage.
* \param pair Points to the key pair value, which is assumed to be the
* private key followed by the public key.
* \param size Size of the key pair, including both the private and public
* components.
*
* \return Returns true if the key pair was stored, or false if there is
* insufficient space to store the key pair, or this platform does not have
* permanent storage available.
*
* \sa getLocalKeyPair()
*/
/**
* \fn size_t KeyRing::getLocalKeyPair(uint16_t id, void *pair, size_t maxSize)
* \brief Gets a local key pair from permanent storage.
*
* \param id Identifier for the key pair to distinguish multiple key pairs
* in the permanent storage.
* \param pair Points to the buffer to retrieve the key pair value, which
* is assumed to consist of the private key followed by the public key.
* \param maxSize Maximum size of the \a pair buffer which may be larger
* than the actual key pair size, to support the retrieval of variable-length
* key pairs.
*
* \return The actual number of bytes in the key pair, or zero if the key
* pair was not found.
*
* The companion function getLocalKeyPairSize() can be used to query the
* size of the key pair before it is retrieved.
*
* \sa getLocalKeyPairSize(), setLocalKeyPair()
*/
/**
* \fn size_t KeyRing::getLocalKeyPairSize(uint16_t id)
* \brief Gets the size of a local key pair in permanent storage.
*
* \param id Identifier for the key pair to distinguish multiple key pairs
* in the permanent storage.
*
* \return The number of bytes of data that are stored for the key pair,
* or zero if there is no key pair currently associated with \a id.
*
* \sa getLocalKeyPair()
*/
/**
* \fn void KeyRing::removeLocalKeyPair(uint16_t id)
* \brief Removes a local key pair from permanent storage.
*
* \param id Identifier for the key pair to distinguish multiple key pairs
* in the permanent storage.
*
* The key pair value will be overwritten with 0xFF bytes to erase it.
* However, this may not be sufficient to completely remove all trace of
* the key pair from flash memory or EEPROM. If the underlying storage
* mechanism is performing wear-levelling, then it may leave older copies
* of the value in unused pages when new values are written.
*/
/**
* \fn bool KeyRing::setRemotePublicKey(uint16_t id, const void *key, size_t size)
* \brief Sets a remote public key in permanent storage.
*
* \param id Identifier for the remote public key to distinguish multiple
* public keys in the permanent storage.
* \param key Points to the public key value.
* \param size Size of the public key value in bytes.
*
* \return Returns true if the public key was stored, or false if there is
* insufficient space to store the public key, or this platform does not have
* permanent storage available.
*
* \sa getRemotePublicKey()
*/
/**
* \fn size_t KeyRing::getRemotePublicKey(uint16_t id, void *key, size_t maxSize)
* \brief Gets a remote public key from permanent storage.
*
* \param id Identifier for the remote public key to distinguish multiple
* public keys in the permanent storage.
* \param key Points to the buffer to retrieve the public key value.
* \param maxSize Maximum size of the \a key buffer which may be larger
* than the actual public key size, to support the retrieval of
* variable-length public keys.
*
* \return The actual number of bytes in the public key, or zero if the
* public key was not found.
*
* The companion function getRemotePublicKeySize() can be used to query the
* size of the public key before it is retrieved.
*
* \sa getRemotePublicKeySize(), setRemotePublicKey()
*/
/**
* \fn size_t KeyRing::getRemotePublicKeySize(uint16_t id)
* \brief Gets the size of a remote public key in permanent storage.
*
* \param id Identifier for the remote public key to distinguish multiple
* public keys in the permanent storage.
*
* \return The number of bytes of data that are stored for the public key,
* or zero if there is no public key currently associated with \a id.
*
* \sa getRemotePublicKey()
*/
/**
* \fn void KeyRing::removeRemotePublicKey(uint16_t id)
* \brief Removes a remote public key from permanent storage.
*
* \param id Identifier for the remote public key to distinguish multiple
* public keys in the permanent storage.
*/
/**
* \fn bool KeyRing::setSharedSymmetricKey(uint16_t id, const void *key, size_t size)
* \brief Sets a shared symmetric key in permanent storage.
*
* \param id Identifier for the shared symmetric key to distinguish multiple
* keys in the permanent storage.
* \param key Points to the shared symmetric key value.
* \param size Size of the shared symmetric key value in bytes.
*
* \return Returns true if the shared symmetric key was stored, or false if
* there is insufficient space to store the key, or this platform does not
* have permanent storage available.
*
* \sa getSharedSymmetricKey()
*/
/**
* \fn size_t KeyRing::getSharedSymmetricKey(uint16_t id, void *key, size_t maxSize)
* \brief Gets a shared symmetric key from permanent storage.
*
* \param id Identifier for the shared symmetric key to distinguish multiple
* keys in the permanent storage.
* \param key Points to the buffer to retrieve the shared symmetric key value.
* \param maxSize Maximum size of the \a key buffer which may be larger
* than the actual shared symmetric key size, to support the retrieval of
* variable-length keys.
*
* \return The actual number of bytes in the shared symmetric key,
* or zero if the key was not found.
*
* The companion function getSharedSymmetricKeySize() can be used to
* query the size of the shared symmetric key before it is retrieved.
*
* \sa getSharedSymmetricKeySize(), setSharedSymmetricKey()
*/
/**
* \fn size_t KeyRing::getSharedSymmetricKeySize(uint16_t id)
* \brief Gets the size of a shared symmetric key in permanent storage.
*
* \param id Identifier for the shared symmetric key to distinguish multiple
* keys in the permanent storage.
*
* \return The number of bytes of data that are stored for the shared
* symmetric key, or zero if there is no key currently associated with \a id.
*
* \sa getSharedSymmetricKey()
*/
/**
* \fn void KeyRing::removeSharedSymmetricKey(uint16_t id)
* \brief Removes a shared symmetric key from permanent storage.
*
* \param id Identifier for the shared symmetric key to distinguish multiple
* keys in the permanent storage.
*
* The symmetric key value will be overwritten with 0xFF bytes to erase it.
* However, this may not be sufficient to completely remove all trace of
* the key from flash memory or EEPROM. If the underlying storage mechanism
* is performing wear-levelling, then it may leave older copies of the value
* in unused pages when new values are written.
*/
/**
* \fn bool KeyRing::setOtherData(uint16_t id, const void *data, size_t size);
* \brief Sets an arbitrary data value in permanent storage.
*
* \param id Identifier for the data value to distinguish multiple values
* in the permanent storage.
* \param data Points to the data value to store.
* \param size Size of the data value in bytes.
*
* \return Returns true if the data value was stored, or false if there is
* insufficient space to store the value, or this platform does not have
* permanent storage available.
*
* \sa getOtherData()
*/
/**
* \fn size_t KeyRing::getOtherData(uint16_t id, void *data, size_t maxSize)
* \brief Gets an arbitrary data value from permanent storage.
*
* \param id Identifier for the data value to distinguish multiple values
* in the permanent storage.
* \param data Points to the buffer to retrieve the data value.
* \param maxSize Maximum size of the \a data buffer which may be larger
* than the actual data value size, to support the retrieval of
* variable-length values.
*
* \return The actual number of bytes in the data value, or zero if the value
* was not found.
*
* The companion function getOtherDataSize() can be used to query the size of
* the data value before it is retrieved.
*
* \sa getOtherDataSize(), setOtherData()
*/
/**
* \fn size_t KeyRing::getOtherDataSize(uint16_t id)
* \brief Gets the size of an arbitrary data value in permanent storage.
*
* \param id Identifier for the data value to distinguish multiple values
* in the permanent storage.
*
* \return The number of bytes of data that are stored for the value,
* or zero if there is no value currently associated with \a id.
*
* \sa getOtherData()
*/
/**
* \fn void KeyRing::removeOtherData(uint16_t id)
* \brief Removes an arbitrary data value from permanent storage.
*
* \param id Identifier for the data value to distinguish multiple values
* in the permanent storage.
*/
bool KeyRing::set(uint16_t id, uint8_t type, const void *data, size_t size)
{
// TODO
return false;
}
size_t KeyRing::get(uint16_t id, uint8_t type, void *data, size_t maxSize)
{
// TODO
return 0;
}
size_t KeyRing::getSize(uint16_t id, uint8_t type)
{
// TODO
return 0;
}
void KeyRing::remove(uint16_t id, uint8_t type)
{
// TODO
}

165
libraries/Crypto/KeyRing.h Normal file
View File

@ -0,0 +1,165 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef KEY_RING_h
#define KEY_RING_h
#include <inttypes.h>
#include <stddef.h>
class KeyRing
{
private:
KeyRing() {}
~KeyRing() {}
public:
static bool setLocalKeyPair
(uint16_t id, const void *pair, size_t size);
static size_t getLocalKeyPair
(uint16_t id, void *pair, size_t maxSize);
static size_t getLocalKeyPairSize(uint16_t id);
static void removeLocalKeyPair(uint16_t id);
static bool setRemotePublicKey
(uint16_t id, const void *key, size_t size);
static size_t getRemotePublicKey
(uint16_t id, void *key, size_t maxSize);
static size_t getRemotePublicKeySize(uint16_t id);
static void removeRemotePublicKey(uint16_t id);
static bool setSharedSymmetricKey
(uint16_t id, const void *key, size_t size);
static size_t getSharedSymmetricKey
(uint16_t id, void *key, size_t maxSize);
static size_t getSharedSymmetricKeySize(uint16_t id);
static void removeSharedSymmetricKey(uint16_t id);
static bool setOtherData
(uint16_t id, const void *data, size_t size);
static size_t getOtherData
(uint16_t id, void *data, size_t maxSize);
static size_t getOtherDataSize(uint16_t id);
static void removeOtherData(uint16_t id);
static const uint16_t LocalCurve25519Default = 0x4301; // 'C', 0x01
static const uint16_t RemoteCurve25519Default = 0x6301; // 'c', 0x01
static const uint16_t LocalEd25519Default = 0x4501; // 'E', 0x01
static const uint16_t RemoteEd25519Default = 0x6501; // 'e', 0x01
private:
static bool set(uint16_t id, uint8_t type, const void *data, size_t size);
static size_t get(uint16_t id, uint8_t type, void *data, size_t maxSize);
static size_t getSize(uint16_t id, uint8_t type);
static void remove(uint16_t id, uint8_t type);
};
inline bool KeyRing::setLocalKeyPair
(uint16_t id, const void *pair, size_t size)
{
return set(id, 0, pair, size);
}
inline size_t KeyRing::getLocalKeyPair
(uint16_t id, void *pair, size_t maxSize)
{
return get(id, 0, pair, maxSize);
}
inline size_t KeyRing::getLocalKeyPairSize(uint16_t id)
{
return getSize(id, 0);
}
inline void KeyRing::removeLocalKeyPair(uint16_t id)
{
remove(id, 0);
}
inline bool KeyRing::setRemotePublicKey
(uint16_t id, const void *key, size_t size)
{
return set(id, 1, key, size);
}
inline size_t KeyRing::getRemotePublicKey
(uint16_t id, void *key, size_t maxSize)
{
return get(id, 1, key, maxSize);
}
inline size_t KeyRing::getRemotePublicKeySize(uint16_t id)
{
return getSize(id, 1);
}
inline void KeyRing::removeRemotePublicKey(uint16_t id)
{
remove(id, 1);
}
inline bool KeyRing::setSharedSymmetricKey
(uint16_t id, const void *key, size_t size)
{
return set(id, 2, key, size);
}
inline size_t KeyRing::getSharedSymmetricKey
(uint16_t id, void *key, size_t maxSize)
{
return get(id, 2, key, maxSize);
}
inline size_t KeyRing::getSharedSymmetricKeySize(uint16_t id)
{
return getSize(id, 2);
}
inline void KeyRing::removeSharedSymmetricKey(uint16_t id)
{
remove(id, 2);
}
inline bool KeyRing::setOtherData
(uint16_t id, const void *data, size_t size)
{
return set(id, 3, data, size);
}
inline size_t KeyRing::getOtherData
(uint16_t id, void *data, size_t maxSize)
{
return get(id, 3, data, maxSize);
}
inline size_t KeyRing::getOtherDataSize(uint16_t id)
{
return getSize(id, 3);
}
inline void KeyRing::removeOtherData(uint16_t id)
{
remove(id, 3);
}
#endif

114
libraries/NoiseProtocol/src/NoiseCipherState.cpp Normal file
View File

@ -0,0 +1,114 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "NoiseCipherState.h"
/**
* \class NoiseCipherState NoiseCipherState.h <NoiseCipherState.h>
* \brief Abstract base class for the Noise protocol's cipher state.
*
* This class is abstract. The caller should instantiate a subclass like
* NoiseCipherState_ChaChaPoly or NoiseCipherState_AESGCM to choose the
* specific algorithm to use in the cipher state.
*
* Normally the application will not instantiate instances of this
* class or its subclasses directly. Instead, it will call
* NoiseHandshakeState::split() at the end of the handshake phase
* of a connection.
*/
/**
* \fn NoiseCipherState::NoiseCipherState()
* \brief Constructs a new cipher object.
*/
/**
* \brief Destroys this cipher object.
*/
NoiseCipherState::~NoiseCipherState()
{
}
/**
* \fn void NoiseCipherState::setNonce(uint64_t nonce)
* \brief Sets the nonce value for the next packet to be encrypted or
* decrypted.
*
* \param nonce The nonce value between 0 and 2^64 - 2.
*
* You won't need to use this function on reliable transports like TCP.
* You may need to use this function on unreliable transports like UDP.
* Care must be taken not to use the same nonce with multiple packets,
* and to reject duplicate packets.
*/
/**
* \fn int NoiseCipherState::encryptPacket(void *output, size_t outputSize, const void *input, size_t inputSize)
* \brief Encrypts a packet in a Noise transport session.
*
* \param output Output buffer to write the ciphertext and MAC to.
* \param outputSize Available space in the \a output buffer.
* \param input Input buffer containing the plaintext to be encrypted.
* \param inputSize Number of bytes of plaintext.
*
* \return The number of bytes that were written to \a output.
* \return -1 if \a outputSize is not large enough to contain the
* ciphertext and MAC.
*
* MAC values will add an extra 16 bytes to the size of the packet.
*
* \sa decryptPacket()
*/
/**
* \fn int NoiseCipherState::decryptPacket(void *output, size_t outputSize, const void *input, size_t inputSize)
* \brief Decrypts a packet in a Noise transport session.
*
* \param output Output buffer to write the plaintext to.
* \param outputSize Available space in the \a output buffer.
* \param input Input buffer containing the ciphertext and MAC.
* \param inputSize Number of bytes of ciphertext plus the MAC.
*
* \return The number of bytes that were written to \a output.
* \return -1 if \a outputSize is not large enough to contain the plaintext.
* \return -1 if the MAC check failed; the plaintext output will be invalid.
*
* \sa encryptPacket()
*/
/**
* \fn void NoiseCipherState::rekey()
* \brief Rekey the cipher object.
*
* This function should be called periodically to refresh the key that is
* used to encrypt data. This avoids the same key being used over and over
* as the more data that is encrypted with the same key, the more likely
* statistical trends may reveal themselves to an attacker.
*/
/**
* \fn void NoiseCipherState::clear()
* \brief Destroys sensitive data in this cipher object.
*
* After this function is called, no more packets can be encrypted or
* decrypted and a new cipher object must be created.
*/

49
libraries/NoiseProtocol/src/NoiseCipherState.h Normal file
View File

@ -0,0 +1,49 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_CIPHER_STATE_h
#define NOISE_CIPHER_STATE_h
#include <stddef.h>
#include <inttypes.h>
class NoiseCipherState
{
public:
NoiseCipherState() {}
virtual ~NoiseCipherState();
virtual void setNonce(uint64_t nonce) = 0;
virtual int encryptPacket
(void *output, size_t outputSize,
const void *input, size_t inputSize) = 0;
virtual int decryptPacket
(void *output, size_t outputSize,
const void *input, size_t inputSize) = 0;
virtual void rekey() = 0;
virtual void clear() = 0;
};
#endif

107
libraries/NoiseProtocol/src/NoiseCipherState_AESGCM.cpp Normal file
View File

@ -0,0 +1,107 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "NoiseCipherState_AESGCM.h"
#include "Crypto.h"
#include <string.h>
/**
* \class NoiseCipherState_AESGCM NoiseCipherState_AESGCM.h <NoiseCipherState_AESGCM.h>
* \brief Implementation of the AESGCM cipher
*/
/**
* \brief Constructs a new AESGCM cipher object.
*
* \param key The 256-bit key for the cipher object.
*/
NoiseCipherState_AESGCM::NoiseCipherState_AESGCM(const uint8_t key[32])
{
cipher.setKey(key, 32);
n = 0;
}
/**
* \brief Destroys this AESGCM cipher object.
*/
NoiseCipherState_AESGCM::~NoiseCipherState_AESGCM()
{
clean(&n, sizeof(n));
}
void NoiseCipherState_AESGCM::setNonce(uint64_t nonce)
{
n = nonce;
}
// Import from NoiseSymmetricState_AESGCM_SHA256.cpp.
void noiseAESGCMFormatIV(uint8_t iv[12], uint64_t n);
int NoiseCipherState_AESGCM::encryptPacket
(void *output, size_t outputSize, const void *input, size_t inputSize)
{
if (outputSize < 16 || (outputSize - 16) < inputSize)
return -1;
uint8_t iv[12];
noiseAESGCMFormatIV(iv, n);
cipher.setIV(iv, sizeof(iv));
cipher.encrypt((uint8_t *)output, (const uint8_t *)input, inputSize);
cipher.computeTag(((uint8_t *)output) + inputSize, 16);
++n;
return inputSize + 16;
}
int NoiseCipherState_AESGCM::decryptPacket
(void *output, size_t outputSize, const void *input, size_t inputSize)
{
if (inputSize < 16 || outputSize < (inputSize - 16))
return -1;
uint8_t iv[12];
noiseAESGCMFormatIV(iv, n);
cipher.setIV((const uint8_t *)&iv, sizeof(iv));
cipher.decrypt((uint8_t *)output, (const uint8_t *)input, outputSize);
if (cipher.checkTag(((const uint8_t *)input) + outputSize, 16)) {
++n;
return outputSize;
}
memset(output, 0, outputSize); // Destroy the output if the tag is invalid.
return -1;
}
void NoiseCipherState_AESGCM::rekey()
{
uint8_t k[32];
static uint8_t const iv[12] = {
0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};
memset(k, 0, sizeof(k));
cipher.setIV(iv, sizeof(iv));
cipher.encrypt(k, k, sizeof(k));
cipher.setKey(k, sizeof(k));
clean(k);
}
void NoiseCipherState_AESGCM::clear()
{
cipher.clear();
n = 0;
}

54
libraries/NoiseProtocol/src/NoiseCipherState_AESGCM.h Normal file
View File

@ -0,0 +1,54 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_CIPHER_STATE_AESGCM_h
#define NOISE_CIPHER_STATE_AESGCM_h
#include "NoiseCipherState.h"
#include "AES.h"
#include "GCM.h"
class NoiseCipherState_AESGCM : public NoiseCipherState
{
public:
explicit NoiseCipherState_AESGCM(const uint8_t key[32]);
virtual ~NoiseCipherState_AESGCM();
void setNonce(uint64_t nonce);
int encryptPacket
(void *output, size_t outputSize,
const void *input, size_t inputSize);
int decryptPacket
(void *output, size_t outputSize,
const void *input, size_t inputSize);
void rekey();
void clear();
private:
GCM<AES256> cipher;
uint64_t n;
};
#endif

102
libraries/NoiseProtocol/src/NoiseCipherState_ChaChaPoly.cpp Normal file
View File

@ -0,0 +1,102 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "NoiseCipherState_ChaChaPoly.h"
#include "Crypto.h"
#include "utility/EndianUtil.h"
#include <string.h>
/**
* \class NoiseCipherState_ChaChaPoly NoiseCipherState_ChaChaPoly.h <NoiseCipherState_ChaChaPoly.h>
* \brief Implementation of the ChaChaPoly cipher
*/
/**
* \brief Constructs a new ChaChaPoly cipher object.
*
* \param key The 256-bit key for the cipher object.
*/
NoiseCipherState_ChaChaPoly::NoiseCipherState_ChaChaPoly(const uint8_t key[32])
{
cipher.setKey(key, 32);
n = 0;
}
/**
* \brief Destroys this ChaChaPoly cipher object.
*/
NoiseCipherState_ChaChaPoly::~NoiseCipherState_ChaChaPoly()
{
clean(&n, sizeof(n));
}
void NoiseCipherState_ChaChaPoly::setNonce(uint64_t nonce)
{
n = nonce;
}
int NoiseCipherState_ChaChaPoly::encryptPacket
(void *output, size_t outputSize, const void *input, size_t inputSize)
{
if (outputSize < 16 || (outputSize - 16) < inputSize)
return -1;
uint64_t iv = htole64(n);
cipher.setIV((const uint8_t *)&iv, sizeof(iv));
cipher.encrypt((uint8_t *)output, (const uint8_t *)input, inputSize);
cipher.computeTag(((uint8_t *)output) + inputSize, 16);
++n;
return inputSize + 16;
}
int NoiseCipherState_ChaChaPoly::decryptPacket
(void *output, size_t outputSize, const void *input, size_t inputSize)
{
if (inputSize < 16 || outputSize < (inputSize - 16))
return -1;
uint64_t iv = htole64(n);
outputSize = inputSize - 16;
cipher.setIV((const uint8_t *)&iv, sizeof(iv));
cipher.decrypt((uint8_t *)output, (const uint8_t *)input, outputSize);
if (cipher.checkTag(((const uint8_t *)input) + outputSize, 16)) {
++n;
return outputSize;
}
memset(output, 0, outputSize); // Destroy the output if the tag is invalid.
return -1;
}
void NoiseCipherState_ChaChaPoly::rekey()
{
uint8_t k[32];
uint64_t iv = 0xFFFFFFFFFFFFFFFFULL;
memset(k, 0, sizeof(k));
cipher.setIV((const uint8_t *)&iv, sizeof(iv));
cipher.encrypt(k, k, sizeof(k));
cipher.setKey(k, sizeof(k));
clean(k);
}
void NoiseCipherState_ChaChaPoly::clear()
{
cipher.clear();
n = 0;
}

53
libraries/NoiseProtocol/src/NoiseCipherState_ChaChaPoly.h Normal file
View File

@ -0,0 +1,53 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_CIPHER_STATE_CHACHAPOLY_h
#define NOISE_CIPHER_STATE_CHACHAPOLY_h
#include "NoiseCipherState.h"
#include "ChaChaPoly.h"
class NoiseCipherState_ChaChaPoly : public NoiseCipherState
{
public:
explicit NoiseCipherState_ChaChaPoly(const uint8_t key[32]);
virtual ~NoiseCipherState_ChaChaPoly();
void setNonce(uint64_t nonce);
int encryptPacket
(void *output, size_t outputSize,
const void *input, size_t inputSize);
int decryptPacket
(void *output, size_t outputSize,
const void *input, size_t inputSize);
void rekey();
void clear();
private:
ChaChaPoly cipher;
uint64_t n;
};
#endif

276
libraries/NoiseProtocol/src/NoiseDHState.cpp Normal file
View File

@ -0,0 +1,276 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "NoiseDHState.h"
#include <string.h>
/**
* \class NoiseDHState NoiseDHState.h <NoiseDHState.h>
* \brief Abstract base class for Diffie-Hellman (DH) algorithms for Noise.
*
* This API defines how NoiseHandshakeState interacts with the DH
* algorithm to set local keys, query remote keys, generate ephemeral
* key pairs, etc. Subclasses implement specific DH algorithms, such as
* NoiseDHState_Curve25519.
*/
/**
* \fn NoiseDHState::NoiseDHState()
* \brief Constructs a new DH state object.
*/
/**
* \brief Destroys this DH state object.
*/
NoiseDHState::~NoiseDHState()
{
}
/**
* \fn bool NoiseDHState::setParameter(Noise::Parameter id, const void *value, size_t size)
* \brief Sets a parameter on the DH object.
*
* \param id Identifies the parameter.
* \param value Points to the value to set for the parameter.
* \param size Size of the parameter value in bytes.
*
* \return Returns true if the parameter is set; false if the parameter
* \a id is not supported by the DH object; or false if the \a size is
* not valid for the parameter.
*
* If the \a id is for the private key component of a key pair, then the
* public key component will be generated from \a value. Returns false if
* it is not possible to generate the public key component from the
* private key component.
*
* \sa getParameter(), getParameterSize()
*/
/**
* \fn size_t NoiseDHState::getParameter(Noise::Parameter id, void *value, size_t maxSize) const
* \brief Gets the value associated with a parameter on the DH object.
*
* \param id Identifies the parameter.
* \param value Points to the buffer to write the parameter value to.
* \param maxSize Maximum size of the \a value buffer in bytes.
*
* \return The number of bytes that were written to \a value.
* \return 0 if \a id is not supported by the DH object.
* \return 0 if \a maxSize is not large enough to hold the parameter value.
* \return 0 if the parameter \a id has not been set yet.
*
* The getParameterSize() function can be used to determine the actual
* size of the parameter so that the caller can allocate a buffer large
* enough to contain it ahead of time.
*
* \sa setParameter(), getParameterSize()
*/
/**
* \fn size_t NoiseDHState::getParameterSize(Noise::Parameter id) const
* \brief Gets the size of a parameter on the DH object.
*
* \param id Identifies the parameter.
*
* \return The parameter's size, or zero if \a id is not valid for
* the DH object.
*
* If the parameter is variable-length, then this function will return
* the actual length of the value, which may be zero if the value has
* not been set yet.
*
* \sa getParameter(), setParameter(), hasParameter()
*/
/**
* \fn bool NoiseDHState::hasParameter(Noise::Parameter id) const
* \brief Determine if a parameter on this DH object has a value set.
*
* \param id Identifies the parameter.
*
* \return Returns true if \a id has a value; false if \a id does not
* have a value; false if \a id is not valid for the DH object.
*
* \sa getParameterSize(), getParameter(), removeParameter()
*/
/**
* \fn void NoiseDHState::removeParameter(Noise::Parameter id)
* \brief Removes a parameter from this DH object.
*
* \param id Identifies the parameter. If the parameter is unknown
* to the DH object, the request will be ignored.
*
* \sa hasParameter()
*/
/**
* \fn bool NoiseDHState::hashPublicKey(NoiseSymmetricState *sym, Noise::Parameter id)
* \brief Hashes a public key into the symmetric state.
*
* \param sym Symmetric state to hash the public key into.
* \param id Identifies the public key to hash.
*
* \return Returns true if the key was hashed; false if \a id is not supported
* by the DH object the \a id does not have a value at present.
*/
/**
* \fn size_t NoiseDHState::sharedKeySize() const
* \brief Gets the size of the shared keys that will be generated by
* ee(), es(), se(), and ss().
*
* \return The size of the shared keys in bytes.
*
* \sa ee(), es(), se(), ss()
*/
/**
* \fn void NoiseDHState::generateLocalEphemeralKeyPair()
* \brief Generates the local ephemeral key pair during a handshake.
*
* For testing purposes, the application can use setParameterKeyPair()
* to specify an ephemeral key after NoiseHandshakeState::start() and
* before this function is called. This permits testing with fixed
* key values. This functionality should not be used in real applications.
*/
/**
* \fn void NoiseDHState::ee(uint8_t *sharedKey)
* \brief Performs a DH operation using the local and remote ephemeral keys.
*
* \param sharedKey Returns the shared key. The buffer must be at least
* sharedKeySize() bytes in size.
*
* It is assumed that the caller has already verified that the DH object
* has all of the required keys before invoking this function.
*
* \sa es(), se(), ss()
*/
/**
* \fn void NoiseDHState::es(uint8_t *sharedKey)
* \brief Performs a DH operation using the local ephemeral key and the
* remote static key.
*
* \param sharedKey Returns the shared key. The buffer must be at least
* sharedKeySize() bytes in size.
*
* It is assumed that the caller has already verified that the DH object
* has all of the required keys before invoking this function.
*
* \sa ee(), se(), ss()
*/
/**
* \fn void NoiseDHState::se(uint8_t *sharedKey)
* \brief Performs a DH operation using the local static key and the
* remote ephemeral key.
*
* \param sharedKey Returns the shared key. The buffer must be at least
* sharedKeySize() bytes in size.
*
* It is assumed that the caller has already verified that the DH object
* has all of the required keys before invoking this function.
*
* \sa ee(), es(), ss()
*/
/**
* \fn void NoiseDHState::ss(uint8_t *sharedKey)
* \brief Performs a DH operation using the local and remote static keys.
*
* \param sharedKey Returns the shared key. The buffer must be at least
* sharedKeySize() bytes in size.
*
* It is assumed that the caller has already verified that the DH object
* has all of the required keys before invoking this function.
*
* \sa es(), se(), ss()
*/
/**
* \fn bool NoiseDHState::fallback(Noise::Party, const NoiseDHState *from)
* \brief Copies parameters from another DH object to perform a fallback.
*
* \param party The party to the new fallback handshake, Noise::Initiator
* or Noise::Responder.
* \param from DH object for the previous failed handshake.
*
* \return Returns false if there are insufficient parameters in \a from
* to perform a fallback or the DH algorithms do not match. Returns true
* if fallback is possible.
*
* This function copies the initiator's ephemeral keys and the local
* static key pair from a failed handshake into this DH object to
* initialize the new handshake.
*/
/**
* \fn void NoiseDHState::clear()
* \brief Clears all sensitive data from this object.
*/
/**
* \brief Helper function for copying a key value into the DH object.
*
* \param output Output buffer to copy the key into.
* \param expectedSize Expected size of the key value in bytes.
* \param value Points to the input value to be stored.
* \param size Size of the input value in bytes.
*
* \return Returns true if the value is stored, or false if \a size is
* not the same as \a expectedSize or \a value is NULL.
*
* \sa copyParameterOut()
*/
bool NoiseDHState::copyParameterIn
(void *output, size_t expectedSize, const void *value, size_t size)
{
if (size != expectedSize || !value)
return false;
memcpy(output, value, size);
return true;
}
/**
* \brief Helper function for copying a key value out of the DH object.
*
* \param output Output buffer to copy the key into.
* \param maxOutput Maximum size of the output buffer in bytes.
* \param value Points to input key value to be copied.
* \param size Size of the input key value.
*
* \return The actual size of the copied key value if it fits within
* \a maxOutputBytes. Returns zero if \a size is greater than \a maxOutput
* or \a output is NULL.
*
* \sa copyParameterIn()
*/
size_t NoiseDHState::copyParameterOut
(void *output, size_t maxOutput, const void *value, size_t size)
{
if (size > maxOutput || !output)
return 0;
memcpy(output, value, size);
return size;
}

69
libraries/NoiseProtocol/src/NoiseDHState.h Normal file
View File

@ -0,0 +1,69 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_DH_STATE_h
#define NOISE_DH_STATE_h
#include "NoiseNamespace.h"
#include <stddef.h>
#include <inttypes.h>
class NoiseSymmetricState;
class NoiseDHState
{
public:
NoiseDHState() {}
virtual ~NoiseDHState();
virtual bool setParameter
(Noise::Parameter id, const void *value, size_t size) = 0;
virtual size_t getParameter
(Noise::Parameter id, void *value, size_t maxSize) const = 0;
virtual size_t getParameterSize(Noise::Parameter id) const = 0;
virtual bool hasParameter(Noise::Parameter id) const = 0;
virtual void removeParameter(Noise::Parameter id) = 0;
virtual bool hashPublicKey
(NoiseSymmetricState *sym, Noise::Parameter id) = 0;
virtual size_t sharedKeySize() const = 0;
virtual void generateLocalEphemeralKeyPair() = 0;
virtual void ee(uint8_t *sharedKey) = 0;
virtual void es(uint8_t *sharedKey) = 0;
virtual void se(uint8_t *sharedKey) = 0;
virtual void ss(uint8_t *sharedKey) = 0;
virtual bool fallback(Noise::Party party, const NoiseDHState *from) = 0;
virtual void clear() = 0;
protected:
static bool copyParameterIn
(void *output, size_t expectedSize, const void *value, size_t size);
static size_t copyParameterOut
(void *output, size_t maxOutput, const void *value, size_t size);
};
#endif

509
libraries/NoiseProtocol/src/NoiseDHState_Curve25519.cpp Normal file
View File

@ -0,0 +1,509 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "NoiseDHState_Curve25519.h"
#include "NoiseSymmetricState.h"
#include "Curve25519.h"
#include "Crypto.h"
#include "RNG.h"
#include <string.h>
/**
* \class NoiseDHState_Curve25519 NoiseDHState_Curve25519.h <NoiseDHState_Curve25519.h>
* \brief Noise protocol interface to the Curve25519 algorithm.
*/
/**
* \class NoiseDHState_Curve25519_EphemOnly NoiseDHState_Curve25519.h <NoiseDHState_Curve25519.h>
* \brief Noise protocol interface to the ephemeral-only Curve25519 algorithm.
*
* This class is intended for use with the "NN" pattern which does not
* require static keys. It saves 96 bytes of memory compared with
* NoiseDHState_Curve25519.
*/
#define HAVE_25519_LOCAL_EPHEM_PUBLIC 0x01
#define HAVE_25519_LOCAL_EPHEM_PRIVATE 0x02
#define HAVE_25519_LOCAL_STATIC_PUBLIC 0x04
#define HAVE_25519_LOCAL_STATIC_PRIVATE 0x08
#define HAVE_25519_REMOTE_EPHEM_PUBLIC 0x10
#define HAVE_25519_REMOTE_STATIC_PUBLIC 0x20
/**
* \brief Constructs a new ephemeral-only Curve25519 DH object.
*/
NoiseDHState_Curve25519_EphemOnly::NoiseDHState_Curve25519_EphemOnly()
{
memset(&st, 0, sizeof(st));
}
/**
* \brief Destroys this ephemeral-only Curve25519 DH object.
*/
NoiseDHState_Curve25519_EphemOnly::~NoiseDHState_Curve25519_EphemOnly()
{
clean(st);
}
bool NoiseDHState_Curve25519_EphemOnly::setParameter
(Noise::Parameter id, const void *value, size_t size)
{
switch (id) {
case Noise::LocalEphemPrivateKey:
case Noise::LocalEphem25519PrivateKey:
if (!copyParameterIn(st.le, sizeof(st.le), value, size))
break;
st.le[0] &= 0xF8;
st.le[31] = (st.le[31] & 0x7F) | 0x40;
Curve25519::eval(st.lf, st.le, 0);
st.flags |= HAVE_25519_LOCAL_EPHEM_PRIVATE |
HAVE_25519_LOCAL_EPHEM_PUBLIC;
return true;
case Noise::LocalEphemKeyPair:
case Noise::LocalEphem25519KeyPair:
if (size != 64)
break;
if (!copyParameterIn(st.le, sizeof(st.le), value, 32))
break;
if (!copyParameterIn
(st.lf, sizeof(st.lf), ((const uint8_t *)value) + 32, 32))
break;
st.flags |= HAVE_25519_LOCAL_EPHEM_PRIVATE |
HAVE_25519_LOCAL_EPHEM_PUBLIC;
return true;
case Noise::RemoteEphemPublicKey:
case Noise::RemoteEphem25519PublicKey:
if (!copyParameterIn(st.re, sizeof(st.re), value, size))
break;
st.flags |= HAVE_25519_REMOTE_EPHEM_PUBLIC;
return true;
default: break;
}
return false;
}
size_t NoiseDHState_Curve25519_EphemOnly::getParameter
(Noise::Parameter id, void *value, size_t maxSize) const
{
switch (id) {
case Noise::LocalEphemPrivateKey:
case Noise::LocalEphem25519PrivateKey:
if (!(st.flags & HAVE_25519_LOCAL_EPHEM_PRIVATE))
break;
return copyParameterOut(value, maxSize, st.le, sizeof(st.le));
case Noise::LocalEphemPublicKey:
case Noise::LocalEphem25519PublicKey:
if (!(st.flags & HAVE_25519_LOCAL_EPHEM_PUBLIC))
break;
return copyParameterOut(value, maxSize, st.lf, sizeof(st.lf));
case Noise::LocalEphemKeyPair:
case Noise::LocalEphem25519KeyPair:
if (!(st.flags & HAVE_25519_LOCAL_EPHEM_PRIVATE))
break;
if (maxSize < 64)
break;
if (copyParameterOut(value, 32, st.le, sizeof(st.le)) != 32)
break;
if (copyParameterOut
(((uint8_t *)value) + 32, 32, st.lf, sizeof(st.lf)) != 32)
break;
return 64;
case Noise::RemoteEphemPublicKey:
case Noise::RemoteEphem25519PublicKey:
if (!(st.flags & HAVE_25519_REMOTE_EPHEM_PUBLIC))
break;
return copyParameterOut(value, maxSize, st.re, sizeof(st.re));
default: break;
}
return 0;
}
size_t NoiseDHState_Curve25519_EphemOnly::getParameterSize(Noise::Parameter id) const
{
switch (id) {
case Noise::LocalEphemKeyPair:
case Noise::LocalEphem25519KeyPair:
return 64;
case Noise::LocalEphemPrivateKey:
case Noise::LocalEphem25519PrivateKey:
case Noise::LocalEphemPublicKey:
case Noise::LocalEphem25519PublicKey:
case Noise::RemoteEphemPublicKey:
case Noise::RemoteEphem25519PublicKey:
return 32;
default:
return 0;
}
}
bool NoiseDHState_Curve25519_EphemOnly::hasParameter(Noise::Parameter id) const
{
switch (id) {
case Noise::LocalEphemKeyPair:
case Noise::LocalEphemPrivateKey:
case Noise::LocalEphem25519KeyPair:
case Noise::LocalEphem25519PrivateKey:
return (st.flags & HAVE_25519_LOCAL_EPHEM_PRIVATE) != 0;
case Noise::LocalEphemPublicKey:
case Noise::LocalEphem25519PublicKey:
return (st.flags & HAVE_25519_LOCAL_EPHEM_PUBLIC) != 0;
case Noise::RemoteEphemPublicKey:
case Noise::RemoteEphem25519PublicKey:
return (st.flags & HAVE_25519_REMOTE_EPHEM_PUBLIC) != 0;
default: break;
}
return false;
}
void NoiseDHState_Curve25519_EphemOnly::removeParameter(Noise::Parameter id)
{
switch (id) {
case Noise::LocalEphemKeyPair:
case Noise::LocalEphemPrivateKey:
case Noise::LocalEphemPublicKey:
case Noise::LocalEphem25519KeyPair:
case Noise::LocalEphem25519PrivateKey:
case Noise::LocalEphem25519PublicKey:
st.flags &= ~(HAVE_25519_LOCAL_EPHEM_PRIVATE |
HAVE_25519_LOCAL_EPHEM_PUBLIC);
break;
case Noise::RemoteEphemPublicKey:
case Noise::RemoteEphem25519PublicKey:
st.flags &= ~HAVE_25519_REMOTE_EPHEM_PUBLIC;
break;
default: break;
}
}
bool NoiseDHState_Curve25519_EphemOnly::hashPublicKey
(NoiseSymmetricState *sym, Noise::Parameter id)
{
switch (id) {
case Noise::LocalEphemPublicKey:
case Noise::LocalEphem25519PublicKey:
if (!(st.flags & HAVE_25519_LOCAL_EPHEM_PUBLIC))
break;
sym->mixHash(st.lf, sizeof(st.lf));
return true;
case Noise::RemoteEphemPublicKey:
case Noise::RemoteEphem25519PublicKey:
if (!(st.flags & HAVE_25519_REMOTE_EPHEM_PUBLIC))
break;
sym->mixHash(st.re, sizeof(st.re));
return true;
default: break;
}
return false;
}
size_t NoiseDHState_Curve25519_EphemOnly::sharedKeySize() const
{
return 32;
}
void NoiseDHState_Curve25519_EphemOnly::generateLocalEphemeralKeyPair()
{
// For testing, the ephemeral key pair can be provided ahead of
// time by the test harness. Only create a new pair if we need it.
if (!(st.flags & HAVE_25519_LOCAL_EPHEM_PRIVATE)) {
RNG.rand(st.le, 32);
st.le[0] &= 0xF8;
st.le[31] = (st.le[31] & 0x7F) | 0x40;
Curve25519::eval(st.lf, st.le, 0);
}
}
void NoiseDHState_Curve25519_EphemOnly::ee(uint8_t *sharedKey)
{
Curve25519::eval(sharedKey, st.le, st.re);
}
// es(), se(), and ss() shouldn't be called for ephemeral-only
// handshakes so we simply stub them out. If they are called
// by accident then zeroing the sharedKey ensures that we don't
// accidentally leak information about previous memory contents.
void NoiseDHState_Curve25519_EphemOnly::es(uint8_t *sharedKey)
{
memset(sharedKey, 0, 32);
}
void NoiseDHState_Curve25519_EphemOnly::se(uint8_t *sharedKey)
{
memset(sharedKey, 0, 32);
}
void NoiseDHState_Curve25519_EphemOnly::ss(uint8_t *sharedKey)
{
memset(sharedKey, 0, 32);
}
bool NoiseDHState_Curve25519_EphemOnly::fallback
(Noise::Party party, const NoiseDHState *from)
{
// Copy the initiator's ephemeral key into this object.
st.flags &= ~(HAVE_25519_LOCAL_EPHEM_PUBLIC |
HAVE_25519_LOCAL_EPHEM_PRIVATE |
HAVE_25519_REMOTE_EPHEM_PUBLIC);
if (party == Noise::Initiator) {
if (from->getParameter(Noise::LocalEphem25519PrivateKey, st.le, 32) != 32)
return false;
if (from->getParameter(Noise::LocalEphem25519PublicKey, st.lf, 32) != 32)
return false;
st.flags |= HAVE_25519_LOCAL_EPHEM_PUBLIC |
HAVE_25519_LOCAL_EPHEM_PRIVATE;
} else {
if (from->getParameter(Noise::RemoteEphem25519PublicKey, st.re, 32) != 32)
return false;
st.flags |= HAVE_25519_REMOTE_EPHEM_PUBLIC;
}
return true;
}
void NoiseDHState_Curve25519_EphemOnly::clear()
{
clean(st);
}
/**
* \brief Constructs a new Curve25519 DH object.
*/
NoiseDHState_Curve25519::NoiseDHState_Curve25519()
{
memset(&st2, 0, sizeof(st2));
}
/**
* \brief Destroys this Curve25519 DH object.
*/
NoiseDHState_Curve25519::~NoiseDHState_Curve25519()
{
clean(st2);
}
bool NoiseDHState_Curve25519::setParameter
(Noise::Parameter id, const void *value, size_t size)
{
switch (id) {
case Noise::LocalStaticPrivateKey:
case Noise::LocalStatic25519PrivateKey:
if (!copyParameterIn(st2.ls, sizeof(st2.ls), value, size))
break;
st2.ls[0] &= 0xF8;
st2.ls[31] = (st2.ls[31] & 0x7F) | 0x40;
Curve25519::eval(st2.lp, st2.ls, 0);
st.flags |= HAVE_25519_LOCAL_STATIC_PRIVATE |
HAVE_25519_LOCAL_STATIC_PUBLIC;
return true;
case Noise::LocalStaticKeyPair:
case Noise::LocalStatic25519KeyPair:
if (size != 64)
break;
if (!copyParameterIn(st2.ls, sizeof(st2.ls), value, 32))
break;
if (!copyParameterIn
(st2.lp, sizeof(st2.lp), ((const uint8_t *)value) + 32, 32))
break;
st.flags |= HAVE_25519_LOCAL_STATIC_PRIVATE |
HAVE_25519_LOCAL_STATIC_PUBLIC;
return true;
case Noise::RemoteStaticPublicKey:
case Noise::RemoteStatic25519PublicKey:
if (!copyParameterIn(st2.rs, sizeof(st2.rs), value, size))
break;
st.flags |= HAVE_25519_REMOTE_STATIC_PUBLIC;
return true;
default:
return NoiseDHState_Curve25519_EphemOnly::setParameter(id, value, size);
}
return false;
}
size_t NoiseDHState_Curve25519::getParameter
(Noise::Parameter id, void *value, size_t maxSize) const
{
switch (id) {
case Noise::LocalStaticPrivateKey:
case Noise::LocalStatic25519PrivateKey:
if (!(st.flags & HAVE_25519_LOCAL_STATIC_PRIVATE))
break;
return copyParameterOut(value, maxSize, st2.ls, sizeof(st2.ls));
case Noise::LocalStaticPublicKey:
case Noise::LocalStatic25519PublicKey:
if (!(st.flags & HAVE_25519_LOCAL_STATIC_PUBLIC))
break;
return copyParameterOut(value, maxSize, st2.lp, sizeof(st2.lp));
case Noise::LocalStaticKeyPair:
case Noise::LocalStatic25519KeyPair:
if (!(st.flags & HAVE_25519_LOCAL_STATIC_PRIVATE))
break;
if (maxSize < 64)
break;
if (copyParameterOut(value, 32, st2.ls, sizeof(st2.ls)) != 32)
break;
if (copyParameterOut
(((uint8_t *)value) + 32, 32, st2.lp, sizeof(st2.lp)) != 32)
break;
return 64;
case Noise::RemoteStaticPublicKey:
case Noise::RemoteStatic25519PublicKey:
if (!(st.flags & HAVE_25519_REMOTE_STATIC_PUBLIC))
break;
return copyParameterOut(value, maxSize, st2.rs, sizeof(st2.rs));
default:
return NoiseDHState_Curve25519_EphemOnly::getParameter
(id, value, maxSize);
}
return 0;
}
size_t NoiseDHState_Curve25519::getParameterSize(Noise::Parameter id) const
{
switch (id) {
case Noise::LocalStaticKeyPair:
case Noise::LocalStatic25519KeyPair:
return 64;
case Noise::LocalStaticPrivateKey:
case Noise::LocalStatic25519PrivateKey:
case Noise::LocalStaticPublicKey:
case Noise::LocalStatic25519PublicKey:
case Noise::RemoteStaticPublicKey:
case Noise::RemoteStatic25519PublicKey:
return 32;
default:
return NoiseDHState_Curve25519_EphemOnly::getParameterSize(id);
}
}
bool NoiseDHState_Curve25519::hasParameter(Noise::Parameter id) const
{
switch (id) {
case Noise::LocalStaticKeyPair:
case Noise::LocalStaticPrivateKey:
case Noise::LocalStatic25519KeyPair:
case Noise::LocalStatic25519PrivateKey:
return (st.flags & HAVE_25519_LOCAL_STATIC_PRIVATE) != 0;
case Noise::LocalStaticPublicKey:
case Noise::LocalStatic25519PublicKey:
return (st.flags & HAVE_25519_LOCAL_STATIC_PUBLIC) != 0;
case Noise::RemoteStaticPublicKey:
case Noise::RemoteStatic25519PublicKey:
return (st.flags & HAVE_25519_REMOTE_STATIC_PUBLIC) != 0;
default:
return NoiseDHState_Curve25519_EphemOnly::getParameterSize(id);
}
return false;
}
void NoiseDHState_Curve25519::removeParameter(Noise::Parameter id)
{
switch (id) {
case Noise::LocalStaticKeyPair:
case Noise::LocalStaticPrivateKey:
case Noise::LocalStaticPublicKey:
case Noise::LocalStatic25519KeyPair:
case Noise::LocalStatic25519PrivateKey:
case Noise::LocalStatic25519PublicKey:
st.flags &= ~(HAVE_25519_LOCAL_STATIC_PRIVATE |
HAVE_25519_LOCAL_STATIC_PUBLIC);
break;
case Noise::RemoteStaticPublicKey:
case Noise::RemoteStatic25519PublicKey:
st.flags &= ~HAVE_25519_REMOTE_STATIC_PUBLIC;
break;
default:
NoiseDHState_Curve25519_EphemOnly::removeParameter(id);
break;
}
}
bool NoiseDHState_Curve25519::hashPublicKey
(NoiseSymmetricState *sym, Noise::Parameter id)
{
switch (id) {
case Noise::LocalStaticPublicKey:
case Noise::LocalStatic25519PublicKey:
if (!(st.flags & HAVE_25519_LOCAL_STATIC_PUBLIC))
break;
sym->mixHash(st2.lp, sizeof(st2.lp));
return true;
case Noise::RemoteStaticPublicKey:
case Noise::RemoteStatic25519PublicKey:
if (!(st.flags & HAVE_25519_REMOTE_STATIC_PUBLIC))
break;
sym->mixHash(st.re, sizeof(st.re));
return true;
default:
return NoiseDHState_Curve25519_EphemOnly::hashPublicKey(sym, id);
}
return false;
}
void NoiseDHState_Curve25519::es(uint8_t *sharedKey)
{
Curve25519::eval(sharedKey, st.le, st2.rs);
}
void NoiseDHState_Curve25519::se(uint8_t *sharedKey)
{
Curve25519::eval(sharedKey, st2.ls, st.re);
}
void NoiseDHState_Curve25519::ss(uint8_t *sharedKey)
{
Curve25519::eval(sharedKey, st2.ls, st2.rs);
}
bool NoiseDHState_Curve25519::fallback
(Noise::Party party, const NoiseDHState *from)
{
// Copy the initiator's ephemeral key into this object.
if (!NoiseDHState_Curve25519_EphemOnly::fallback(party, from))
return false;
// Copy the local static Curve25519 key into this object.
// Don't do this if we already have a local static key because
// we may be changing to a new key for the fallback handshake.
if (!(st.flags & HAVE_25519_LOCAL_STATIC_PRIVATE)) {
if (from->getParameter(Noise::LocalStatic25519PrivateKey, st2.ls, 32) != 32)
return false;
if (from->getParameter(Noise::LocalStatic25519PublicKey, st2.lp, 32) != 32)
return false;
st.flags |= HAVE_25519_LOCAL_STATIC_PUBLIC |
HAVE_25519_LOCAL_STATIC_PRIVATE;
}
return true;
}
void NoiseDHState_Curve25519::clear()
{
NoiseDHState_Curve25519_EphemOnly::clear();
clean(st2);
}

98
libraries/NoiseProtocol/src/NoiseDHState_Curve25519.h Normal file
View File

@ -0,0 +1,98 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_DH_STATE_CURVE25519_h
#define NOISE_DH_STATE_CURVE25519_h
#include "NoiseDHState.h"
class NoiseDHState_Curve25519;
class NoiseDHState_Curve25519_EphemOnly : public NoiseDHState
{
public:
NoiseDHState_Curve25519_EphemOnly();
virtual ~NoiseDHState_Curve25519_EphemOnly();
bool setParameter(Noise::Parameter id, const void *value, size_t size);
size_t getParameter(Noise::Parameter id, void *value, size_t maxSize) const;
size_t getParameterSize(Noise::Parameter id) const;
bool hasParameter(Noise::Parameter id) const;
void removeParameter(Noise::Parameter id);
bool hashPublicKey(NoiseSymmetricState *sym, Noise::Parameter id);
size_t sharedKeySize() const;
void generateLocalEphemeralKeyPair();
void ee(uint8_t *sharedKey);
void es(uint8_t *sharedKey);
void se(uint8_t *sharedKey);
void ss(uint8_t *sharedKey);
bool fallback(Noise::Party party, const NoiseDHState *from);
void clear();
private:
struct {
uint8_t le[32]; // Local ephemeral private key.
uint8_t lf[32]; // Local ephemeral public key.
uint8_t re[32]; // Remote ephemeral public key.
uint8_t flags; // Indicates which keys are present.
} st;
friend class NoiseDHState_Curve25519;
};
class NoiseDHState_Curve25519 : public NoiseDHState_Curve25519_EphemOnly
{
public:
NoiseDHState_Curve25519();
virtual ~NoiseDHState_Curve25519();
bool setParameter(Noise::Parameter id, const void *value, size_t size);
size_t getParameter(Noise::Parameter id, void *value, size_t maxSize) const;
size_t getParameterSize(Noise::Parameter id) const;
bool hasParameter(Noise::Parameter id) const;
void removeParameter(Noise::Parameter id);
bool hashPublicKey(NoiseSymmetricState *sym, Noise::Parameter id);
void es(uint8_t *sharedKey);
void se(uint8_t *sharedKey);
void ss(uint8_t *sharedKey);
bool fallback(Noise::Party party, const NoiseDHState *from);
void clear();
private:
struct {
uint8_t ls[32]; // Local static private key.
uint8_t lp[32]; // Local static public key.
uint8_t rs[32]; // Remote static public key.
} st2;
};
#endif

1003
libraries/NoiseProtocol/src/NoiseHandshakeState.cpp Normal file
View File

File diff suppressed because it is too large Load Diff

152
libraries/NoiseProtocol/src/NoiseHandshakeState.h Normal file
View File

@ -0,0 +1,152 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_HANDSHAKE_STATE_h
#define NOISE_HANDSHAKE_STATE_h
#include "NoiseNamespace.h"
#include "NoiseSymmetricState.h"
#include "NoiseDHState.h"
#include "NoiseCipherState.h"
class NoiseHandshakeState
{
public:
virtual ~NoiseHandshakeState();
virtual void start
(Noise::Party party, const void *prologue = 0, size_t prologueLen = 0);
virtual bool startFallback
(const NoiseHandshakeState *fallbackFrom, Noise::Party party,
const void *prologue = 0, size_t prologueLen = 0);
Noise::Party party() const { return pty; }
Noise::HandshakeState state() const { return st; }
const char *protocolName() const { return protoName; }
virtual bool setParameter
(Noise::Parameter id, const void *value, size_t size);
virtual size_t getParameter
(Noise::Parameter id, void *value, size_t maxSize) const;
virtual size_t getParameterSize(Noise::Parameter id) const;
virtual bool hasParameter(Noise::Parameter id) const;
virtual void removeParameter(Noise::Parameter id);
int write(void *output, size_t maxOutputSize,
const void *payload, size_t payloadSize);
int read(void *payload, size_t maxPayloadSize,
const void *input, size_t inputSize);
bool split(NoiseCipherState **tx, NoiseCipherState **rx);
bool getHandshakeHash(void *data, size_t size);
virtual void clear();
protected:
NoiseHandshakeState();
NoiseSymmetricState *symmetricState() const { return sym; }
void setSymmetricState(NoiseSymmetricState *symState) { sym = symState; }
NoiseDHState *dhState() const { return dh; }
void setDHState(NoiseDHState *dhState) { dh = dhState; }
static const NoiseDHState *otherDHState
(const NoiseHandshakeState *handshake) { return handshake->dh; }
void setProtocolName(const char *name) { protoName = name; }
virtual void removeKeys();
/**
* \brief Information about a handshake packet that is being processed.
*/
struct Packet
{
uint8_t *data; /**< Points to the start of the packet's data */
size_t posn; /**< Current processing position in the data array */
size_t size; /**< Maximum amount of available packet data */
bool error; /**< Set to true if an error has occurred */
bool done; /**< Set to true for the last handshake message */
};
virtual void writeTokens
(NoiseHandshakeState::Packet &packet, uint8_t msgnum) = 0;
virtual void readTokens
(NoiseHandshakeState::Packet &packet, uint8_t msgnum) = 0;
virtual void write_e(NoiseHandshakeState::Packet &packet);
void write_s(NoiseHandshakeState::Packet &packet);
void write_ee(NoiseHandshakeState::Packet &packet);
void write_es(NoiseHandshakeState::Packet &packet);
void write_se(NoiseHandshakeState::Packet &packet);
void write_ss(NoiseHandshakeState::Packet &packet);
virtual void read_e(NoiseHandshakeState::Packet &packet);
void read_s(NoiseHandshakeState::Packet &packet);
void read_ee(NoiseHandshakeState::Packet &packet) { write_ee(packet); }
void read_es(NoiseHandshakeState::Packet &packet) { write_es(packet); }
void read_se(NoiseHandshakeState::Packet &packet) { write_se(packet); }
void read_ss(NoiseHandshakeState::Packet &packet) { write_ss(packet); }
void setState(Noise::HandshakeState state) { st = state; }
private:
NoiseSymmetricState *sym;
NoiseDHState *dh;
const char *protoName;
Noise::Party pty;
Noise::HandshakeState st;
uint8_t msgnum;
void writePayload(NoiseHandshakeState::Packet &packet,
const void *data, size_t size);
size_t readPayload(NoiseHandshakeState::Packet &packet,
void *data, size_t maxSize);
};
class NoiseHandshakeStatePSK : public NoiseHandshakeState
{
public:
virtual ~NoiseHandshakeStatePSK();
bool setParameter(Noise::Parameter id, const void *value, size_t size);
size_t getParameter(Noise::Parameter id, void *value, size_t maxSize) const;
size_t getParameterSize(Noise::Parameter id) const;
bool hasParameter(Noise::Parameter id) const;
void removeParameter(Noise::Parameter id);
void clear();
protected:
NoiseHandshakeStatePSK();
void write_e(NoiseHandshakeState::Packet &packet);
void read_e(NoiseHandshakeState::Packet &packet);
void write_psk(NoiseHandshakeState::Packet &packet);
void read_psk(NoiseHandshakeState::Packet &packet) { write_psk(packet); }
private:
uint8_t psk[32];
bool havePSK;
};
#endif

28
libraries/NoiseProtocol/src/NoiseNamespace.cpp Normal file
View File

@ -0,0 +1,28 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "NoiseNamespace.h"
/**
* \namespace Noise
* \brief Common definitions for the Noise protocol.
*/

82
libraries/NoiseProtocol/src/NoiseNamespace.h Normal file
View File

@ -0,0 +1,82 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_NAMESPACE_h
#define NOISE_NAMESPACE_h
#include <inttypes.h>
namespace Noise
{
/**
* \brief Indicates which party is engaging in a handshake.
*/
enum Party
{
Initiator, /**< Local party is the initiator of the handshake */
Responder /**< Local party is the responder of the handshake */
};
/**
* \brief Current state of a handshake.
*/
enum HandshakeState
{
Write, /**< Next operation is a handshake packet write() */
Read, /**< Next operation is a handshake packet read() */
Split, /**< Handshake complete, next operation is split() */
Finished, /**< Handshake finished and split() already done */
Failed /**< Handshake has failed or was never started */
};
/**
* \brief Identifiers for handshake parameters.
*/
enum Parameter
{
// Standard handshake parameters.
LocalStaticKeyPair = 1, /**< Local DH static key pair */
LocalStaticPrivateKey = 2, /**< Local DH static private key */
LocalStaticPublicKey = 3, /**< Local DH static public key */
RemoteStaticPublicKey = 4, /**< Remote DH static public key */
PreSharedKey = 5, /**< Pre-shared symmetric key */
// Specific algorithm names for meta-handshakes.
LocalStatic25519KeyPair = 100, /**< Local Curve25519 key pair */
LocalStatic25519PrivateKey = 101, /**< Local Curve25519 private key */
LocalStatic25519PublicKey = 102, /**< Local Curve25519 public key */
RemoteStatic25519PublicKey = 103, /**< Remote Curve25519 public key */
// Internal parameters (for application testing use only).
LocalEphemKeyPair = 200, /**< Local DH ephemeral key pair */
LocalEphemPrivateKey = 201, /**< Local DH ephemeral private key */
LocalEphemPublicKey = 202, /**< Local DH ephemeral public key */
RemoteEphemPublicKey = 203, /**< Remote DH ephemeral public key */
LocalEphem25519KeyPair = 204, /**< Local ephemeral Curve25519 key pair */
LocalEphem25519PrivateKey = 205, /**< Local ephemeral Curve25519 private key */
LocalEphem25519PublicKey = 206, /**< Local ephemeral Curve25519 public key */
RemoteEphem25519PublicKey = 207 /**< Remote ephemeral Curve25519 public key */
};
}; // namespace Noise
#endif

48
libraries/NoiseProtocol/src/NoiseProtocol.h Normal file
View File

@ -0,0 +1,48 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_PROTOCOL_h
#define NOISE_PROTOCOL_h
#include "NoiseNamespace.h"
#include "Noise_IK_25519_AESGCM_SHA256.h"
#include "Noise_IK_25519_ChaChaPoly_BLAKE2s.h"
#include "Noise_IK_25519_ChaChaPoly_SHA256.h"
#include "Noise_NNpsk0_25519_AESGCM_SHA256.h"
#include "Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s.h"
#include "Noise_NNpsk0_25519_ChaChaPoly_SHA256.h"
#include "Noise_Pipes_25519_AESGCM_SHA256.h"
#include "Noise_Pipes_25519_ChaChaPoly_BLAKE2s.h"
#include "Noise_Pipes_25519_ChaChaPoly_SHA256.h"
#include "Noise_XX_25519_AESGCM_SHA256.h"
#include "Noise_XX_25519_ChaChaPoly_BLAKE2s.h"
#include "Noise_XX_25519_ChaChaPoly_SHA256.h"
#include "Noise_XXfallback_25519_AESGCM_SHA256.h"
#include "Noise_XXfallback_25519_ChaChaPoly_BLAKE2s.h"
#include "Noise_XXfallback_25519_ChaChaPoly_SHA256.h"
#endif

113
libraries/NoiseProtocol/src/NoiseProtocolDescriptor.cpp Normal file
View File

@ -0,0 +1,113 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "NoiseProtocolDescriptor.h"
/**
* \class NoiseProtocolDescriptor NoiseProtocolDescriptor.h <NoiseProtocolDescriptor.h>
* \brief Description of a Noise protocol and a method to create a handshake
* object that implements the protocol.
*
* This class is abstract. The caller should instantiate a subclass like
* Noise_XX_25519_ChaChaPoly_BLAKE2s or Noise_XX_25519_AESGCM_SHA256 to
* get an actual descriptor.
*/
/**
* \fn NoiseProtocolDescriptor::NoiseProtocolDescriptor(const char *name, const char *alias)
* \brief Creates a new Noise protocol descriptor.
*
* \param name Name of the Noise protocol, e.g. "Noise_XX_25519_AESGCM_SHA256".
* \param alias NoiseTinyLink alias for the Noise protocol; e.g. "1". Set this
* to NULL if the protocol does not have a NoiseTinyLink alias defined.
*/
/**
* \brief Destroys this Noise protocol descriptor.
*/
NoiseProtocolDescriptor::~NoiseProtocolDescriptor()
{
}
/**
* \fn const char *NoiseProtocolDescriptor::protocolName() const
* \brief Gets the name of the Noise protocol represented by this descriptor.
*
* \return The name of the Noise protocol.
*
* \sa protocolAlias()
*/
/**
* \fn const char *NoiseProtocolDescriptor::protocolAlias() const
* \brief Gets the NoiseTinyLink alias for the Noise protocol represented
* by this descriptor.
*
* \return The alias or NULL if the protocol does not have a NoiseTinyLink
* alias defined.
*
* \sa protocolName()
*/
/**
* \fn NoiseHandshakeState *NoiseProtocolDescriptor::createHandshake() const
* \brief Creates a handshake object for the Noise protocol represented
* by this descriptor.
*
* \return A new handshake object for the protocol.
*/
/**
* \brief Returns the descriptor for the abbreviated protocol, if any.
*
* \return Returns a pointer to the abbreviated protocol descriptor, or NULL
* if this protocol does not have an abbreviated version.
*
* This function and fallbackDescriptor() to intended to help implement
* fallback-using protocols like Noise Pipes. In the case of Noise Pipes,
* the full protocol would be XX, the abbreviated protocol would be IK,
* and the fallback protocol would XXfallback.
*
* The abbreviated protocol should be selected if a remote static public
* key is available when the handshake starts. Otherwise the full protocol
* should be used to discover the remote static public key dynamically.
*
* \sa fallbackDescriptor()
*/
const NoiseProtocolDescriptor *NoiseProtocolDescriptor::abbreviatedDescriptor() const
{
return 0;
}
/**
* \brief Returns the descriptor for the fallback protocol, if any.
*
* \return Returns a pointer to the fallback protocol descriptor, or NULL
* if it is not possible to fall back from the abbreviated protocol to
* another protocol. The default implementation returns NULL.
*
* \sa abbreviatedDescriptor()
*/
const NoiseProtocolDescriptor *NoiseProtocolDescriptor::fallbackDescriptor() const
{
return 0;
}

50
libraries/NoiseProtocol/src/NoiseProtocolDescriptor.h Normal file
View File

@ -0,0 +1,50 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_PROTOCOL_DESCRIPTOR_h
#define NOISE_PROTOCOL_DESCRIPTOR_h
class NoiseHandshakeState;
class NoiseProtocolDescriptor
{
public:
virtual ~NoiseProtocolDescriptor();
const char *protocolName() const { return protoName; }
const char *protocolAlias() const { return protoAlias; }
virtual NoiseHandshakeState *createHandshake() const = 0;
virtual const NoiseProtocolDescriptor *abbreviatedDescriptor() const;
virtual const NoiseProtocolDescriptor *fallbackDescriptor() const;
protected:
explicit NoiseProtocolDescriptor(const char *name, const char *alias = 0)
: protoName(name), protoAlias(alias) {}
private:
const char *protoName;
const char *protoAlias;
};
#endif

169
libraries/NoiseProtocol/src/NoiseSymmetricState.cpp Normal file
View File

@ -0,0 +1,169 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "NoiseSymmetricState.h"
/**
* \class NoiseSymmetricState NoiseSymmetricState.h <NoiseSymmetricState.h>
* \brief Abstract base class for the Noise protocol's symmetric state.
*
* This class is abstract. The caller should instantiate a subclass like
* NoiseSymmetricState_ChaChaPoly_BLAKE2s or NoiseSymmetricState_AESGCM_SHA256
* to choose the specific algorithms to use in the symmetric state.
*/
/**
* \fn NoiseSymmetricState::NoiseSymmetricState()
* \brief Constructs a new symmetric state object.
*/
/**
* \brief Destroys this symmetric state object.
*/
NoiseSymmetricState::~NoiseSymmetricState()
{
}
/**
* \fn void NoiseSymmetricState::initialize(const char *protocolName)
* \brief Initializes a Noise protocol using this symmetric state.
*
* \param protocolName The full name of the Noise protocol.
*/
/**
* \fn bool NoiseSymmetricState::hasKey() const
* \brief Determine if this symmetric state has an encryption key set.
*
* \return Returns true if an encryption key has been set, false if not.
*/
/**
* \brief Returns the length of MAC values for this symmetric state.
*
* \return The base class returns 16 which is the recommended size for
* MAC values in all Noise protocols.
*
* In theory, subclasses could return a smaller value than 16 if MAC values
* were being truncated to save packet space. The Noise specification
* recommends against MAC truncation as it reduces security.
*/
size_t NoiseSymmetricState::macLen() const
{
return 16;
}
/**
* \fn void NoiseSymmetricState::mixKey(const void *data, size_t size)
* \brief Mixes input data into the chaining key.
*
* \param data Points to the data to be mixed in.
* \param size Number of bytes to mix in.
*
* \sa mixHash(), mixKeyAndHash()
*/
/**
* \fn void NoiseSymmetricState::mixHash(const void *data, size_t size)
* \brief Mixes input data into the handshake hash.
*
* \param data Points to the data to be mixed in.
* \param size Number of bytes to mix in.
*
* \sa mixKey(), mixKeyAndHash()
*/
/**
* \fn void NoiseSymmetricState::mixKeyAndHash(const void *data, size_t size)
* \brief Mixes input data into the chaining key and handshake hash.
*
* \param data Points to the data to be mixed in.
* \param size Number of bytes to mix in.
*
* \sa mixKey(), mixHash()
*/
/**
* \fn void NoiseSymmetricState::getHandshakeHash(void *data, size_t size)
* \brief Gets the handshake hash from the symmetric state.
*
* \param data Data buffer to fill with the handshake hash.
* \param size Size of the \a data buffer in bytes.
*
* If \a size is less than the size of the symmetric state's hash,
* then the value will be truncated to the first \a size bytes.
* If \a size is greater, then the extra bytes will be filled with zeroes.
*/
/**
* \fn int NoiseSymmetricState::encryptAndHash(uint8_t *output, size_t outputSize, const uint8_t *input, size_t inputSize)
* \brief Encrypts data and hashes it into the handshake hash.
*
* \param output Output buffer to write the ciphertext and MAC to.
* \param outputSize Available space in the \a output buffer.
* \param input Input buffer containing the plaintext to be encrypted.
* \param inputSize Number of bytes of plaintext.
*
* \return The number of bytes that were written to \a output.
* \return -1 if \a outputSize is not large enough to contain the
* ciphertext and MAC.
*
* The plaintext will be copied directly to the output buffer without a MAC
* if mixKey() has not been called yet.
*
* \sa decryptAndHash()
*/
/**
* \fn int NoiseSymmetricState::decryptAndHash(uint8_t *output, size_t outputSize, const uint8_t *input, size_t inputSize)
* \brief Decrypts data and hashes it into the handshake hash.
*
* \param output Output buffer to write the plaintext to.
* \param outputSize Available space in the \a output buffer.
* \param input Input buffer containing the ciphertext and MAC.
* \param inputSize Number of bytes of ciphertext plus the MAC.
*
* \return The number of bytes that were written to \a output.
* \return -1 if \a outputSize is not large enough to contain the plaintext.
* \return -1 if the MAC check failed; the plaintext output will be invalid.
*
* The ciphertext will be copied directly to the output buffer without
* removing a MAC if mixKey() has not been called yet.
*
* \sa encryptAndHash()
*/
/**
* \fn void NoiseSymmetricState::split(NoiseCipherState **c1, NoiseCipherState **c2)
* \brief Splits the symmetric state into two cipher objects for the
* transport phase of the Noise session.
*
* \param c1 Returns a new cipher object for encrypting traffic from the
* initiator to the responder. May be NULL if the object is not required.
* \param c2 Returns a new cipher object for encrypting traffic from the
* responder to the initiator. May be NULL if the object is not required.
*/
/**
* \fn void NoiseSymmetricState::clear()
* \brief Clears all sensitive data from this symmetric state object.
*/

60
libraries/NoiseProtocol/src/NoiseSymmetricState.h Normal file
View File

@ -0,0 +1,60 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_SYMMETRIC_STATE_h
#define NOISE_SYMMETRIC_STATE_h
#include <stddef.h>
#include <inttypes.h>
class NoiseCipherState;
class NoiseSymmetricState
{
public:
NoiseSymmetricState() {}
virtual ~NoiseSymmetricState();
virtual void initialize(const char *protocolName) = 0;
virtual bool hasKey() const = 0;
virtual size_t macLen() const;
virtual void mixKey(const void *data, size_t size) = 0;
virtual void mixHash(const void *data, size_t size) = 0;
virtual void mixKeyAndHash(const void *data, size_t size) = 0;
virtual void getHandshakeHash(void *data, size_t size) = 0;
virtual int encryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize) = 0;
virtual int decryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize) = 0;
virtual void split(NoiseCipherState **c1, NoiseCipherState **c2) = 0;
virtual void clear() = 0;
};
#endif

230
libraries/NoiseProtocol/src/NoiseSymmetricState_AESGCM_SHA256.cpp Normal file
View File

@ -0,0 +1,230 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "NoiseSymmetricState_AESGCM_SHA256.h"
#include "NoiseCipherState_AESGCM.h"
#include "SHA256.h"
#include "Crypto.h"
#include <string.h>
/**
* \class NoiseSymmetricState_AESGCM_SHA256 NoiseSymmetricState_AESGCM_SHA256.h <NoiseSymmetricState_AESGCM_SHA256.h>
* \brief Noise symmetric state implementation using AES256, GCM, and SHA256.
*/
/**
* \brief Constructs a new symmetric state using AES256, GCM, and SHA256.
*/
NoiseSymmetricState_AESGCM_SHA256::NoiseSymmetricState_AESGCM_SHA256()
{
st.n = 0;
st.hasKey = false;
}
/**
* \brief Destroys this symmetric state object.
*/
NoiseSymmetricState_AESGCM_SHA256::~NoiseSymmetricState_AESGCM_SHA256()
{
clean(st);
}
void NoiseSymmetricState_AESGCM_SHA256::initialize
(const char *protocolName)
{
size_t len = strlen(protocolName);
if (len <= 32) {
memcpy(st.h, protocolName, len);
memset(st.h + len, 0, 32 - len);
} else {
SHA256 hash;
hash.update(protocolName, len);
hash.finalize(st.h, 32);
}
memcpy(st.ck, st.h, 32);
st.hasKey = false;
}
bool NoiseSymmetricState_AESGCM_SHA256::hasKey() const
{
return st.hasKey;
}
void NoiseSymmetricState_AESGCM_SHA256::mixKey
(const void *data, size_t size)
{
uint8_t key[32];
hmac(key, st.ck, data, size, 0);
hmac(st.ck, key, 0, 0, 1);
hmac(key, key, st.ck, 32, 2);
st.hasKey = true;
st.n = 0;
cipher.setKey(key, sizeof(key));
clean(key);
}
void NoiseSymmetricState_AESGCM_SHA256::mixHash
(const void *data, size_t size)
{
SHA256 hash;
hash.update(st.h, sizeof(st.h));
hash.update(data, size);
hash.finalize(st.h, sizeof(st.h));
}
void NoiseSymmetricState_AESGCM_SHA256::mixKeyAndHash
(const void *data, size_t size)
{
uint8_t key[32];
uint8_t temph[32];
hmac(key, st.ck, data, size, 0);
hmac(st.ck, key, 0, 0, 1);
hmac(temph, key, st.ck, 32, 2);
hmac(key, key, temph, 32, 3);
st.hasKey = true;
st.n = 0;
cipher.setKey(key, sizeof(key));
mixHash(temph, sizeof(temph));
clean(key);
clean(temph);
}
void NoiseSymmetricState_AESGCM_SHA256::getHandshakeHash
(void *data, size_t size)
{
if (size <= 32) {
memcpy(data, st.h, size);
} else {
memcpy(data, st.h, 32);
memset(((uint8_t *)data) + 32, 0, size - 32);
}
}
/**
* \brief Formats the 12-byte IV for use with AESGCM according
* to the requirements of the Noise specification.
*
* \param iv Returns the formatted IV.
* \param n 64-bit nonce value for the packet.
*/
void noiseAESGCMFormatIV(uint8_t iv[12], uint64_t n)
{
iv[0] = 0;
iv[1] = 0;
iv[2] = 0;
iv[3] = 0;
iv[4] = (uint8_t)(n >> 56);
iv[5] = (uint8_t)(n >> 48);
iv[6] = (uint8_t)(n >> 40);
iv[7] = (uint8_t)(n >> 32);
iv[8] = (uint8_t)(n >> 24);
iv[9] = (uint8_t)(n >> 16);
iv[10] = (uint8_t)(n >> 8);
iv[11] = (uint8_t)n;
}
int NoiseSymmetricState_AESGCM_SHA256::encryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize)
{
if (st.hasKey) {
if (outputSize < 16 || (outputSize - 16) < inputSize)
return -1;
uint8_t iv[24];
noiseAESGCMFormatIV(iv, st.n);
cipher.setIV(iv, sizeof(iv));
cipher.encrypt(output, input, inputSize);
cipher.computeTag(output + inputSize, 16);
mixHash(output, inputSize + 16);
++st.n;
return inputSize + 16;
} else {
if (outputSize < inputSize)
return -1;
memcpy(output, input, inputSize);
mixHash(output, inputSize);
return inputSize;
}
}
int NoiseSymmetricState_AESGCM_SHA256::decryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize)
{
if (st.hasKey) {
if (inputSize < 16 || outputSize < (inputSize - 16))
return -1;
outputSize = inputSize - 16;
mixHash(input, inputSize);
uint8_t iv[24];
noiseAESGCMFormatIV(iv, st.n);
cipher.setIV(iv, sizeof(iv));
cipher.decrypt(output, input, outputSize);
if (cipher.checkTag(input + outputSize, 16)) {
++st.n;
return outputSize;
}
memset(output, 0, outputSize); // Destroy output if tag is incorrect.
return -1;
} else {
if (outputSize < inputSize)
return -1;
mixHash(input, inputSize);
memcpy(output, input, inputSize);
return inputSize;
}
}
void NoiseSymmetricState_AESGCM_SHA256::split
(NoiseCipherState **c1, NoiseCipherState **c2)
{
uint8_t k1[32];
uint8_t k2[32];
hmac(k2, st.ck, 0, 0, 0);
hmac(k1, k2, 0, 0, 1);
hmac(k2, k2, k1, 32, 2);
if (c1)
*c1 = new NoiseCipherState_AESGCM(k1);
if (c2)
*c2 = new NoiseCipherState_AESGCM(k2);
clean(k1);
clean(k2);
}
void NoiseSymmetricState_AESGCM_SHA256::clear()
{
clean(st);
st.n = 0;
st.hasKey = false;
}
void NoiseSymmetricState_AESGCM_SHA256::hmac
(uint8_t *output, const uint8_t *key,
const void *data, size_t size, uint8_t tag)
{
SHA256 hash;
hash.resetHMAC(key, 32);
hash.update(data, size);
if (tag != 0)
hash.update(&tag, 1);
hash.finalizeHMAC(key, 32, output, 32);
}

70
libraries/NoiseProtocol/src/NoiseSymmetricState_AESGCM_SHA256.h Normal file
View File

@ -0,0 +1,70 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_SYMMETRIC_STATE_AESGCM_SHA256_H
#define NOISE_SYMMETRIC_STATE_AESGCM_SHA256_H
#include "NoiseSymmetricState.h"
#include "AES.h"
#include "GCM.h"
class NoiseSymmetricState_AESGCM_SHA256 : public NoiseSymmetricState
{
public:
NoiseSymmetricState_AESGCM_SHA256();
virtual ~NoiseSymmetricState_AESGCM_SHA256();
void initialize(const char *protocolName);
bool hasKey() const;
void mixKey(const void *data, size_t size);
void mixHash(const void *data, size_t size);
void mixKeyAndHash(const void *data, size_t size);
void getHandshakeHash(void *data, size_t size);
int encryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize);
int decryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize);
void split(NoiseCipherState **c1, NoiseCipherState **c2);
void clear();
private:
GCM<AES256> cipher;
struct {
uint8_t ck[32];
uint8_t h[32];
uint64_t n;
bool hasKey;
} st;
static void hmac(uint8_t *output, const uint8_t *key,
const void *data, size_t size, uint8_t tag);
};
#endif

205
libraries/NoiseProtocol/src/NoiseSymmetricState_ChaChaPoly_BLAKE2s.cpp Normal file
View File

@ -0,0 +1,205 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "NoiseSymmetricState_ChaChaPoly_BLAKE2s.h"
#include "NoiseCipherState_ChaChaPoly.h"
#include "ChaChaPoly.h"
#include "BLAKE2s.h"
#include "Crypto.h"
#include "utility/EndianUtil.h"
#include <string.h>
/**
* \class NoiseSymmetricState_ChaChaPoly_BLAKE2s NoiseSymmetricState_ChaChaPoly_BLAKE2s.h <NoiseSymmetricState_ChaChaPoly_BLAKE2s.h>
* \brief Noise symmetric state implementation using ChaChaPoly and BLAKE2s.
*/
/**
* \brief Constructs a new symmetric state using ChaChaPoly and BLAKE2s.
*/
NoiseSymmetricState_ChaChaPoly_BLAKE2s::NoiseSymmetricState_ChaChaPoly_BLAKE2s()
{
st.n = 0;
st.hasKey = false;
}
/**
* \brief Destroys this symmetric state object.
*/
NoiseSymmetricState_ChaChaPoly_BLAKE2s::~NoiseSymmetricState_ChaChaPoly_BLAKE2s()
{
clean(st);
}
void NoiseSymmetricState_ChaChaPoly_BLAKE2s::initialize
(const char *protocolName)
{
size_t len = strlen(protocolName);
if (len <= 32) {
memcpy(st.h, protocolName, len);
memset(st.h + len, 0, 32 - len);
} else {
BLAKE2s hash;
hash.update(protocolName, len);
hash.finalize(st.h, 32);
}
memcpy(st.ck, st.h, 32);
st.hasKey = false;
}
bool NoiseSymmetricState_ChaChaPoly_BLAKE2s::hasKey() const
{
return st.hasKey;
}
void NoiseSymmetricState_ChaChaPoly_BLAKE2s::mixKey
(const void *data, size_t size)
{
hmac(st.key, st.ck, data, size, 0);
hmac(st.ck, st.key, 0, 0, 1);
hmac(st.key, st.key, st.ck, 32, 2);
st.hasKey = true;
st.n = 0;
}
void NoiseSymmetricState_ChaChaPoly_BLAKE2s::mixHash
(const void *data, size_t size)
{
BLAKE2s hash;
hash.update(st.h, sizeof(st.h));
hash.update(data, size);
hash.finalize(st.h, sizeof(st.h));
}
void NoiseSymmetricState_ChaChaPoly_BLAKE2s::mixKeyAndHash
(const void *data, size_t size)
{
uint8_t temph[32];
hmac(st.key, st.ck, data, size, 0);
hmac(st.ck, st.key, 0, 0, 1);
hmac(temph, st.key, st.ck, 32, 2);
hmac(st.key, st.key, temph, 32, 3);
st.hasKey = true;
st.n = 0;
mixHash(temph, 32);
clean(temph);
}
void NoiseSymmetricState_ChaChaPoly_BLAKE2s::getHandshakeHash
(void *data, size_t size)
{
if (size <= 32) {
memcpy(data, st.h, size);
} else {
memcpy(data, st.h, 32);
memset(((uint8_t *)data) + 32, 0, size - 32);
}
}
int NoiseSymmetricState_ChaChaPoly_BLAKE2s::encryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize)
{
if (st.hasKey) {
if (outputSize < 16 || (outputSize - 16) < inputSize)
return -1;
ChaChaPoly cipher;
uint64_t iv = htole64(st.n);
cipher.setKey(st.key, 32);
cipher.setIV((const uint8_t *)&iv, sizeof(iv));
cipher.encrypt(output, input, inputSize);
cipher.computeTag(output + inputSize, 16);
mixHash(output, inputSize + 16);
++st.n;
return inputSize + 16;
} else {
if (outputSize < inputSize)
return -1;
memcpy(output, input, inputSize);
mixHash(output, inputSize);
return inputSize;
}
}
int NoiseSymmetricState_ChaChaPoly_BLAKE2s::decryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize)
{
if (st.hasKey) {
if (inputSize < 16 || outputSize < (inputSize - 16))
return -1;
outputSize = inputSize - 16;
mixHash(input, inputSize);
ChaChaPoly cipher;
uint64_t iv = htole64(st.n);
cipher.setKey(st.key, 32);
cipher.setIV((const uint8_t *)&iv, sizeof(iv));
cipher.decrypt(output, input, outputSize);
if (cipher.checkTag(input + outputSize, 16)) {
++st.n;
return outputSize;
}
memset(output, 0, outputSize); // Destroy output if tag is incorrect.
return -1;
} else {
if (outputSize < inputSize)
return -1;
mixHash(input, inputSize);
memcpy(output, input, inputSize);
return inputSize;
}
}
void NoiseSymmetricState_ChaChaPoly_BLAKE2s::split
(NoiseCipherState **c1, NoiseCipherState **c2)
{
uint8_t k1[32];
uint8_t k2[32];
hmac(k2, st.ck, 0, 0, 0);
hmac(k1, k2, 0, 0, 1);
hmac(k2, k2, k1, 32, 2);
if (c1)
*c1 = new NoiseCipherState_ChaChaPoly(k1);
if (c2)
*c2 = new NoiseCipherState_ChaChaPoly(k2);
clean(k1);
clean(k2);
}
void NoiseSymmetricState_ChaChaPoly_BLAKE2s::clear()
{
clean(st);
st.n = 0;
st.hasKey = false;
}
void NoiseSymmetricState_ChaChaPoly_BLAKE2s::hmac
(uint8_t *output, const uint8_t *key,
const void *data, size_t size, uint8_t tag)
{
BLAKE2s hash;
hash.resetHMAC(key, 32);
hash.update(data, size);
if (tag != 0)
hash.update(&tag, 1);
hash.finalizeHMAC(key, 32, output, 32);
}

68
libraries/NoiseProtocol/src/NoiseSymmetricState_ChaChaPoly_BLAKE2s.h Normal file
View File

@ -0,0 +1,68 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_SYMMETRIC_STATE_CHACHAPOLY_BLAKE2S_H
#define NOISE_SYMMETRIC_STATE_CHACHAPOLY_BLAKE2S_H
#include "NoiseSymmetricState.h"
class NoiseSymmetricState_ChaChaPoly_BLAKE2s : public NoiseSymmetricState
{
public:
NoiseSymmetricState_ChaChaPoly_BLAKE2s();
virtual ~NoiseSymmetricState_ChaChaPoly_BLAKE2s();
void initialize(const char *protocolName);
bool hasKey() const;
void mixKey(const void *data, size_t size);
void mixHash(const void *data, size_t size);
void mixKeyAndHash(const void *data, size_t size);
void getHandshakeHash(void *data, size_t size);
int encryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize);
int decryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize);
void split(NoiseCipherState **c1, NoiseCipherState **c2);
void clear();
private:
struct {
uint8_t ck[32];
uint8_t h[32];
uint8_t key[32];
uint64_t n;
bool hasKey;
} st;
static void hmac(uint8_t *output, const uint8_t *key,
const void *data, size_t size, uint8_t tag);
};
#endif

205
libraries/NoiseProtocol/src/NoiseSymmetricState_ChaChaPoly_SHA256.cpp Normal file
View File

@ -0,0 +1,205 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "NoiseSymmetricState_ChaChaPoly_SHA256.h"
#include "NoiseCipherState_ChaChaPoly.h"
#include "ChaChaPoly.h"
#include "SHA256.h"
#include "Crypto.h"
#include "utility/EndianUtil.h"
#include <string.h>
/**
* \class NoiseSymmetricState_ChaChaPoly_SHA256 NoiseSymmetricState_ChaChaPoly_SHA256.h <NoiseSymmetricState_ChaChaPoly_SHA256.h>
* \brief Noise symmetric state implementation using ChaChaPoly and SHA256.
*/
/**
* \brief Constructs a new symmetric state using ChaChaPoly and SHA256.
*/
NoiseSymmetricState_ChaChaPoly_SHA256::NoiseSymmetricState_ChaChaPoly_SHA256()
{
st.n = 0;
st.hasKey = false;
}
/**
* \brief Destroys this symmetric state object.
*/
NoiseSymmetricState_ChaChaPoly_SHA256::~NoiseSymmetricState_ChaChaPoly_SHA256()
{
clean(st);
}
void NoiseSymmetricState_ChaChaPoly_SHA256::initialize
(const char *protocolName)
{
size_t len = strlen(protocolName);
if (len <= 32) {
memcpy(st.h, protocolName, len);
memset(st.h + len, 0, 32 - len);
} else {
SHA256 hash;
hash.update(protocolName, len);
hash.finalize(st.h, 32);
}
memcpy(st.ck, st.h, 32);
st.hasKey = false;
}
bool NoiseSymmetricState_ChaChaPoly_SHA256::hasKey() const
{
return st.hasKey;
}
void NoiseSymmetricState_ChaChaPoly_SHA256::mixKey
(const void *data, size_t size)
{
hmac(st.key, st.ck, data, size, 0);
hmac(st.ck, st.key, 0, 0, 1);
hmac(st.key, st.key, st.ck, 32, 2);
st.hasKey = true;
st.n = 0;
}
void NoiseSymmetricState_ChaChaPoly_SHA256::mixHash
(const void *data, size_t size)
{
SHA256 hash;
hash.update(st.h, sizeof(st.h));
hash.update(data, size);
hash.finalize(st.h, sizeof(st.h));
}
void NoiseSymmetricState_ChaChaPoly_SHA256::mixKeyAndHash
(const void *data, size_t size)
{
uint8_t temph[32];
hmac(st.key, st.ck, data, size, 0);
hmac(st.ck, st.key, 0, 0, 1);
hmac(temph, st.key, st.ck, 32, 2);
hmac(st.key, st.key, temph, 32, 3);
st.hasKey = true;
st.n = 0;
mixHash(temph, 32);
clean(temph);
}
void NoiseSymmetricState_ChaChaPoly_SHA256::getHandshakeHash
(void *data, size_t size)
{
if (size <= 32) {
memcpy(data, st.h, size);
} else {
memcpy(data, st.h, 32);
memset(((uint8_t *)data) + 32, 0, size - 32);
}
}
int NoiseSymmetricState_ChaChaPoly_SHA256::encryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize)
{
if (st.hasKey) {
if (outputSize < 16 || (outputSize - 16) < inputSize)
return -1;
ChaChaPoly cipher;
uint64_t iv = htole64(st.n);
cipher.setKey(st.key, 32);
cipher.setIV((const uint8_t *)&iv, sizeof(iv));
cipher.encrypt(output, input, inputSize);
cipher.computeTag(output + inputSize, 16);
mixHash(output, inputSize + 16);
++st.n;
return inputSize + 16;
} else {
if (outputSize < inputSize)
return -1;
memcpy(output, input, inputSize);
mixHash(output, inputSize);
return inputSize;
}
}
int NoiseSymmetricState_ChaChaPoly_SHA256::decryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize)
{
if (st.hasKey) {
if (inputSize < 16 || outputSize < (inputSize - 16))
return -1;
outputSize = inputSize - 16;
mixHash(input, inputSize);
ChaChaPoly cipher;
uint64_t iv = htole64(st.n);
cipher.setKey(st.key, 32);
cipher.setIV((const uint8_t *)&iv, sizeof(iv));
cipher.decrypt(output, input, outputSize);
if (cipher.checkTag(input + outputSize, 16)) {
++st.n;
return outputSize;
}
memset(output, 0, outputSize); // Destroy output if tag is incorrect.
return -1;
} else {
if (outputSize < inputSize)
return -1;
mixHash(input, inputSize);
memcpy(output, input, inputSize);
return inputSize;
}
}
void NoiseSymmetricState_ChaChaPoly_SHA256::split
(NoiseCipherState **c1, NoiseCipherState **c2)
{
uint8_t k1[32];
uint8_t k2[32];
hmac(k2, st.ck, 0, 0, 0);
hmac(k1, k2, 0, 0, 1);
hmac(k2, k2, k1, 32, 2);
if (c1)
*c1 = new NoiseCipherState_ChaChaPoly(k1);
if (c2)
*c2 = new NoiseCipherState_ChaChaPoly(k2);
clean(k1);
clean(k2);
}
void NoiseSymmetricState_ChaChaPoly_SHA256::clear()
{
clean(st);
st.n = 0;
st.hasKey = false;
}
void NoiseSymmetricState_ChaChaPoly_SHA256::hmac
(uint8_t *output, const uint8_t *key,
const void *data, size_t size, uint8_t tag)
{
SHA256 hash;
hash.resetHMAC(key, 32);
hash.update(data, size);
if (tag != 0)
hash.update(&tag, 1);
hash.finalizeHMAC(key, 32, output, 32);
}

68
libraries/NoiseProtocol/src/NoiseSymmetricState_ChaChaPoly_SHA256.h Normal file
View File

@ -0,0 +1,68 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_SYMMETRIC_STATE_CHACHAPOLY_SHA256_H
#define NOISE_SYMMETRIC_STATE_CHACHAPOLY_SHA256_H
#include "NoiseSymmetricState.h"
class NoiseSymmetricState_ChaChaPoly_SHA256 : public NoiseSymmetricState
{
public:
NoiseSymmetricState_ChaChaPoly_SHA256();
virtual ~NoiseSymmetricState_ChaChaPoly_SHA256();
void initialize(const char *protocolName);
bool hasKey() const;
void mixKey(const void *data, size_t size);
void mixHash(const void *data, size_t size);
void mixKeyAndHash(const void *data, size_t size);
void getHandshakeHash(void *data, size_t size);
int encryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize);
int decryptAndHash
(uint8_t *output, size_t outputSize,
const uint8_t *input, size_t inputSize);
void split(NoiseCipherState **c1, NoiseCipherState **c2);
void clear();
private:
struct {
uint8_t ck[32];
uint8_t h[32];
uint8_t key[32];
uint64_t n;
bool hasKey;
} st;
static void hmac(uint8_t *output, const uint8_t *key,
const void *data, size_t size, uint8_t tag);
};
#endif

83
libraries/NoiseProtocol/src/Noise_IK.cpp Normal file
View File

@ -0,0 +1,83 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_IK.h"
/**
* \class NoiseHandshakeState_IK Noise_IK.h <Noise_IK.h>
* \brief Handshake implementation of the Noise "IK" pattern.
*
* The "IK" pattern provides mutual authentication of the two communicating
* parties, with the identifying key for the initiating party sent during
* the handshake. The identifying key for the responding party is assumed
* to already be known to the initiator. If the responding party's key
* changes, then the application will need to transition to "XXfallback"
* to discover the new key.
*
* This class provides the core "IK" functionality. Subclasses provide
* implementations of "IK" that use specific algorithms, such as
* Noise_IK_25519_ChaChaPoly_BLAKE2s.
*/
/**
* \fn NoiseHandshakeState_IK::NoiseHandshakeState_IK()
* \brief Constructs a new Noise handshake that uses the IK pattern.
*/
/**
* \brief Destroys this Noise handshake.
*/
NoiseHandshakeState_IK::~NoiseHandshakeState_IK()
{
}
void NoiseHandshakeState_IK::writeTokens
(NoiseHandshakeState::Packet &packet, uint8_t msgnum)
{
if (msgnum == 0) {
write_e(packet);
write_es(packet);
write_s(packet);
write_ss(packet);
} else if (msgnum == 1) {
write_e(packet);
write_ee(packet);
write_se(packet);
packet.done = true;
}
}
void NoiseHandshakeState_IK::readTokens
(NoiseHandshakeState::Packet &packet, uint8_t msgnum)
{
if (msgnum == 0) {
read_e(packet);
read_es(packet);
read_s(packet);
read_ss(packet);
} else if (msgnum == 1) {
read_e(packet);
read_ee(packet);
read_se(packet);
packet.done = true;
}
}

40
libraries/NoiseProtocol/src/Noise_IK.h Normal file
View File

@ -0,0 +1,40 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_IK_h
#define NOISE_IK_h
#include "NoiseHandshakeState.h"
class NoiseHandshakeState_IK : public NoiseHandshakeState
{
public:
virtual ~NoiseHandshakeState_IK();
protected:
NoiseHandshakeState_IK() {}
void writeTokens(NoiseHandshakeState::Packet &packet, uint8_t msgnum);
void readTokens(NoiseHandshakeState::Packet &packet, uint8_t msgnum);
};
#endif

61
libraries/NoiseProtocol/src/Noise_IK_25519_AESGCM_SHA256.cpp Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_IK_25519_AESGCM_SHA256.h"
/**
* \class NoiseHandshakeState_IK_25519_AESGCM_SHA256 Noise_IK_25519_AESGCM_SHA256.h <Noise_IK_25519_AESGCM_SHA256.h>
* \brief "IK" Noise handshake, using Curve25519, AES256, GCM, and SHA256.
*/
/**
* \class Noise_IK_25519_AESGCM_SHA256 Noise_IK_25519_AESGCM_SHA256.h <Noise_IK_25519_AESGCM_SHA256.h>
* \brief "IK" Noise descriptor, using Curve25519, AES256, GCM, and SHA256.
*/
static char const Noise_IK_25519_AESGCM_SHA256_Name[] =
"Noise_IK_25519_AESGCM_SHA256";
NoiseHandshakeState_IK_25519_AESGCM_SHA256::NoiseHandshakeState_IK_25519_AESGCM_SHA256()
{
setSymmetricState(&sym);
setDHState(&dh);
setProtocolName(Noise_IK_25519_AESGCM_SHA256_Name);
}
NoiseHandshakeState_IK_25519_AESGCM_SHA256::~NoiseHandshakeState_IK_25519_AESGCM_SHA256()
{
}
Noise_IK_25519_AESGCM_SHA256::Noise_IK_25519_AESGCM_SHA256()
: NoiseProtocolDescriptor(Noise_IK_25519_AESGCM_SHA256_Name)
{
}
Noise_IK_25519_AESGCM_SHA256::~Noise_IK_25519_AESGCM_SHA256()
{
}
NoiseHandshakeState *Noise_IK_25519_AESGCM_SHA256::createHandshake() const
{
return new NoiseHandshakeState_IK_25519_AESGCM_SHA256();
}

51
libraries/NoiseProtocol/src/Noise_IK_25519_AESGCM_SHA256.h Normal file
View File

@ -0,0 +1,51 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_IK_25519_AESGCM_SHA256_h
#define NOISE_IK_25519_AESGCM_SHA256_h
#include "Noise_IK.h"
#include "NoiseProtocolDescriptor.h"
#include "NoiseSymmetricState_AESGCM_SHA256.h"
#include "NoiseDHState_Curve25519.h"
class NoiseHandshakeState_IK_25519_AESGCM_SHA256 : public NoiseHandshakeState_IK
{
public:
NoiseHandshakeState_IK_25519_AESGCM_SHA256();
virtual ~NoiseHandshakeState_IK_25519_AESGCM_SHA256();
private:
NoiseSymmetricState_AESGCM_SHA256 sym;
NoiseDHState_Curve25519 dh;
};
class Noise_IK_25519_AESGCM_SHA256 : public NoiseProtocolDescriptor
{
public:
Noise_IK_25519_AESGCM_SHA256();
virtual ~Noise_IK_25519_AESGCM_SHA256();
NoiseHandshakeState *createHandshake() const;
};
#endif

61
libraries/NoiseProtocol/src/Noise_IK_25519_ChaChaPoly_BLAKE2s.cpp Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_IK_25519_ChaChaPoly_BLAKE2s.h"
/**
* \class NoiseHandshakeState_IK_25519_ChaChaPoly_BLAKE2s Noise_IK_25519_ChaChaPoly_BLAKE2s.h <Noise_IK_25519_ChaChaPoly_BLAKE2s.h>
* \brief "IK" Noise handshake, using Curve25519, ChaChaPoly, and BLAKE2s.
*/
/**
* \class Noise_IK_25519_ChaChaPoly_BLAKE2s Noise_IK_25519_ChaChaPoly_BLAKE2s.h <Noise_IK_25519_ChaChaPoly_BLAKE2s.h>
* \brief "IK" Noise descriptor, using Curve25519, ChaChaPoly, and BLAKE2s.
*/
static char const Noise_IK_25519_ChaChaPoly_BLAKE2s_Name[] =
"Noise_IK_25519_ChaChaPoly_BLAKE2s";
NoiseHandshakeState_IK_25519_ChaChaPoly_BLAKE2s::NoiseHandshakeState_IK_25519_ChaChaPoly_BLAKE2s()
{
setSymmetricState(&sym);
setDHState(&dh);
setProtocolName(Noise_IK_25519_ChaChaPoly_BLAKE2s_Name);
}
NoiseHandshakeState_IK_25519_ChaChaPoly_BLAKE2s::~NoiseHandshakeState_IK_25519_ChaChaPoly_BLAKE2s()
{
}
Noise_IK_25519_ChaChaPoly_BLAKE2s::Noise_IK_25519_ChaChaPoly_BLAKE2s()
: NoiseProtocolDescriptor(Noise_IK_25519_ChaChaPoly_BLAKE2s_Name)
{
}
Noise_IK_25519_ChaChaPoly_BLAKE2s::~Noise_IK_25519_ChaChaPoly_BLAKE2s()
{
}
NoiseHandshakeState *Noise_IK_25519_ChaChaPoly_BLAKE2s::createHandshake() const
{
return new NoiseHandshakeState_IK_25519_ChaChaPoly_BLAKE2s();
}

52
libraries/NoiseProtocol/src/Noise_IK_25519_ChaChaPoly_BLAKE2s.h Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_IK_25519_CHACHAPOLY_BLAKE2S_h
#define NOISE_IK_25519_CHACHAPOLY_BLAKE2S_h
#include "Noise_IK.h"
#include "NoiseProtocolDescriptor.h"
#include "NoiseSymmetricState_ChaChaPoly_BLAKE2s.h"
#include "NoiseDHState_Curve25519.h"
class NoiseHandshakeState_IK_25519_ChaChaPoly_BLAKE2s
: public NoiseHandshakeState_IK
{
public:
NoiseHandshakeState_IK_25519_ChaChaPoly_BLAKE2s();
virtual ~NoiseHandshakeState_IK_25519_ChaChaPoly_BLAKE2s();
private:
NoiseSymmetricState_ChaChaPoly_BLAKE2s sym;
NoiseDHState_Curve25519 dh;
};
class Noise_IK_25519_ChaChaPoly_BLAKE2s : public NoiseProtocolDescriptor
{
public:
Noise_IK_25519_ChaChaPoly_BLAKE2s();
virtual ~Noise_IK_25519_ChaChaPoly_BLAKE2s();
NoiseHandshakeState *createHandshake() const;
};
#endif

61
libraries/NoiseProtocol/src/Noise_IK_25519_ChaChaPoly_SHA256.cpp Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_IK_25519_ChaChaPoly_SHA256.h"
/**
* \class NoiseHandshakeState_IK_25519_ChaChaPoly_SHA256 Noise_IK_25519_ChaChaPoly_SHA256.h <Noise_IK_25519_ChaChaPoly_SHA256.h>
* \brief "IK" Noise handshake, using Curve25519, ChaChaPoly, and SHA256.
*/
/**
* \class Noise_IK_25519_ChaChaPoly_SHA256 Noise_IK_25519_ChaChaPoly_SHA256.h <Noise_IK_25519_ChaChaPoly_SHA256.h>
* \brief "IK" Noise descriptor, using Curve25519, ChaChaPoly, and SHA256.
*/
static char const Noise_IK_25519_ChaChaPoly_SHA256_Name[] =
"Noise_IK_25519_ChaChaPoly_SHA256";
NoiseHandshakeState_IK_25519_ChaChaPoly_SHA256::NoiseHandshakeState_IK_25519_ChaChaPoly_SHA256()
{
setSymmetricState(&sym);
setDHState(&dh);
setProtocolName(Noise_IK_25519_ChaChaPoly_SHA256_Name);
}
NoiseHandshakeState_IK_25519_ChaChaPoly_SHA256::~NoiseHandshakeState_IK_25519_ChaChaPoly_SHA256()
{
}
Noise_IK_25519_ChaChaPoly_SHA256::Noise_IK_25519_ChaChaPoly_SHA256()
: NoiseProtocolDescriptor(Noise_IK_25519_ChaChaPoly_SHA256_Name)
{
}
Noise_IK_25519_ChaChaPoly_SHA256::~Noise_IK_25519_ChaChaPoly_SHA256()
{
}
NoiseHandshakeState *Noise_IK_25519_ChaChaPoly_SHA256::createHandshake() const
{
return new NoiseHandshakeState_IK_25519_ChaChaPoly_SHA256();
}

52
libraries/NoiseProtocol/src/Noise_IK_25519_ChaChaPoly_SHA256.h Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_IK_25519_CHACHAPOLY_SHA256_h
#define NOISE_IK_25519_CHACHAPOLY_SHA256_h
#include "Noise_IK.h"
#include "NoiseProtocolDescriptor.h"
#include "NoiseSymmetricState_ChaChaPoly_SHA256.h"
#include "NoiseDHState_Curve25519.h"
class NoiseHandshakeState_IK_25519_ChaChaPoly_SHA256
: public NoiseHandshakeState_IK
{
public:
NoiseHandshakeState_IK_25519_ChaChaPoly_SHA256();
virtual ~NoiseHandshakeState_IK_25519_ChaChaPoly_SHA256();
private:
NoiseSymmetricState_ChaChaPoly_SHA256 sym;
NoiseDHState_Curve25519 dh;
};
class Noise_IK_25519_ChaChaPoly_SHA256 : public NoiseProtocolDescriptor
{
public:
Noise_IK_25519_ChaChaPoly_SHA256();
virtual ~Noise_IK_25519_ChaChaPoly_SHA256();
NoiseHandshakeState *createHandshake() const;
};
#endif

73
libraries/NoiseProtocol/src/Noise_NNpsk0.cpp Normal file
View File

@ -0,0 +1,73 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_NNpsk0.h"
/**
* \class NoiseHandshakeState_NNpsk0 Noise_NNpsk0.h <Noise_NNpsk0.h>
* \brief Handshake implementation of the Noise "NNpsk0" pattern.
*
* The "NNpsk0" pattern is intended for use in place of "XX" when
* the parties have a pre-shared symmetric key (or "PSK").
*
* This class provides the core "NNpsk0" functionality. Subclasses provide
* implementations of "NNpsk0" that use specific algorithms, such as
* Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s.
*/
/**
* \fn NoiseHandshakeState_NNpsk0::NoiseHandshakeState_NNpsk0()
* \brief Constructs a new Noise handshake that uses the NNpsk0 pattern.
*/
/**
* \brief Destroys this Noise handshake.
*/
NoiseHandshakeState_NNpsk0::~NoiseHandshakeState_NNpsk0()
{
}
void NoiseHandshakeState_NNpsk0::writeTokens
(NoiseHandshakeState::Packet &packet, uint8_t msgnum)
{
if (msgnum == 0) {
write_psk(packet);
write_e(packet);
} else if (msgnum == 1) {
write_e(packet);
write_ee(packet);
packet.done = true;
}
}
void NoiseHandshakeState_NNpsk0::readTokens
(NoiseHandshakeState::Packet &packet, uint8_t msgnum)
{
if (msgnum == 0) {
read_psk(packet);
read_e(packet);
} else if (msgnum == 1) {
read_e(packet);
read_ee(packet);
packet.done = true;
}
}

40
libraries/NoiseProtocol/src/Noise_NNpsk0.h Normal file
View File

@ -0,0 +1,40 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_NN_PSK0_h
#define NOISE_NN_PSK0_h
#include "NoiseHandshakeState.h"
class NoiseHandshakeState_NNpsk0 : public NoiseHandshakeStatePSK
{
public:
virtual ~NoiseHandshakeState_NNpsk0();
protected:
NoiseHandshakeState_NNpsk0() {}
void writeTokens(NoiseHandshakeState::Packet &packet, uint8_t msgnum);
void readTokens(NoiseHandshakeState::Packet &packet, uint8_t msgnum);
};
#endif

61
libraries/NoiseProtocol/src/Noise_NNpsk0_25519_AESGCM_SHA256.cpp Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_NNpsk0_25519_AESGCM_SHA256.h"
/**
* \class NoiseHandshakeState_NNpsk0_25519_AESGCM_SHA256 Noise_NNpsk0_25519_AESGCM_SHA256.h <Noise_NNpsk0_25519_AESGCM_SHA256.h>
* \brief "NNpsk0" Noise handshake, using Curve25519, AES256, GCM, and SHA256.
*/
/**
* \class Noise_NNpsk0_25519_AESGCM_SHA256 Noise_NNpsk0_25519_AESGCM_SHA256.h <Noise_NNpsk0_25519_AESGCM_SHA256.h>
* \brief "NNpsk0" Noise descriptor, using Curve25519, AES256, GCM, and SHA256.
*/
static char const Noise_NNpsk0_25519_AESGCM_SHA256_Name[] =
"Noise_NNpsk0_25519_AESGCM_SHA256";
NoiseHandshakeState_NNpsk0_25519_AESGCM_SHA256::NoiseHandshakeState_NNpsk0_25519_AESGCM_SHA256()
{
setSymmetricState(&sym);
setDHState(&dh);
setProtocolName(Noise_NNpsk0_25519_AESGCM_SHA256_Name);
}
NoiseHandshakeState_NNpsk0_25519_AESGCM_SHA256::~NoiseHandshakeState_NNpsk0_25519_AESGCM_SHA256()
{
}
Noise_NNpsk0_25519_AESGCM_SHA256::Noise_NNpsk0_25519_AESGCM_SHA256()
: NoiseProtocolDescriptor(Noise_NNpsk0_25519_AESGCM_SHA256_Name)
{
}
Noise_NNpsk0_25519_AESGCM_SHA256::~Noise_NNpsk0_25519_AESGCM_SHA256()
{
}
NoiseHandshakeState *Noise_NNpsk0_25519_AESGCM_SHA256::createHandshake() const
{
return new NoiseHandshakeState_NNpsk0_25519_AESGCM_SHA256();
}

52
libraries/NoiseProtocol/src/Noise_NNpsk0_25519_AESGCM_SHA256.h Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_NN_PSK0_25519_AESGCM_SHA256_h
#define NOISE_NN_PSK0_25519_AESGCM_SHA256_h
#include "Noise_NNpsk0.h"
#include "NoiseProtocolDescriptor.h"
#include "NoiseSymmetricState_AESGCM_SHA256.h"
#include "NoiseDHState_Curve25519.h"
class NoiseHandshakeState_NNpsk0_25519_AESGCM_SHA256
: public NoiseHandshakeState_NNpsk0
{
public:
NoiseHandshakeState_NNpsk0_25519_AESGCM_SHA256();
virtual ~NoiseHandshakeState_NNpsk0_25519_AESGCM_SHA256();
private:
NoiseSymmetricState_AESGCM_SHA256 sym;
NoiseDHState_Curve25519_EphemOnly dh;
};
class Noise_NNpsk0_25519_AESGCM_SHA256 : public NoiseProtocolDescriptor
{
public:
Noise_NNpsk0_25519_AESGCM_SHA256();
virtual ~Noise_NNpsk0_25519_AESGCM_SHA256();
NoiseHandshakeState *createHandshake() const;
};
#endif

61
libraries/NoiseProtocol/src/Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s.cpp Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s.h"
/**
* \class NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_BLAKE2s Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s.h <Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s.h>
* \brief "NNpsk0" Noise handshake, using Curve25519, ChaChaPoly, and BLAKE2s.
*/
/**
* \class Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s.h <Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s.h>
* \brief "NNpsk0" Noise descriptor, using Curve25519, ChaChaPoly, and BLAKE2s.
*/
static char const Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s_Name[] =
"Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s";
NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_BLAKE2s::NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_BLAKE2s()
{
setSymmetricState(&sym);
setDHState(&dh);
setProtocolName(Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s_Name);
}
NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_BLAKE2s::~NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_BLAKE2s()
{
}
Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s::Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s()
: NoiseProtocolDescriptor(Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s_Name)
{
}
Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s::~Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s()
{
}
NoiseHandshakeState *Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s::createHandshake() const
{
return new NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_BLAKE2s();
}

52
libraries/NoiseProtocol/src/Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s.h Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_NN_PSK0_25519_CHACHAPOLY_BLAKE2S_h
#define NOISE_NN_PSK0_25519_CHACHAPOLY_BLAKE2S_h
#include "Noise_NNpsk0.h"
#include "NoiseProtocolDescriptor.h"
#include "NoiseSymmetricState_ChaChaPoly_BLAKE2s.h"
#include "NoiseDHState_Curve25519.h"
class NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_BLAKE2s
: public NoiseHandshakeState_NNpsk0
{
public:
NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_BLAKE2s();
virtual ~NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_BLAKE2s();
private:
NoiseSymmetricState_ChaChaPoly_BLAKE2s sym;
NoiseDHState_Curve25519_EphemOnly dh;
};
class Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s : public NoiseProtocolDescriptor
{
public:
Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s();
virtual ~Noise_NNpsk0_25519_ChaChaPoly_BLAKE2s();
NoiseHandshakeState *createHandshake() const;
};
#endif

61
libraries/NoiseProtocol/src/Noise_NNpsk0_25519_ChaChaPoly_SHA256.cpp Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_NNpsk0_25519_ChaChaPoly_SHA256.h"
/**
* \class NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_SHA256 Noise_NNpsk0_25519_ChaChaPoly_SHA256.h <Noise_NNpsk0_25519_ChaChaPoly_SHA256.h>
* \brief "NNpsk0" Noise handshake, using Curve25519, ChaChaPoly, and SHA256.
*/
/**
* \class Noise_NNpsk0_25519_ChaChaPoly_SHA256 Noise_NNpsk0_25519_ChaChaPoly_SHA256.h <Noise_NNpsk0_25519_ChaChaPoly_SHA256.h>
* \brief "NNpsk0" Noise descriptor, using Curve25519, ChaChaPoly, and SHA256.
*/
static char const Noise_NNpsk0_25519_ChaChaPoly_SHA256_Name[] =
"Noise_NNpsk0_25519_ChaChaPoly_SHA256";
NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_SHA256::NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_SHA256()
{
setSymmetricState(&sym);
setDHState(&dh);
setProtocolName(Noise_NNpsk0_25519_ChaChaPoly_SHA256_Name);
}
NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_SHA256::~NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_SHA256()
{
}
Noise_NNpsk0_25519_ChaChaPoly_SHA256::Noise_NNpsk0_25519_ChaChaPoly_SHA256()
: NoiseProtocolDescriptor(Noise_NNpsk0_25519_ChaChaPoly_SHA256_Name)
{
}
Noise_NNpsk0_25519_ChaChaPoly_SHA256::~Noise_NNpsk0_25519_ChaChaPoly_SHA256()
{
}
NoiseHandshakeState *Noise_NNpsk0_25519_ChaChaPoly_SHA256::createHandshake() const
{
return new NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_SHA256();
}

52
libraries/NoiseProtocol/src/Noise_NNpsk0_25519_ChaChaPoly_SHA256.h Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_NN_PSK0_25519_CHACHAPOLY_SHA256_h
#define NOISE_NN_PSK0_25519_CHACHAPOLY_SHA256_h
#include "Noise_NNpsk0.h"
#include "NoiseProtocolDescriptor.h"
#include "NoiseSymmetricState_ChaChaPoly_SHA256.h"
#include "NoiseDHState_Curve25519.h"
class NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_SHA256
: public NoiseHandshakeState_NNpsk0
{
public:
NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_SHA256();
virtual ~NoiseHandshakeState_NNpsk0_25519_ChaChaPoly_SHA256();
private:
NoiseSymmetricState_ChaChaPoly_SHA256 sym;
NoiseDHState_Curve25519_EphemOnly dh;
};
class Noise_NNpsk0_25519_ChaChaPoly_SHA256 : public NoiseProtocolDescriptor
{
public:
Noise_NNpsk0_25519_ChaChaPoly_SHA256();
virtual ~Noise_NNpsk0_25519_ChaChaPoly_SHA256();
NoiseHandshakeState *createHandshake() const;
};
#endif

51
libraries/NoiseProtocol/src/Noise_Pipes_25519_AESGCM_SHA256.cpp Normal file
View File

@ -0,0 +1,51 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_Pipes_25519_AESGCM_SHA256.h"
/**
* \class Noise_Pipes_25519_AESGCM_SHA256 Noise_Pipes_25519_AESGCM_SHA256.h <Noise_Pipes_25519_AESGCM_SHA256.h>
* \brief Noise Pipes descriptor, using Curve25519, AES256, GCM, and SHA256.
*
* Noise Pipes combines the effect of XX, IK, and XXfallback to produce a
* protocol that requires only two handshake messages if the responder's
* static public key is known, or three handshake messages if the key
* is unknown or incorrect.
*/
Noise_Pipes_25519_AESGCM_SHA256::Noise_Pipes_25519_AESGCM_SHA256()
{
}
Noise_Pipes_25519_AESGCM_SHA256::~Noise_Pipes_25519_AESGCM_SHA256()
{
}
const NoiseProtocolDescriptor *Noise_Pipes_25519_AESGCM_SHA256::abbreviatedDescriptor() const
{
return &ik;
}
const NoiseProtocolDescriptor *Noise_Pipes_25519_AESGCM_SHA256::fallbackDescriptor() const
{
return &fallback;
}

45
libraries/NoiseProtocol/src/Noise_Pipes_25519_AESGCM_SHA256.h Normal file
View File

@ -0,0 +1,45 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_PIPES_25519_AESGCM_SHA256_h
#define NOISE_PIPES_25519_AESGCM_SHA256_h
#include "Noise_XX_25519_AESGCM_SHA256.h"
#include "Noise_IK_25519_AESGCM_SHA256.h"
#include "Noise_XXfallback_25519_AESGCM_SHA256.h"
class Noise_Pipes_25519_AESGCM_SHA256 :
public Noise_XX_25519_AESGCM_SHA256
{
public:
Noise_Pipes_25519_AESGCM_SHA256();
virtual ~Noise_Pipes_25519_AESGCM_SHA256();
const NoiseProtocolDescriptor *abbreviatedDescriptor() const;
const NoiseProtocolDescriptor *fallbackDescriptor() const;
private:
Noise_IK_25519_AESGCM_SHA256 ik;
Noise_XXfallback_25519_AESGCM_SHA256 fallback;
};
#endif

51
libraries/NoiseProtocol/src/Noise_Pipes_25519_ChaChaPoly_BLAKE2s.cpp Normal file
View File

@ -0,0 +1,51 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_Pipes_25519_ChaChaPoly_BLAKE2s.h"
/**
* \class Noise_Pipes_25519_ChaChaPoly_BLAKE2s Noise_Pipes_25519_ChaChaPoly_BLAKE2s.h <Noise_Pipes_25519_ChaChaPoly_BLAKE2s.h>
* \brief Noise Pipes descriptor, using Curve25519, ChaChaPoly, and BLAKE2s.
*
* Noise Pipes combines the effect of XX, IK, and XXfallback to produce a
* protocol that requires only two handshake messages if the responder's
* static public key is known, or three handshake messages if the key
* is unknown or incorrect.
*/
Noise_Pipes_25519_ChaChaPoly_BLAKE2s::Noise_Pipes_25519_ChaChaPoly_BLAKE2s()
{
}
Noise_Pipes_25519_ChaChaPoly_BLAKE2s::~Noise_Pipes_25519_ChaChaPoly_BLAKE2s()
{
}
const NoiseProtocolDescriptor *Noise_Pipes_25519_ChaChaPoly_BLAKE2s::abbreviatedDescriptor() const
{
return &ik;
}
const NoiseProtocolDescriptor *Noise_Pipes_25519_ChaChaPoly_BLAKE2s::fallbackDescriptor() const
{
return &fallback;
}

45
libraries/NoiseProtocol/src/Noise_Pipes_25519_ChaChaPoly_BLAKE2s.h Normal file
View File

@ -0,0 +1,45 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_PIPES_25519_CHACHAPOLY_BLAKE2S_h
#define NOISE_PIPES_25519_CHACHAPOLY_BLAKE2S_h
#include "Noise_XX_25519_ChaChaPoly_BLAKE2s.h"
#include "Noise_IK_25519_ChaChaPoly_BLAKE2s.h"
#include "Noise_XXfallback_25519_ChaChaPoly_BLAKE2s.h"
class Noise_Pipes_25519_ChaChaPoly_BLAKE2s :
public Noise_XX_25519_ChaChaPoly_BLAKE2s
{
public:
Noise_Pipes_25519_ChaChaPoly_BLAKE2s();
virtual ~Noise_Pipes_25519_ChaChaPoly_BLAKE2s();
const NoiseProtocolDescriptor *abbreviatedDescriptor() const;
const NoiseProtocolDescriptor *fallbackDescriptor() const;
private:
Noise_IK_25519_ChaChaPoly_BLAKE2s ik;
Noise_XXfallback_25519_ChaChaPoly_BLAKE2s fallback;
};
#endif

51
libraries/NoiseProtocol/src/Noise_Pipes_25519_ChaChaPoly_SHA256.cpp Normal file
View File

@ -0,0 +1,51 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_Pipes_25519_ChaChaPoly_SHA256.h"
/**
* \class Noise_Pipes_25519_ChaChaPoly_SHA256 Noise_Pipes_25519_ChaChaPoly_SHA256.h <Noise_Pipes_25519_ChaChaPoly_SHA256.h>
* \brief Noise Pipes descriptor, using Curve25519, ChaChaPoly, and SHA256.
*
* Noise Pipes combines the effect of XX, IK, and XXfallback to produce a
* protocol that requires only two handshake messages if the responder's
* static public key is known, or three handshake messages if the key
* is unknown or incorrect.
*/
Noise_Pipes_25519_ChaChaPoly_SHA256::Noise_Pipes_25519_ChaChaPoly_SHA256()
{
}
Noise_Pipes_25519_ChaChaPoly_SHA256::~Noise_Pipes_25519_ChaChaPoly_SHA256()
{
}
const NoiseProtocolDescriptor *Noise_Pipes_25519_ChaChaPoly_SHA256::abbreviatedDescriptor() const
{
return &ik;
}
const NoiseProtocolDescriptor *Noise_Pipes_25519_ChaChaPoly_SHA256::fallbackDescriptor() const
{
return &fallback;
}

45
libraries/NoiseProtocol/src/Noise_Pipes_25519_ChaChaPoly_SHA256.h Normal file
View File

@ -0,0 +1,45 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_PIPES_25519_CHACHAPOLY_SHA256_h
#define NOISE_PIPES_25519_CHACHAPOLY_SHA256_h
#include "Noise_XX_25519_ChaChaPoly_SHA256.h"
#include "Noise_IK_25519_ChaChaPoly_SHA256.h"
#include "Noise_XXfallback_25519_ChaChaPoly_SHA256.h"
class Noise_Pipes_25519_ChaChaPoly_SHA256 :
public Noise_XX_25519_ChaChaPoly_SHA256
{
public:
Noise_Pipes_25519_ChaChaPoly_SHA256();
virtual ~Noise_Pipes_25519_ChaChaPoly_SHA256();
const NoiseProtocolDescriptor *abbreviatedDescriptor() const;
const NoiseProtocolDescriptor *fallbackDescriptor() const;
private:
Noise_IK_25519_ChaChaPoly_SHA256 ik;
Noise_XXfallback_25519_ChaChaPoly_SHA256 fallback;
};
#endif

93
libraries/NoiseProtocol/src/Noise_XX.cpp Normal file
View File

@ -0,0 +1,93 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_XX.h"
/**
* \class NoiseHandshakeState_XX Noise_XX.h <Noise_XX.h>
* \brief Handshake implementation of the Noise "XX" pattern.
*
* The "XX" pattern provides mutual authentication of the two communicating
* parties, with the identifying keys for the parties exchanged during
* the handshake.
*
* This class provides the core "XX" functionality. Subclasses provide
* implementations of "XX" that use specific algorithms, such as
* Noise_XX_25519_ChaChaPoly_BLAKE2s.
*/
/**
* \fn NoiseHandshakeState_XX::NoiseHandshakeState_XX()
* \brief Constructs a new Noise handshake that uses the XX pattern.
*/
/**
* \brief Destroys this Noise handshake.
*/
NoiseHandshakeState_XX::~NoiseHandshakeState_XX()
{
}
void NoiseHandshakeState_XX::removeKeys()
{
// Remote static key is expected to be discovered during the XX handshake.
// Local static key is preserved because we will eventually need to
// send it to the remote party during the XX handshake.
removeParameter(Noise::RemoteStaticPublicKey);
// Base class implementation removes the ephemeral keys.
NoiseHandshakeState::removeKeys();
}
void NoiseHandshakeState_XX::writeTokens
(NoiseHandshakeState::Packet &packet, uint8_t msgnum)
{
if (msgnum == 0) {
write_e(packet);
} else if (msgnum == 1) {
write_e(packet);
write_ee(packet);
write_s(packet);
write_es(packet);
} else if (msgnum == 2) {
write_s(packet);
write_se(packet);
packet.done = true;
}
}
void NoiseHandshakeState_XX::readTokens
(NoiseHandshakeState::Packet &packet, uint8_t msgnum)
{
if (msgnum == 0) {
read_e(packet);
} else if (msgnum == 1) {
read_e(packet);
read_ee(packet);
read_s(packet);
read_es(packet);
} else if (msgnum == 2) {
read_s(packet);
read_se(packet);
packet.done = true;
}
}

41
libraries/NoiseProtocol/src/Noise_XX.h Normal file
View File

@ -0,0 +1,41 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_XX_h
#define NOISE_XX_h
#include "NoiseHandshakeState.h"
class NoiseHandshakeState_XX : public NoiseHandshakeState
{
public:
virtual ~NoiseHandshakeState_XX();
protected:
NoiseHandshakeState_XX() {}
void removeKeys();
void writeTokens(NoiseHandshakeState::Packet &packet, uint8_t msgnum);
void readTokens(NoiseHandshakeState::Packet &packet, uint8_t msgnum);
};
#endif

61
libraries/NoiseProtocol/src/Noise_XX_25519_AESGCM_SHA256.cpp Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_XX_25519_AESGCM_SHA256.h"
/**
* \class NoiseHandshakeState_XX_25519_AESGCM_SHA256 Noise_XX_25519_AESGCM_SHA256.h <Noise_XX_25519_AESGCM_SHA256.h>
* \brief "XX" Noise handshake, using Curve25519, AES256, GCM, and SHA256.
*/
/**
* \class Noise_XX_25519_AESGCM_SHA256 Noise_XX_25519_AESGCM_SHA256.h <Noise_XX_25519_AESGCM_SHA256.h>
* \brief "XX" Noise descriptor, using Curve25519, AES256, GCM, and SHA256.
*/
static char const Noise_XX_25519_AESGCM_SHA256_Name[] =
"Noise_XX_25519_AESGCM_SHA256";
NoiseHandshakeState_XX_25519_AESGCM_SHA256::NoiseHandshakeState_XX_25519_AESGCM_SHA256()
{
setSymmetricState(&sym);
setDHState(&dh);
setProtocolName(Noise_XX_25519_AESGCM_SHA256_Name);
}
NoiseHandshakeState_XX_25519_AESGCM_SHA256::~NoiseHandshakeState_XX_25519_AESGCM_SHA256()
{
}
Noise_XX_25519_AESGCM_SHA256::Noise_XX_25519_AESGCM_SHA256()
: NoiseProtocolDescriptor(Noise_XX_25519_AESGCM_SHA256_Name, "1")
{
}
Noise_XX_25519_AESGCM_SHA256::~Noise_XX_25519_AESGCM_SHA256()
{
}
NoiseHandshakeState *Noise_XX_25519_AESGCM_SHA256::createHandshake() const
{
return new NoiseHandshakeState_XX_25519_AESGCM_SHA256();
}

51
libraries/NoiseProtocol/src/Noise_XX_25519_AESGCM_SHA256.h Normal file
View File

@ -0,0 +1,51 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_XX_25519_AESGCM_SHA256_h
#define NOISE_XX_25519_AESGCM_SHA256_h
#include "Noise_XX.h"
#include "NoiseProtocolDescriptor.h"
#include "NoiseSymmetricState_AESGCM_SHA256.h"
#include "NoiseDHState_Curve25519.h"
class NoiseHandshakeState_XX_25519_AESGCM_SHA256 : public NoiseHandshakeState_XX
{
public:
NoiseHandshakeState_XX_25519_AESGCM_SHA256();
virtual ~NoiseHandshakeState_XX_25519_AESGCM_SHA256();
private:
NoiseSymmetricState_AESGCM_SHA256 sym;
NoiseDHState_Curve25519 dh;
};
class Noise_XX_25519_AESGCM_SHA256 : public NoiseProtocolDescriptor
{
public:
Noise_XX_25519_AESGCM_SHA256();
virtual ~Noise_XX_25519_AESGCM_SHA256();
NoiseHandshakeState *createHandshake() const;
};
#endif

61
libraries/NoiseProtocol/src/Noise_XX_25519_ChaChaPoly_BLAKE2s.cpp Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_XX_25519_ChaChaPoly_BLAKE2s.h"
/**
* \class NoiseHandshakeState_XX_25519_ChaChaPoly_BLAKE2s Noise_XX_25519_ChaChaPoly_BLAKE2s.h <Noise_XX_25519_ChaChaPoly_BLAKE2s.h>
* \brief "XX" Noise handshake, using Curve25519, ChaChaPoly, and BLAKE2s.
*/
/**
* \class Noise_XX_25519_ChaChaPoly_BLAKE2s Noise_XX_25519_ChaChaPoly_BLAKE2s.h <Noise_XX_25519_ChaChaPoly_BLAKE2s.h>
* \brief "XX" Noise descriptor, using Curve25519, ChaChaPoly, and BLAKE2s.
*/
static char const Noise_XX_25519_ChaChaPoly_BLAKE2s_Name[] =
"Noise_XX_25519_ChaChaPoly_BLAKE2s";
NoiseHandshakeState_XX_25519_ChaChaPoly_BLAKE2s::NoiseHandshakeState_XX_25519_ChaChaPoly_BLAKE2s()
{
setSymmetricState(&sym);
setDHState(&dh);
setProtocolName(Noise_XX_25519_ChaChaPoly_BLAKE2s_Name);
}
NoiseHandshakeState_XX_25519_ChaChaPoly_BLAKE2s::~NoiseHandshakeState_XX_25519_ChaChaPoly_BLAKE2s()
{
}
Noise_XX_25519_ChaChaPoly_BLAKE2s::Noise_XX_25519_ChaChaPoly_BLAKE2s()
: NoiseProtocolDescriptor(Noise_XX_25519_ChaChaPoly_BLAKE2s_Name, "3")
{
}
Noise_XX_25519_ChaChaPoly_BLAKE2s::~Noise_XX_25519_ChaChaPoly_BLAKE2s()
{
}
NoiseHandshakeState *Noise_XX_25519_ChaChaPoly_BLAKE2s::createHandshake() const
{
return new NoiseHandshakeState_XX_25519_ChaChaPoly_BLAKE2s();
}

52
libraries/NoiseProtocol/src/Noise_XX_25519_ChaChaPoly_BLAKE2s.h Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_XX_25519_CHACHAPOLY_BLAKE2S_h
#define NOISE_XX_25519_CHACHAPOLY_BLAKE2S_h
#include "Noise_XX.h"
#include "NoiseProtocolDescriptor.h"
#include "NoiseSymmetricState_ChaChaPoly_BLAKE2s.h"
#include "NoiseDHState_Curve25519.h"
class NoiseHandshakeState_XX_25519_ChaChaPoly_BLAKE2s
: public NoiseHandshakeState_XX
{
public:
NoiseHandshakeState_XX_25519_ChaChaPoly_BLAKE2s();
virtual ~NoiseHandshakeState_XX_25519_ChaChaPoly_BLAKE2s();
private:
NoiseSymmetricState_ChaChaPoly_BLAKE2s sym;
NoiseDHState_Curve25519 dh;
};
class Noise_XX_25519_ChaChaPoly_BLAKE2s : public NoiseProtocolDescriptor
{
public:
Noise_XX_25519_ChaChaPoly_BLAKE2s();
virtual ~Noise_XX_25519_ChaChaPoly_BLAKE2s();
NoiseHandshakeState *createHandshake() const;
};
#endif

61
libraries/NoiseProtocol/src/Noise_XX_25519_ChaChaPoly_SHA256.cpp Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_XX_25519_ChaChaPoly_SHA256.h"
/**
* \class NoiseHandshakeState_XX_25519_ChaChaPoly_SHA256 Noise_XX_25519_ChaChaPoly_SHA256.h <Noise_XX_25519_ChaChaPoly_SHA256.h>
* \brief "XX" Noise handshake, using Curve25519, ChaChaPoly, and SHA256.
*/
/**
* \class Noise_XX_25519_ChaChaPoly_SHA256 Noise_XX_25519_ChaChaPoly_SHA256.h <Noise_XX_25519_ChaChaPoly_SHA256.h>
* \brief "XX" Noise descriptor, using Curve25519, ChaChaPoly, and SHA256.
*/
static char const Noise_XX_25519_ChaChaPoly_SHA256_Name[] =
"Noise_XX_25519_ChaChaPoly_SHA256";
NoiseHandshakeState_XX_25519_ChaChaPoly_SHA256::NoiseHandshakeState_XX_25519_ChaChaPoly_SHA256()
{
setSymmetricState(&sym);
setDHState(&dh);
setProtocolName(Noise_XX_25519_ChaChaPoly_SHA256_Name);
}
NoiseHandshakeState_XX_25519_ChaChaPoly_SHA256::~NoiseHandshakeState_XX_25519_ChaChaPoly_SHA256()
{
}
Noise_XX_25519_ChaChaPoly_SHA256::Noise_XX_25519_ChaChaPoly_SHA256()
: NoiseProtocolDescriptor(Noise_XX_25519_ChaChaPoly_SHA256_Name, "2")
{
}
Noise_XX_25519_ChaChaPoly_SHA256::~Noise_XX_25519_ChaChaPoly_SHA256()
{
}
NoiseHandshakeState *Noise_XX_25519_ChaChaPoly_SHA256::createHandshake() const
{
return new NoiseHandshakeState_XX_25519_ChaChaPoly_SHA256();
}

52
libraries/NoiseProtocol/src/Noise_XX_25519_ChaChaPoly_SHA256.h Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_XX_25519_CHACHAPOLY_SHA256_h
#define NOISE_XX_25519_CHACHAPOLY_SHA256_h
#include "Noise_XX.h"
#include "NoiseProtocolDescriptor.h"
#include "NoiseSymmetricState_ChaChaPoly_SHA256.h"
#include "NoiseDHState_Curve25519.h"
class NoiseHandshakeState_XX_25519_ChaChaPoly_SHA256
: public NoiseHandshakeState_XX
{
public:
NoiseHandshakeState_XX_25519_ChaChaPoly_SHA256();
virtual ~NoiseHandshakeState_XX_25519_ChaChaPoly_SHA256();
private:
NoiseSymmetricState_ChaChaPoly_SHA256 sym;
NoiseDHState_Curve25519 dh;
};
class Noise_XX_25519_ChaChaPoly_SHA256 : public NoiseProtocolDescriptor
{
public:
Noise_XX_25519_ChaChaPoly_SHA256();
virtual ~Noise_XX_25519_ChaChaPoly_SHA256();
NoiseHandshakeState *createHandshake() const;
};
#endif

118
libraries/NoiseProtocol/src/Noise_XXfallback.cpp Normal file
View File

@ -0,0 +1,118 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_XXfallback.h"
/**
* \class NoiseHandshakeState_XXfallback Noise_XXfallback.h <Noise_XXfallback.h>
* \brief Handshake implementation of the Noise "XXfallback" pattern.
*
* The "XXfallback" pattern provides mutual authentication of the two
* communicating parties after a previous "IK" handshake has failed.
* The application should use startFallback() instead of start() to
* start the new handshake.
*
* This class provides the core "XXfallback" functionality. Subclasses provide
* implementations of "XXfallback" that use specific algorithms, such as
* Noise_XXfallback_25519_ChaChaPoly_BLAKE2s.
*/
/**
* \fn NoiseHandshakeState_XXfallback::NoiseHandshakeState_XXfallback()
* \brief Constructs a new Noise handshake that uses the XXfallback pattern.
*/
/**
* \brief Destroys this Noise handshake.
*/
NoiseHandshakeState_XXfallback::~NoiseHandshakeState_XXfallback()
{
}
bool NoiseHandshakeState_XXfallback::startFallback
(const NoiseHandshakeState *fallbackFrom, Noise::Party party,
const void *prologue, size_t prologueLen)
{
// Cannot fallback if no previous handshake, or fall back from ourselves.
if (!fallbackFrom || fallbackFrom == this) {
setState(Noise::Failed);
return false;
}
NoiseDHState *thisDH = dhState();
// Copy keys from the previous handshake into this one.
const NoiseDHState *otherDH = otherDHState(fallbackFrom);
if (!thisDH || !otherDH || !thisDH->fallback(party, otherDH)) {
setState(Noise::Failed);
return false;
}
// Start the new handshake.
start(party, prologue, prologueLen);
// Hash the initiator's ephemeral public key from the pre-message.
if (party == Noise::Initiator)
thisDH->hashPublicKey(symmetricState(), Noise::LocalEphemPublicKey);
else
thisDH->hashPublicKey(symmetricState(), Noise::RemoteEphemPublicKey);
// The responder writes first in a XXfallback handshake.
setState(party == Noise::Initiator ? Noise::Read : Noise::Write);
return true;
}
void NoiseHandshakeState_XXfallback::removeKeys()
{
// Remove the remote static public key only. We need to keep the
// ephemeral keys to perform the fallback correctly.
removeParameter(Noise::RemoteStaticPublicKey);
}
void NoiseHandshakeState_XXfallback::writeTokens
(NoiseHandshakeState::Packet &packet, uint8_t msgnum)
{
if (msgnum == 0) {
write_e(packet);
write_ee(packet);
write_s(packet);
write_es(packet);
} else if (msgnum == 1) {
write_s(packet);
write_se(packet);
packet.done = true;
}
}
void NoiseHandshakeState_XXfallback::readTokens
(NoiseHandshakeState::Packet &packet, uint8_t msgnum)
{
if (msgnum == 0) {
read_e(packet);
read_ee(packet);
read_s(packet);
read_es(packet);
} else if (msgnum == 1) {
read_s(packet);
read_se(packet);
packet.done = true;
}
}

45
libraries/NoiseProtocol/src/Noise_XXfallback.h Normal file
View File

@ -0,0 +1,45 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_XX_FALLBACK_h
#define NOISE_XX_FALLBACK_h
#include "NoiseHandshakeState.h"
class NoiseHandshakeState_XXfallback : public NoiseHandshakeState
{
public:
virtual ~NoiseHandshakeState_XXfallback();
bool startFallback
(const NoiseHandshakeState *fallbackFrom, Noise::Party party,
const void *prologue, size_t prologueLen);
protected:
NoiseHandshakeState_XXfallback() {}
void removeKeys();
void writeTokens(NoiseHandshakeState::Packet &packet, uint8_t msgnum);
void readTokens(NoiseHandshakeState::Packet &packet, uint8_t msgnum);
};
#endif

61
libraries/NoiseProtocol/src/Noise_XXfallback_25519_AESGCM_SHA256.cpp Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_XXfallback_25519_AESGCM_SHA256.h"
/**
* \class NoiseHandshakeState_XXfallback_25519_AESGCM_SHA256 Noise_XXfallback_25519_AESGCM_SHA256.h <Noise_XXfallback_25519_AESGCM_SHA256.h>
* \brief "XXfallback" Noise handshake, using Curve25519, AES256, GCM, and SHA256.
*/
/**
* \class Noise_XXfallback_25519_AESGCM_SHA256 Noise_XXfallback_25519_AESGCM_SHA256.h <Noise_XXfallback_25519_AESGCM_SHA256.h>
* \brief "XXfallback" Noise descriptor, using Curve25519, AES256, GCM, and SHA256.
*/
static char const Noise_XXfallback_25519_AESGCM_SHA256_Name[] =
"Noise_XXfallback_25519_AESGCM_SHA256";
NoiseHandshakeState_XXfallback_25519_AESGCM_SHA256::NoiseHandshakeState_XXfallback_25519_AESGCM_SHA256()
{
setSymmetricState(&sym);
setDHState(&dh);
setProtocolName(Noise_XXfallback_25519_AESGCM_SHA256_Name);
}
NoiseHandshakeState_XXfallback_25519_AESGCM_SHA256::~NoiseHandshakeState_XXfallback_25519_AESGCM_SHA256()
{
}
Noise_XXfallback_25519_AESGCM_SHA256::Noise_XXfallback_25519_AESGCM_SHA256()
: NoiseProtocolDescriptor(Noise_XXfallback_25519_AESGCM_SHA256_Name)
{
}
Noise_XXfallback_25519_AESGCM_SHA256::~Noise_XXfallback_25519_AESGCM_SHA256()
{
}
NoiseHandshakeState *Noise_XXfallback_25519_AESGCM_SHA256::createHandshake() const
{
return new NoiseHandshakeState_XXfallback_25519_AESGCM_SHA256();
}

51
libraries/NoiseProtocol/src/Noise_XXfallback_25519_AESGCM_SHA256.h Normal file
View File

@ -0,0 +1,51 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_XX_FALLBACK_25519_AESGCM_SHA256_h
#define NOISE_XX_FALLBACK_25519_AESGCM_SHA256_h
#include "Noise_XXfallback.h"
#include "NoiseProtocolDescriptor.h"
#include "NoiseSymmetricState_AESGCM_SHA256.h"
#include "NoiseDHState_Curve25519.h"
class NoiseHandshakeState_XXfallback_25519_AESGCM_SHA256 : public NoiseHandshakeState_XXfallback
{
public:
NoiseHandshakeState_XXfallback_25519_AESGCM_SHA256();
virtual ~NoiseHandshakeState_XXfallback_25519_AESGCM_SHA256();
private:
NoiseSymmetricState_AESGCM_SHA256 sym;
NoiseDHState_Curve25519 dh;
};
class Noise_XXfallback_25519_AESGCM_SHA256 : public NoiseProtocolDescriptor
{
public:
Noise_XXfallback_25519_AESGCM_SHA256();
virtual ~Noise_XXfallback_25519_AESGCM_SHA256();
NoiseHandshakeState *createHandshake() const;
};
#endif

61
libraries/NoiseProtocol/src/Noise_XXfallback_25519_ChaChaPoly_BLAKE2s.cpp Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_XXfallback_25519_ChaChaPoly_BLAKE2s.h"
/**
* \class NoiseHandshakeState_XXfallback_25519_ChaChaPoly_BLAKE2s Noise_XXfallback_25519_ChaChaPoly_BLAKE2s.h <Noise_XXfallback_25519_ChaChaPoly_BLAKE2s.h>
* \brief "XXfallback" Noise handshake, using Curve25519, ChaChaPoly, and BLAKE2s.
*/
/**
* \class Noise_XXfallback_25519_ChaChaPoly_BLAKE2s Noise_XXfallback_25519_ChaChaPoly_BLAKE2s.h <Noise_XXfallback_25519_ChaChaPoly_BLAKE2s.h>
* \brief "XXfallback" Noise descriptor, using Curve25519, ChaChaPoly, and BLAKE2s.
*/
static char const Noise_XXfallback_25519_ChaChaPoly_BLAKE2s_Name[] =
"Noise_XXfallback_25519_ChaChaPoly_BLAKE2s";
NoiseHandshakeState_XXfallback_25519_ChaChaPoly_BLAKE2s::NoiseHandshakeState_XXfallback_25519_ChaChaPoly_BLAKE2s()
{
setSymmetricState(&sym);
setDHState(&dh);
setProtocolName(Noise_XXfallback_25519_ChaChaPoly_BLAKE2s_Name);
}
NoiseHandshakeState_XXfallback_25519_ChaChaPoly_BLAKE2s::~NoiseHandshakeState_XXfallback_25519_ChaChaPoly_BLAKE2s()
{
}
Noise_XXfallback_25519_ChaChaPoly_BLAKE2s::Noise_XXfallback_25519_ChaChaPoly_BLAKE2s()
: NoiseProtocolDescriptor(Noise_XXfallback_25519_ChaChaPoly_BLAKE2s_Name)
{
}
Noise_XXfallback_25519_ChaChaPoly_BLAKE2s::~Noise_XXfallback_25519_ChaChaPoly_BLAKE2s()
{
}
NoiseHandshakeState *Noise_XXfallback_25519_ChaChaPoly_BLAKE2s::createHandshake() const
{
return new NoiseHandshakeState_XXfallback_25519_ChaChaPoly_BLAKE2s();
}

52
libraries/NoiseProtocol/src/Noise_XXfallback_25519_ChaChaPoly_BLAKE2s.h Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_XX_FALLBACK_25519_CHACHAPOLY_BLAKE2S_h
#define NOISE_XX_FALLBACK_25519_CHACHAPOLY_BLAKE2S_h
#include "Noise_XXfallback.h"
#include "NoiseProtocolDescriptor.h"
#include "NoiseSymmetricState_ChaChaPoly_BLAKE2s.h"
#include "NoiseDHState_Curve25519.h"
class NoiseHandshakeState_XXfallback_25519_ChaChaPoly_BLAKE2s
: public NoiseHandshakeState_XXfallback
{
public:
NoiseHandshakeState_XXfallback_25519_ChaChaPoly_BLAKE2s();
virtual ~NoiseHandshakeState_XXfallback_25519_ChaChaPoly_BLAKE2s();
private:
NoiseSymmetricState_ChaChaPoly_BLAKE2s sym;
NoiseDHState_Curve25519 dh;
};
class Noise_XXfallback_25519_ChaChaPoly_BLAKE2s : public NoiseProtocolDescriptor
{
public:
Noise_XXfallback_25519_ChaChaPoly_BLAKE2s();
virtual ~Noise_XXfallback_25519_ChaChaPoly_BLAKE2s();
NoiseHandshakeState *createHandshake() const;
};
#endif

61
libraries/NoiseProtocol/src/Noise_XXfallback_25519_ChaChaPoly_SHA256.cpp Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include "Noise_XXfallback_25519_ChaChaPoly_SHA256.h"
/**
* \class NoiseHandshakeState_XXfallback_25519_ChaChaPoly_SHA256 Noise_XXfallback_25519_ChaChaPoly_SHA256.h <Noise_XXfallback_25519_ChaChaPoly_SHA256.h>
* \brief "XXfallback" Noise handshake, using Curve25519, ChaChaPoly, and SHA256.
*/
/**
* \class Noise_XXfallback_25519_ChaChaPoly_SHA256 Noise_XXfallback_25519_ChaChaPoly_SHA256.h <Noise_XXfallback_25519_ChaChaPoly_SHA256.h>
* \brief "XXfallback" Noise descriptor, using Curve25519, ChaChaPoly, and SHA256.
*/
static char const Noise_XXfallback_25519_ChaChaPoly_SHA256_Name[] =
"Noise_XXfallback_25519_ChaChaPoly_SHA256";
NoiseHandshakeState_XXfallback_25519_ChaChaPoly_SHA256::NoiseHandshakeState_XXfallback_25519_ChaChaPoly_SHA256()
{
setSymmetricState(&sym);
setDHState(&dh);
setProtocolName(Noise_XXfallback_25519_ChaChaPoly_SHA256_Name);
}
NoiseHandshakeState_XXfallback_25519_ChaChaPoly_SHA256::~NoiseHandshakeState_XXfallback_25519_ChaChaPoly_SHA256()
{
}
Noise_XXfallback_25519_ChaChaPoly_SHA256::Noise_XXfallback_25519_ChaChaPoly_SHA256()
: NoiseProtocolDescriptor(Noise_XXfallback_25519_ChaChaPoly_SHA256_Name)
{
}
Noise_XXfallback_25519_ChaChaPoly_SHA256::~Noise_XXfallback_25519_ChaChaPoly_SHA256()
{
}
NoiseHandshakeState *Noise_XXfallback_25519_ChaChaPoly_SHA256::createHandshake() const
{
return new NoiseHandshakeState_XXfallback_25519_ChaChaPoly_SHA256();
}

52
libraries/NoiseProtocol/src/Noise_XXfallback_25519_ChaChaPoly_SHA256.h Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright (C) 2018 Southern Storm Software, Pty Ltd.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#ifndef NOISE_XX_FALLBACK_25519_CHACHAPOLY_SHA256_h
#define NOISE_XX_FALLBACK_25519_CHACHAPOLY_SHA256_h
#include "Noise_XXfallback.h"
#include "NoiseProtocolDescriptor.h"
#include "NoiseSymmetricState_ChaChaPoly_SHA256.h"
#include "NoiseDHState_Curve25519.h"
class NoiseHandshakeState_XXfallback_25519_ChaChaPoly_SHA256
: public NoiseHandshakeState_XXfallback
{
public:
NoiseHandshakeState_XXfallback_25519_ChaChaPoly_SHA256();
virtual ~NoiseHandshakeState_XXfallback_25519_ChaChaPoly_SHA256();
private:
NoiseSymmetricState_ChaChaPoly_SHA256 sym;
NoiseDHState_Curve25519 dh;
};
class Noise_XXfallback_25519_ChaChaPoly_SHA256 : public NoiseProtocolDescriptor
{
public:
Noise_XXfallback_25519_ChaChaPoly_SHA256();
virtual ~Noise_XXfallback_25519_ChaChaPoly_SHA256();
NoiseHandshakeState *createHandshake() const;
};
#endif