richard
/
shadowsocks-libev
mirror of https://github.com/shadowsocks/shadowsocks-libev.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
867 Commits
8 Branches
85 Tags
14 MiB
Tree: f5f7adaa71
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f5f7adaa71'
${ noResults }
shadowsocks-libev/src/encrypt.h

185 lines
4.8 KiB
Raw Normal View History

add license headers
10 years ago
bump version
10 years ago
add license headers
10 years ago
Replace libasyncns with libudns
10 years ago
add license headers
10 years ago
update to the latest libev
12 years ago
Add initial support for native win32 platform Should be built against MinGW, and please note that only ss-local is ported due to lack win32 support of libasyncns. And libev doesn't support IOCP but only supports select
11 years ago
update to the latest libev
12 years ago
Add initial support for native win32 platform Should be built against MinGW, and please note that only ss-local is ported due to lack win32 support of libasyncns. And libev doesn't support IOCP but only supports select
11 years ago
update to the latest libev
12 years ago
add stdint for mingw
10 years ago
remove openssl dependency
12 years ago
Add initial support for PolarSSL crypto library
11 years ago
Fix MinGW PolarSSL build and update readme
11 years ago
WIP: add aes/des and other ciphers
11 years ago
Add initial support for PolarSSL crypto library
11 years ago
darwin: initial support for CommonCrypto API
11 years ago
Add initial support for PolarSSL crypto library
11 years ago
Fix MinGW PolarSSL build and update readme
11 years ago
Add initial support for PolarSSL crypto library
11 years ago
Fix MinGW PolarSSL build and update readme
11 years ago
Add initial support for PolarSSL crypto library
11 years ago
darwin: initial support for CommonCrypto API
11 years ago
Add initial support for PolarSSL crypto library
11 years ago
Fix MinGW PolarSSL build and update readme
11 years ago
Add mbed TLS support for shadowsocks-libev Notes: - Test cipher CFB support just in case (i.e. OpenWrt disabled it) - Added some inline notes, please feel free to modify or remove them. - Sorry for my bad English - If you want to compile for OpenWrt, please make sure this hunk[1] not exists. - Only tested on ARM mamba (Linksys WRT1900AC v1), it works. [1] https://github.com/openwrt-mirror/openwrt/blob/master/package/libs/mbedtls/patches/200-config.patch#L12-L20 Have fun! Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
9 years ago
Add initial support for PolarSSL crypto library
11 years ago
WIP: add aes/des and other ciphers
11 years ago
darwin: initial support for CommonCrypto API
11 years ago
bump version
10 years ago
darwin: initial support for CommonCrypto API
11 years ago
bump version
10 years ago
darwin: initial support for CommonCrypto API
11 years ago
refine the sodium support
10 years ago
darwin: initial support for CommonCrypto API
11 years ago
add json config support
12 years ago
implement encrypt() function
10 years ago
add fake ciphers for salsa20 chacha20
10 years ago
refine the sodium support
10 years ago
Update code style
11 years ago
support more ciphers
11 years ago
add rc4-md5 encryption method
10 years ago
add fake ciphers for salsa20 chacha20
10 years ago
WIP: add aes/des and other ciphers
11 years ago
add onetime authentication
9 years ago
encode auth flag in atyp
9 years ago
truncate HMAC-SHA1 to 10 bytes
9 years ago
replace poly1305 with hmac-sha1
9 years ago
add CRC8 for payload authentication
9 years ago
bump version
10 years ago
WIP: almost there
11 years ago
Refine the authentication for true CCA
9 years ago
Use one time key for BLAKE2b
9 years ago
Refine the authentication for true CCA
9 years ago
bump version
10 years ago
fix a overflow
11 years ago
implement encrypt() function
10 years ago
Add initial support for PolarSSL crypto library
11 years ago
WIP: add aes/des and other ciphers
11 years ago
add auth to udprelay
9 years ago
bump version
10 years ago
WIP: add aes/des and other ciphers
11 years ago
handle incomplete header
11 years ago
Add initial support for PolarSSL crypto library
11 years ago
update to the latest libev
12 years ago
add auth to udprelay
9 years ago
add onetime authentication
9 years ago
Use IV + Chunk id as key of BLAKE2b
9 years ago
add CRC8 for payload authentication
9 years ago
update to the latest libev
12 years ago
  1. /*
  2. * encrypt.h - Define the enryptor's interface
  3. *
  4. * Copyright (C) 2013 - 2015, Max Lv <max.c.lv@gmail.com>
  5. *
  6. * This file is part of the shadowsocks-libev.
  7. *
  8. * shadowsocks-libev is free software; you can redistribute it and/or modify
  9. * it under the terms of the GNU General Public License as published by
  10. * the Free Software Foundation; either version 3 of the License, or
  11. * (at your option) any later version.
  12. *
  13. * shadowsocks-libev is distributed in the hope that it will be useful,
  14. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16. * GNU General Public License for more details.
  17. *
  18. * You should have received a copy of the GNU General Public License
  19. * along with shadowsocks-libev; see the file COPYING. If not, see
  20. * <http://www.gnu.org/licenses/>.
  21. */
  23. #ifndef _ENCRYPT_H
  24. #define _ENCRYPT_H
  26. #ifndef __MINGW32__
  27. #include <sys/socket.h>
  28. #else
  30. #ifdef max
  31. #undef max
  32. #endif
  34. #ifdef min
  35. #undef min
  36. #endif
  38. #endif
  40. #include <string.h>
  41. #include <stdlib.h>
  42. #include <stdio.h>
  43. #include <stdint.h>
  45. #if defined(USE_CRYPTO_OPENSSL)
  47. #include <openssl/evp.h>
  48. typedef EVP_CIPHER cipher_kt_t;
  49. typedef EVP_CIPHER_CTX cipher_evp_t;
  50. typedef EVP_MD digest_type_t;
  51. #define MAX_KEY_LENGTH EVP_MAX_KEY_LENGTH
  52. #define MAX_IV_LENGTH EVP_MAX_IV_LENGTH
  53. #define MAX_MD_SIZE EVP_MAX_MD_SIZE
  55. #elif defined(USE_CRYPTO_POLARSSL)
  57. #include <polarssl/cipher.h>
  58. #include <polarssl/md.h>
  59. typedef cipher_info_t cipher_kt_t;
  60. typedef cipher_context_t cipher_evp_t;
  61. typedef md_info_t digest_type_t;
  62. #define MAX_KEY_LENGTH 64
  63. #define MAX_IV_LENGTH POLARSSL_MAX_IV_LENGTH
  64. #define MAX_MD_SIZE POLARSSL_MD_MAX_SIZE
  66. #elif defined(USE_CRYPTO_MBEDTLS)
  68. #include <mbedtls/cipher.h>
  69. #include <mbedtls/md.h>
  70. typedef mbedtls_cipher_info_t cipher_kt_t;
  71. typedef mbedtls_cipher_context_t cipher_evp_t;
  72. typedef mbedtls_md_info_t digest_type_t;
  73. #define MAX_KEY_LENGTH 64
  74. #define MAX_IV_LENGTH MBEDTLS_MAX_IV_LENGTH
  75. #define MAX_MD_SIZE MBEDTLS_MD_MAX_SIZE
  77. /* we must have MBEDTLS_CIPHER_MODE_CFB defined */
  78. #if !defined(MBEDTLS_CIPHER_MODE_CFB)
  79. #error Cipher Feedback mode a.k.a CFB not supported by your mbed TLS.
  80. #endif
  82. #endif
  84. #ifdef USE_CRYPTO_APPLECC
  86. #include <CommonCrypto/CommonCrypto.h>
  88. #define kCCAlgorithmInvalid UINT32_MAX
  89. #define kCCContextValid 0
  90. #define kCCContextInvalid -1
  92. typedef struct {
  93. CCCryptorRef cryptor;
  94. int valid;
  95. CCOperation encrypt;
  96. CCAlgorithm cipher;
  97. CCMode mode;
  98. CCPadding padding;
  99. uint8_t iv[MAX_IV_LENGTH];
  100. uint8_t key[MAX_KEY_LENGTH];
  101. size_t iv_len;
  102. size_t key_len;
  103. } cipher_cc_t;
  105. #endif
  107. typedef struct {
  108. cipher_evp_t evp;
  109. #ifdef USE_CRYPTO_APPLECC
  110. cipher_cc_t cc;
  111. #endif
  112. uint8_t iv[MAX_IV_LENGTH];
  113. } cipher_ctx_t;
  115. #ifdef HAVE_STDINT_H
  116. #include <stdint.h>
  117. #elif HAVE_INTTYPES_H
  118. #include <inttypes.h>
  119. #endif
  121. #define SODIUM_BLOCK_SIZE 64
  122. #define CIPHER_NUM 17
  124. #define NONE -1
  125. #define TABLE 0
  126. #define RC4 1
  127. #define RC4_MD5 2
  128. #define AES_128_CFB 3
  129. #define AES_192_CFB 4
  130. #define AES_256_CFB 5
  131. #define BF_CFB 6
  132. #define CAMELLIA_128_CFB 7
  133. #define CAMELLIA_192_CFB 8
  134. #define CAMELLIA_256_CFB 9
  135. #define CAST5_CFB 10
  136. #define DES_CFB 11
  137. #define IDEA_CFB 12
  138. #define RC2_CFB 13
  139. #define SEED_CFB 14
  140. #define SALSA20 15
  141. #define CHACHA20 16
  144. #define ONETIMEAUTH_FLAG 0x10
  145. #define ADDRTYPE_MASK 0xF
  147. #define ONETIMEAUTH_BYTES 10U
  148. #define CLEN_BYTES 2U
  149. #define AUTH_BYTES (ONETIMEAUTH_BYTES + CLEN_BYTES)
  151. #define min(a, b) (((a) < (b)) ? (a) : (b))
  152. #define max(a, b) (((a) > (b)) ? (a) : (b))
  154. struct chunk {
  155. uint32_t idx;
  156. uint32_t len;
  157. uint32_t counter;
  158. char *buf;
  159. };
  161. struct enc_ctx {
  162. uint8_t init;
  163. uint64_t counter;
  164. cipher_ctx_t evp;
  165. };
  167. char * ss_encrypt_all(int buf_size, char *plaintext, ssize_t *len, int method, int auth);
  168. char * ss_decrypt_all(int buf_size, char *ciphertext, ssize_t *len, int method, int auth);
  169. char * ss_encrypt(int buf_size, char *plaintext, ssize_t *len,
  170. struct enc_ctx *ctx);
  171. char * ss_decrypt(int buf_size, char *ciphertext, ssize_t *len,
  172. struct enc_ctx *ctx);
  173. void enc_ctx_init(int method, struct enc_ctx *ctx, int enc);
  174. int enc_init(const char *pass, const char *method);
  175. int enc_get_iv_len(void);
  176. void cipher_context_release(cipher_ctx_t *evp);
  177. unsigned char *enc_md5(const unsigned char *d, size_t n, unsigned char *md);
  179. int ss_onetimeauth(char *auth, char *msg, int msg_len, uint8_t *iv);
  180. int ss_onetimeauth_verify(char *auth, char *msg, int msg_len, uint8_t *iv);
  182. int ss_check_hash(char **buf_ptr, ssize_t *buf_len, struct chunk *chunk, struct enc_ctx *ctx, int buf_size);
  183. char *ss_gen_hash(char *buf, ssize_t *buf_len, uint32_t *counter, struct enc_ctx *ctx, int buf_size);
  185. #endif // _ENCRYPT_H