00001 // interface.h 00002 // prototype of functions that interfaces with library 00003 00004 #include <stdio.h> 00005 #include <stdlib.h> 00006 #include <string.h> 00007 #include <sys/stat.h> 00008 00009 #define PATH xyssl-0.9/include/xyssl 00010 00011 #include "xyssl-0.9/include/xyssl/havege.h" 00012 #include "xyssl-0.9/include/xyssl/bignum.h" 00013 #include "xyssl-0.9/include/xyssl/rsa.h" 00014 #include "xyssl-0.9/include/xyssl/sha2.h" 00015 #include "xyssl-0.9/include/xyssl/sha1.h" 00016 #include "xyssl-0.9/include/xyssl/aes.h" 00017 #include "xyssl-0.9/include/xyssl/md5.h" 00018 //#include "PATH/mc_error.h" 00019 00020 #define MODE_ENCRYPT 0 00021 #define MODE_DECRYPT 1 00022 #define MAXDATASIZE 4096 00023 00024 #define KEY_SIZE 1024 00025 #define EXPONENT 65537 00026 00027 #define RSA_EN 0 00028 #define RSA_DE 1 00029 00030 /* 00031 * Copying a part of string 'src' starting from 00032 * 'start_index' upto 'length' and stroe in 'dest' 00033 */ 00034 //static void mystrncpy(char *dest, char *src, int start_index, int length); 00035 00036 /* set 'pubkey' with the public key of host name 'hname' from known-host file lookup 00037 * pubkey : public key of hname 00038 * hname : host name for which public key is requested 00039 * 00040 * Return value : 1 if public key of 'hname' is found in known host file 00041 * otherwise -1 00042 */ 00043 int read_known_host_file(char *pubkey, char *hname, char *filename); 00044 00045 /* 00046 * separating the two part of pubkey into N and E 00047 */ 00048 //static void separate_key_parts(char *pubkey, char *N, char *E, char *D, char *P, char *Q, char *DP, char *DQ, char *QP); 00049 00050 /* Read encrypted file, decrypt it and put the content in 'string' 00051 * and return private key (plaintext) in privatekey 00052 * enfile : AES encrypted private key file 00053 * string : output plaintext private key 00054 * passphase : passphase to decrypt the encrypte private key file, 00055 * must be same as when used to encrypt that file 00056 * 00057 * Return value : 1 if decryption is successfull otherwise -1 00058 */ 00059 int read_encrypted_file(char *enfile, char *string, unsigned char *passphase); 00060 00061 00062 /* Encrypting plaintext into ciphertext with public key (N, E) using RSA 00063 * publickey : public key 00064 * plaintext : input text to be encrypted 00065 * ciphertext : output containing encrypted text 00066 * 00067 * Return value : 1 if encryption is successful otherwise -1 00068 */ 00069 int rsa_encryption(char *publickey, char *plaintext, char *ciphertext); 00070 00071 /* Decrypting ciphertext into plaintext with private key using RSA 00072 * ciphertext : input encrypted text 00073 * plaintext : output plain text 00074 * privatekeyfile : file contain private key 00075 * 00076 * Return value : 1 if decryption is successful otherwise -1 00077 */ 00078 int rsa_decryption(char *ciphertext, char *plaintext, char *privatekeyfile); 00079 00080 /* Called by agency who want to initiate migration process. 00081 * handle all piggyback authentication process 00082 * sockfd : socket descriptor 00083 * publickey : public key of other peer 00084 * privatekey : private key 00085 * 00086 * Return value : 1 upon success, -1 if connected agency is not authenticated 00087 * -2 if I am unable to get authentication from otehr agency 00088 */ 00089 00090 int initiate_migration_process(int sockfd, int *nonce, char *publickey, char *privatekey, unsigned char *aes_key); 00091 00092 /* Called by agency who is a receiver agency in migration process. 00093 * handle all piggyback authentication process 00094 * sockfd : socket descriptor 00095 * publickey : public key of other peer 00096 * privatekey : private key 00097 * 00098 * Return value : 1 upon success, -1 if connected agency is not authenticated 00099 * -2 if I am unable to get authentication from otehr agency 00100 */ 00101 00102 int reply_migration_process(int new_fd, int *nonce, char *publickey, char *privatekey, unsigned char *aes_key); 00103 00104 /* Prove own authentication to other peer: 00105 * This function waits to receive challenge from peer, decrypt it calculate 00106 * MD 5 digest, increment received nonce and send back to peer and waits for 00107 * authentication status response. 00108 * sockfd : socket descriptor 00109 * publickey : public key of otehr peer 00110 * privatekey : private key 00111 * 00112 * Return value : 1 upon success otherwise -1 00113 */ 00114 //int proving_own_authentication(int sockfd, char *publickey, char *privatekey); 00115 00116 /* Authenticating the peer: 00117 * This funcation prepare challenge, send to peer and waits for solution. 00118 * If peer solve successfully it is authenticated other wise not. 00119 * sockfd : socket descriptor 00120 * publickey : public key 00121 * privatekey : private key 00122 * 00123 * Return value : 1 upon success otherwise -1 00124 */ 00125 //int verifying_peer_authentication(int new_fd, char *publickey, char *pirvatekey); 00126 00127 /* Generate AES Keys 00128 * 00129 * 00130 */ 00131 00132 void generate_AES_key(char *key); 00133 00134 /* generate AES key, encrypt it with peer public key and send to it. 00135 * sockfd : socket connect with peer 00136 * key : AES key 00137 * publickey : Public key of peer 00138 * 00139 * Return value : 1 upon success othrewise -1, -2 if receiver is unable to receive it successfully 00140 */ 00141 int generate_encrypt_send_AES_key(int sockfd, int *nonce, unsigned char *key, char *publickey, char *privkey); 00142 00143 /* Receive encrypted AES key, decrypt it and save in 'key' 00144 * new_fd : socket descriptor 00145 * key : AES key 00146 * privkeyfile : private key 00147 * 00148 * Return value : 1 upon success othrewise -1, -2 if receiver is unable to receive it successfully 00149 */ 00150 int receive_decrypt_AES_key(int new_fd, int *nonce, unsigned char *key, char *privkey, char *publickey); 00151 00152 /* AES encryption decryption 00153 * mode : MODE_ENCRYPT 0 , MODE_DECRYPT 1 00154 * infile : input file (plain text / cipher text ) 00155 * outfile : output file (cipher text / plain text ) 00156 * AES_key : 256 bits key (32 Bytes) 00157 * 00158 * Return value : 1 upon success 00159 */ 00160 int aes_en_de(int mode, char *infile, char *outfile, unsigned char *AES_key, int *nonce, int sockfd); 00161 00162 /* Append session identifier (nonce) at the end of MA file 00163 * my_nonce : session identifier 00164 * MA_file : MA file 00165 * 00166 * Return value : 1 upon success otherwise -1 00167 */ 00168 //static int append_nonce_to_MA(int *my_nonce, char *MA_file ); 00169 00170 /* Remove session identifier (nonce) at the end of MA file and verify it 00171 * sockfd : socket descriptor 00172 * my_nonce : session identifier 00173 * MA_file : MA file 00174 * 00175 * Return value : 1 upon success otherwise -1 00176 */ 00177 //static int extract_nonce_from_MA(int sockfd, int *my_nonce, char *MA_file); 00178 00179 00180 00181 /* Read encrypted MA file 'outfile' and send to peer 00182 * sockfd : socket connected with peer 00183 * outfile : file to send (En. MA file) 00184 * 00185 * Return value : 1 upon success othrewise -1 00186 */ 00187 int send_AES_en_MA(int sockfd, int *nonce, char *outfile, char *peer_pubkey); 00188 00189 /* Receive encrypted MA from client and put write 'infile' 00190 * new_fd : socket descriptor 00191 * infile : MA file 00192 * 00193 * Return value : 1 upon success othrewise -1 00194 */ 00195 int receive_AES_en_MA(int new_fd, int *nonce, char *infile, char *privatekey); 00196 00197 // used for integrity when RSA is used to en-decrypt MA 00198 int receiving_verifying_MA_RSA(int sockfd, char *privkeyfile); 00199 00200 int receiving_decrypting_MA_RSA(int new_fd, char *privkeyfile); 00201 00202 00206 00207 /* Generate RSA public private key pair and store in specified file 00208 * in plain text 00209 * 00210 */ 00211 int generate_RSA_keys_plaintext(char *pubkeyfile, char *privkeyfile); 00212 00213 /* Generate RSA public private key pair and store in specified file 00214 * but private key in plain text 00215 * 00216 */ 00217 int generate_RSA_keys_ciphertext(char *pubkeyfile, char *privkeyfile, unsigned char *passphrase); 00218 00219
1.6.3