Skip to content
Snippets Groups Projects
Commit b3496b0a authored by Mark Haines's avatar Mark Haines
Browse files

More comments

parent 65bb5d4e
No related branches found
No related tags found
No related merge requests found
......@@ -83,41 +83,80 @@ struct Session {
KdfInfo const & kdf_info
);
/** A pair of string to feed into the KDF identifing the application */
/** A some strings identifing the application to feed into the KDF. */
KdfInfo kdf_info;
/** The last error that happened encypting or decrypting a message */
/** The last error that happened encypting or decrypting a message. */
ErrorCode last_error;
/** The root key is used to generate chain keys from the ephemeral keys.
* A new root_key derived each time a chain key is derived. */
SharedKey root_key;
/** The sender chain is used to send messages. Each time a new ephemeral
* key is received from the remote server we generate a new sender chain
* with a new empheral key when we next send a message. */
List<SenderChain, 1> sender_chain;
/** The receiver chain is used to decrypt recieved messages. We store the
* last few chains so we can decrypt any out of order messages we haven't
* received yet. */
List<ReceiverChain, MAX_RECEIVER_CHAINS> receiver_chains;
/** List of message keys we've skipped over when advancing the receiver
* chain. */
List<SkippedMessageKey, MAX_SKIPPED_MESSAGE_KEYS> skipped_message_keys;
/** Initialise the session using a shared secret and the public part of the
* remote's first ratchet key */
void initialise_as_bob(
std::uint8_t const * shared_secret, std::size_t shared_secret_length,
Curve25519PublicKey const & their_ratchet_key
);
/** Intialise the session using a shared secret and the public/private key
* pair for the first ratchet key */
void initialise_as_alice(
std::uint8_t const * shared_secret, std::size_t shared_secret_length,
Curve25519KeyPair const & our_ratchet_key
);
/** The maximum number of bytes of output the encrypt method will write for
* a given message length. */
std::size_t encrypt_max_output_length(
std::size_t plaintext_length
);
/** The number of bytes of random data the encrypt method will need to
* encrypt a message. This will be 32 bytes if the session needs to
* generate a new ephemeral key, or will be 0 bytes otherwise.*/
std::size_t encrypt_random_length();
/** Encrypt some plaintext. Returns the length of the encrypted message
* or std::size_t(-1) on failure. On failure last_error will be set with
* an error code. The last_error will be NOT_ENOUGH_RANDOM if the number
* of random bytes is too small. The last_error will be
* OUTPUT_BUFFER_TOO_SMALL if the output buffer is too small. */
std::size_t encrypt(
std::uint8_t const * plaintext, std::size_t plaintext_length,
std::uint8_t const * random, std::size_t random_length,
std::uint8_t * output, std::size_t max_output_length
);
/** An upper bound on the number of bytes of plaintext the decrypt method
* will write for a given input message length. */
std::size_t decrypt_max_plaintext_length(
std::size_t input_length
);
/** Decrypt a message. Returns the length of the decrypted plaintext or
* std::size_t(-1) on failure. On failure last_error will be set with an
* error code. The last_error will be OUTPUT_BUFFER_TOO_SMALL if the
* plaintext buffer is too small. The last_error will be
* BAD_MESSAGE_VERSION if the message was encrypted with an unsupported
* version of the protocol. The last_error will be BAD_MESSAGE_FORMAT if
* the message headers could not be decoded. The last_error will be
* BAD_MESSAGE_MAC if the message could not be verified */
std::size_t decrypt(
std::uint8_t const * input, std::size_t input_length,
std::uint8_t * plaintext, std::size_t max_plaintext_length
......
......@@ -28,7 +28,7 @@ struct Curve25519KeyPair : public Curve25519PublicKey {
std::uint8_t private_key[32];
};
/** Generate a curve25519 key pair from 32 random bytes. */
void generate_key(
std::uint8_t const * random_32_bytes,
Curve25519KeyPair & key_pair
......@@ -37,7 +37,8 @@ void generate_key(
const std::size_t CURVE25519_SHARED_SECRET_LENGTH = 32;
/** Create a shared secret using our private key and their public key.
* The output buffer must be at least 32 bytes long. */
void curve25519_shared_secret(
Curve25519KeyPair const & our_key,
Curve25519PublicKey const & their_key,
......@@ -57,11 +58,14 @@ struct Aes256Iv {
};
/** The length of output the aes_encrypt_cbc function will write */
std::size_t aes_encrypt_cbc_length(
std::size_t input_length
);
/** Encrypts the input using AES256 in CBC mode with PKCS#7 padding.
* The output buffer must be big enough to hold the output including padding */
void aes_encrypt_cbc(
Aes256Key const & key,
Aes256Iv const & iv,
......@@ -70,6 +74,10 @@ void aes_encrypt_cbc(
);
/** Decrypts the input using AES256 in CBC mode. The output buffer must be at
* least the same size as the input buffer. Returns the length of the plaintext
* without padding on success or std::size_t(-1) if the padding is invalid.
*/
std::size_t aes_decrypt_cbc(
Aes256Key const & key,
Aes256Iv const & iv,
......@@ -78,6 +86,8 @@ std::size_t aes_decrypt_cbc(
);
/** Computes SHA-256 of the input. The output buffer must be a least 32
* bytes long. */
void sha256(
std::uint8_t const * input, std::size_t input_length,
std::uint8_t * output
......@@ -87,6 +97,10 @@ void sha256(
const std::size_t HMAC_SHA256_OUTPUT_LENGTH = 32;
/** HMAC: Keyed-Hashing for Message Authentication
* http://tools.ietf.org/html/rfc2104
* Computes HMAC-SHA-256 of the input for the key. The output buffer must
* be at least 32 bytes long. */
void hmac_sha256(
std::uint8_t const * key, std::size_t key_length,
std::uint8_t const * input, std::size_t input_length,
......@@ -94,6 +108,9 @@ void hmac_sha256(
);
/** HMAC-based Key Derivation Function (HKDF)
* https://tools.ietf.org/html/rfc5869
* Derives key material from the input bytes. */
void hkdf_sha256(
std::uint8_t const * input, std::size_t input_length,
std::uint8_t const * info, std::size_t info_length,
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment